• HOME |
  • Privacy Policy

Privacy Policy

1. Introduction.

At MEDITRUST GROUP S.A., a company engaged in the marketing, maintenance, repair, and overall technical support of medical technology and hospital equipment/information systems, we are committed to protecting and respecting your privacy.

This Privacy Policy has been drafted in accordance with the EU General Data Protection Regulation (Regulation 2016/679 – GDPR), applicable Greek law, and the decisions and directives of the competent authorities, and is intended to inform you about the personal data we collect about you and how we manage it.

Furthermore, we assure you that our professional relationship is founded on trust and confidentiality—core values that have defined our business since its inception.

2. Our role in processing your data.

Specifically, our company is MEDITRUST GROUP S.A., operating under the distinctive title “MEDITRUST GROUP”, registered with the General Commercial Registry (GEMI) under No. 166624401000, with its headquarters located at 154 Kifissias Avenue, 115 25 Athens, Greece and contact details:

Tel.: +30 210 8811225, +30 210 8810567, +30 210 8816347

Email for the purposes of this document: This email address is being protected from spambots. You need JavaScript enabled to view it..

General information about MEDITRUST GROUP S.A. is available on the website: https://meditrust-group.gr/en/.

MEDITRUST GROUP S.A. is considered the Data Controller with regard to the processing of Personal Data, due to our business activity, in the context of, indicatively, the marketing of hospital and other equipment and its maintenance to public entities and individuals, in order to serve the interests of our customers in accordance with the contractual terms and applicable legislation.

MEDITRUST GROUP S.A. is also considered a Data Controller in relation to the processing of personal data through this website.

In cases where we act as Processors of personal data, we enter into relevant Data Processing Agreements with the Controllers on whose behalf we process any data.

3. Who is subject to this Privacy Policy?

This Privacy Policy is a data protection notice to inform you about how we process your personal data during our business relationship or when you visit our website, which we receive either directly from you or indirectly through a third party or from legitimate public sources available to the public. Therefore, this Privacy Policy serves the purposes of direct/personal information in accordance with Article 13 of the General Data Protection Regulation, as well as public information in accordance with Article 14(5) of the General Data Protection Regulation and Article 32(2) of Greek Law 4624/2019.

This privacy notice is addressed to:

a) All users of our website, i.e. individuals who browse our website and/or interact with us by filling out our contact form.

b) Our Prospective, Existing, and Former Customers,

c) Third parties whose data we may collect and process in the course of our business activities.  For example, third parties could be representatives/employees of our customers, customers of our customers, etc., where necessary for the performance of our contractual obligations.

MEDITRUST GROUP S.A. has adopted this Privacy Policy, which includes the Cookies Policy as an integral and inseparable part thereof (see paragraph 11).

4.  Personal Data we collect and how we process it:

4.1. If you are a User:

– Identification Data: (full name) that you provide us when you choose to fill out the contact form on our website,

– Contact Details: (email) that you provide us  when you choose to fill out the contact form on our website,

– Message Data: any data you may provide us by filling in the corresponding field in the contact form,

– Cookie Data: as detailed in the "Cookie Policy."

 4.2. If you are  our customer:

-Identification and Contact Data: Full name, father's name, other identity card details, tax identification number, contact details (telephone, fax, postal address, email), company name, and business address.

-Financial Data: Information necessary for invoicing, invoice payment, and other financial transactions.

-Data relating to your commercial activity: To the extent necessary for the performance of our contract or the support of our services (e.g. for technical support, deliveries, request management).

-Surveillance Data (CCTV): If you visit our offices, you may be recorded by the closed-circuit television (CCTV) surveillance systems operating on our premises. You will be informed of the presence of these systems by appropriate signage on our premises. You can also find a form entitled: "INFORMATION ON THE PROCESSING OF PERSONAL DATA THROUGH CLOSED-CIRCUIT TELEVISION (CCTV)" to ensure your rights regarding issues specifically related to the processing of personal data through closed-circuit television (CCTV).

