This Privacy Policy, based on the General Data Protection Regulation (GDPR), explains which personal data are collected in connection with our activities, how we process, use, and protect such data, the purposes for which we use them, as well as your rights related to your personal data.
FUNDAMENTAL PRINCIPLE OF OUR BUSINESS IS PRIVACY AND PERSONAL DATA PROTECTION
The privacy of individuals and the protection of personal data are fundamental human rights. It is our duty to safeguard the personal data we collect, process, and store. Your personal data are our responsibility, and we collect and process them only when necessary, while ensuring the implementation of security measures for their protection.
Polyclinic Fiziodent, a member of the Adria Dental Group – the largest dental medicine group in the Adriatic region – adheres to the following principles with the aim of protecting the privacy and personal data of its patients and all persons whose personal data we process:
It is important that you read this Privacy Policy, and we hope you will devote your time and attention to it. We have made every effort to write it as clearly as possible and to ensure it is understandable to everyone, in order to maintain your full trust in the way we handle your personal data.
If, after reading it, you have additional questions regarding the protection of personal data at Polyclinic Fiziodent, you may contact our Data Protection Officer at any time:
Igor Barlek, CIPP/E, Data Protection Officer, Adria Dental Group
We regularly update our Privacy Policy to further improve and protect your data.
This Privacy Policy was updated on June 4, 2025.
1. WHO WE ARE
Fiziodent Polyclinic, Trg kralja Petra Krešimira IV. 17, 10000 Zagreb, is the controller of your personal data and determines the purposes and methods of processing your personal data, ensuring that all necessary security measures are in place. With regard to patients’ personal data, it also acts as a joint controller together with affiliated companies — dental laboratories within the Adria Dental Group, our group company ADRIA DENTAL GROUP d.o.o., Ul. Josipa Marohnića 3, 10000 Zagreb, and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb.
2. WHAT DATA WE PROCESS, HOW, AND FOR HOW LONG
When registering potential patients for a free specialist examination
For this purpose, we require your basic personal details (first and last name) and contact information (email and phone number) to enable effective communication, better understand your wishes and needs, and arrange the date of your first examination. Providing a dental image or orthopantomogram is certainly welcome, but only if you already have one and wish to share it with us, in accordance with the legal requirements for processing health data as a special category of personal data under the GDPR, and with the highest level of security for such data. If you decide to withdraw from the free specialist examination, we will permanently delete all your personal data.
When providing dental services to our patients
While providing dental services, we are required to collect all information about your dental health and maintain a patient record, as well as the necessary set of health-related personal data (such as the presence of chronic illnesses, possible allergies or infections, and any specific considerations related to receiving anesthesia). This information is essential for delivering dental services and safeguarding your health during certain specialist treatments and surgical procedures, in accordance with the legal requirements for processing health data as a special category of personal data under the GDPR, and with the highest level of security for such data.
During scheduled treatments and multi-stage procedures, we also collect dental photographs of patients to monitor the effectiveness of each stage of the procedure. These photographs are stored exclusively in the patient’s record.
In your patient record, we retain all information relevant to ensuring the highest quality of your dental health, which we are legally required to keep for ten years after the completion of treatment, in full compliance with patients’ rights to the confidentiality of health-related information in accordance with professional secrecy regulations. Older records are archived.
In your best interest, and to ensure the highest quality of dental care, we may refer you to another clinic within the Adria Dental Group or use the services of dental laboratories that are members of the Adria Dental Group. In doing so, and in accordance with legal regulations in the field of dental medicine and the preservation of professional dental confidentiality, we will also share your medical records.
All members of our team are bound by professional confidentiality regarding everything they know about your health condition, and access to all your personal data is strictly limited. In accordance with the Health Care Act, we are obliged to grant access to your personal data upon request by the competent ministry, other government authorities in accordance with specific regulations, the Croatian Chamber of Dental Medicine, and the competent judicial authorities.
We retain the necessary set of basic personal data (name, surname, personal identification number, address, and service provided) for invoicing purposes, in accordance with accounting and tax regulations.
Selection of job candidates and employment
During the recruitment and selection process, we collect basic information about candidates with the aim of concluding an employment contract, including name and surname, residential address, email address, phone number, education, and work experience, as well as any other information you choose to provide in your CV, forming a set of your personal data relevant to conducting the selection and hiring process. After the selection process is completed, successful candidates are hired, and we collect all necessary information in accordance with legal obligations. Applications and personal data of candidates that were not hired are either returned upon request or permanently destroyed, unless, based on your consent, we retain them for potential future employment opportunities.
We share job applicants’ personal data with our group company ADRIA DENTAL GROUP d.o.o., Ul. Josipa Marohnića 3, 10000 Zagreb, and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb, as affiliated companies, based on a legitimate interest and in accordance with the provisions of the GDPR.
