Our goal is for you to feel confident about how we handle your data. If you have any questions, you are welcome to contact us – see the Contact Information section.
Dr. Matteo Amoroso values your personal privacy. Whether you visit our Website, contact the practice, or are a patient with us, your personal data is handled with respect and in accordance with applicable laws. We strive to explain how we handle your data in an easy-to-understand way and with a friendly tone. Below you will find information about how we collect, use, and protect your data. Please note: We never sell your personal data or pass your contact details on to any third party.
In some cases, however, we need to share personal data with carefully selected suppliers and medical systems that we use in order to deliver our services (e.g., medical records systems, booking/communication systems, and tools for medical planning/3D simulation). Such sharing only takes place when there is a legal basis, with appropriate agreements and security measures in place, and never so that suppliers may use your data for their own marketing purposes.
We process personal data in accordance with the legislation in force at any given time, such as:
Data controller: Dr. Matteo Amoroso is responsible for the processing of personal data that Dr. Matteo Amoroso carries out within the business. The practice's operations manager has been appointed to ensure that all data handling complies with applicable rules and acts as the contact person for data protection matters.
Please note: In cases where your care with us is performed by an independent consultant physician who collaborates with Dr. Matteo Amoroso under our brand, it is that consultant physician's own healthcare company that is the data controller for that treatment (hereinafter the Consultant Physician Company). This means that company is responsible for medical record-keeping, patient safety, and the handling of your personal data for that specific care – not Dr. Matteo Amoroso. Your physician is obliged to inform you when they represent another healthcare provider as you receive care, but we want to make this clear here as well so that you know how your data is handled. Wherever the policy below refers to "we," this means both Dr. Matteo Amoroso and Dr. Matteo Amoroso's collaborating partners (Consultant Physician Companies).
Dr. Matteo Amoroso currently collaborates with the following independent companies, all of which operate under Dr. Matteo Amoroso's brand but in practice function as their own healthcare providers with the obligations and responsibilities that this entails.
If you have questions about this policy or wish to exercise your rights (see Your Rights below), you can contact the person responsible for operations:
We will respond to your request as soon as possible and no later than within the statutory time limit. You also have the right to contact the Swedish Authority for Privacy Protection (IMY) if you believe we have handled your personal data incorrectly.
Dr. Matteo Amoroso uses camera surveillance on the practice's premises in order to increase safety and security and to prevent and investigate incidents (e.g., break-ins, vandalism, and other security events). Camera surveillance is a form of personal data processing, since both image and sound may constitute personal data.
When are the cameras active?
What data is processed?
Purpose:
Legal basis:The processing is carried out on the basis of legitimate interest (GDPR Article 6(1)(f)), where our security interest is weighed against the individual's interest in personal privacy. We limit surveillance in terms of time, scope, and access, and we work with data and storage minimization. The assessment is documented and reviewed when necessary.
Storage, access, and erasure:
Recipients of data:In the event of an incident, material may be shared with, for example, the Police Authority or insurance companies to the extent necessary to investigate the event or to assert legal claims.
On-site information (signage):We provide information about the camera surveillance via signage at the entrance and refer to this privacy policy for more detailed information.
Your rights:You can contact us to exercise your rights under the GDPR (see the "Your Rights" section). Among other things, you have the right to request information and, in certain cases, to object to processing carried out on the basis of legitimate interest. When such a request is made, we carry out an assessment with regard to confidentiality, security, and the privacy of other persons.
Our business operates at [website] (hereinafter the Website).
When you visit the Website, we collect certain information about your visit so that the Website works well and so that we can improve our services. Here we describe what is collected and how it is used.
Cookies: On our Website we use cookies, that is, small text files stored on your device.
This section applies to you who interact with us without necessarily being a patient – e.g., if you ask questions, contact us for a consultation, follow us on social media, or subscribe to our newsletters. We describe what data may be collected in these cases and how it is used.
If you contact us by phone, email, or web form, we collect the data you choose to provide. This may include your name, contact details (phone number, email address, address, personal ID number), and the content of your message. We use this data solely to handle your request and to get back to you with a response or the information you requested.
Purpose: To be able to communicate with you, answer questions, provide advice about our treatments, and book consultations if you wish.
Legal basis: Our processing is based on a balancing of interests, where we have a legitimate interest in helping you who have contacted us. By voluntarily reaching out, you also consent to us processing the personal data you have provided for the express purpose of assisting you.
Storage: We retain correspondence and contact details for as long as necessary to handle your matter. If, for example, you book an appointment with us, the information will be stored at least until your consultation or treatment has been completed and any follow-up has concluded. If you do not proceed to become a patient or customer, we do not keep your contact details longer than necessary after your question has been answered. Occasional requests are normally deleted or anonymized after the matter is closed, within one year, unless an ongoing dialogue is taking place.
We do not share information from your requests with anyone outside the practice. Only authorized staff (e.g., reception staff, or medical staff if your question concerns medical advice) access your data. All staff are bound by confidentiality and professional secrecy, meaning they may not improperly disclose what you tell us.
