Our group of companies, comprised of “Dyania Health, Inc.” a company incorporated in Delaware, under Delaware State, with registered office at 525 Washington Blvd ste 300, Jersey City, NJ 07310-1625, “Dyania Health Greece Inc“, a company incorporated in Greece, with registered offices at 12 Theophanous Str., Athens, Greece 11523, with VAT number EL996764500, and Registration number 157864801001, and “Iatrikes Erevnes Mon. IKE“, a company incorporated in Greece, with registered offices at 12 Theophanous Str., Athens, Greece 11523, with VAT number EL801507984, and Registration number 158185203000 (hereinafter collectively “Dyania Health”, “We, “Our” or “Us”) is committed to protecting the privacy and security of your personal information. We protect the privacy of any data subject’s information we may process during our scientific research.
This Privacy Notice describes how Dyania Health collects, uses, shares and otherwise processes Personal Data (defined below) as data controller (within the meaning of applicable data protection regulation).
This Privacy Notice applies to persons who (i) access our website www.dyaniahealth.com (“Website“), (ii) participate in our recruitment activities (job candidates), or (iii) supply goods and services to us.
References in this Privacy Notice to “you” or “your” are references to individuals whose Personal Data we process. In this Privacy Notice, “Personal Data” means any information that (either in isolation or in combination with other information processed by us) enables you to be identified or recognized, directly or indirectly, as an individual; it does not include anonymous data. We are committed to respecting and protecting your privacy.
1. The types of Personal Data we collect
The types of Personal Data that we collect about you, depend on the context of your interaction with us. For example, we may collect personal information when you assign a case to us, when you contact us via the contact form in our Website, when you subscribe to our newsletters, etc. As applicable and depending on the specific purpose for which we need your Personal Data, we may collect the following categories of Personal Data about clients/ prospective clients, users of our Website, our suppliers and job applicants:
|Basic identification and contact data||Name, title, organization, phone number, email address and other contact details.|
|IT and device data||Information about your use of our Website, including data collected using cookies, other tracking technologies (e.g. IP address, browser type and version, time zone setting and location, operating system of your device, etc.), and our WiFi facilities.|
|Marketing and communications data||including your marketing and communication preferences and information that you provide when subscribing to our newsletter (name, position, email address); we also track when you receive and read marketing communications from us.|
|Job applicant data||Data provided by job applicants in connection with employment opportunities with the Firm (applicable is also a separate recruitment privacy notice).|
Where we have a statutory duty to collect your Personal Data (for instance, for compliance with “know your customer” legislation) or under the terms of a contract that we have with you and you fail to provide the Personal Data when requested, we may not be able to perform the contract and offer you our services. Not providing your Personal Data may also result in other types of disadvantages for you, e.g., we may not be able to respond to your request or question or provide you with marketing communication that we believe you would find valuable.
2. How your Personal Data is collected
We collect Personal Data directly from you, from publicly available sources, on our Website, or from third parties.
Data collected directly from you
We collect Personal Data, which, as applicable and relevant, you provide to us in the context and for the needs of your direct interaction with us, including when:
- You communicate with us, filling-in forms on our Website, in order to enquire about our services or in order to apply for a job opening;
- You assign project, work, file or case to us;
- You subscribe to our publications, newsletters and marketing material;
- You provide supplier services to us;
- You use our Website;
Data collected from publicly available sources
We collect Personal Data from any publicly availably source, including public registers, such as businessregistry.gr/ Γ.Ε.ΜΗ, Land Registries, IP Registries, etc.
Data collected on our Website when using cookies and other tracking technologies
Data from third parties
We receive some of the above-mentioned technical data and services from analytics providers, such as Google.
We may process aggregated data, such as statistical or demographic data, for any purpose. While aggregated data may be derived from your Personal Data, these are not considered Personal Data, as such data does not directly or indirectly reveal your identity (e.g. we may aggregate your usage data to calculate the percentage of users accessing a specific Website feature); however, if we combine aggregated data with your Personal Data so that it can directly or indirectly identify you, we shall treat the combined data as Personal Data which will be used in accordance with this Privacy Notice.
