Privacy Policy

Last updated: May 2026

MyDoctor Greece is committed to protecting the privacy and security of your personal information. This Privacy Policy explains what data we collect, how we use it, with whom we share it, and your rights. It is designed to support GDPR transparency requirements and applicable Greek data protection law.

1. Introduction

This policy applies to all personal data processed through the MyDoctor Greece website (mydoctorgreece.com) and through our communication channels, including our online chat widget, WhatsApp, and email. By using our website or contacting us, you acknowledge that your data will be handled in accordance with this policy.

2. Who Operates This Website

This website and service is operated by MyDoctor Greece. References to "we", "us", or "our" in this policy refer to the operator of this website and medical assistance service.

• Website: mydoctorgreece.com
• Email: info@mydoctorgreece.com
• Phone: +30 697 707 2373

3. Data We Collect

We may collect the following categories of personal data:

• Contact information: name, phone number, email address
• Medical information: symptoms, health concerns, current medications, allergies, and other health-related details you share voluntarily
• Location information: your location in Greece, provided to arrange a medical visit
• Chat and contact form data: messages you send through our website chat or contact form
• Technical data: IP address, browser type, operating system, pages visited, and access timestamps (standard server log data)
• Language preference: stored in a functional cookie (site_lang)

4. Chat and Contact Form Data

When you use our online chat widget or contact form, we collect your messages and any personal or medical information you choose to include. Chat conversations are stored in our secure database and are accessible only to authorised clinical and administrative staff.

We use this data to respond to your enquiry, coordinate medical assistance, and maintain a record of the consultation for clinical documentation purposes. You are not required to provide medical information to use this website — however, doing so is necessary if you wish to request medical assistance.

5. Medical Information You Provide

Medical information — such as symptoms, diagnoses, medications, or health history — is treated as a special category of personal data under Article 9 of the GDPR. We process such information only to the extent necessary to provide the medical service you have requested, or to protect your vital interests in an emergency situation.

All medical information is handled with the professional confidentiality obligations applicable to healthcare services in Greece. Access is restricted to authorised personnel with a clinical or administrative need.

6. Technical Data and Server Logs

Our web servers automatically collect standard technical data, including IP addresses, request timestamps, browser identifiers, and page views. This data is used for security monitoring, website maintenance, and diagnosing technical issues. It is not used for advertising, user profiling, or tracking individuals across websites.

7. Cookies

We use a limited number of cookies on this website. Our primary cookie (site_lang) is a strictly necessary functional cookie that stores your language preference and does not require consent under the ePrivacy Directive. We do not currently use advertising or third-party tracking cookies.

For full details, please see our Cookie Policy.

8. Why We Process Your Data

We process personal data under the following legal bases:

• Performance of a contract or pre-contractual steps: to provide the medical assistance service you have requested
• Vital interests: to protect your vital interests or those of another person in urgent or emergency medical situations
• Legal obligation: to comply with applicable Greek and EU law, including medical record-keeping requirements
• Legitimate interests: for server security monitoring and technical website operation, where such interests are not overridden by your rights
• Consent: for any direct marketing communications — only with your explicit prior consent, which you may withdraw at any time

9. Data Sharing

We do not sell, rent, or trade your personal data. We share data only in the following circumstances:

• With the attending physician assigned to your case, who is bound by professional medical confidentiality obligations
• With emergency services (ambulance, police) if required for your immediate safety or the safety of others
• With IT service providers who process data on our behalf, under written data processing agreements and subject to appropriate technical and organisational safeguards
• With competent authorities (courts, regulators), where required or permitted by law

10. Medical Confidentiality

All medical information shared with us is treated in accordance with the professional medical confidentiality obligations applicable to healthcare providers under Greek law and the GDPR. Your medical data is not disclosed to any third party except as described in this policy. Access within our organisation is limited to those with a genuine clinical or administrative need.

11. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law:

• Chat and consultation records: up to 7 years, in line with Greek medical record-keeping obligations
• Contact form submissions: up to 12 months, unless incorporated into a longer-term medical record
• Server logs: up to 90 days for security and diagnostic purposes
• Language preference cookie: 12 months from the date it is set

When data is no longer needed, it is securely deleted or anonymised.

12. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of access: to request a copy of the personal data we hold about you
• Right to rectification: to request correction of inaccurate or incomplete data
• Right to erasure ("right to be forgotten"): to request deletion of your data, where no legal or clinical obligation requires us to retain it
• Right to restriction of processing: to request that we limit how we use your data in certain circumstances
• Right to data portability: to receive your data in a structured, machine-readable format, where technically feasible
• Right to object: to object to processing based on legitimate interests
• Right to withdraw consent: to withdraw any consent you have given at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, contact us at info@mydoctorgreece.com. We will respond within 30 days. We may need to verify your identity before processing your request.

13. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. All data transmitted between your browser and this website uses HTTPS (TLS encryption). Access to stored personal and medical data is restricted to authorised personnel.

No digital system is completely immune to risk. If you believe your data has been compromised, please contact us immediately at info@mydoctorgreece.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated date. Continued use of our services after changes have been posted constitutes acceptance of the updated policy.

15. Complaints

If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the supervisory authority for data protection in Greece:

Hellenic Data Protection Authority (HDPA)
Website: www.dpa.gr
Address: Kifissias 1–3, GR-115 23 Athens, Greece
Phone: +30 210 647 5600

We would appreciate the opportunity to address your concerns before you approach the HDPA — please contact us first at info@mydoctorgreece.com.