DNAPLUS
DNAPLUS
  • Home
  • About
    • Polygenic Risk Scores
    • Pharmacogenetics
    • DNA-Microarrays
  • Analyses
    • Risk Models
    • PGx Screening
  • Science Blog
  • Resources
  • Events
  • FAQs
  • Our story
  • More
    • Home
    • About
      • Polygenic Risk Scores
      • Pharmacogenetics
      • DNA-Microarrays
    • Analyses
      • Risk Models
      • PGx Screening
    • Science Blog
    • Resources
    • Events
    • FAQs
    • Our story
  • Home
  • About
    • Polygenic Risk Scores
    • Pharmacogenetics
    • DNA-Microarrays
  • Analyses
    • Risk Models
    • PGx Screening
  • Science Blog
  • Resources
  • Events
  • FAQs
  • Our story

PRIVACY POLICY

PRIVACY POLICY

Last Update: 22nd of November 2024


DNA PLUS PRIVATE COMPANY (referred to as “DNA PLUS”, “we”, “us”, “our”), is a private company incorporated in Greece, pursuant to Greek legislation, having its registered office at 98 Ethnikis Antistaseos, 15772 Zografou, Attica, Greece, with TIN 802515146 and company registration number 177820501000.


At DNA PLUS, we are committed to protecting the privacy and confidentiality of the personal data we collect and handle. This Privacy Policy explains how we collect, use, share, and protect your information when you use our services. It also outlines your rights regarding your personal data under the General Data Protection Regulation 2016/679 (GDPR). 


1. Who We Are


DNA PLUS (referred to as “we”, “us”, or “our”) provides genetic testing and analysis services to healthcare providers, such a referring physician, or directly to patients. We offer advanced genetic testing in preventive health and pharmacogenomics. We operate a secure online portal that facilitates the processing of patient samples and clinical data to deliver precise and actionable genetic insights.


2. What Information We Collect and Why


By creating an account on DNA PLUS portal as a physician, when a physician refers a patients for genetic testing or when the patients reach out to us themselves, we collect and process the following types of personal data:


  • Identification Data: Name, unique sample barcode/ID assigned to the patient, address, phone number, email address.
  • Health and Clinical Data: Gender, ethnic origin, medical history, blood values, family history, and other relevant clinical data of the patient.
  • Genetic Data: Genetic raw data obtained from the analysis of the patient’s sample (e.g., saliva) performed by our contracted laboratory (Novogenia GmbH).
  • Contact Information: Contact details of the referring physician and/or the patient, to facilitate communication and delivery of test results.
  • Usage Data: We automatically collect information on how our website is accessed and used. This may include information like your computer's IP address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.
  • Cookies and Tracking Data: We use cookies and similar tracking technologies to track activity on our website and hold certain information. For more information, please see our Cookies Policy.


Purposes of Processing: 

  • To provide genetic testing and analysis services to support the patient’s healthcare and medical diagnosis.
  • To generate a final genetic risk assessment and provide results to the referring physician for further consultation with the patient or to the patient directly.
  • To create an account on DNA PLUS portal for physicians.
  • To log the patient’s genetic and health data on DNA PLUS portal.
  • To process test orders for physicians or patients.
  • To maintain the security and integrity of our services.
  • To provide and maintain our website.
  • To notify you about changes to our website.
  • To gather analysis or valuable information so that we can improve our website.
  • To monitor the usage of our website.
  • To detect, prevent, and address technical issues.


