MedicalNavigator
MedicalNavigator
MedicalNavigator

Privacy Policy

Privacy Policy

Privacy Policy

Legal information

Medical Navigator GmbH

info@medicalnavigator.com

Last updated:

This privacy notice informs you about the processing of personal data within our website and services. It applies regardless of the domains, platforms and devices used (e.g. desktop, mobile, etc.).

We inform you about the processing of your personal data and the rights to which you are entitled under the European General Data Protection Regulation (GDPR). Personal data as defined by the GDPR is any information relating to an identified or identifiable natural person.

1. Who is responsible for data processing and whom can I contact?

The entity responsible for the processing of personal data is:

K.B. Innovation Group s.r.o.

Staré Grunty 204/16

841 04 Bratislava, Slovakia

Company Registration Number: 56258119

Tax Identification Number: 2122256906

Email: help@medicalnavigator.com

Website: www.medicalnavigator.com

2. What sources and data do we use?

We process personal data that we receive from you while using our Website and in the course of providing our Services.

Website access data: When you visit our Website, we collect technical data that your browser transmits to our server, including: IP address, date and time of the request, time zone, content of the request, HTTP status code, amount of data transferred, referrer URL, operating system, browser type and version.

Contact and intake form data: When you contact us via our contact or intake form, we collect the following personal data: full name, email address, phone number, preferred form of contact (phone, email, WhatsApp), type of medical treatment you are interested in, preferred treatment timeframe, and any additional information or medical reports you choose to share.

Health data: By submitting information about your medical condition, treatment preferences, or medical reports through our intake form, you are providing us with health-related data within the meaning of Art. 9 GDPR. This data is processed exclusively for the purpose of providing our Services as described in our Terms of Service.

3. What do we process your data for and on what legal basis?

We process personal data in accordance with the GDPR for the following purposes:

3.1 Consent (Art. 6(1)(a) and Art. 9(2)(a) GDPR)

By ticking the consent checkbox on our intake form, you explicitly consent to:

(a) the collection, processing and use of the personal information you provide, including health data, for the purpose of handling your inquiry and providing our Services;

(b) being contacted regarding your request via your preferred method of communication (phone, email, or WhatsApp);

(c) the transfer of your data to hospitals, clinics, or other healthcare providers inside and outside the EU/EEA as necessary for the provision of our Services.

You may withdraw your consent at any time by contacting us at help@medicalnavigator.com. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

3.2 Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)

When you contact us and request our Services, your data is processed for the purpose of providing our Core Services (as defined in our Terms of Service), including: providing information about clinics, facilitating contact between you and your selected clinic, appointment scheduling, coordination, and ongoing organizational support.

For Additional Services (visa support, transfers, accommodation, insurance assistance), your data is processed for the performance of the relevant contract upon your request.

3.3 Legitimate interests (Art. 6(1)(f) GDPR)

We process your access data and other data to safeguard our legitimate interests, in particular: ensuring IT security and the security of our Website; advertising or market research (unless you have objected); and assertion of legal claims and defense in case of legal disputes.

3.4 Cookies and analytics (Art. 6(1)(a) GDPR)

When you visit our Website for the first time, you will be asked whether you wish to accept non-essential cookies. If you consent, we may analyze the use of our Website and carry out marketing activities based on your interactions.

4. Who can access my data?

Within our organization, only personnel who need your data to fulfill our contractual and legal obligations have access to it. This includes our Coordinators who assist you with your inquiry.

Processors (Art. 28 GDPR): We engage processors in the categories of IT services, hosting, communications, and marketing. We take appropriate legal precautions and technical and organizational measures to protect personal data in accordance with applicable law.

Clinics: At your request and with your consent, we transfer your personal data (including health data) to your selected clinic(s) for the purpose of appointment scheduling, initial consultations, and treatment coordination. The contract for Medical Services is concluded directly between you and the relevant clinic. For reasons of data protection and medical confidentiality, clinics do not send health-related data concerning you back to Medical Navigator.

We will disclose your data to third parties only where required by law, necessary for the performance of a contract, based on legitimate interests, or where you have consented to such transfer.

