• Українська

    • Privacy policy

    Last updated: [09.09.2025]

    1. Who we are

    Kozyavkin International Rehabilitation Clinic LLC

    Address: 37 Pomiretska Street, Truskavets, Lviv Oblast, 82200, Ukraine

    Email for data inquiries: [email protected].

    This policy describes how we collect, use, store, and protect personal data of visitors to kozyavkin.com/blog, patients, and their legal representatives in accordance with the Law of Ukraine “On Personal Data Protection” and, where we offer goods or services to residents, the GDPR.

    2. What data we process

    Data provided directly:

    • Identification and contact data (first name, last name, email, phone, country/city).
    • Data submitted via forms: inquiries, booking a consultation, request for a callback.
    • Medical data, if you voluntarily provide it in a form (medical history, symptoms, diagnosis, test results) for an initial assessment of treatment.

    Data collected automatically:

    • Technical data: IP address, device/browser type, language, referrer URL, access time, pages, log files (logs).
    • Data from cookies and similar technologies (see “Cookies”).

    Data from third parties (with consent or as permitted by law):

    • Referral letters; data from partner medical institutions/insurance companies within a lawful basis.

    We do not collect excessive data intentionally. Please do not submit confidential documents through general forms without our prior instructions.

    3. Purposes and legal bases for processing

    • Provision of medical and rehabilitation services (including preliminary assessment, scheduling, communication): performance of a contract; for special categories of data, a legal basis for the provision of healthcare/medical services as required by law.
    • Communication with you (responses to requests, organizational messages): our legitimate interests in proper support and service.
    • Legal obligations: maintaining medical records, accounting, reporting, requirements of supervisory authorities.
    • Security and abuse prevention: our legitimate interests in the security of systems and users.
    • Website analytics and service improvement: based on consent (for cookies/identifiers), or our legitimate interests when using strictly aggregated/anonymous data.
    • Marketing communications: only with your separate consent (you may withdraw it at any time).

    4. Processing of special categories (medical) data

    Medical data are sensitive personal data. We apply enhanced technical and organizational safeguards, limit access to authorized staff only, and store such data solely to the extent necessary to provide medical services and comply with legal requirements.

    5. Children’s data

    We provide services to children. Processing of minors’ data is carried out with the consent of parents/legal representatives and in the minimum scope necessary for treatment, rehabilitation, and communication.

    6. Retention period

    • Website inquiries (without medical data): up to 24 months, or until consent is withdrawn/objection is raised.
    • Marketing consents: until withdrawal, but no longer than 24 months without activity.
    • Security logs: up to 12 months.
    • Medical documentation: in accordance with the laws and sectoral regulations of Ukraine (specific periods depend on the document type).

    After the retention period expires, data are deleted or properly anonymized.

    7. Data sharing with third parties

    We may share data with:

    • Processors (IT services, hosting, CRM, email, analytics providers) acting under our instructions and subject to confidentiality/data processing agreements.
    • Medical partners and consultants, with consent or where there is a lawful basis for providing medical services.
    • Government authorities, where required by law.

    We do not sell your personal data.

    8. International transfers

    If data are transferred outside Ukraine, we ensure appropriate safeguards (for example, EU Standard Contractual Clauses or other mechanisms provided by law).

    9. Security

    We implement multi-layer technical and organizational measures: access controls, encryption, logging, regular backups, data minimization policies, and staff training. Nevertheless, no system can guarantee absolute security.

    10. Your rights

    You have the right to:

    • access your data;
    • rectify inaccurate data;
    • erase data (within legal limits);
    • restrict processing;
    • object to processing, including for marketing;
    • data portability (under conditions defined by law);
    • withdraw consent at any time;
    • lodge a complaint with the Ukrainian Parliament Commissioner for Human Rights or, if the GDPR applies, with the supervisory authority in your country.

    To exercise your rights, contact: [email protected]. We respond within 30 days (we may extend by up to an additional 60 days in complex cases, with notice of the reasons).

    11. Cookies and analytics

    We use cookies to ensure the website operates, for analytics, and (with your consent) for personalization/marketing. You can manage settings through the consent banner and/or your browser settings.

    Typical categories:

    • Strictly necessary (functional, essential for the website to operate);
    • Analytics (e.g., Google Analytics);
    • Marketing (pixels/identifiers for advertising campaigns), strictly with consent.

    12. Changes to this policy

    Medical data are sensitive personal data. We apply enhanced technical and organizational safeguards, limit access to authorized staff only, and store such data solely to the extent necessary to provide medical services and comply with legal requirements.