Privacy policy
Information for user (the patient)
This information has been prepared pursuant to Art. 13 of Regulation (EU) 2016/679 (Legislative Decree 101/2018) concerning the protection for individuals with regard to the processing of personal data as well as the free circulation of such data; this decree repeals Directive 95/46/EC (general data protection regulation) (GDPR). This notice informs you about the methods of processing your data.
This privacy policy applies only to this website (https://www.christinewhisstock.it/) and not to others connected to it such as the clinics that manage the bookings on this site.
Controller
The Controller of your data is Dr. Christine Whisstock, registered in the Order of Medical Doctors of Padua No. 10469, VAT number 05296090284. The controller decides how your data are managed.
For any information relating to the processing of your personal data, please send an email using the contact form on the site.
Principles applied to the processing of personal data
The Controller, pursuant to and for the purposes of the GDPR, announces that the aforementioned legislation provides for the protection of individuals with respect to the processing of personal data, and that this treatment will be based on principles of correctness, lawfulness, transparency and protection of confidentiality and fundamental rights.
Purpose of the privacy notice
The data you provide, whether for yourself or on behalf of a minor or another, will be processed only for predetermined purposes.
More precisely, for the following purposes: data relating to state of health, biometric data, examinations and genetic data, will be used for the provision of health services (specialist visits, instrumental investigations for the purposes of diagnosis, treatments and therapies) and for any other activity necessary for the execution of these services and the obligations deriving from them.
The basis of processing is art. 9 paragraph h) of the GDPR. The refusal to allow processing of data prohibits the provision of health services.
The fiscal, personal and contact data will be used for invoicing and for the fulfilment of all other administrative, bureaucratic and tax-related obligations regarding the existing relationship. This information is collected on the basis of our legal obligation and necessary for the execution of the contract (Article 6.1.b-c). Refusal to provide data makes it impossible for us to fulfil contractual obligations.
Once consent has been given for a specific purpose, the interested party, at any time, has the right to revoke it (Article 7.3 of the GDPR).
Methods of data processing
The processing will be carried out electronically or otherwise, in the ways and within the limits necessary to pursue the above purposes, in compliance with the principles of art. 5 of the GDPR.
The processing will be carried out by the Data Controller and authorised persons, with the observance of all measures to guarantee security and confidentiality.
Communication and diffusion of data
For the purpose of executing the contract and for the purposes indicated above and according to your choices in the request for health services through the site, your personal data may be disclosed to:
- outpatient clinics and medical centres in which the Data Controller operates and for which a visit is requested,
- external laboratories if necessary for the provision of the required services,
- private insurance companies for the reimbursement of the service,
- external consultants for the performance of all administrative, technical maintenance and safety activities,
- lawyers, experts and insurance companies in the event of a conflict.
Rights of the patient
Users have a series of rights pursuant to Regulation (EU) 2016/679.
These rights are:
- right to access their personal data (once confirmed that their data are subject to processing by the Data Controller),
- right to obtain the correction and integration of the data,
- right to obtain the cancellation of the data,
- right to obtain the limitation of the processing of personal data in the presence of certain circumstances,
- right to receive the personal data provided to the Controller in a structured and commonly used format,
- right to object to the processing of personal data if there are particular reasons connected to your situation,
- right not to be subjected to an automated decision-making process,
- right to obtain communication in the event that one’s data are seriously violated,
- right to withdraw consent to processing at any time,
- right to lodge a complaint with a supervisory authority.
If personal rights have been considered violated, informal communication to the Data Controller should be made by the applicant or a delegated person, preferably using one of the contact forms on the site; a suitable response will be sent without delay.
The Data Controller undertakes to make the exercise of rights by the interested parties as easy as possible.
Transfer of data outside Europe
In order to carry out our responsibilities, we may transfer your personal data within and outside the European Union. In the latter case, we make sure that the recipient complies with the legal provisions in force, including the rules specifically prescribed for the transfer of personal data to third countries. In particular, we ensure that such transfers are made on the basis of a decision of adequacy by the Data Controller of Standard Contractual Clauses (SCC) approved by the European Commission.
Data retention period
The data relating to the health services provided are kept for the time required by health legislation and to ensure protection of the Data Controller and / or the clinic in terms of health responsibility.
The data from communications to, and information from, the Data Controller and / or the medical centre, are kept until the interested party withdraws consent.
