Privacy Policy

C.H.G Cyprus Healthcare Group Ltd (here after called “CHG”) is a private company incorporated in Cyprus. This holding entity operates through various subsidiaries and / or though different trade names.

 

CHG subsidiaries are:

  • Medigence Home Healthcare Ltd
  • C.H.G Medical Concierge Ltd
  • C.H.G Curis Oncology Ltd
  • Curis Investments (Cyprus) I Ltd
  • A.M.A Preclinical Research and Development Ltd
  • Curis Investments I (Cyprus) Ltd
  • Curis International Healthcare Management LLC

 

 

CHG trade names:

  • C.H.G Curis Network
  • C.H.G Curis Concierge
  • C.H.G Curis Healthcare
  • C.H.G Curis Physiotherapy
  • C.H.G Curis Laboratories
  • C.H.G Curis Biomedical
  • C.H.G Curis Advice
  • C.H.G Curis Investments
  • C.H.G Curis Life Sciences
  • C.H.G Curis Disruptive Health Innovation
  • C.H.G Curis Home Healthcare

 

When a reference is made to either CHG / We / Our then it means that it includes all of the above subsidiaries or operations under a trade name.

 

CHG maintains the following websites:

www.cyhealthgroup.com

www.curisnetwork.com

www.medigencegroup.com

www.curisconcierge.com

www.curisrecruit.com

www.cyprusoncology.com

 

CHG also provides a subscription-based electronic platform to its users who may form an account and access such platform through a sub-domain provided by CHG’s website www.curisnetwork.com (the “Platform”). The Platform also provides the opportunity to its subscribers/users to communicate live through our Intercom Chat System directly with one of our staff members who are always at your disposal for any assistance you may need.

 

The following statement describes the “Privacy Policy” of CHG which informs you of the following:

  • The types of Personal Data that we process
  • The purposes of processing your Personal Data
  • Security of your Personal Data
  • The legal basis for such processing
  • When and to whom we may share your Personal Data with
  • Your rights and choices concerning your Personal Data
  • Retention Period of Personal Data

 

By visiting our website(s), using our Services, subscribing to our Platform or otherwise interacting with us, you acknowledge and agree to the data processing activities described in this Privacy Policy that we undertake. Please note that any linked websites present on our website are subject to their own terms and privacy statements/notices.

 

We maintain the right to effect changes to the present Privacy Policy. If we opt to do so, your continued use of our website and/or Services will constitute an acknowledgement on your side of the amended Privacy Policy.

 

1. The Types of Personal Data that we Process

 

By subscribing to our Platform and/or using our website(s) for the purposes of being provided with our Services, accepting our Cookies if applicable, submitting an enquiry form using our Contact Form, completing any form(s) or by contacting us via email, telephone or otherwise, you may provide to us your Personal Data.

 

Reference to “Personal Data” includes:

  • Name and Surname
  • Contact Details
  • Financial Information (card details, IBAN, SWIFT) when submitting payments
  • Emergency Contact
  • Medical Information (medical history, basic physical information such as height, age, weight, daily activity, medical records and other medical-related information)

 

You are under no obligation whatsoever to provide us with your Personal Data however without obtaining it, we may be unable to respond to your request and/or to provide you with our Services.

 

In addition to your Personal Data we may also collect Usage and Browsage Data, i.e. information that is automatically collected from your usage of the website(s) and Platform such as IP addresses or domain names of the computers utilised, URI addresses, the time of the request(s), the features of the browser(s) and operating system used by the user.

 

Usage and Browsage Data that allow us to identify you and/or which renders you as identifiable, together with the Personal Data, shall be treated as Personal Data by us for the purposes of complying with our obligations and responsibilities deriving from the General Data Protection Regulation 2016/679 (the “Regulation”).

 

2. The Purposes of Processing your Personal Data

 

Reference to “Processing” means any operation(s) which we perform on Personal Data (using automated or non-automated means) such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise.

 

We process Personal Data provided voluntarily by our subscribers/users for the purposes of providing them with our Services (as defined in our Terms and Conditions) that requires access to such data, to assist them to manage their health status or for identification purposes in case of request for a Service. Incrementally we store your Personal Data for future reference in case of potential health issues.

 

3. Security of your Personal Data

 

Your Personal Data may be freely inserted by you upon subscribing to our services including forming an account to use the Platform, or they may be automatically collected (see above Usage and Browsage Data).

 

At CHG we take all necessary steps (technical and organisational) to protect your data and minimize any potential risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure or, or access to your Personal Data.

 

Unfortunately, we cannot always guarantee complete security of your information which may be compromised in the event of unauthorised entry or use, hardware or software failures, events outside the control of CHG. However upon becoming aware of such data breach we undertake that we shall promptly take requisite steps to deal with such breach and notify you and/or the supervisory authority in Cyprus if necessary to do so.

 

Processing of your Personal Data takes place using computers and/or telematic means and is stored on an online server to which we are subscribed to and/or in hard copy form in secured filing cabinets whereby access is granted only to designated professionals who are bound by our internal confidentiality agreement and shall not disclose your data to any third party without your prior consent.

 

 4. Legal Basis for Processing

 

The legal basis upon which we process your Personal Data for the purpose(s) listed above include the following:

 

  • Your Consent: This is freely and explicitly provided to us upon you submitting your details and accepting our Terms & Conditions, Privacy Policy and Cookie Policy for the purposes of being provided with our Services and/or using our website(s), Platform, making an enquiry or otherwise contacting us;
  • Contract Performance: Processing of your Personal Data shall be necessary for the purposes of fulfilling a contract that you have entered into with us, such as for example our Terms & Conditions and/or upon submitting a request for the provision of our Services which may include a medical diagnosis, the provision of health or social care or treatment;
  • Legitimate Interests: Processing of your Personal Data may take place in order to protect our legitimate interests as a business for the purposes such as:
    • Enabling our sub-contractors and third party service providers to carry out certain functions on our behalf such as hosting and maintaining the operation of our websites as well as technical and other logistical functions. For operation and maintenance purposes, this website and any third party services (as listed below) it uses, may collect system logs, i.e., files that record interaction – including navigation, personal data, such as IP address; and
    • Carrying out and administering our business which includes without limitation our financial operations, potential credit checks and/or debt recoveries.
  • Legal Obligation: Processing of your Personal Data may take place in order for us to comply with a legal obligation such as CHG complying with applicable laws and regulations (e.g. in response to a request from a regulatory body or a court) as well as financial reporting obligations.

 

 

5. When and to whom we may share your Personal Data with

 

We do not share your Personal Data with third parties except as described in this Privacy Policy.

 

We may share your Personal Data with the following recipients:

  • Sub-contractors and other third party service providers of CHG such as cloud computing service providers or technical service providers for the purposes of allowing a seamless login and access authorisation to our Platform and website(s) with which we maintain a contract ensuring that as Data Processors (i.e. as natural or legal persons which process personal data on behalf of the controller which is CHG in accordance to the Regulation) they may access your Personal Data only for the purposes of performing their services under the contract;
  • Healthcare professionals including doctors and medical consultants following receipt of a request from the user, said healthcare professionals being under a contractual duty to provide such Services and to simultaneously maintain the confidentiality of your Personal Data.

Other than for the purposes listed in this Privacy Policy as well as the disclosures to external third parties set our herein above, we will not use your Personal Data for any other purpose not listed above or disclose any Personal Data without receipt of your additional consent except as required by law, such as to comply with a subpoena, court orders and regulations or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud or respond to a government request.

 

6. Your rights and choices concerning your Personal Data

 

  • Right to Access:

The right to access Personal Data we hold on you – At any point you can contact us to request the Personal Data we hold on you as well enquire as why we have that Personal Data, who has access to the Personal Data and where we obtained the Personal Data from. There are no fees or charges but requests which are manifestly unfounded or excessive may be subject to an administrative fee.

  • Right to Amend:

The right to correct and update the Personal Data we hold on you – If the data we hold on you is out of date, incomplete or incorrect, you can inform us and your data will be updated.

  • Right to Erasure:

The right to have your Personal Data erased. If you feel that we should no longer be using your Personal Data, you can request that we erase the Personal Data we hold. However, in case we have provided a Service that requires us to maintain a record based on which we have delivered that Service that record will be maintained by us in a non-public database for the period defined by the laws and regulations regarding such data.