4.3. If you are a Third Party:

During the performance of our contractual obligations to our Customer, it may be necessary to process certain data of third parties, which is necessary and relevant to the services and products we provide. In this context, we may need to collect and process various categories of personal data, which are always relevant and absolutely necessary for the proper performance of our contracts, in accordance with applicable personal data protection legislation.

Depending on the nature of our cooperation, we may process the following personal data of third parties:

– Personal details & contact details (full name, father's name, other details from your ID card, telephone and fax number, postal address, e-mail, company name, business address): for example, for communication regarding equipment delivery or support, coordination of technical visits, commercial negotiations, or after-sales service. This may concern employees or legal representatives of our customers, contracting parties, or their representatives. In this context, additional information such as job title, department, and position in the hierarchy of the organization/institution may also be included.

– Information related to the service or product provided: for example, if your personal data relates to a supply request, offer, order, delivery, installation, technical support, training, or maintenance of medical equipment and is absolutely necessary for the fulfillment of our obligations under the contract or related obligations to public or private entities.

5.  How we collect your personal data.

We collect personal data directly from you or from third-party sources, in the following indicative cases:

When you provide it to us directly, for the initiation and operation of our cooperation:

o    for your identification,

o    to send you offers regarding our products or services,

o    to execute contracts (e.g., orders, deliveries, maintenance),

o    for invoicing, payments, or tax matters,

o    through the contact form on our website,

o    when you give us your business card during conferences or trade shows,

o    when you visit our offices and are recorded by CCTV systems.

When we receive data from third parties:

  • from our partners or customers who name you in the context of our cooperation as a contact person/representative/technical manager/partner or counterparty,
  • from commercial registers, professional directories, public databases, or social media (LinkedIn, company websites),
  • in the context of financial transactions, shipping, taxation, or related administrative obligations.

6.  For what purposes we collect and process your personal data.

6.1. If you are a user:

We process your identification data, contact details, and message when you choose to fill out the contact form based on your consent.

In addition, for your navigation on our website, we process your cookie preferences when you select and give your consent to the relevant tool.

You have the right to withdraw your consent freely at any time a) regarding cookies, through the relevant tool, and b) regarding the data in the contact form, by sending us a request at This email address is being protected from spambots. You need JavaScript enabled to view it..

6.2. If you are a customer/third party:

Category

Description

1. Purposes of Processing

• Commercial communication (e.g., offers, product updates)
• Contract performance (orders, deliveries, invoicing)
• Legal & tax obligations
• Technical support and updates

2. Categories of Data 

• Identification details (full name, company name, professional title)

 
• Contact details (phone number, email, business address)
• Billing information (VAT number, Tax Office, bank details)
• Communication, order, and technical support history

3. Legal Basis for Processing

• Contract performance / pre-contractual actions (Article 6(1)(b) GDPR)
• Compliance with legal obligations (Article 6(1)(c) GDPR)
• Company’s legitimate interest (Article 6(1)(f) GDPR)
• Consent (e.g., when you provide us with your business card so we may contact you)

7. Who we disclose and/or transfer your personal data to:

The recipients of your data are only those who are absolutely necessary and have access to it exclusively on the basis of the principle of proportionality and need-to-know, depending on their role and competence.

MEDITRUST GROUP S.A. may need to transfer your data to the following categories of recipients:

  • Tax authorities, judicial authorities, police and prosecuting authorities in the event of criminal offences or legal claims, etc.
  • Internal and external accountants, administrative executives, executives of the company's commercial and financial department, IT managers, CCTV technicians, courier companies, etc.
  • Auditors, notaries, lawyers, bailiffs, or other financial or professional advisors, if our company is going to exercise a legal right in relation to the contracts it enters into with its customers.

8.  How we ensure the protection of your personal data.

In order to ensure the proper use and integrity of the personal data it collects, as well as to prevent unauthorized or accidental access, processing, deletion, alteration, or other use thereof, we implement appropriate technical and organizational measures and strict security procedures.

