M

qivanel

← Back to Home

Privacy Policy

Last updated: January 2025

1. Introduction

qivanel ("we," "us," or "our") is committed to protecting your personal information and respecting your privacy rights. This Privacy Policy explains how we collect, use, and safeguard your information when you use our joint health consultation services, including the CartiPlus program.

This policy complies with the General Data Protection Regulation (GDPR) and Romanian Law 190/2018 regarding data protection measures. If you are located in Romania, this policy applies to all processing of your personal data.

2. Data Controller Information

Data Controller: qivanel Joint Health Services

Location: Romania

Contact: [email protected]

Data Protection Officer: For data protection inquiries, contact our DPO at [email protected]

3. Information We Collect

3.1 Personal Information You Provide

  • Contact information (name, email address, phone number)
  • Health consultation preferences and goals
  • Joint health concerns and wellness objectives
  • Communication preferences
  • Any additional information you choose to provide during consultations

3.2 Technical Information

  • Website usage data (pages visited, time spent)
  • Device information (browser type, operating system)
  • IP address and general location information
  • Cookies and similar tracking technologies

4. How We Use Your Information

4.1 Legal Bases for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract performance: To provide consultation services you have requested
  • Legitimate interests: To improve our services and communicate with you about relevant health information
  • Legal obligation: To comply with applicable laws and regulations

4.2 Purposes of Processing

  • Providing joint health consultation services
  • Scheduling and managing appointments
  • Developing personalized wellness recommendations
  • Communicating about your consultation progress
  • Improving our services and website functionality
  • Ensuring compliance with health and safety regulations

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • With healthcare professionals when necessary for consultation services (with your consent)
  • With technical service providers who assist in website operations (under strict data processing agreements)
  • When required by law or legal process
  • With your explicit consent for specific purposes

6. Data Security and Retention

6.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training
  • Secure data storage and backup procedures

6.2 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by Romanian law. Typically, consultation records are retained for 3 years after the last consultation, unless you request earlier deletion.

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing: Request limitation of how we process your data
  • Right to data portability: Request transfer of your data in a structured format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at [email protected]. We will respond within one month of receiving your request.

8. Cookies and Tracking Technologies

Our website uses cookies to enhance user experience and analyze website performance. For detailed information about our cookie usage, please refer to our Cookie Policy.

You can manage your cookie preferences through your browser settings or our cookie consent banner.

9. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including adequacy decisions by the European Commission or standard contractual clauses approved by the European Commission.

10. Complaints and Supervisory Authority

If you have concerns about how we handle your personal data, you may file a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP):

ANSPDCP

Address: Bulevardul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, Romania

Phone: +40.318.059.211

Website: www.dataprotection.ro

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of any material changes through email or website notice. The "Last updated" date at the top of this policy indicates when the most recent changes were made.

12. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Data Protection Officer: [email protected]

Response Time: We aim to respond to all privacy-related inquiries within 72 hours.

Privacy-Related Questions?

Contact our Data Protection Officer for any privacy or data protection concerns.