Privacy Policy
Privacy Policy – PHENICIA VISION
Last updated: 01/10/2025
PHENICIA VISION is the refractive surgery department of Clinique PHENICIA.
Address: 32 rue de Locarno, 13005 Marseille – France
Website: https://pheniciavision.com
1. Personal Data Collected
We only collect data that is strictly necessary:
- Contact and pre-eligibility medical forms: identity, contact details, and medical information relevant for pre-operative assessment (special categories as defined by the GDPR).
- Appointment booking: if booked via Doctolib, your data is processed according to Doctolib's privacy policy.
- Browsing data: IP address, anonymized login identifiers, cookies/trackers (see our cookie policy).
- Accounts/Comments (if applicable): data entered, IP address, and browser agent for anti-spam purposes.
2. Purposes of Processing
- To respond to your requests and schedule your appointments.
- To ensure your care and medical follow-up.
- To comply with our legal and regulatory obligations applicable to healthcare facilities.
- To measure website audience and improve our services.
- To secure the website and prevent fraud (anti-spam, technical logging).
3. Legal Basis
- Consent (Art. 6-1-a GDPR): contact forms, non-essential cookies, communications.
- Performance of a contract / pre-contractual measures (Art. 6-1-b): appointment organization and patient care.
- Legal obligation (Art. 6-1-c) & public interest in health (Art. 9-2-h): medical record keeping and health obligations.
- Legitimate interest (Art. 6-1-f): website security, improvement of user experience.
4. Data Recipients
Limited access for authorized personnel:
- Medical and administrative teams of PHENICIA Clinic.
- Technical service providers (hosting, maintenance, anti-spam, emailing tools) acting under instruction and bound by contract.
- Doctolib, where applicable, for appointment booking.
Your data is never sold to third parties.
5. Hosting & Security
- Health data is hosted by an HDS-certified host in France: [Name of the HDS host].
- Site protected by HTTPS, access control, backups, and appropriate organizational measures.
- Regular security tests and updates are performed.
6. Data Retention Periods
- Medical Data: retained in accordance with legal requirements for healthcare facilities (typically up to 20 years from your last visit, unless specific legal provisions apply).
- Contact Data: 3 years after the last interaction.
- Browsing Data (Cookies): maximum 13 months; proof of consent: 6 months. See our cookie policy.
- Accounts/Comments (if applicable): retained for as long as needed for the service and to prevent abuse (anti-spam).
7. Cookies & Trackers
We use cookies essential for the website's operation. With your consent, we also use audience measurement and/or marketing cookies. You can manage your preferences at any time using the banner or the "Manage my cookies" link. For more details, please see our PHENICIA VISION Cookie Policy.
8. Transfers outside the European Union
Generally, your data is not transferred outside the EU. Should a transfer occur (for instance, through a subcontractor), it would be protected by standard contractual clauses approved by the European Commission or an equivalent safeguard.
9. Your Rights
In line with the GDPR and the French Data Protection Act, you have rights to access, rectify, erase, restrict, object to, and port your data, as well as to set post-mortem instructions.
You can also contact the supervisory authority: CNIL.
10. Contact & Data Protection Officer (DPO)
Clinique PHENICIA – PHENICIA VISION32 rue de Locarno, 13005 Marseille – France
Email: contact@cliniquephenicia.com
To exercise your rights, please state the purpose of your request and include proof of identity if required. We will respond within 30 days.
11. Policy Update
This policy may be updated to reflect legal, technical, or organizational changes. The update date is shown in the header.