BOOK FREE CONSULTATION

Privacy Policy

San Marco Dental is the commercial name (trade name) of Pro Medica SHPK (Company Registration No. M41707016O), registered in Albania. In this Privacy Policy, “we”, “us” or “Controller” refers to Pro Medica SHPK operating under the brand San Marco Dental.

1. Data Controller (Company Details)

Company name: Pro Medica
Legal form: SHPK
Company registration number: M41707016O
Registered office (Albania): Tirane, Tirane, Rr. E Dibres, Godine ndërtuar sipas lejes nr. prot. X-28625/9, shkalla 3, kati 2, Tirane

Privacy contact email: info@sanmarcodental.com
General contact email: info@sanmarcodental.com

If a Data Protection Officer (DPO) is appointed, the contact details will be published here.

2. Scope and applicable rules

We aim to process personal data in line with recognized privacy principles, including the EU General Data Protection Regulation (GDPR) when applicable (e.g., if we offer services to individuals in the EU) and applicable Albanian data protection rules.

3. Personal data we collect

Depending on how you interact with the Website, we may process:

a) Website usage data

Examples: IP address, device identifiers, browser type, pages visited, timestamps, referring pages, and security logs.

b) Data you provide to us

Examples: name, surname, email, phone number, country/city, messages, and any information you submit through forms, email, phone calls, or messaging apps (e.g., WhatsApp).

c) Health-related data (special category data)

If you choose to send it, we may receive health data, such as dental photos, panoramic X-rays/radiographs, medical history information, and details about symptoms or treatments.
We treat this data with enhanced safeguards.

4. Why we process your data (purposes) and legal bases

We process personal data for the following purposes:

  1. Responding to requests and managing communications (contact forms, email, phone, WhatsApp)
  • Legal basis: contract/pre-contract steps; and/or legitimate interests to respond to inquiries.
  1. Booking and managing consultations/appointments (including online consultations when offered)
  • Legal basis: contract/pre-contract steps.
  1. Preparing quotations and treatment proposals (including review of images/X-rays sent online)
  • Legal basis: contract/pre-contract steps.
  • Where health data is involved: processing is carried out with appropriate safeguards and on a lawful basis for healthcare-related assessment/management.
  1. Administrative, legal, and compliance obligations
  • Legal basis: legal obligation and/or legitimate interests.
  1. Marketing communications (newsletter, promotions, offers) — only where enabled
  • Legal basis: your consent (you can withdraw at any time).
  1. Analytics and website improvement
  • Legal basis: consent for non-essential cookies/trackers, or legitimate interest for aggregated/anonymous statistics (depending on configuration).
5. How we process data

We process data using electronic and/or paper-based tools, following data minimization and security principles. We implement technical and organizational security measures appropriate to the data type, especially for health-related data.

6. Is providing data mandatory?
  • For contact requests, consultations, appointments, and quotations: necessary (we cannot provide the service without it).
  • For marketing: optional.
7. Who we share data with (recipients)

We may share data with:

  • authorized internal staff and medical professionals involved in your request;
  • IT/hosting, maintenance, cybersecurity providers;
  • CRM and communication providers (email, call systems, messaging platforms such as WhatsApp/Meta, if used);
  • professional advisors (legal, accounting);
  • authorities where required by law.

These parties may act as processors (under contract) or as independent controllers, depending on the context.

8. International data transfers

Some service providers may process data outside Albania or outside the EEA/UK. Where required, we use appropriate safeguards such as contractual protections and other measures to protect your data.

9. Data retention (how long we keep data)

We keep data only as long as needed for the purposes above, for example:

  • inquiries/contacts: [12–24 months];
  • quotations and follow-ups: [24 months];
  • clinical documentation (if any is created/held): for the period required by applicable rules and for protection of patient and clinic interests;
  • marketing: until consent is withdrawn or [24 months];
  • security logs: [6–12 months], unless needed longer for security investigations.
10. Your rights

Subject to applicable law, you may have rights to:

  • access your data;
  • correct inaccurate data;
  • request deletion;
  • restrict processing;
  • object to processing;
  • data portability (where applicable);
  • withdraw consent at any time (for consent-based processing).

To exercise rights, contact: info@sanmarcodental.com

You may also lodge a complaint with the competent supervisory authority, where applicable.

11. Changes to this Privacy Policy

We may update this Policy from time to time. The latest version will always be published on this page with an updated “Last updated” date.