3. How we use your Personal Data
We process your Personal Data in accordance with applicable data protection legislation (including the GDPR, Law 4624/2019 supplementing the GDPR and ePrivacy Law 3471/2006), when we have a legal basis for processing, only if and to the extent that at least one of the following applies:
- processing is necessary for the performance of a contract which we are about to enter into or have entered into with you as a party or in order to take steps at your request prior to entering such contract (Contract);
- processing is necessary for compliance with a legal obligation to which we are subject (Legal obligation);
- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data; for instance, such legitimate interests include (a) monitoring of how you use the Website in order to ensure the efficient and secure operation, also for reasons of fraud and misuse detection and prevention; (b) the improvement of our services (Legitimate interests);
- where you have provided your consent to processing your Personal Data; this is, mainly, when you request that we make marketing communication with you, or when you subscribe to newsletters and website alerts, also in order to use certain cookies and tracking technologies (you have the right to withdraw consent to electronic marketing at any time by following the unsubscribe instructions in such marketing materials or by contacting us at [email protected]; for further details on tracking technologies and how to opt-out of such processing, please see the ‘Cookies and other tracking technologies‘ section of this Privacy Notice) (Consent)
We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.
Our legal basis for processing your Personal Data will depend on the Personal Data concerned and the specific context in which we process it. In the table below you can review the purposes for which we use your personal data and the legal bases we rely upon to do so:
|Purpose for processing||Types of Persona Data||Legal basis for processing|
|To respond to your inquiries or communications||Basic identification and contact data||Legitimate interests (promotion of our client services and ensuring that we offer best client services)|
|To recruit associates and other personnel||Basic identification and contact data Job applicant data||Contract Legitimate interests|
|To send newsletters, website alerts, marketing communications and other information or materials that may interest you, including notifications on changes of our Services||Marketing and communications data||Consent|
|To monitor how you use the Website in order to ensure its efficient and secure operation and for reasons of fraud and misuse detection and prevention||IT and device data||Legitimate interests|
|To exercise, establish or defend our legal rights (including before Courts)||Basic identification and contact dataIT and device dataLegal service-related dataFinancial dataCCTV data|
|To contract with you as a new supplier and manage our relationship with you||Basic identification and contact dataFinancial data||Contract Legal obligation|
4. How we share your Personal Data
Suppliers and service providers
We engage external service providers, who act as data processors on behalf and under our instructions, to provide certain services to us, including IT and system administration services, for instance, website service provider (hosting and administration), communications service provider (for newsletters services), IT support service providers, translation service providers, document and information storage providers, postal or courier providers. When providing such services, the said external service providers may process your Personal Data.
We may share, in compliance with applicable data protection laws, Personal Data with law enforcement authorities, governmental authorities, competent independent regulatory/ supervising authorities, competent courts and other judicial authorities, our professional external advisers, counsels or consultants, including lawyers, auditors, accountants and insurers providing relevant services to us. In case of a merger or acquisition, personal data may be transferred to the third parties being involved in the merger or acquisition.
International transfers of Personal Data
We transfer Personal Data in accordance with applicable laws. To the extent that, in the context of and for the needs of the above-mentioned purposes, your Personal Data need to be transferred outside the EU/EEA, such data transfer will take place in accordance with applicable law and we will ensure an adequate level of data protection. By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses, which are accessible upon request at [email protected], or taking other measures to provide an adequate level of data protection, we have established or confirmed that all data recipients will provide an adequate level of protection for your Personal Data. Any onward transfer will be subject to appropriate onward transfer requirements, as required by applicable law.
5. Cookies and other tracking technologies
You can opt in or out of cookies at any time – except strictly necessary cookies (these are used to help make our website work efficiently) and you can delete cookies installed on your device at any time, prevent new cookies being saved and receive notification before installation of a new cookie by configuring your browser software.
When certain types of cookies require your prior consent in order to be installed and used, you will be asked through a relevant banner displayed on the front page of the website. If you choose not to enable or to delete certain cookies, you will still be able to browse our website, but some of the functionality of our website will be restricted.
Types of cookies
We may use ‘persistent’ cookies, as well as ‘session-based’ cookies. A ‘persistent’ cookie will remain for a period of time set for that cookie. A ‘session-based’ cookie is allocated only for the duration of your visit to our Website and automatically expires when you close down your browser.
Strictly necessary cookies (always active): These cookies are necessary for the Website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
Functional cookies: These cookies enable the Website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Targeting cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Website. They help us to know which pages are the most and least popular and see how visitors move around the Website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our Website and will not be able to monitor its performance.
