PrivacyPolicy

The data controller for your personal data is Dr. Eirini Georgiadou, Ophthalmologist Surgeon. Address: 77 Egnatia Street, 6th floor, 54635 Thessaloniki, Greece Phone: +30 2310 221 279 Email: iriningeorgiadou@yahoo.com

We collect the following data through our website: Contact Form: Full name, email, phone, subject, message, preferred contact method, appointment type. Appointment Form: Full name, email, phone, date, time, notes. Laser Evaluation: Full name, phone, email, age group, medical history, eye conditions, pregnancy status. This data constitutes special category data (health data) under Article 9 of the GDPR. Technical Data: Language preference and accessibility settings are stored locally in your browser (localStorage).

The processing of your data is based on the following legal bases (Article 6 GDPR): • Consent (Article 6(1)(a)): For the contact form, appointment form, and third-party cookies (Google Maps). • Performance of a contract (Article 6(1)(b)): For scheduling and managing appointments. • Explicit consent for health data (Article 9(2)(a)): For the Laser evaluation that includes medical history. • Legitimate interest (Article 6(1)(f)): For essential website functions (language, accessibility).

Your data is used exclusively for: • Scheduling and managing appointments • Communicating regarding your requests • Pre-operative evaluation for Laser treatment • Improving your website experience

Your data may be shared with the following third-party providers: • Supabase Inc. — Data storage and email delivery (cloud hosting). Data may be transferred outside the EU under Standard Contractual Clauses (SCC). • Google LLC — Google Maps embed on the contact page (only after your consent). Google may collect cookies and your IP address. We do not sell, trade, or transfer your data to third parties for marketing purposes.

• Contact data: Retained for 12 months after last communication. • Appointment data: Retained for 24 months. • Laser evaluation data: Retained for 5 years (in compliance with medical record keeping obligations). • Cookies/localStorage: Language and accessibility preferences remain in your browser until you delete them.

You have the following rights: • Right of access (Article 15): Request a copy of your data. • Right to rectification (Article 16): Request correction of inaccurate data. • Right to erasure (Article 17): Request deletion of your data. • Right to restriction (Article 18): Request restriction of processing. • Right to data portability (Article 20): Receive your data in a structured format. • Right to object (Article 21): Object to processing. • Right to withdraw consent: You may withdraw your consent at any time. To exercise any of these rights, contact us at iriningeorgiadou@yahoo.com or +30 2310 221 279.

If you believe that the processing of your data violates the GDPR, you have the right to lodge a complaint with: Hellenic Data Protection Authority (HDPA) 1-3 Kifissias Ave., 115 23 Athens, Greece Phone: +30 210 6475600

We do not use automated decision-making or profiling based on your data.

We implement appropriate technical and organizational measures to protect your personal data, including SSL/TLS encryption for data transmission and secure storage methods.

We reserve the right to update this privacy policy. Any changes will be published on this page with an updated date.