In Aetas Diagnostics’ Privacy Policy, you can find detailed information on how we handle your personal and health data and the basis for this processing. The privacy policy also provides information about the special rights you have as a data subject regarding the processing of your personal and health data.
Who are we?
Aetas Diagnostics is a private specialist medical practice. We focus on medical and preventive treatments, and we perform tests and biological analyses for private individuals, companies, and the public health sector. Our address and contact information are:
Aetas Diagnostics Aps
Strandvejen 64D, 2.
2900 Hellerup
Phone: +45 70 70 74 64
CVR: 41304731
What are your personal and health data used for?
Personal and health data of individuals are collected and processed as part of Aetas Diagnostics’ management of our treatments and laboratory tasks. Therefore, a range of personal and health data about you will be processed when you contact us or become a customer of Aetas Diagnostics.
This information text applies to the processing of personal and health data that takes place in connection with Aetas Diagnostics’ website, treatments, tests, and biological analyses, as well as any inquiries directed to Aetas Diagnostics.
For the processing of personal and health data that takes place in other systems for which Aetas Diagnostics is responsible, please refer to the separate information texts.
When you, as a private individual or company, visit Aetas Diagnostics’ website, cookies are used for statistical purposes to create an overview of how many visitors are on the website and which parts of the website are visited.
Aetas Diagnostics processes personal data about you in connection with inquiries as part of our diagnostic, prognostic, clinical, and scientific tasks, as well as our sales and marketing efforts concerning you or your company.
When you write to us or enter into an agreement for treatment, conduct investigations, diagnostics, and/or biological analyses, your inquiry and your personal and health data will be registered in our electronic case and document management system and electronic health record. You will also receive electronic correspondence from us in the form of emails. If you wish to unsubscribe from newsletters, you can always do so by clicking “unsubscribe.”
When you purchase a treatment or analysis from Aetas Diagnostics, information will be collected, including name, email, phone number, address, biological gender, date of birth, and possibly CPR number, as well as information about the specific inquiry, diagnosis, and treatment. We process and store your data securely and encrypted in accordance with GDPR rules, the Danish Health Act, and the Danish Record Keeping Order. We collect medical information and records about our customers in connection with our treatments as needed. This means that our clinical staff will have access to retrieve your medical records.
When you become a client of Aetas Diagnostics, an encrypted electronic health record will be created on our servers with your data. We use the data for our treatments and precision analyses so that we can provide the best possible clinical health advice tailored to you. The combined data basis, including your data, other customers’ data, large population, and clinical databases, enables us to use the latest research in real-time and translate this into evidence-based and easy-to-understand personal health recommendations for you. When you become a client of Aetas Diagnostics, you agree that your medical data will be accessed, collected, and used to provide you with the best treatment options.
Legal basis
The legal basis for processing your data in connection with newsletters follows the General Data Protection Regulation (GDPR), article 6, subsection 1, letter a – consent.
The legal basis for processing your data in connection with the necessary collection of data for conducting biological analyses follows the GDPR, article 6, subsection 1, letter f – legitimate interest in conducting biological analyses, documenting the correct handling of processes, complying with legislation, scientific research, and clinical practice as a legitimate interest in providing you with a test result, interpretation, and health advice.
The legal basis for processing your data in connection with the patient record follows the GDPR, article 6, subsection 6(1)(c) – legal obligation and 9(2 9(2)(h) – medical diagnosis and treatment, Consent as described in the danish Health Act, §15(1), and the Danish Record Keeping Order, §15(1).
The legal basis for processing your data in connection with transferring data to the Danish Patient Safety Authority and the Statens Serum Institut follows the GDPR article 6(1)(c) – legal obligation and article 9(2)(i), public interest in the field of public health.
For processing based on our legitimate interest, we have considered:
A) Our interest in processing your data stems from the fact that we would otherwise not be able to conduct biological analyses and provide health advice.
B) We have an interest in documenting your data to comply with applicable laws and regulations.
For processing based on consent, you have the right to withdraw your consent, but this will not affect the processing that has already taken place before the withdrawal of the consent.
You can withdraw your consent by contacting us via email or by telephone.
Categories of personal and health data
Regarding general personal data in connection with inquiries, Aetas Diagnostics will process your name, contact information, and the personal data you provide in the inquiry.
Regarding special personal data (health data) in connection with the conduct of biological analyses, Aetas Diagnostics will process your name, CPR number, address, email address, phone number, date of birth, biological gender, medical history, and the personal and health data necessary for the conduct of treatment and biological analyses, including other relevant health data, as well as the results of your tests, biological data, infection status, and genetic data, diagnoses, prognoses, and medical prescriptions.