First party (Dyania Health) cookies
|Name of tracker/cookie||Category of tracker/cookie||Duration||Purpose of Use||Controller/ Host|
|PHPSESSID||Strictly Necessary Cookies||session||This cookie is native to PHP applications. The cookie is used to store and identify a users’ unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.||Dyania Health|
|moove_gdpr_popup||Functional Cookies||1 year||Used to store cookie consent preferences||Dyania Health|
|cookiesaccepted||Functional Cookies||1 year||Used to store cookie consent preferences||Dyania Health|
Third party cookies
|Cookie||Category of tracker/cookie||Duration||Purpose of Use||Controller/host|
|__cf_bm||Functional Cookies||30 minutes||This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.||Cloudflare|
|CONSENT||Functional Cookies||2 years||YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.|
|SOCS||Functional Cookies||13 Months||Used to store a user’s state regarding their cookies choices|
|_GRECAPTCHA||Functional Cookies||Session||reCAPTCHA sets a necessary cookie when executed for the purpose of providing its risk analysis.|
|Cookie||Category of tracker/cookie||Duration||Description||Controller/host|
|_ga||Analytics||2 years||The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.||Google Analytics|
|_gid||Analytics||1 day||Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.||Google Analytics|
|NID||Marketing/Tracking||6 months||Used to provide ad delivery or retargeting, store user preferences.|
|_hjSessionUser_*||Statistics||1 year||Used to store a unique user ID||Hotjar|
How do I change my cookie settings?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, or www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
6. Data retention
Your Personal Data will be retained for as long as necessary to fulfil the purposes we collected it for, e.g., until you unsubscribe from receiving our newsletters. Once the data processing purpose is completed, we will either delete your personal data or anonymize your personal data, unless statutory retention requirements apply (e.g., in order to comply with regulatory and accounting requirements, or for the establishment or defence of legal claims).
If you would like to know more about the retention periods that we apply to your Personal Data, please contact us at [email protected].
7. Security of your Personal Data
Considering the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing.
8. Your Rights
Under the conditions provided in the relevant legislation, you have the following rights regarding the protection of your Personal Data:
Right of access
You may contact us in order to inform you and explain to you whether or not we process your data, the categories of such data, as well as how we process them. You can also request a copy of your Personal Data which we process.
Right to rectification
If you believe that your data are inaccurate or are missing, you have the right to request the rectification or the completion thereof.
Right to erasure
Under appropriate circumstances, such as, when the data are no longer necessary or if you have withdrawn your consent, you can request us to proceed with erasure of the data.
Right to restriction
If you believe that your data are inaccurate or that processing is unlawful or that we no longer need the data or you have objections to the automated processing (if applicable), you have the right to request the restriction of processing.
Right to object
You may object to the processing of your personal data by us on grounds relating to your particular situation, except if there are, inter alia, compelling legitimate grounds for the processing which override your interests, rights and freedoms. If applicable, you also have the right to object when you are subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (statutory exceptions apply).
Right to data portability
You may request to receive the data concerning you in a structured, commonly used and machine-readable format, as well as to transfer those data to another organisation (controller), which you will indicate to us.
Right to lodge a complaint with the DPA
You have the right to lodge a complaint with the competent Data Protection Authority of Greece (Greek DPA) on matters relating to the processing of your Personal Data. The Greek DPA is located in Athens (Kifisias 1-3, P.C. 11523). Regarding the competence of the Greek DPA and the way to file a complaint, you can visit the website thereof (www.dpa.gr).
More detailed information on your rights is available on the website of the Greek DPA (here), which we encourage you to visit.
9. How to contact us
If you have concerns or questions regarding this Privacy Notice or if you want to exercise any of your rights mentioned in the ‘Your rights’ sections of this Privacy Notice, please contact us at 12 Theophanous Str., Athens, Greece 11523 or at [email protected] .
10. Changes to this Privacy Notice
We may update this Privacy Notice (e.g., in order to reflect a change in the applicable legal framework or a change in our practices) and will revise the date at the top of this document to reflect the date when such update occurred.
11. Additional information for California residents
In this section we describe how we handle personal information of California residents under the California Consumer Privacy Act (“CCPA”). This clause applies to personal information that we collect, share and use for the last 12 months.
Dyania Health does not collect personal information from users younger than 16 years old.
In accordance with the CCPA, California residents are entitled, in addition to other rights described in this Privacy Notice, to:
• Request deletion. You have the right to request deletion of your personal information that we collect from you;
• Request copy. You have the right to ask for a copy of all or part of personal information that we retain about you over the last 12 months;
• Designate agent(s). You are entitled to designate an agent authorized to make requests on your behalf. The agent should access your account to make a request.
You also have the right to request a list of third parties with whom we share your personal information (if any) for marketing purposes and what kind of information we shared during the previous calendar year.
If you want to exercise your rights, please contact us at [email protected] .
Dyania Health does not tolerate discrimination. The quality of our services is equal for all our users and customers, irrespective of whether you decide to exercise your rights under the CCPA.