UPMC Salvator Mundi International Hospital Booking Online Policy
INFORMATION NOTE FOR INFORMED CONSENT TO PERSONAL DATA PROCESSINGPURSUANT TO ART. 13 AND ART. 14 OF THE EU GENERAL DATA PROTECTION REGULATION (GDPR) 2016/679
As provided for by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter “GDPR”), Salvator [N.d.T., in italiano "Salvador"] Mundi International Hospital, (VAT number 09023871008), with registered office in Via delle Mura Gianicolensi 67/77, 00152 Rome, Italy (hereinafter “SMIH”), in its role of data controller, and pursuant to Articles 13 and 14 of the GDPR, provides the following information on the use of your personal data collected to access the online services offered by SMIH via www.upmc.it (online booking services and managing appointments, hereinafter jointly "Online Services").
PURPOSE AND LEGAL BASIS OF PERSONAL DATA PROCESSING
In order to facilitate relations with its patients, SMIH has activated on the www.upmc.it portal (hereinafter "Portal") a section named Online Services. To access this section, users must complete a registration with the subsequent collection of some personal data.
The data collected are: first and last name, mobile phone number, e-mail address, date and place of birth, gender, ID, address and any additional non-mandatory information such as language, landline phone number and contact preferences.
Online Services allow private patients to book specialty consults at SMIH, and manage previously booked appointments.
Your personal data collected on the portal is used for the following purposes:
a) Creating a user account on the Portal. Personal data collected at the time of your registering on the Portal is used to create your user profile and allow you to use the Online Services. To this purpose, your data will be used to register and activate the user profile you requested (art. 6.1(b), GDPR).
b) Online booking of tests and specialist, follow-up and outpatient consults for private patients and manage appointments: your personal data will be collected and processed to book your requested services (outpatient services, prevention, diagnosis, treatment, and rehabilitation activities) and for all related administrative and accounting purposes. For all aforementioned activities, your data will be processed for purposes of treatment and prevention (art. 9.2(h), GDPR). In specific cases you may receive via e-mail the preparation protocols for tests/procedures you are scheduled to undergo. You will also receive a reminder of the date of your next visits via SMS on your mobile phone number or via email to the contact details you provided.
c) In order to send you a patient satisfaction survey (to be completed on a voluntary basis) on the services and care you received (booking services, hospital stay, outpatient consults, etc.), and provide useful information to measure the quality perceived, collect opinions from users and enable SMIH to improve customer satisfaction. The provision of the data requested in the questionnaire is optional. Any refusal to provide data will have no negative consequences on your access to care. To this purpose, you must consent to data processing as this is performed only after the user's consent (art. 6.1(a), GDPR). The purpose of data collection through the questionnaire is purely statistical and is done to assess the quality of services and/or care provided by SMIH.
Data processing is performed using electronic tools, adopting appropriate safety measures to guarantee data confidentiality and security.
WHO WILL ACCESS MY PERSONAL DATA?
Your personal data will be processed by the clinical and administrative staff of SMIH acting on the basis of specific instructions on the purposes and methods of data processing, and obliged to comply with professional secrecy and confidentiality.
Your data may also be communicated, in addition to the entities listed in the previous paragraph, also to third parties appointed Data processors or Person authorized to data processing providing ancillary services to the activity of the hospital.
Your data may also be communicated to independent data controllers in fulfillment of governing law or for the protection of their rights in judgment (e.g., social security and welfare institutions, insurance companies, etc).
The updated list of entities appointed data processors and independent data controllers who may have access to data is available from the Internal reference person for data processing - Office of the Director of Health Care Activities or from the DPO at the following contacts.
HOW LONG WILL MY DATA BE STORED?
Data collected during registration on the Portal and provided when booking patient care services are stored for the following periods:
a) for as long as the registered user is active on the Portal, or until he/she autonomously deletes his/her user account from the dedicated section of the Portal or requests the cancellation of his/her profile to SMIH.
b) data relating to any action carried out by the user on the Portal using his or her account (booking, cancellations, etc.) are stored for an additional 24 (twenty-four) months after cancellation.
c) for customer satisfaction survey purposes, your data will be processed anonymously and will not be disclosed to third parties. Survey results shall always be used and disclosed anonymously. You may withdraw your consent to the receipt of patient satisfaction surveys by clicking on the link at the bottom of the email.
WHAT RIGHTS ARE RECOGNIZED TO ME ACCORDING TO THE GDPR?
Articles 15 and following of the GDPR establish your right to obtain:
- confirmation that the paper and electronic archives do not contain personal data that concern you, to obtain a copy on paper or electronic media, and obtain information on data processing (purposes, categories of data, recipients, period of storage etc.);
- update, correction, or integration of data;
- deletion of data in the event of consent withdrawal in the absence of legal basis for data processing;
- should this satisfy the assumptions, a copy of your personal data in a structured format;
Should this satisfy the assumptions, data subjects have the right to file a complaint to the Italian Data Protection Authority ("Garante") in its capacity of supervisory authority, in accordance with the current policies.
HOW CAN I EXERCISE MY RIGHTS?
Your rights may be exercised contacting the Internal reference person for data processing - Office of the Director of Health Care Activities at: Salvator Mundi International Hospital S.r.l., Via delle Mura Gianicolensi 67/77, 00152 Rome, Italy or emailing firstname.lastname@example.org or contacting the DPO at: Salvator Mundi International Hospital - Responsabile della Protezione dei dati personali, Viale delle Mura Gianicolensi 67/77, 00152 Rome, Italy or emailing email@example.com.
DATA CONTROLLER CONTACTS
The data controller is Salvator Mundi International Hospital with registered office in Viale delle Mura Gianicolensi 67/77, 00152 Rome, Italy.
Last update: November 2022
We offer medical services and services on a private basis or in agreement with the main insurance companies. Some of our services are also affiliated with the National Health System.
For more information on active agreements, visit: