Personal Data: any information that can be related to, identified with or identified by a natural person, such as: name, occupation, marital status, age, home address, telephone number, e-mail address, bank account, computer’s IP address of the natural person.

Sensitive Personal Data: data relating to racial or ethnic origin, political views, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of unequivocal identification of person, health or sexual orientation or sexual orientation. Some of them are collected and used only under certain conditions, for example with their own consent or when permitted by national law.

Personal Data Subject: the natural person to whom the personal data belong.

Psychologist Katerina Vati, based in Kalloni, Lesvos, is the Processor for the evaluation and treatment of human mental health problems, determining the purpose and manner of processing your personal data.

For any issue related to the processing of your personal data and the exercise of your rights you can contact the psychologist Katerina Vati, at 00306949159078 and / or by mail at katerina.vati@gmail.com

In order to provide the services of the doctor’s office, the following Personal Data is collected and processed:

1. Customer data: Name, VAT number, tax office, address, social security number, telephone, email, age, place of birth, gender, occupation, marital status, ethnic origin, spouse name, spouse age, spouse occupation, names / ages of children, sibling names, educational level, health data.
2. Data of suppliers – partners: Company name, firstname, surname, VAT number, tax office, address, telephone, email, bank account number.

According to article 9 par.2 of the General Regulation for Data Protection and the decision 31/2008 of the Personal Data Protection Authority, the health professional, in particular mental health, can keep a file of sensitive personal data and this file must include the name, patronymic, gender, age, address of the patient, as well as any other essential elements related to the provision of care to the client such as the reason for the visit, the primary and secondary diagnosis or the treatment followed ( medical history), the history of the problem that concerns the patient, the general psychosocial history and the psychotherapeutic course of the patient.

The company of psychologist Katerina Vati, takes into account all the principles in accordance with the General Regulation of Data Protection, for all the treatments that are presented in detail below. Your personal data:

1. They shall be processed lawfully and in a transparent manner (“legality, objectivity and transparency”),
2. They are collected for specified, explicit and legitimate purposes and are not further processed in a manner incompatible with those purposes. Further processing for the purposes of archiving in the public interest or for the purposes of scientific or historical research or statistical purposes shall not be considered incompatible with the original purposes in accordance with Article 89 (1) (“limitation of purpose”) ,
3. They are appropriate, relevant and limited to what is necessary for the purposes for which they are processed (“data minimization”),
4. It is accurate and, where necessary, updated; all reasonable steps are taken to promptly delete or correct personal data which is inaccurate in relation to the purposes of the processing (“accuracy”),
5. They are kept in a form that allows the identification of data subjects only for the period required for the purposes of processing personal data. Personal data may be stored for longer periods, provided that personal data are processed only for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, provided that appropriate technical and organizational measures are taken to safeguarding the rights and freedoms of the data subject (“limitation of the storage period”),
6. They are processed in a way that guarantees the appropriate security of personal data, including their protection against unauthorized or unlawful processing and accidental loss, destruction or deterioration, using appropriate technical or organizational measures (“integrity and confidentiality”).

According to articles 9 par.2 and 10 of the General Regulation for Data Protection, processing of sensitive personal data is carried out with the following legal basis:

(a) the provision of mental health services according to article 9 par. 2 lit. (h) of the GDPR, as the provision is based on a contract for the provision of health services
(b) the need to fulfill the obligations and exercise specific rights of your company or yours, in the field of labor law and social security and social protection law
(c) the establishment, exercise or support of legal claims or when the courts act in their jurisdiction according to article 9 par. 2 lit. (f) of the GDPR and (d) the need to fulfill archiving purposes in the public interest, purposes of scientific or historical research or statistical purposes in accordance with Article 89 par. 1 of the GDPR.

The doctor’s office belongs to the category of professionals who have an obligation of confidentiality as described in article 9 of Law 991/1979 (article 9, par. 3 of the GDPR), therefore it can process data of special categories for the purposes of providing mental services health.

In case of sending informative messages (Newsletter) through our website, the main purpose of keeping your data is your service, so that we can respond to your request and offer you our services. The newsletter service is optional and when someone uses it, we collect data when registering to use the Newsletter / periodic email service.

The data collected relates to the name and e-mail address of the user / visitor and is stored for the purpose of regular updating via e-mail. The Newsletter service is performed by its hosting server and is stored in accordance with this privacy policy. Without receiving and processing this data it is not possible to provide these services from our website.

The Personal Data collected is kept for as long as required by the current legislation, ie for 10 years from the last visit (according to article 9 par.2 of the GDPR and the decision 31/2008 of the Data Protection Authority Personally, mental health professionals in terms of processing and retention of data, are included in the Code of Medical Ethics no. 14 par. 4 L.3418 / 2005).

These data will then be deleted, without further informing the natural subject, unless there is a legal case of retention for a longer period. The data in case of keeping for a longer period of time for scientific, historical or statistical reasons, can be kept anonymous, without any possibility of identification.

The rights of the users according to the provisions of the GDPR 679/2016 / EU are:

• the right of access, to find out what data we process for you, for what purpose and its recipients ,
• the right to be corrected, in order to correct any deficiencies or inaccuracies in your data,
• the right of deletion (“right to be forgotten“), to delete your personal data from our files, but if their processing is no longer necessary or the retention of data is no longer required for our compliance with our legal obligations or for defending our legal interests before the Courts,
• the right to restrict processing in the event of a dispute over the accuracy of your data
• the right of portability, to receive your data in a structured and commonly used format
• the right to object, in case you do not wish to use your data for the purposes of direct marketing.
• the right to submit a complaint to the Personal Data Protection Authority (www.dpa.gr), at the address 1-3 Kifissias, PC 11523, Athens.

You can contact the psychologist for any questions regarding the processing of your personal data and the exercise of your rights by calling 6949159078 or by mail katerina.vati@gmail.com. The company will respond to your every request within a month. The deadline may be extended to an additional two months informing you of the reasons for this delay.

In case you consider that the protection of your personal data is affected in any way, you can appeal to the Independent Authority for the Protection of Personal Data (website: www.dpa.gr) at the address 1-3 Kifissias, PC 11523, Athens.

We reserve the right to update this policy in any event that changes to privacy laws, alter the personal data we process or enrich the processing that takes place. The update will be posted on this site and you will be notified by any means possible.