Privacy Policy

Last updated: October 6, 2025

1. Data Controller

The data controller is Medicalface s.r.o., registered office Na Dláždění 64, 290 01 Poděbrady, Czech Republic.

Medicalface s.r.o.
Studentská 523/45, 290 01 Poděbrady
IČO: 05243637
Jednatel: MUDr. Jiří Boháč
Evidenční číslo ČLK: 1146326176
Email: info@medicalface.cz
Telefon: +420 777 879 849

Adresa provozovny:
Na Dláždění 64, 290 01 Poděbrady

2. What Data We Collect

We collect and process the following categories of personal data:

  • Identification data: name, surname, date of birth
  • Contact details: email address, phone number
  • Health information: medical history, allergies, previous treatments
  • Photos: before/after treatment photos (only with your consent)
  • Billing information: invoicing and payment data

3. Purpose of Data Processing

We process your data for the following purposes:

  • Providing medical and aesthetic services
  • Managing appointments and reservations
  • Communication about services
  • Sending newsletters (consent when submitting email)
  • Fulfilling legal obligations
  • Improving our services

4. Legal Basis for Processing

We process your personal data based on:

  • Contract performance: to provide services you requested
  • Legal obligation: medical documentation storage requirements
  • Consent (implicit): marketing communications when submitting email, photo use
  • Legitimate interests: service improvement, fraud prevention

5. Data Retention Period

  • Medical records: 10 years from last treatment
  • Marketing consent: until you withdraw consent
  • Accounting documents: according to legal requirements (typically 10 years)
  • Website cookies: according to cookie settings

6. Your Rights

You have the following rights regarding your personal data:

  • Right of access: request copy of your data
  • Right to rectification: correct inaccurate data
  • Right to erasure: delete data (where applicable)

All processors are contractually bound to protect your personal data and use it only for specified purposes.

7. Data Security

We protect your data using appropriate technical and organizational measures:

  • Encrypted data transmission (SSL/TLS)
  • Secure data storage with access controls
  • Regular security audits
  • Staff training on data protection
  • Right to data portability: you have the right to receive your data in a structured, commonly used format.
  • Right to object: you can object to certain types of data processing, particularly for marketing purposes.
  • Right to withdraw consent: consent to data processing can be withdrawn at any time without affecting prior lawfulness.
  • Right to lodge complaint: you can file a complaint with the supervisory authority (ÚOOÚ) if you believe your rights have been violated.

Pro uplatnění vašich práv nás kontaktujte na email: info@medicalface.cz

8. Data Sharing

We do not sell your data to third parties. We may share data with:

  • Healthcare providers (with your consent)
  • Accounting and legal services
  • IT service providers (under strict confidentiality)

We do not transfer data outside the EU without appropriate safeguards.

9. Cookies

Our website uses cookies to improve functionality and analyze traffic. You can manage cookie preferences in your browser settings or via our cookie banner.

  • Encryption of sensitive data
  • Regular security updates
  • Access restricted to authorized personnel only
  • Regular backups
  • Physical protection of premises

10. Policy Changes

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date.

Email: info@medicalface.cz
Telefon: +420 777 879 849
Adresa: Na Dláždění 64, 290 01 Poděbrady

Úřad pro ochranu osobních údajů:
Pplk. Sochora 27
170 00 Praha 7
Web: www.uoou.cz

Back to Home Page