3. Legal Bases for Processing


We process your personal data based on the following legal grounds:


  • Article 6(1)(b) GDPR – Performance of a Contract and Article 9(2)(h) GDPR - Provision of Healthcare: We process your personal data, genetic data and health-related data because it is necessary for the purposes of preventive or occupational medicine, the provision of health care or treatment, and the management of health care systems and services under a contract for health care services, to which the referring doctor or the patient is a party. 
  • Article 6(1)(a) and Article 9(2)(a) GDPR – Explicit Consent (where applicable): We may process your genetic and health data based on your explicit consent, in order to provide the genetic analysis services that you have requested. This may also apply where consent is specifically required, such as for processing beyond the scope of healthcare purposes, or for secondary research purposes, in which case we will clearly inform you and obtain your explicit consent.
  • Article 6(1)(c) GDPR - Compliance with a Legal Obligation: We may process your personal data when it is necessary to comply with our legal obligations under applicable laws, such as obligations related to healthcare regulations, public health, or legal compliance (e.g., medical record-keeping, reporting to public health authorities).
  • Article 6(1)(f) GDPR - Legitimate Interests: In certain cases, we may process your personal data where such processing is necessary for the purposes of the legitimate interests pursued by us, provided that your interests or fundamental rights and freedoms are not overridden. These legitimate interests may include ensuring the security of our IT systems, improving our services, or conducting internal audits.


4. How We Share Your Data


To provide comprehensive and accurate genetic testing and analysis services, we may share your data with the following third parties:


  • Novogenia GmbH (Laboratory Partner): Novogenia GmbH performs the genetic raw data analysis. The data transmitted to Novogenia GmbH is pseudonymized.
  • Allelica Inc. (Bioinformatics Platform): Allelica Inc. conducts further bioinformatics analysis to generate a polygenic risk score. The data transmitted to Allelica Inc. is pseudonymized.
  • Referring Physician: The referring physician, who ordered the test and the genetic analysis for the patient, will receive the final genetic report to discuss the results with the patient and provide further healthcare advice.
  • Third parties/Authorities: We may need to share your personal data with third parties/authorities to comply with our legal obligations under applicable laws.


All third parties that process your data on our behalf are contractually obligated to comply with GDPR requirements, including maintaining the confidentiality and security of your data.


5. Data Retention


We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with legal obligations. In general, genetic and health data are retained for a period consistent with applicable healthcare and medical regulations. In particular, in accordance with the provisions of Article 14 par. 4 of Law 3418/2005, Code of Medical Ethics: “4. The obligation to maintain medical records applies: a) in private clinics and other primary health care units of the private sector, for a decade from the last visit of the patient and b) in any other case, for twenty years from the last visit of the patient”. Regarding the patient’s samples, they are safely destroyed one (1) month after the analysis.


6. Where we store your personal data


The personal data that we collect shall not be transferred to and stored at a destination outside the European Economic Area (“EEA”). All information you provide to us is stored on our secure servers within the European Union (EU). In case it is required for your personal data to be transferred outside the European Economic Area, all necessary measures will be taken pursuant to the law, meaning the transfer will be based either on an adequacy decision by the European Commission or on standard contractual clauses, in order to ensure an adequate level of Data Protection.


7. Your Rights as a Data Subject


Under GDPR, you have several rights concerning your personal data:


  • Right to Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccuracies in your personal data.
  • Right to Erasure: You have the right to request the deletion of your personal data in certain circumstances. Please note that we may retain your personal data in order to comply with specific legal obligations under European Union or Greek legislation, or in order to establish, exercise or support our legal claims.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your data in specific situations.
  • Right to Data Portability: You have the right to request a copy of your personal data in a commonly used, machine-readable format.
  • Right to Object: You have the right to object to the processing of your data where our legal basis is legitimate interests.
  • Right to Withdraw Consent: You have the right to withdraw your consent at any time by contacting us at info@dnaplus.eu. 


8. Data Security


We take the security of your data seriously and have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. These measures include secure data transmission, encryption, and access controls.


9. Contact Information


If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:


• Email: info@dnaplus.eu

• Postal Address: 98 Ethnikis Antistaseos, 15772 Zografou, Attica, Greece


10. Changes to This Privacy Policy


We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of significant changes through our online portal or your referring physician.


  • Privacy Policy
  • Cookies Policy

Copyright © 2023 DNAPLUS

This website uses cookies.

 This website uses cookies to ensure you get the best experience on our website. By continuing to use this site, you agree to the use of cookies. 

declineaccept