Confidentiality Statement

Central Lab has taken the necessary measures in order to fully ensure your privacy and the security of your personal data, in accordance with current European and national legislation. This Privacy Statement (hereinafter the Statement) concerns all your personal data processed by Central Lab during the process of providing health services. In particular, this Statement is recording and analyzing: the type of personal data processed by Central Lab, the legal basis of the processing, the retention period of the data, the recipients of the personal data, as well as, the technical and organizational measures taken by Central Lab for guaranteeing the security of privacy.

Data we process

Central Lab must collect your personal data (demographics, payment and insurance data, medical history), in order to provide you with the medical services you require. In this context, if you wish, we can process data of previous examinations and diseases that you provide us for the purpose of medical diagnosis. Furthermore, we store with your explicit consent, the contact details of your relatives, which will be used only in case of emergency. Should you visit the Diagnostic Center of Central Lab following a referral from a Private Doctor, we inform the latter about the results of your examinations, only if this is deemed necessary for the purposes of a proper medical opinion. According to article 30 of law 4624/2019, the processing of special categories of personal data is allowed, without the consent of the subject, when the processing is necessary for the purposes of scientific or historical research or the collection and maintenance of statistical data. In this case, the controller is obliged to take the appropriate technical organizational measures to protect the legal interests of the subjects, such as anonymization, pseudonymization, or encryption.

For more information about the data we process, refer to our website https://www.centrallab.gr/en/cookies-policy/.

Legal basis for the processing of your data

Central Lab receives and stores your basic personal data (demographic data) for the planning of your visit to our premises, as well as all personal data deemed necessary for the provision of the medical services you desire. Therefore, the medical service agreement is the legal basis for the processing of your data.

Retention period of your data

Central Lab keeps your personal data for a period of 10 years, as defined by national legislation. After the expiration of the above period of time, Central Lab proceeds to the secure deletion of your personal data.

Exceptionally, Central Lab retains your personal data for a period of more than 10 years, only if this is necessary to serve the legal interests of Central Lab. In the latter case you will receive relevant information.

Recipients of your personal data

Central Lab may disclose your personal data to three different categories of recipients:

1. To medical service providers – partners of Central Lab:
Central Lab maintains external collaborations with third parties (computer engineers, doctors, health care providers – reference laboratories), who process personal data in the name and on behalf of Central Lab, under strong contractual commitments. The Third Parties under consideration, have been selected based on the effective implementation of a high level of security measures regarding the protection of personal data.

2. To third party health care providers.
Central Lab discloses your personal data to third party recipients (with whom it does not cooperate) only in the following cases:

  • In case the disclosure is required within the framework of an insurance contract that you maintain with a specific insurance company
  • For reasons of safeguarding your vital interests
  • If required by a specific legislative provision.

3. To third party providers at your request.
Central Lab discloses your personal data to third party health care providers, only upon your own written request. For more information on how to transfer your personal data to third parties, you can consult our website or the Branch manager.

It is clarified that Central Lab does not bear any responsibility for the management of your personal data by third parties.

Record your actions or deeds

We may record and keep your conversations with our medical Centers – including letters, emails, live chats, or any other form of communication. We use these records to evaluate, analyze and improve our services, to train our staff, to manage or prevent potential risks, and to detect fraud and other criminal acts. We may collect additional information about these communications, e.g. telephone numbers from which you call us and information about the devices or software you use, only if this is deemed necessary for the above purposes.

The Security of your data

The priority of Central Lab is to keep your personal data safe. Central Lab has taken and is implementing a series of measures to keep your personal data safe and protected. These case-by-case measures include role based access control (data based access control) as well as pseudonymization, encryption or other technical and organizational measures.

Your rights

We let you know that you have the right to:

  • Access to your data,
  • Correction of your data in case of inaccuracy,
  • Deleting your data in specific cases
  • Restrict the processing of your data
  • Opposing the processing of your data
  • Transferring your data to another healthcare provider
  • Report to the Personal Data Protection Authority in case of an unfortunate incident of violation of your data.

Our company will respond to your above requests within a month of receiving them, and exceptionally this deadline can be extended by another 2 months, if additional time is required.
In case you need clarifications or further information about your above rights, you can contact the Branch Manager or the Data Protection Officer of Central Lab (contact details below).

Responsible contacts

We inform you that you can contact us for any issue regarding the security of your data within our company at the following phone 216-5002020 and email: dpo@iatrikidiagnosigroup.gr.

Responsible Data Protection Officer in our company has been appointed Mrs. Zafeiria Karakatsani.
If you have any questions or you require more information, you can contact the Data Protection Officer (e-mail: dpo@iatrikidiagnosigroup.gr or by phone at 216-5002020). If you are not satisfied with the way your data is processed, you can file a complaint with the Personal Data Protection Authority. However, we will be happy to give you the opportunity to resolve any of your issues as soon as possible before filing a complaint with the Personal Data Protection Authority.

CEO and President of BoD
Anastasia Kotsigianni