Medeco and your personal data
By visiting our website or by being a customer of Medeco, you share various personal data with us. This includes information when you browse our website or when you contact our customer service centre. You can be confident that we will treat your personal data with care. Below we explain more about how Medeco uses your personal data. If you have any further questions, please email us.
What is personal data?
Personal data is information that identifies you or says something about you directly or can be traced back to you. There are many types of personal data. This includes your name, address or email address, as well as your computer's IP address. Personal data refers to all information that can be associated with you. Special information, such as someone's race, religion or medical history, is considered ‘sensitive personal data’.
How Medeco looks after your personal dataMedeco stores your personal data to the extent necessary to provide services to you and to the extent necessary or permitted by law. Personal data that is no longer needed is deleted as quickly as possible. Medeco uses secure and legally approved systems to protect your personal data against loss or any form of unlawful processing.
How does Medeco process your personal data?
We need your personal data to provide you with the best possible advice about our products and services, and to ensure that the selling and purchasing process runs as smoothly as possible for these products and services. From a legal perspective, processing data is a broad concept. Processing comprises all actions that can be performed with personal data. For example, Medeco processes personal data by collecting, storing, modifying, accessing, destroying and disclosing personal data by forwarding said data. The legislator sets out several requirements for the processing of personal information.
These include the following:
- A lawful purpose that is communicated to the data subject in a clear and timely manner.
- A legal basis for the processing of personal data, for example an agreement, the consent of the data subject, an essential obligation or a legitimate interest that overrides the privacy interests of the data subject.
- Data minimisation — no more data may be collected and processed than is necessary for the purpose.
- Subsidiarity — if there are other means of achieving this purpose which are less burdensome for the data subject, these should be used.
- Appropriate organisational and technical measures to protect the personal data being processed.
With whom does Medeco share your personal data?Medeco takes great care when processing your personal data. In principle, your personal data is only available to Medeco. However, it is sometimes necessary for us to share your personal data with other partners, for example our business unit in your country of residence.
We also use your personal data to perform analyses to improve the services we provide to you or to contact you if we have important information for you.
Furthermore, Medeco uses your personal data - insofar as permitted by law - to inform you about products and/or services provided by companies affiliated with Medeco and which may be of interest to you.
We can also provide general information about Medeco and the various areas in which we operate and which we think may be relevant to you. In principle, you will only receive this information if you have given your prior consent for this.
You may declare at any time that you do not (or no longer) wish to receive commercial information. To do this, please email us. We will then stop sending you information. Note that it may take some time to process your request.
Please note: if you withdraw your consent to the processing of your personal data, we will no longer be able to provide you with the services as before, because we are no longer allowed to use your personal data.
Data processing agreement
A data processing agreement (DPA) is the agreement between the controller and the processor which determines how the processor handles personal data. Medeco (the controller) and an IT service provider (the processor), for example, will always conclude a written agreement with an external partner before any personal data can be distributed. Medeco is responsible for ensuring that this is done. In short, every external party with which we do business and with which personal data is processed has a separate agreement with Medeco which meets the legal requirements.
Do you want us to modify or delete your personal data?You can contact us at any time to request to view your personal data and/or to modify, supplement, delete or restrict your personal data if it is factually incorrect, incomplete or irrelevant. You may also object to the processing of your personal data. To have your personal data modified or deleted, email us.
New rights also guaranteed within MedecoThe EU’s General Data Protection Regulation (GDPR) has also introduced new rights: the right to be forgotten and the right to data portability. You may also benefit from these new rights. We will do our utmost to fulfil your request within a reasonable time.
Google AnalyticsWe use Google Analytics to analyse how we can serve our website visitors as effectively as possible. Information we receive from Google Analytics is stored by Google on servers in the United States. This concerns solely anonymised data and not personal data. The latter also means that the exact location from which you have accessed the websites is unknown.
Medeco uses this information to keep track of how its websites are used, to create reports about these websites and to offer its advertisers information about the effectiveness of their campaigns.
We have not allowed Google to use the information obtained for other Google services.
Encroaching on your privacy as little as possiblePersonal data is essential for Medeco to provide its services. The use of personal data sometimes encroaches on an individual's privacy. It is important to minimise this encroachment: we always try to restrict the use of your personal data to the minimum necessary and we always handle your personal data with care.
Our employees have signed a confidentiality agreementOur employees who work with medical information are bound by a duty of confidentiality. This means that, as a matter of course, no patient data may be shared with others. Treatment providers with whom we are in contact and employees of healthcare institutions are bound by a duty of confidentiality based on their professional code of conduct. Consequently, only the people directly involved in organising your care may view your personal data, and they will handle this personal data in a confidential manner.