|v1.0||22nd May 2016||Arslan Saghir||Initiation||AS|
|v1.1||26th April 2018||Arslan Saghir||Processing & Disclosure||AS|
|v1.3||23rd August 2019||Arslan Saghir||Storage of Personal Data||AS|
Derma Solution is responsible for processing your personal information.
Derma Solution Copenhagen,
Holmbladsgade 84, Copenhagen 2300
Phone: +45 50 15 46 47
Email: [email protected]
On this page, you can read about how Derma Solution uses the data and cookies you leave when you visit our website (www.dermasolution.dk)
The gathering of data on dermasolution.dk takes place within the framework of the applicable legislation (GDPR). where Derma Solution processes personal data, the processing will be in accordance with the EU Personal Data Regulation.
Derma Solution gathers information about users and their visits in two ways:
- The user provides dermasolution.dk with information (i.e. signing up for newsletter and booking appointments through our page)
- Derma Solution does not offer an ecommerce service, therefore we will never require you to submit your banking information for any purposes
Derma Solution respects the individual’s right to have his/her data legally processed and our data processing will always be in accordance with applicable law and be aligned with our vision to provide services of the highest quality.
Sensitive information will never be disclosed to third parties unless you expressly give your consent. We will only request for information directly from our customer to satisfy and of the below actions:
- Completing a booking request;
- Signing up for newsletter;
- Filling in a contact form;
- Seen by our clinic nurse;
- Pre-treatment consultation; and
- Any treatment conducted at the clinic.
Where such actions are required, Derma Solution may require the customer to provide information including:
- Contact number
- Photo(s) in connection with cosmetic treatment
- Date of birth
- Medical prescriptions
- Knowledge of different subjects
Personal data is used to implement the service for which the data is collected. In addition, the information is used to get to know our customers and other users of the website better. This use may include studies and analysis aimed at improving and developing our marketing strategies, our products, services and technologies.
Processing and Disclosure
The purpose of processing your personal data is to provide you with the best possible treatment. Your personal data is processed safely and information about your health is processed in accordance with the “Danish Health Authority” (Sundhedsstyrelsens).
Derma Solution may require photo documentation with regards to certain cosmetic treatment in accordance with “Danish Health Authority” (Sundhedsstyrelsens). Where this is the case, your photo documentation is stored in a cloud service that is password protected. Furthermore, only selected staff have access to such cloud services.
All employees at Derma Solution are subject to a confidentiality and non-disclosure agreement. This means that, as a rule, employees at Derma Solution cannot disclose any information about our customers with third party without a formal consent. A consent to disclose information is related our customers current course of treatment.
Disclosure of health information is often crucial for a successful treatment and a coherent treatment course. Information may only be obtained / disclosed to the extent that it is necessary. The staff will therefore always assess the relevance of the information disclosed.
We may disclose your personal information with:
- Insurance companies;
- Internal medical specialist; and
- Software partners.
Derma Solution only collaborates, as a responsible company, with system vendors and/ or data controllers working within the EEA or where the respected region ensures adequate level of data protection in accordance with GDPR requirements.
Protection of personal data
Legislation requires our customers personal information to be kept secure and confidential.
At Derma Solution our customers personal information is stored in two ways:
- Cloud servers that are password protected
- we ensure to use adequate password protection including regularly changing our passwords on a monthly basis.
- Only selected member of staff have access to such credentials
- Hard copies
- These are filed and kept in a secure cupboard. Again, the keys are only given to applicable members of staff.
However, Derma Solution cannot 100% guarantee security for data transmissions through the internet. This means that there may be a risk that other unauthorized parties gain access to information when data is sent and stored electronically. Thus, your personal information is submitted at your own risk. In case of a security breach that poses a high risk for you, for discrimination, ID theft, financial loss, loss of reputation or other significant inconvenience, we will notify you of the security breach as soon as possible.
We protect your personal information and have adopted internal guidelines for information security that contain measures that protect your personal information against unauthorized disclosure and prevent unauthorized persons from gaining access or knowledge to the information.
Only selected employees have access to our customer data. This is closely managed by our DPO and all data access requests are managed on a case by case basis. To avoid any loss of data, we perform backups on a regular basis.
Personal data is deleted or anonymized continuously as the purpose for which it was collected is terminated. We do not store data for any more than 5 years.
The rapid development of the internet means that changes in our processing of personal data may be necessary. Thus, we reserve the right to update and amend these guidelines for processing of personal data.
Where an update is made to this policy, we will have a version control log and will date any changes made.
Our customers rights
- As an individual, you have the right to be forgotten according to the GDPR. That is, you have the right to have your data deleted “without unnecessary delay”. If you wish to delete your personal information, we will delete all information that we are not required to keep in accordance with the law.
