Personal data protection and privacy policy (GDPR)
Article 1 - Definitions
“Company”: CSB Klinik, a Luxembourg société par actions simplifiée, having its registered office at 13, route de Luxembourg, L-3253 Bettembourg, Grand Duchy of Luxembourg, with share capital of €30,000, RCS Luxembourg registration number B274065, represented by its managers currently in office. “Website”: The Company website. “User”: any natural person over the age of 18 years possessing the legal capacity or any legal entity incorporated under private or public law browsing the Website, whether or not having entered into a contract for exploitation of the Services. “Service”: any service that may be offered by the Company on the Website. “Publication Manager”: the Company. “Data Controller”: the Company. “Secure payment solution”: any payment solution available on the Website. “Internet”: interconnected global networks enabling computers and servers to communicate using a common communication protocol.
Article 2 - General information
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, repealing Directive 95/46/EC, as amended on 23 May 2018 (the General Data Protection Regulation), establishes the rules for the protection of individuals with regard to the processing of personal data and the free movement of such data.
Accordingly, the Company processes personal data communicated directly or indirectly by the User in compliance with said regulation.
The Company makes every effort to protect the personal data of the User and the confidentiality of all exchanges.
This personal data protection and privacy policy is designed to inform the User of the practices relating to the collection, exploitation and sharing of any information they may provide via the Website.
Article 3 - Collected personal data
The Company undertakes to not transmit the User’s data to any third party for commercial or marketing purposes.
The Company may collect and process data directly transmitted by the User (3.1) or data collected automatically via cookies (3.2).
The data retention period is variable, depending on the nature of the data in question.
The Company archives collected data on conclusion of the contractual relationship and only retains such data for the necessary period of the stated purposes, in accordance with legal and ethical requirements.
3.1. Data transmitted directly by the User
By using the Website, the User is required to communicate information, some of which may enable the User to be identified, constituting their personal data. This is notably the case when the User contacts the Company via the form on the Website, or by telephone, e-mail or any other means of communication. Such information may include, but is not limited to, the following data:
- The data required for contact purposes, to register or in order to access the Services. For example: surname, first names, e-mail address, postal address, phone number, etc.
- Details of visits to the Website and content accessed by the User.
- Data relating to an issue notified on the Website or during use of the Services.
3.2. Data collected automatically
The Company may collect technical information from the User relating to Website connection and browsing. The collection process is fully anonymised, in accordance with applicable legislation and with the consent of the User, obtained via cookies.
Article 4 - Purpose of personal data processing
The purpose of personal data processing is to manage the Services subscribed by the User.
Article 5 - Recipients of processed data
The Company is the sole recipient of personal data.
For technical reasons, however, the Company may share such data with processors such as the Website host, the Secure Payment Solution entity, Google Ads, Google Analytics (audience measurement solution), etc.
Article 6 - Place of personal data storage
The Company undertakes to store the User’s personal data only within the European Union.
Article 7 - Exercise of data rights by the User
The User enjoys the rights of access, rectification, opposition, deletion and portability over their personal data.
Such rights may be exercised by contacting the Data Controller. The User may issue a complaint to the National Commission for Data Protection (CNPD) in the Grand Duchy of Luxembourg should they believe that the Data Controller has failed to protect their personal data.
Article 8 - Cookies
8.1. What is a cookie and what is its purpose?
A cookie is a set of information contained in a small text file transmitted by the browser, placed on the hard disk of the User’s terminal (desktop computer, laptop, smartphone, etc.). Cookies store and retrieve information about the browsing habits of the User in addition to technical data (geolocation, language used, pages visited, frequency of visit, duration of visit, type of browser, etc.).
Websites use cookies to function properly and to optimise ergonomics and functionality.
Cookies also ensure that interactions with websites are more secure and faster, as they store user preferences (ID, language, settings, etc.) by sending the information they contain back to the original site (internal cookie), when the User revisits the site in question from the same terminal.
8.2 Types of cookie
Strictly necessary cookies
Strictly necessary cookies contain information stored in the browser of the User and relate to the preferences or the device of the User. They are used to ensure that the Website functions optimally. Such information does not normally identify the User directly, but is useful for providing a personalised experience. In order to respect User privacy, certain types of cookie may be rejected. It is the User’s responsibility to click on the various categories in order to obtain more details and to modify the settings. By blocking certain types of cookie, the browsing experience and use of the Services by the User may be impacted.
Analytic and performance cookies
Analytic and performance cookies provide anonymised information and are used to determine the number of visits and traffic sources to the Website, in order to measure and improve its performance. They also provide information such as the most visited pages and the manner in which the User browses the Website. It is the User’s responsibility to click on the various categories in order to obtain more details and to modify the settings. By blocking certain types of cookie, the browsing experience and use of the Services by the User may be impacted.
Cookies for targeted advertising
Targeted advertising cookies allow the advertising partners of the Website to profile the interests of the User and to offer targeted advertisements on other sites. They only operate by identifying the browser and device. It is the User’s responsibility to click on the various categories in order to obtain more details and to modify the settings. By blocking this category of cookie, the User will be offered advertisements less tailored to their interests when browsing other websites.
8.3. What happens if the User wishes to disable the cookies?
The User may withdraw their consent to the use of cookies at any time via the following procedure:
By configuring their browser By deactivating the cookies online
Article 9 - External hypertext links
The Website contains external hypertext links to the websites of partners or third parties. The Company advises the User that such websites have their own privacy and personal data protection policies. The Company therefore rejects all liability for the use that such sites may make of the information collected when the User clicks on such links. The User is advised to read the privacy policies of such sites before transmitting any of their personal data.
Article 10 - Revision of the personal data protection and privacy policy
The Company will regularly modify this personal data protection and privacy policy. In any such case, it will inform the User and request their consent.
Article 11 - Contact
If you have any questions regarding this privacy policy or any other request concerning your personal data, the User may contact the Company via their account messaging service or by sending a letter to the address provided on the Website.