  • Right to Object:

The right to object to processing of your Personal Data or to restrict it to certain purposes only.

  • Right to Cease or Restrict Processing:

You have the right to request that we stop processing your personal data or ask us to restrict processing. Upon receiving the request we will contact you and let you know if we are able to comply or if we have a legal obligation to continue to process your data.

  • Right to Data Portability:

Right to request copies of your Personal Data in a structured, commonly used and machine readable manner for the purposes of transferring to another provider or the same or similar services. This right may be exercised in certain circumstances to the extent that it applies to the services we offer. Please note that transfer of your Personal Data does not necessarily mean the erasure of such Personal Data as we may be bound by an overriding legitimate interest or legal obligation to maintain them

  • Right to Withdraw Consent:

The right to withdraw your consent to the processing at any time for any processing of data to which consent was obtained. You can withdraw your consent easily by telephone, email, or by post (see Contact page for our details).

  • Right to Lodge a Complaint:

The right to contact the relevant European supervisory authority to lodge a complaint in the event you believe that your rights under the Regulation are infringed. For complaints to be lodged at the Office of the Commissioner for Personal Data Protection, the relevant contact details are as follows:

 

Email: commissionerdataprotection.gov.cy

Office Address: Iasonos 1, 1082 Nicosia, Cyprus

Postal Address: P.O.Box 23378, 1682 Nicosia, Cyprus

Telephone: +357 22818456

Fax: +357 22304565

 

7. Retention Period of your Personal Data

CHG shall not retain your Personal Data for any longer than is necessary in light of the purpose(s) for which that data is collected, stored and processed. We will delete your Personal Data when it is no longer necessary or legally compulsory to retain it and/or take the necessary steps to anonymize it so that you can no longer be identified from it.

 

Different types of Personal Data used for different purposes will necessarily be retained for different periods as set out below:

 

  • Medical Information (such as medical history, basic physical information such as height, age, weight, daily activity, medical records and other medical-related information) – this type of Personal Data may be retained by CHG for up to fifteen (15) years from the date we last submitted such data into our filing system, provided that no outstanding financial and/or legal and/or of other nature matters exist between CHG and you as data subject. In limited circumstances, it may also be necessary to retain your Medical Information for longer periods where such retention is for archiving purposes that are in the public interest, for scientific or historical research purposes, or for statistical purposes. All such retention will be subject to the implementation of appropriate technical and organisational measures to protect the rights and freedoms of data subjects, as required by the Regulation.
  • Financial Information – this type of Personal Data may be retained by CHG for up to seven (7) years from the date of termination of our Services as required by applicable law(s) related to for example tax, financial audit and social insurance that CHG is obliged to adhere to.

shall be destroyed and/or deleted upon termination of our Services unless we are required and/or entitled pursuant to applicable law(s), or for as long as necessary for the purposes described herein above for which your Personal Data are processed. We will delete your Personal Data when it is no longer necessary or legally compulsory to retain it and/or take the necessary steps to anonymize it so that you can no longer be identified from it.

In the event of a legal dispute and/or judicial proceeding, CHG maintains the right to retain Personal Data for as long as it is legally required to do so and/or until the completion of such judicial proceeding and/or legal dispute for the purposes of defending and/or pursuing such claim.

 

8. Cookies Policy

We may use cookies to enhance your experience. Should you wish to disable cookies, you may do so through your individual browser options.

 

9. Children’s Privacy

 

CHG does not knowingly collect Personal Data from children under the age of 16 years old, and Users under the age of 16 years old should not submit any Personal Data to CHG. If CHG gains relevant knowledge that Personal Data about a child under the age of 16 years old has been collected, then CHG shall take all appropriate measures to delete this Personal Data.

 

10. Governing Law and Jurisdiction

All matters relating to your access to and use of the site shall be governed by and construed in accordance with the laws of the Republic of Cyprus and the parties submit to the exclusive jurisdiction of the Cypriot Courts.

 

11. Contact Us

For more information or questions, concerns regarding CHG privacy practices, please email us at privacy@curisnetwork.com