Consumer right to file a complaint
Every patient has the right to submit a complaint or claim regarding the services provided. In such cases, we collect the necessary set of personal data from the complainant and retain it for up to 12 months, in accordance with consumer protection regulations.
Use of your personal data for sending newsletters
We send updates from our clinic via newsletters about our services and special offers based on your consent or a legitimate interest in using your email address for this purpose. We will use your email address until you withdraw your consent or object and express your wish to stop receiving further communications.
Collection of your personal data on our website
Although you can use our website without providing personal data, when you contact us via our contact form to book a free specialist examination or treatment, or for potential employment, establishing a business relationship, or making an inquiry, we collect your name, surname, and email address. Providing your phone number is especially helpful, as it allows us to better understand your wishes and needs in the area of dental health through a follow-up phone call. We will collect your personal data for as long as there is ongoing communication aimed at establishing cooperation and arranging your first appointment, and we will delete it once the communication ends, after all legal obligations have expired, or when there is no longer a lawful basis under the GDPR for processing your personal data.
Our website is not intended for providing services to minors under the age of 16. For this reason, parental consent or the consent of a legal guardian is required before submitting any personal data via our contact form.
Our website also contains links to other websites and social media platforms (e.g., Facebook, Instagram, YouTube), which are not covered by this Privacy Policy. We recommend that you read the privacy terms of each website and social media platform you visit, especially when you provide any personal data.
Cookies
Our website uses small text files that are placed on your computer or device to customize your web browser interface. Cookies that are necessary to ensure the functionality of our website cannot be disabled. They are usually set in response to actions you take that involve a request for services, such as adjusting cookie settings, logging in, or filling out forms.
The use of other cookies that collect your personal data requires your prior consent. Even if you choose not to give your consent, you can still fully use our website and have unrestricted access to all its content.
3. WHO HAS ACCESS TO YOUR DATA
We work exclusively with trusted business partners who help us deliver and improve our services and make our direct communication with you more effective. We grant access to your personal data to authorized external processors for the purpose of processing personal data on our behalf and based on our explicit instructions, under data processing agreements concluded in accordance with Article 28 of the GDPR. These partners are strictly required to maintain confidentiality in line with this Privacy Policy, the contracts we have signed with them, and the obligations set out in the GDPR.
Our selected external processors are business partners who provide services for us such as patient contact management, staff recruitment, IT services and maintenance of business applications and systems, protection of property and people, and web and email hosting, all of which are essential for ensuring the highest quality of our services.
4. YOUR RIGHTS
You can contact us at any time to exercise your rights regarding the protection of your personal data. Your rights are as follows:
Right of access to personal data
You have the right to access your personal data and to be informed about which data we process, how we process it, for what purpose, and for how long. We also provide you with the option to receive a copy of your personal data.
Right to rectification of personal dana
You have the right to correct or complete any inaccurate or incomplete personal data we have collected about you.
Right to erasure of personal dana
You have the right to request the deletion of your personal data when it is no longer necessary for the purpose for which it was collected, when you submit a valid objection, or when your personal data is being processed unlawfully.
Right to object
You have the right to object to certain processing of your personal data. For example, you can request that we stop processing your personal data for direct marketing purposes, such as sending newsletters.
Right to restriction of processing
You can request that we restrict the processing of your data, for example, when deletion, correction, or an objection regarding your personal data is pending, and/or when we do not have a valid legal basis for processing your data but you wish to retain it. When processing is restricted, your data will be stored but will not be further processed. For instance, if you dispute the accuracy of your data, processing of such data will be restricted until it is verified as accurate.
Right to data portability
When your data is processed automatically based on a contract or your consent, you have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format, and to transfer that data to third parties at your discretion.
Right to withdraw consent
If you have previously given your free and explicit consent for the public posting of intraoral or facial photographs, or audio/video recordings on our website or social media, you have the full right to withdraw your consent at any time, and we will remove any posts containing your photographs or audio/video recordings.
If you wish to exercise any of the rights mentioned above, you can submit a request:
We will respond to your request as soon as possible, and no later than one month from the receipt of your request. If we are unable to securely verify your identity, we reserve the right to request additional identity verification from the requester.
If you believe that our handling of your personal data is not lawful, you may lodge a complaint at any time directly with the competent supervisory authority — the Personal Data Protection Agency (AZOP), Ulica Metela Ožegovića 16, 10 000 Zagreb, phone: +385 1 4609 000, email: azop@azop.hr.
UPDATING THIS PRIVACY POLICY
We reserve the right to periodically adjust and update the text of this Privacy Policy, primarily to comply with legal changes or in the event of changes to the purposes and methods of processing. However, we will not limit or diminish your rights arising from this Privacy Policy or applicable laws. If any changes occur that may affect your rights, we will inform you in a timely and appropriate manner.