5. How long will my data be retained?

For security reasons, log file information is stored for a maximum of 90 days and then deleted.

We process and store your personal data for the duration of our business relationship, which includes the facilitation of contact with clinics, organizational support, and the initiation and execution of any contracts for Additional Services.

After the conclusion of our Services, your data will be retained only as long as necessary to comply with applicable legal obligations. Under Slovak law, relevant retention periods may include accounting records (10 years under Act No. 431/2002 Coll. on Accounting) and tax records (10 years under Act No. 595/2003 Coll. on Income Tax).

The storage period is also assessed according to applicable statutory limitation periods, which under Slovak law are generally 3 years (Section 100 et seq. of the Slovak Civil Code), but may extend up to 10 years in certain cases.

6. Are data transferred to a third country or an international organization?

Your data is primarily processed within the European Union. Where data is transferred to countries outside the EU/EEA (e.g. the USA), we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses, adequacy decisions by the European Commission, or your explicit consent (Art. 49(1)(a) GDPR).

Please note: The protection of personal data in certain third countries may not correspond to the level of data protection required by the EU. In particular, there may be risks of access by government authorities. Where relevant, we will inform you of any specific risks prior to such transfer.

7. What are my data subject rights?

Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether personal data concerning you are being processed and, if so, to access such data.

Right to rectification (Art. 16 GDPR): You have the right to obtain without undue delay the rectification of inaccurate personal data and to have incomplete data completed.

Right to erasure (Art. 17 GDPR): You have the right to obtain the erasure of personal data concerning you without undue delay, subject to applicable exceptions (e.g. legal obligations, defense of legal claims).

Right to restriction of processing (Art. 18 GDPR): You have the right to request restriction of processing under the conditions set out in Art. 18 GDPR.

Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to another controller.

Right to withdraw consent: You can withdraw your consent to the processing of your personal data at any time. The withdrawal only takes effect for the future.

Right to object (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing.

Where personal data are processed for direct marketing purposes, you have the right to object at any time. If you object, your data will no longer be processed for such purposes.

Objections may be sent to help@medicalnavigator.com at no cost.

Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. The relevant authority in the Slovak Republic is the Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov Slovenskej republiky), Hraničná 12, 820 07 Bratislava.

8. Automated individual decision-making

We do not use fully automated decision-making pursuant to Art. 22 GDPR. We do not process your data automatically with the aim of evaluating certain personal aspects (profiling).

9. Is there an obligation to provide data?

For technical and security reasons, certain data is required to use our Website. If you do not provide this data, you may not be able to use our Website.

When using our intake form, you must provide your full name, phone number, preferred form of contact, and consent in order for us to process your inquiry. Other fields are optional. If you do not provide the required data, we will not be able to process your request.

10. Facilitation of contact with clinics

At your request, we facilitate the organization of your initial contact and appointments with your selected clinic(s). When facilitating this contact, the following data may be transferred to the clinic: your contact details (name, email, phone number), treatment preferences, preferred timeframe, and any additional information or medical reports you have provided.

As stated in our Terms of Service, Medical Navigator is not a healthcare provider and does not provide medical services. The contract for medical services is concluded directly between you and the relevant clinic. For reasons of data protection and medical confidentiality, clinics do not send health-related data concerning you back to Medical Navigator.

11. Cookies

We use cookies on our Website. Cookies are small text files stored on your device when visiting certain websites.

Essential cookies: These are necessary for our Website to function. They cannot be disabled except through your browser settings.

Non-essential cookies: We only use non-essential cookies (analytics, marketing) if you have given your consent via our cookie banner. You can withdraw your consent or change your preferences at any time.

You can also manage cookies through your browser settings. Please refer to your browser’s help pages for instructions.

12. Is there an obligation to provide data?

For any questions or concerns regarding this Privacy Policy or the processing of your personal data, you may contact us at:

K.B. Innovation Group s.r.o.

Staré Grunty 204/16

841 04 Bratislava, Slovakia

Email: help@medicalnavigator.com