- If the processing of personal data is based on your consent as an existing customer, you can withdraw this agreement at all times, in whole or in part.
- Personal data on potential new customers is gathered after obtaining consent and deleted when the consent is withdrawn.
- Data on former customers is deleted 5 years after the end of the customer relationship
- You also have the right to obtain the data collected by Derma Solution about you
- Contact Derma Solution on the following mail if you want to delete your data: [email protected]
If you apply for a job at Derma Solution
In connection with a job search, the following personal information is processed:
- General information: name, address, email, phone numbers
- CV and resume
- Optionally: photo
- Information about any previous offenses
The purpose of the process is to offer a smooth recruitment procedure, where data security is at the forefront. Applications are deleted no later than 6 months after the end of the recruitment process. You can contact us if you want your personal information to be deleted earlier. We do not disclose your personal information to others.
Storage of personal data
All information on patients at Derma Solution will be stored in accordance with the Sundhedsstyrelsens and GDPR. Derma Solution must, at all times, be able to provide documentation for performed examination and treatment in case of patient complaints.
We store relevant personal information for 5 years plus the current year.
All other personal data will be deleted or removed when they are no longer relevant for the purpose for which they were collected.
Patient Journal System
Derma Solution uses a Patient Journal System to create and handle patient data relating to the treatment that is done within the clinic. Find the technical specification for the journal below.
Developer details: Vignesh Balasubramanian built the Patient Journal System which came into operation from Feb 2015.
- Data security: We have used two-way encryption for all the data that are stored in our system. All the data that are stored in the server are encrypted before they get stored inside the server and are decrypted when it is being fetched for the display on our system.
- Server specifications: We are using one.com as our hosting server and the domain name is registered under DK-hostmaster. All the security features of one.com will apply to our system as mentioned on one.com’s website.
- Access to patient database: Access codes to the patient database is strictly restricted only to the designated staff of the clinic and the doctor who supervises the treatments.
- On demand from the patient, a copy of his/her patient journal can be printed and given to the patient on proper verification of their ID.
Cookies are anonymous and contain no personal information. Therefore, they cannot identify you, your computer, or if the computer is used by one or several people. It also cannot spread computer viruses or damaging programs.
What is a cookie
When you visit dermasolution.dk, cookies are stored on your computer. A cookie is a small text file stored in your browser to recognize your computer on subsequent visits. No personal information is stored in our cookies.
The information in your cookies is sent between your browser and a web server and includes information on user settings, login and how the website is being used.
How do I avoid cookies?
If you do not want to receive cookies, you can either block all cookies, delete existing cookies from your computer or receive a warning before saving cookies.
A change in cookie settings may cause a degraded user experience when visiting our and other websites.
You should be aware that if you do not accept cookies, there may be functions on www.dermasolution.dk that do not work.
What are cookies used for at dermasolution.dk?
www.dermasolution.dk records data regarding your movements between different pages and services on the website. If you log in or sign up for our newsletter, we also register this so we can make it easier for you the next time.
In this context, we use various analysis tools, such as Google Analytics, to help us collect statistical information about the use of www.dermasolution.dk and make it a better experience for you.
We use the following marketing cookies at www.dermasolution.dk:
- Retargeting – anonymous tracking to target ads on Facebook, Instagram and Google
- Facebook cookies are used to track the conversion when a visitor comes directly from Facebook and Instagram. (Facebook like-conversion)
Among other things, third-party cookies are used to gather statistics on your visits to www.dermasolution.dk. Here we use the cookie, for example, to know which sites you visit and how long you spend on them. Here we use the system Google Analytics provided by Google.
You can opt out of Google Analytics here: http://tools.google.com/dlpage/gaoptout.
www.dermasolution.dk also collaborates with companies to improve our online marketing to ensure that you are only exposed to relevant ads. For example, in this context, we use the following suppliers: Facebook, DoubleClick, Criteo, Sociomantic and Google.
www.dermasolution.dk contains third-party components such as “Facebook Like” or “Instagram”. These third-party components have the effect that the owner of the third-party component, such as Facebook or Instagram, receives technical data about your browser, IP address, and the pages you visit on www.dermasolution.dk and similar. How the owner of the third-party component processes that data is beyond our control and is solely between you and the owner of the third-party component.
www.dermasolution.dk uses these components to link directly to our social media sites and thereby ensure easy navigation for you as a customer.
Derma Solution Copenhagen,
Holmbladsgade 84, Copenhagen 2300
Phone: +45 52 39 93 08
You have the opportunity to complain about our processing of your personal data to the Data Inspectorate.
Find contact information about how to complain here: www.datatilsynet.dk