Cookies Policy
Information relating to cookies pursuant to art. 122, paragraph 1 and 154, paragraph 1 letter h) of the Legislative Decree no. 196/2003 and the provision of the relevant authorities on 8 May 2014.
The site uses a technology called “cookies” for its technical management and to ensure the functionality expected during a visit. Cookies are small files that we send to your computer and which are then recognised by the site during its use. By showing us how our users surf the site, cookies provide us with information by which we can make your browsing experience easier and more efficient.
We use three types of cookies:
- the so-called “technical” or “functional” ones that ensure the correct functioning of the site, making it easier for you to surf. These are used without your consent;
- the “analytical” ones from which we obtain insights into the use of our website in order to improve the user experience. We ask permission to use these, except in the case where the data is anonymized and the third party that manages them undertakes not to cross them with those already in its possession (Privacy Guarantor – Clarifications regarding the implementation of the legislation on cookies);
- those of “marketing / tracking” that store data on the local computer that are then used to create user profiles in order to display more relevant ads, to track the user on this website or between websites for similar purposes of marketing. We ask permission to use these.
When you visit the website for the first time, we will show you a pop-up with an explanation of the cookies. As soon as you click on “I accept”, or “Save preferences”, you give us permission to use the categories of cookies and plug-ins as described in this statement. You can change your choices at any time by opening the pop-up for managing cookies preferences located at the bottom left of the browser window.
With the use of cookies, your personal data are not recorded but your navigation path and your preferences are, in order to facilitate research and protect the site from spam. Some cookies are strictly necessary for the functionality of the site, while others allow you to optimise its performance and offer a better user experience.
You can disable or delete the cookies residing on your computer, manually or automatically, by following the instructions of your browser, which you can usually find in the Help or Guide menu. Remember that deleting cookies or disabling their use could compromise or limit some navigation and consultation functions of the site. If you do not authorise us to use cookies, certain functions and pages may not work as expected.
Remember that our site may not work properly if all cookies are disabled. If you delete the cookies in your browser, they will be stored again after your permission is given when you visit our site again.
The types of cookies used on our site and their use are listed below. Over time, the technical names may change due to the choice of the service provider but you can always manage them in the forms described above.
| Name | Technical name(*1) | Purpose | Function | Time of permanence | Who manages them |
|---|---|---|---|---|---|
| Google Analytics(*2) | _ga | Analysis | Count and track page views | 2 years | Third parties |
| Google Analytics(*2) | _ga_* | Analysis | Save anonymized statistics | 1 year | Third parties |
| Google reCAPTCHA(*2) | _grecaptcha | Technical and Analysis | Filter bot requests to prevent spam | Persistent and session | Third parties |
| Google reCAPTCHA(*2) | rc::* | Technical and Analysis | Filter bot requests to prevent spam | Persistent and session | Third parties |
| Google Maps(*2) | Google Maps API | Marketing | Request the user’s IP address | None | Third parties |
| Google YouTube(*2) | Google YouTube API | Marketing | Request the user’s IP address | None | Third parties |
| Cloudflare | __cf* | Technical | Proxy protection | Variable | Third parties |
| Cloudflare | cf_* | Technical | Proxy protection | Variable | Third parties |
| Microsoft Clarity | _clsk | Analysis | Link a user’s views into a single session recording | 1 day | Third parties |
| Microsoft Clarity | _clck | Analysis | Store user ID and preferences | 1 year | Third parties |
| StatCounter | sc_is_visitor_unique | Analysis | Store user IDs and returning visits | 2 years | Third parties |
| Polylang | pll_language | Technical | Manage the language | Persistent | Website |
| Complianz | cmplz_policy_id | Technical | Record the ID of the accepted cookie policy | 365 days | Website |
| Complianz | cmplz_* | Technical | Save your cookie consent preferences | 365 days | Website |
| Table of Contents | ezTOC_hidetoc | Technical | Save your preferences for viewing the table of contents | Session | Website |
(*1) it is possible to check and obtain additional information on the Cookiedatabase.org website.
(*2) under the terms of Google, for the use of its services, we publish its Privacy Policy and its Terms of Service.
This privacy policy was last updated on September 28, 2023 and applies to all citizens of the European Economic Area.
Dr Christine Whisstock
Medical doctor and endocrinologist, specialised in the treatment of diabetes and of the diabetic foot.
PhD in hypertension and prevention of cardiovascular risk.
Head of the Diabetic Foot Unit of the Abano Terme Polyclinic (Padua, Italy).