DocTrip Privacy Policy
Effective Date: 8/aug/2024

Introduction
At DocTrip, your privacy is our priority. We are dedicated to safeguarding your personal data and ensuring that your privacy rights are respected in compliance with the General Data Protection Regulation (GDPR) and other relevant European and international data protection laws. This Privacy Policy details how we collect, use, and protect your personal information when you interact with our services.

Who We Are
DocTrip ("we," "us," "our") is a premier Europe-based medical travel agency offering comprehensive consulting services and support for individuals seeking medical treatment abroad. We operate as the Data Controller for the personal data we process, with headquarters located at Iasi, Romania . For inquiries regarding your privacy, you can reach us at sales@doctrip.eu.

Types of Personal Data We Collect
We collect and process various categories of personal data, including but not limited to:

- Identification Data: Full name, date of birth, nationality, gender, passport numbers, and other government-issued ID  - details.
- Contact Data: Email addresses, phone numbers, residential and mailing addresses.
- Medical Data: Detailed medical history, current conditions, prescribed treatments, health insurance information, and medical records, collected only with your explicit consent.
- Travel Data: Passport details, visa information, travel itineraries, accommodation preferences, and related travel documents.
- Financial Data: Bank account numbers, payment card details, billing addresses, transaction records, and payment history.
- Technical Data: IP addresses, device identifiers, browser types, operating system, log files, and other diagnostic data.
- Usage Data: Information about your interaction with our website, including page views, referral URLs, and timestamps.
- Communication Data: Records of your communications with us via email, phone, online forms, and social media platforms.
 

Methods of Data Collection
We collect personal data through various channels:

- Direct Interactions: You may provide us with your personal data by filling in forms, subscribing to services, or communicating with us through email, phone, or our website.
- Automated Technologies: We automatically collect certain data when you interact with our website through cookies, web beacons, and other tracking technologies.
- Third-Party Sources: We may obtain personal data from third parties, such as healthcare providers, travel agencies, or payment processors, in accordance with applicable laws and your prior consent where necessary.
 

Purpose and Legal Basis for Processing Personal Data
We process your personal data for various purposes, relying on the following legal bases:

- Provision of Services: To facilitate and manage your medical travel arrangements, including booking consultations, accommodations, and transportation (Contractual Necessity).
- Customer Support: To assist with inquiries, provide post-travel support, and address any concerns or complaints (Legitimate Interest).
- Marketing and Personalization: To send you newsletters, promotional offers, and personalized content, based on your preferences and with your consent (Consent).
- Legal Compliance: To fulfill our legal obligations, including tax compliance, maintaining accurate business records, and responding to lawful requests by public authorities (Legal Obligation).
- Security and Fraud Prevention: To protect our services, prevent fraudulent activities, and ensure the security of our users and systems (Legitimate Interest).
- Business Analytics: To analyze data for research, service improvement, and business strategy development, provided this analysis does not involve automated decision-making that could significantly affect you (Legitimate Interest).
 

Special Categories of Data
Given the nature of our services, we may need to process special categories of data, such as health information. We will only process such data with your explicit consent or where necessary for the establishment, exercise, or defense of legal claims, or where you have made the data manifestly public.

Data Retention Policy
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. The retention period varies depending on the type of data and the purpose for which it is processed. After the applicable retention period, we will securely delete or anonymize your personal data.
 

Data Sharing and International Transfers
We may share your personal data with:

- Healthcare Providers: To coordinate and facilitate your medical treatment.
- Travel and Accommodation Partners: To arrange your travel, accommodation, and related logistics.
- Payment Service Providers: For processing payments and managing financial transactions.
- Legal and Regulatory Authorities: When required by law or in response to legal requests.
- Service Providers: Who provide IT, marketing, and customer support services on our behalf, under strict confidentiality agreements.
- Business Partners: With whom we collaborate on joint services or promotions, where you have given your consent.
- International Transfers: Your personal data may be transferred to countries outside the European Economic Area (EEA). We ensure that such transfers are conducted in compliance with the GDPR, using mechanisms such as Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or other legally recognized safeguards to ensure an adequate level of protection.
 

Your Rights Under GDPR
Under the GDPR, you have the following rights concerning your personal data:

- Right to Access: You can request access to the personal data we hold about you, along with information about how we process it.
- Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data.
- Right to Erasure: You can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw your consent (where applicable).
- Right to Restrict Processing: You can request that we restrict the processing of your personal data under certain circumstances, such as when you contest its accuracy or object to its processing.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request its transfer to another controller.
- Right to Object: You can object to the processing of your data for direct marketing purposes or when processing is based on legitimate interests.
- Right to Withdraw Consent: Where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes your rights.
To exercise any of these rights, please contact us at sales@doctrip.eu.

Data Security
We implement stringent security measures to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, regular security audits, and staff training on data protection. While we strive to protect your personal data, please note that no security system is infallible, and we cannot guarantee the absolute security of your information.

Use of Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to improve your browsing experience, analyze site traffic, and serve personalized ads. You can manage your cookie preferences through your browser settings or by using our website’s cookie management tool. For more information on our use of cookies, please refer to our Cookie Policy.

Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policies of every website you visit.

Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technological advancements. We will notify you of any significant updates by posting the revised policy on our website and, where appropriate, by other communication means. The "Effective Date" at the top of this policy will indicate when the changes take effect.

Contact Us
If you have any questions or concerns regarding this Privacy Policy or your personal data, please contact us using the details below:

Email: sales@doctrip.eu
Phone: +373 60897861

We are committed to resolving any privacy-related issues promptly and transparently.