Privacy policy

Latest update: 14.11.2024

This Policy informs you about how we collect, use, transfer and protect your personal data.

We process it in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation”, hereinafter ,,GDPR”) and relevant national legislation on the protection of personal data.

  1. WHO ARE WE ?

Sophtha is a leading Ophthalmology EMR solution, empowering ophthalmology clinics across more than 10 countries to deliver exceptional patient care. With over 12 years of dedicated experience in ophthalmology, Sophtha has been shaped by the insights and feedback of more than 1700 ophthalmologists. This collaborative approach ensures our platform truly understands the complexities, workflows, and specific requirements of ophthalmic practices. Our intuitive EMR goes beyond basic record-keeping. It revolutionizes how your practice functions. Customizable templates improve clinical documentation, intelligent automation tackles tedious administrative tasks, and powerful analytics uncover actionable insights about your operations. This comprehensive solution isn’t designed just to manage patient data – it’s built to empower you. With Sophtha, ophthalmologists can make data-driven decisions, optimize their workflow, and ultimately focus on what matters most: delivering exceptional patient care. Experience the difference a dedicated Ophthalmology EMR can make.

Our contact details are:

Administrative address: Floreasca Cube, Calea Floreasca 169x, 014459 Bucharest, Romania

E-mail address: [email protected]

Telephone: (0040) 726 778 172

  1. HOW DO WE PROCESS YOUR PERSONAL DATA ?

Sophtha, in its capacity as Operator, processes the personal data of the data subjects (candidates applying for available positions, employees, medical specialists practicing in Sophtha, patients, representatives of contractual partners and collaborators), as well as the data of other natural persons who interact with Sophtha and/or are involved in contractual relations with it.

Personal data are:

  • processed in a lawful, fair and transparent manner towards the data subject;
  • collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • accurate and timely updated;
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed;
  • processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or accidental damage, by appropriate technical or organizational measures.
  1. WHAT TYPES OF PERSONAL DATA ARE PROCESSED AND FOR WHAT PURPOSES THEY ARE PROCESSED ?

For the purpose of filling in and sending the Contact Form (“Contact” section) on the Sophtha website https://sophtha.com/ , we process the following types of personal data: first name, last name, phone, e-mail, clinic name and any other data left at the initiative of the data subject in the “Message” section.

Tick the box with the message “I have read and agree to the Privacy Policy” and click the “Submit form” button.

For the purpose of completing and submitting the online booking form for the Elevate patient care and optimize your ophthalmology practice with Sophtha EMR Demo (“Get in touch” section) on the Sophtha website https://sophtha.com/ , we process the following types of personal data: first name, last name, phone, e-mail, clinic name and any other data left at the initiative of the data subject in the “Message” section.

Tick the box with the message “I have read and agree to the Privacy Policy” and click the “Submit form” button.

Sophtha representatives can also be contacted directly – by E-mail, by accessing the E-mail address indicated on the home page as well as in the “Contact” section of the Sophtha website https://sophtha.com/ .

For website visitors we may collect data through cookies or other similar technologies, such as IP address, internet browser, location, web pages accessed on our website, time spent on the website, internet network, device used. For more details in this regard, please see our Cookies Policy.

We do not use your personal data to send you marketing communications, such as newsletters, unless you expressly consent to such communications by ticking an opt-in box.

  1. WHICH ARE THE LEGAL GROUNDS ON WHICH THE PROCESSING OF PERSONAL DATA IS BASED ?

Your personal data is processed in order to:

  • for the performance of our legal obligations under the laws on the organization and practice of the medical profession (*to make a medical diagnosis, *to provide medical/social care or medical treatment, *to manage health and social care systems and services, *in medical emergencies, *in other situations where you are physically or legally incapable of consenting to the processing, *on grounds of public interest in the field of public health – e.g. : protection against serious cross-border threats to health and ensuring high standards of quality and safety of health care and medicines or medical devices, under European Union or Romanian law), but also in the light of other applicable legal provisions (e.g. labor law, tax law, archiving, etc.);
  • the conclusion and execution of various contracts (both at your request and in order to execute a contract entered into with you by which we undertake to provide you with our services);
  • on the basis of consent requested and/or given in advance (for Marketing/ Newsletter sending purposes, in the context of hiring specialized staff, etc.);
  • for the purposes of the legitimate interests pursued by Sophtha (e.g.: adoption of measures for the protection and security of our employees, exercise of legitimate rights and interests of Sophtha in contentious or non-contentious proceedings, communication to public authorities, etc.).
  1. HOW LONG DO WE PROCESS YOUR PERSONAL DATA?

Personal data is stored for processing for the period necessary to achieve the processing purposes mentioned in this Policy or for the period required by law (e.g. for archiving, accounting, etc.).

  1. TO WHOM DO WE TRANSMIT PERSONAL DATA?

We will not disclose or transfer to any third party any personal data collected from or about you except:

  • Public authorities and public institutions – where there is a legal obligation to do so or for a legitimate interest (defending Sophtha’s rights in contentious or non-contentious proceedings, etc.)
  • Contract partners or Sophtha collaborators who provide us with web hosting, website development, website maintenance, online marketing and marketing communication.
  • To any third party – if you have expressly and specifically consented to that situation and that data.

If personal data processed by Sophtha are transferred by it directly or through its contractual partners/collaborators outside the European Economic Area, we assure you that these transfers are carried out in compliance with the GDPR (in particular Article 46 of the GDPR), with the applicable legal provisions, on the basis of adequate safeguards (standard data protection clauses adopted by the Commission) and provided that there are enforceable rights and effective remedies for data subjects.

  1. WHAT SAFEGUARDS DO WE TAKE ?

Sophtha implements appropriate technical and organizational measures to ensure a high level of security and protection of personal data.

We use security methods and technologies, together with internal working policies and procedures, including control and auditing, to protect the personal data collected in accordance with the relevant legal provisions in force in the field of personal data protection.

  1. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

Any data subject can exercise the following rights, as provided by the General Data Protection Regulation:

  • Right of access;
  • Right to rectification;
  • Right to erasure;
  • Right to restrict processing;
  • Right to data portability;
  • Right to object to processing;
  • Right not to be subject to a decision based solely on automated processing, including profiling;
  • Right to address an Authority for Personal Data Processing and the courts.

For any questions or requests regarding personal data protection, please contact us at the email address: [email protected]