Privacy Policy

Datenschutzerklärung · Πολιτική Απορρήτου

1. Introduction

The protection of your personal data is of particular importance to us. We therefore process your data exclusively on the basis of legal regulations (GDPR, Greek data protection law).

In this privacy policy, we inform you about the most important aspects of data processing within our website and medical practice.

2. Controller

Dr. Ioanna Δ. Koufogiannaki
Γενικός Οικογενειακός Ιατρός
Ir. Politechniou 200
73400 Kissamos
Crete, Greece

Contact:
Phone: +30 2822 022211
Email: ikoufogiannakis@yahoo.com

3. Collection and Processing of Personal Data

3.1 Contact

If you contact us by phone, WhatsApp, email or contact form, the data you provide (name, phone number, email, inquiry) will be stored by us to process your request.

3.2 Appointment Scheduling

For appointment scheduling, we collect:

  • Name and contact details
  • Desired appointment
  • Reason for visit
  • Insurance status (EOPYY/Private)

3.3 Medical Treatment

As part of medical treatment, we document:

  • Personal details (name, date of birth, address)
  • Health insurance number (AMKA)
  • Medical history
  • Treatment data, diagnoses, prescriptions
  • AMKA/EOPYY data (for insured patients)

This data is subject to medical confidentiality.

4. Legal Basis

The processing of your data is based on:

  • Art. 6 para. 1 lit. a GDPR:
    Your consent (e.g. contact form)
  • Art. 6 para. 1 lit. b GDPR:
    Contract performance (medical treatment)
  • Art. 6 para. 1 lit. c GDPR:
    Legal obligation (EOPYY billing)
  • Art. 9 para. 2 lit. h GDPR:
    Health data in the context of medical care

5. Storage Duration

Your data is only stored for as long as necessary for the respective purposes:

  • Contact inquiries: Until completion, maximum 1 year
  • Appointment requests: Until appointment plus 30 days
  • Medical records: According to Greek law (at least 10 years)

6. Your Rights

You have the following rights regarding your personal data:

Access (Art. 15 GDPR) Information about stored data
Rectification (Art. 16 GDPR) Correction of incorrect data
Erasure (Art. 17 GDPR) "Right to be forgotten"
Restriction (Art. 18 GDPR) Restriction of processing
Data Portability (Art. 20 GDPR) Transfer in machine-readable format
Objection (Art. 21 GDPR) Objection to processing

To exercise your rights, please contact us using the contact details provided above.

7. Cookies

Our website uses cookies:

  • 🍪
    Necessary Cookies For website functionality (e.g. language settings)
  • 📊
    Analytics Cookies Only with your consent (Google Analytics)
  • 🗺️
    Third-Party Cookies Google Maps (only with consent)

You can change your cookie settings at any time.

8. Disclosure to Third Parties

Your data is only disclosed to:

  • EOPYY: For billing of medical services (only for EOPYY patients)
  • Specialists: For referrals (with your consent)
  • Pharmacies: For electronic prescription transmission

No transfer to other third parties takes place without your express consent.

9. Data Security

We use technical and organizational security measures to protect your data:

  • SSL encryption of the website
  • Access restrictions to medical data
  • Regular security updates
  • Obligation of our employees to data secrecy

10. Right to Complaint

You have the right to lodge a complaint with a data protection supervisory authority:

Hellenic Data Protection Authority (HDPA)
Kifisias Ave. 1-3, PC 115 23 Athens
Tel: +30 210 6475 600
Email: contact@dpa.gr
Web: www.dpa.gr

11. Updates

This privacy policy may be updated from time to time. The current version is always available on this page.

Last updated: February 2026