- General information
- 1. Organization data Dr. Lorenzo Bergami
- 2. Personal data When you provide me certain personal data in the context of the execution of the treatment or for the particular service that you purchase I may collect the following information:
- 3. Basis for data processing I may only lawfully process your personal data if I do so on the basis of a legal basis and only for the purposes for which I obtained the data. I process your personal data only with your permission.
- 4. Provision of your personal data to third parties In principle, I will only provide your personal data to third parties if you have given your permission. Information is only provided to third parties if this is necessary for the execution of our agreement or if a legal obligation dictates to us. I never transfer personal data to third parties that are located outside the EU.
- 5. Processor agreements I conclude written agreements with third parties that process your data to ensure the same level of security and confidentiality of your data. I do not sell your information to third parties.
- 6. Security measures All data is stored in a secure environment. Your data is processed with an ICT system protected with a username and password. The security of the system is managed by a specialized ICT company. Only authorized persons within our center have access to the password-protected data. The software has been developed in such a way that updates are automatically retrieved and installed. Antivirus software is implemented in such a way that the highest level of security is offered. I also have a secure mail system that makes it possible, if necessary and with your permission, to send medical data to you or another healthcare provider. If you have the impression that your data is not secure or there are indications of abuse, please contact me directly by email.
- 8. Data backup To protect personal data against loss and theft, I have secured it with a back-up. This is made regularly (with a minimum of 1 x per month) on an external hard disk, which is protected by a password and is stored in a secure lockable room.
- 9. Authorized employees In my organization Strategic Nutriton Center, only authorized persons have the right to view and manage the shared agenda. The authorized employees are all employees working at Strategic Nutrition Center. Every employee working with us uses and manages his own patient administration program which is not transparent to the other employees.
- 10. Retention period for personal data I will not retain your personal data for longer than for the purposes for which it is being processed, unless this is necessary on the basis of legal obligations.
- 11. Permission for Direct Marketing and minority
- 12. Paper documents and security Any privacy-sensitive information is stored in practice in a lockable cupboard that only authorized persons have access to.
- 13. Data leaks I and all the employees of Strategic Nutrition Center do their utmost to prevent data from leakage. Every employee in our center is individually responsible for the occurrence of data leaks. If you, or one of the practitioners in our center, establish a data leak, it will inform the other involved about this immediately.
- 14. View, modify or delete your data When you have provided personal data to me, you have the right to access, modify and delete your data. You can also request your practitioner to transfer your data to you or another party or to limit the data processing. You also have the right to object to the processing of your data. You can also withdraw your consent to data processing. You can make your request known by mail.
- 15. Complaints and contact If you are not satisfied with the way in which I handle your data, you can submit a complaint to the national supervisory authority.
P.zza Azzarita n.6 / b
Tel: 338 58 95 243
- • Personal data (name etc.)
- • Sex
- • Telephone number (fixed or mobile number)
- • Date of birth
- • Profession / daily work / Hobby / Sport
- • Insurance
- • Social Security Number
- • Name of other healthcare providers
- • Health condition
- • Name of your health insurer
- • Time of appointment
- • Payment details
The personal data collected by me is used for the following purposes:
- • Creating and maintaining your medical file
- • Schedule an appointment
- • Carrying out a treatment
- • Conducting a customer satisfaction survey after the end of treatment or periodically
- • Improving our services
- • Sharing your data with third parties for cost declaration
- • For the storage of your medical data, the statutory minimum storage period of 15 years applies according to the law on the medical treatment agreement.
- • A statutory retention period of 7 years applies to the storage of the financial records.
- • I do not use (digital) direct marketing.
- • I declare that i only process personal data of minors (younger than 16 years) if written permission has been given by one of the parents, caretakers or legal representatives. At the first consultation we ask one of the parents a signature for agreement of the treatment based on the treatment plan.
In that case, the therapist will provide you with all relevant information relating to the data leak, including information about possible developments surrounding the data leak and the measures that the practitioner will take to limit the consequences of the data leak and prevent repetition. In addition, the parties involved shall immediately inform each other if it appears that the leak of security will probably have adverse consequences.
When a data leak occurs the therapist allow you to take appropriate follow-up steps with regard to the data leak. The parties involved will take all reasonably necessary measures as soon as possible to prevent or limit further violations or leaking concerning the processing of the personal data and in particular further violation of the WBP or other regulations concerning the processing of the personal data. In good faith, both parties will make agreements in good faith about the reasonable distribution of any costs associated with meeting the reporting obligations.
I will respond to your request as soon as possible, at the latest within 3 weeks.
If you have any questions or comments after reading this privacy statement, please contact me by mail.