Genetic analyses
For all genetic analyses, a separate consent agreement is always obtained. Before you decide to undergo a genetic analysis, you should always carefully consider: 1) the impact and consequences a genetic analysis may have on yourself, and 2) the impact and ethical consequences the test result may unintentionally have on family members who may not wish to receive information that you might provide them in connection with findings, as well as 3) whether you wish to receive information about secondary findings. You will always be asked both verbally and in writing, separately from this privacy policy, to consider these three important questions before any genetic analysis. If you change your mind later, you can always contact us and change your opinion in cases where it is still possible.
Are there other recipients of your data?
Aetas Diagnostics transfers health data to your treating physician and the public health record system. Data will only be limited to personal and health data that are necessary and required as part of the correct performance of our specific clinical and diagnostic tasks for you or your company.
Additionally, Aetas Diagnostics exchanges results and biological samples with our partners, including hospitals and laboratories for analysis and information, as well as with our external data processors who analyze data for us and host our clinical and scientific software as well as our Electronic Patient Record systems. Anonymized data may be used internally for scientific research and internal and external quality control.
We do not sell, license, or distribute your data to anyone except in controlled and secure transfers to our partners, entities, and data processors, where we have legitimate purposes for your proper treatment and analysis, and only when we have reliable data-sharing agreements in place. This is done solely to provide you with the best possible treatment and the most accurate diagnostic advice.
Biological samples
Biological samples that are transferred are generally always safely disposed of after the analysis is completed, except in certain cases where we will retain the samples for a short period for the purpose of reanalyzing them without having to perform new sampling. In some cases, we will ask if we can keep your sample in our biobank if we have specific ongoing scientific studies. You will always be asked clearly and separately and can always say no if you do not wish to participate in these studies.
Transfer to recipients in third countries, including international organizations
We transfer your personal data to recipients outside the EU and EEA if it is necessary for your treatment and analysis of the results. This includes laboratories, clinics, and hospitals, as well as external data processors located in England, the USA, and Switzerland. The category of data includes sensitive personal data and health data, biological and scientific information obtained or generated through treatment, investigation, and analysis. For England and Switzerland, the European Commission has decided on the adequacy of the level of protection in these countries, ensuring that your data is stored and processed securely in accordance with applicable regulations. The same applies to the USA, but it applies to entities that comply with GDPR rules or have entered into agreements under the EU-US Data Privacy Framework. You can always ask us to provide a copy of the procedures and certification for these entities.
How long do we keep your data?
Aetas Diagnostics only keeps your personal and health data for as long as it is necessary and required for the specified purposes. In certain areas, there is also a statutory period for how long personal and health data must be stored. In these cases, a decision has been made by law on how long there is a purpose for storing and processing personal and health data. When the purpose of the processing is no longer present, your personal and health data will be deleted, anonymized, or transferred to an archive in accordance with the rules of the Archive Act.
Your data is safe with us
When we receive your data at Aetas Diagnostics, we take the necessary measures to ensure that it is processed securely. We have implemented a range of technical and organizational security measures that protect against accidental or unlawful destruction as well as loss or degradation of information. Additionally, measures have been taken to ensure that your data does not fall into unauthorized persons’ possession and is not misused or otherwise processed in violation of the GDPR. Please note that ordinary emails to Aetas Diagnostics are not encrypted. Please use mit.dk or another encrypted email if you want to send personal health information to us.
Your data is always transferred and stored in a secure encrypted format, in certified and GDPR- and HIPAA-compliant medical EMR systems and portals, scientific data analysis pipelines, with SSL and AES256 encrypted data transfer and storage. Only authorized personnel have access to it. Your data is never shared with anyone without your consent.
Your rights
You have several rights concerning the processing of your personal and health data by Aetas Diagnostics.
These include:
The right to access your personal and health data
The right to rectification of your personal and health data
The right to erasure of your personal and health data (to the extent permitted by law)
The right to restrict the processing of your personal and health data
The right to data portability and the right to object to the processing of your personal and health data.
If Aetas Diagnostics uses decisions that are solely based on automated processing, including profiling, you have the right in certain cases not to be subject to this processing. Note that there are exceptions to these rights, so you may not always be able to exercise all your rights.
If you wish to exercise your rights, please contact us by email or telephone. We take your data security and privacy seriously.
Complaints
If you wish to complain about Aetas Diagnostics’ processing of your personal and health data, please do so by sending us a message via the contact form on our website.