Lumael clinic logo

Privacy Policy

This Policy explains how Lumael Ophthalmology Clinic processes and safeguards personal and medical data of website users, in compliance with the laws of the State of Israel.

1. Who we are and contacts

Data Controller: “Lumael”

Address: [clinic address]

Email: [clinic email]

Phone: [clinic phone]

2. What data we collect

Identification: first name, last name

Contact: phone, email

Medical: symptoms, uploaded referrals and documents

Messages: questions and comments submitted through forms

Technical: IP address, cookies, device/browser info

Data is provided via “Contacts” and “Online booking” forms, as well as automatically through cookies.

3. Purposes of processing

Appointment scheduling and consultations

Processing of referrals

Compliance with healthcare regulations

Information security and misuse prevention

Analytics for improving services

4. Legal grounds

Explicit consent (checkbox in forms)

Contract performance (medical service)

Compliance with legal obligations of the clinic

Legitimate interests (security, service improvement)

5. Data sharing with third parties

Access may be provided to clinic staff and IT contractors (CRM, hosting, email services). Medical data may be shared with specialists or laboratories with your consent. Data may be disclosed to authorities if required by law.

We do not sell your data.

6. Cross-border transfer

When using services outside Israel, we ensure adequate safeguards (contractual, organizational, technical measures, including encryption).

7. Data retention

Medical records - according to legal requirements

Contact data and communication - until processing purposes are achieved or consent withdrawn

8. Your rights

Right to access and obtain a copy of your data

Right to rectify inaccurate information

Right to withdraw consent

Right to request deletion of data

Requests should be sent to [email].

9. Cookies and analytics

We use essential cookies for website operation and, with your consent, analytics cookies.

You may withdraw consent anytime by clearing cookies in your browser or via the banner.

10. Security measures

Secure HTTPS protocol

Role-based access

Multi-factor authentication for staff

Regular backups and access logging

11. Policy updates

The Policy may be updated periodically. A new version takes effect upon publication. The update date is shown at the beginning of the document.

12. How to contact us

For privacy inquiries, contact us at [email] or call [phone].

By submitting forms, you provide explicit consent for data processing.