The Personal Data we collect is processed exclusively by authorized personnel under our control and instructions.

9. How long we retain your personal data.

We retain the personal data referred to above for as long as the purposes for which it was collected continue and in any case for no longer than twenty years from the termination or expiry of the contract, except in the case of pending litigation or administrative proceedings, in which case the retention period is extended until a final decision is issued or the proceedings before the relevant Administrative Authority are completed.

They are then destroyed from our records and system, in accordance with our company policy and provided that their retention is no longer required for the purposes described above, or to meet our operational, tax, or accounting requirements, or to defend our rights before any competent court or other authority.

10.  What are your rights in relation to the specified purposes?

Right

Description

Right of Access (Article 15)

You may request confirmation as to whether we process your personal data, access to that data, and information about the processing (to the extent such information has not already been provided in this Privacy Policy).

Right to Rectification (Article 16)

You may request the correction or completion of inaccurate or incomplete data concerning you.

Right to Erasure (Article 17)

You may request the deletion of your personal data when:
- They are no longer necessary for the purposes for which they were collected.
- You withdraw your consent.
- You object to the processing.
- Processing was unlawful.
- Deletion is required by law.

MEDITRUST GROUP S.A. is not obliged to comply with a deletion request if processing is necessary:
– for compliance with a legal obligation
– for another lawful purpose or legal basis
– for the establishment, exercise, or defense of legal claims.

Right to Restriction of Processing (Article 18)

You may request us to restrict processing (i.e., store but not otherwise process) your personal data when:
· Their accuracy is contested (see rectification), allowing us to verify the accuracy.
· The processing is unlawful but you oppose erasure.
· They are no longer needed for the original purposes, but you require them for legal claims or another lawful basis applies.
· You have objected to processing and are awaiting verification.

Right to Data Portability (Article 20)

When processing is based on consent or a contract and carried out by automated means, you may receive your data in a structured, commonly used, and machine-readable format or request us to transmit it to another controller.

Right to Object (Article 21)

You may object at any time to the processing of your personal data based on our legitimate interests or tasks carried out in the public interest.

If you exercise this right, MEDITRUST GROUP S.A. may demonstrate compelling legitimate grounds for processing which override your rights and freedoms. However, your fundamental rights and freedoms will not be affected.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw it at any time.

Withdrawal applies only to future processing.

Right to Lodge a Complaint

You may lodge a complaint with the Hellenic Data Protection Authority (HDPA):
1-3 Kifisias Ave., 115 23 Athens, https://www.dpa.gr/, tel. +30 210 6475600.
Additionally, we encourage Alternative Dispute Resolution (ADR) between you and MEDITRUST GROUP S.A. regarding data processing, through the flexible mediation procedure of Law 4640/2019.

How to Exercise Your Rights

By email: This email address is being protected from spambots. You need JavaScript enabled to view it.
By phone: +30 210 8810567
By post: 154 Kifisias Avenue, 11525 Neo Psychiko, Athens.

Requests are answered within 1 month (or 3 months for complex cases).
You must provide specific, accurate, and truthful data or facts, so we can accurately respond or fulfill your request. Otherwise, MEDITRUST GROUP S.A. reserves the right for any errors beyond its control. Requests that are unfounded, excessive, abusive, submitted in bad faith or unlawfully may be rejected.

 

11. Cookies Policy.

 Cookies are small text files stored on your computer or mobile device by our website server when you visit our website.

We use cookies on our website to make it more functional and efficient. We also use cookies to facilitate and improve your access and navigation, offering features that fully utilize the website's capabilities and ensure the proper display of content.

Apart from strictly necessary cookies, all other cookies are only installed if you give your consent when entering the website. If you choose to reject all cookies, only those necessary for the functioning of the website will be installed.

Settings via your browser

You can also manage cookie settings through your browser (Mozilla Firefox, Google Chrome, Microsoft Edge, etc.). Each browser has a specific page for managing cookies. Visit the respective support pages for instructions.

TOP