Data Controller – Refers to LLC “Academician V. Iverieli Endocrinology, Metabology, and Dietology Center Enmedici” (ID 206047400), which individually or jointly with others determines the purposes and means of processing personal data, either directly or through an authorized data processor.
Data Processor – Refers to a legal entity or public institution that processes data on behalf of the controller.
Data Subject – Refers to a natural person who uses, intends to use, or has expressed interest in using the company's products or services, including representatives or third parties associated with the data subjects.
Data Processing – Refers to any action performed on data (either by the controller or the authorized processor), with or without the use of information technologies, including collecting, obtaining, accessing, video/audio monitoring, organizing, classifying, systematizing, correlating, storing, modifying, retrieving, extracting, sharing, using, blocking, deleting, or destroying the data.
This Privacy Policy applies to all natural persons whose data is processed by the company in the course of providing services. The policy applies in all instances where your personal data is collected and processed through the website, application, mobile app, software, technical equipment, internet products, electronic platforms or systems, direct surveys (via phone, online, or other methods), or electronic services operated, owned, and/or controlled by LLC “Academician V. Iverieli Endocrinology, Metabology, and Dietology Center Enmedici.”
The company collects and processes personal data necessary to provide medical services and best meet your needs. Personal data is processed:
The information collected from you may include: full name; device used for the application; address (country, city, and other address details); contact information (email and phone number); demographic data (gender and date of birth); personal ID number or another identifying document and issuing country; emergency contact name, phone number, and relationship; health-related information (Form 100); first 6 and/or last 4 digits of debit/credit card, cardholder’s name, and unique transaction code; and payment transaction details.
Using the system (registration, entering personal data, etc.) implies acceptance of this Privacy Policy, except in cases requiring separate consent. Otherwise, the user must refrain from using the system. This policy applies exclusively to the website/platform at enmedic.ge. The platform does not verify the accuracy of personal data provided by users (except for the email address required for registration). Only authorized personnel manage and process personal data, defining the purpose and scope of processing according to this policy and applicable laws.
In accordance with Georgian law, the company implements organizational and technical measures to protect data from accidental or unlawful destruction, alteration, disclosure, theft, or other illegal uses. Personal data is stored in secure systems. Databases are accessible only to authorized company personnel.
Users agree that the company may transfer personal data to third parties in accordance with legal requirements or when necessary to fulfill system functions. To improve system performance and services, the company may share data with third parties such as government authorities (in legally defined cases), partners, and developers (for improvements, updates, and database interactions).
The system adheres to the principle of data minimization and processes only necessary or user-consented data. Users must provide only necessary personal data. If additional information is provided, it will be processed with adequate security measures. For financial transactions, secure data transfer methods are used. Card payments may redirect to electronic payment systems, secured via high-standard banking networks. In case of data loss or breach, the company will notify users and take appropriate measures to mitigate negative consequences. Any data breach must be reported to supervisory authorities within 72 hours, if possible.
Under Georgian law on Personal Data Protection, the following rights apply: know which data is being processed; purpose of data processing; legal basis for processing; method of data collection; to whom the data was disclosed; grounds and purpose for disclosure. You may request a copy of your personal data. You have the right to request correction, update, completion, blocking, deletion, or destruction of your data if it is incomplete, inaccurate, outdated, or processed unlawfully. However, legal obligations (e.g., tax regulations) may limit the immediate deletion of data. Your data will only be used when there is a contractual and/or legal basis.
Personal data is retained for the duration of service provision for the following purposes: responding to inquiries and complaints; fraud detection and prevention during service use; and complying with legal and internal documentation retention periods.
Upon registration and sharing personal data, you consent to the use of your data for receiving specific product and offer information. The company accesses only the data you provide or that is collected during service provision. You may opt out of marketing communications at any time by contacting the company.
The company uses cookies and monitors user behavior on the website to ensure the best experience and to improve service quality. Collected information includes IP address, device type, OS, browser, page visits, session duration, website interactions, time and method of filling out website fields. This data is used to generate site statistics, protect users and prevent fraud, track user flow and evaluate marketing campaign effectiveness, adapt the website to user needs, and analyze how users arrive at the site. The company does not use cookies or behavior-tracking data to collect personal information. You can restrict or block cookies via browser settings; note some services may not function if cookies are blocked or deleted.
User requests (questions, comments, complaints, suggestions) regarding personal data or the Privacy Policy can be submitted via the company’s email or phone. The company may update the Privacy Policy at its discretion or as required by law. Registered users can view updated policies at www.enmedic.ge.