If you contact us via social media (e.g., Facebook, Instagram, or TikTok), your data is processed in order to answer your questions. To manage incoming messages, we use Boxly.ai, a tool that collects our channels in a shared inbox. Boxly processes data only on our behalf and under an agreement that complies with the GDPR. Please note that each platform (e.g., Meta or TikTok) is also independently responsible for its processing of your data under its own privacy policies.
If you have signed up for our newsletter or consented to marketing communications, we handle your contact details (mainly name and email address) so that we can send you updates, news, and offers from Dr. Matteo Amoroso.
How is the data collected? Usually by you filling in a subscription form on our Website, or by giving verbal/written consent to newsletters in connection with a visit to us. In some cases we may also add existing patients or contacts to mailing lists, but only if we have received your approval (e.g., that you ticked a box about receiving newsletters).
Purpose: To provide you with relevant information about our business, new treatments, customer events, offers, or other marketing communications that may interest you as someone who has shown interest in our services.
Legal basis: The processing is based on your consent. This means we only send newsletters or advertising by email/SMS if you have agreed to it. You can choose to stop these communications at any time (withdraw your consent).
How do you unsubscribe? Every newsletter we send contains an unsubscribe link. If you click it, we stop sending you further newsletters. You can also contact us directly at any time (by phone or email) and let us know you no longer want to receive communications, and we will arrange it immediately.
Storage and erasure: We keep your marketing contact details for as long as you are an active subscriber. If we notice that an email address stops working or that you have not opened our communications for a long time, we may also remove you from the list as an extra precaution. Upon unsubscribing, we remove or anonymize your data from the mailing list shortly afterwards. We may retain documentation that you once gave consent (so that we can demonstrate it if needed), but no communications will be sent after you have declined further contact.
We use an external email service to manage newsletter distribution (the tool may vary, but always with a data processing agreement in place). This service provider may only use your data on our behalf and not for its own purposes. As with all our communication, we do not share or sell your email address to other companies for their marketing.
This section is aimed at you who become a patient of Dr. Matteo Amoroso, that is, if you undergo a consultation and/or treatment with us. Here we explain what type of information we collect in connection with care, why we need it, how it is handled, and how long it is retained. Since health data is considered sensitive personal data under the GDPR, and is also covered by the Patient Data Act, we have very strict procedures for security and confidentiality regarding this data.
External healthcare provider in certain cases: Sometimes your consultation or operation with Dr. Matteo Amoroso may be performed by a licensed specialist physician who runs their own healthcare company in collaboration with us. In such cases, it is that company that is formally your healthcare provider and is therefore responsible for your medical records and other personal data linked to the treatment. Dr. Matteo Amoroso is then not the data controller for that specific medical treatment. At your initial contact, your physician is obliged to inform you which healthcare provider is formally responsible for your care, but we want to explain this here so that you know who handles your data. Examples of such providers can be found under the heading Consultant Physician Companies above.
When you become a patient with us, we need to collect data about you so that we can provide you with good and safe care. This data mainly includes:
Identity and contact information: for example, name, personal ID number, address, phone number, and email address. This data is needed so that we can unambiguously identify you, call you in for booked appointments, and contact you before or after treatment (e.g., follow-ups or reminders about return visits).
Health data and medical documentation: this is the core of the patient record and may include the anamnesis (medical history), information about previous and current health conditions, allergies, medications, results of any examinations or tests, surgical reports, and record notes written by the physicians and nurses during consultation and treatment.
Treatment information: data about the procedures or treatments you undergo with us, planned and performed measures, dates of visits, and follow-up data (e.g., healing process, any complications, aftercare recommendations).
Photographs: In many cases we take before-and-after images in connection with your treatment. These photographs form part of your medical documentation and help both you and us to track the outcome of the procedure. (More information about how we handle photographs can be found in the Photo Handling section below.)
Next-of-kin or relative information: Sometimes we may need to note the contact details of a relative (e.g., if you provide an emergency contact ahead of an operation) or if another healthcare provider needs to be contacted. Such information is only recorded if it is relevant to your care.
Financial data: If you pay for a treatment, we collect the necessary payment information. This may concern invoice records, payment history, or information required to administer any installment payments or credit. Examples: billing address, payment method, and transaction details from card payment (NOTE: we do not store card numbers or sensitive card data ourselves; this is handled by our payment provider – see below).
Other information you provide yourself: Any information you actively give us in connection with your care, for example, particular treatment preferences, feedback at follow-up, or other personal circumstances you consider relevant, may be documented in your record so that all care staff have the correct basis for helping you.
We collect this data directly from you (via health declarations, consultation conversations, etc.) or create it internally as a consequence of care (e.g., record notes written by our surgeons). In some cases we may receive supplementary medical information from other healthcare providers – e.g., if you have been referred to us or if we need to collaborate with your regular physician regarding some medical basis. Such data is then obtained in accordance with applicable legislation and with your consent where required.
We process your patient data for express medical purposes. Above all, the data is needed so that we can offer you safe, high-quality care. Here are the main purposes:
To provide care and treatment: All relevant personal data is used for planning and carrying out your care. For example, we use your medical history and record notes to assess which measures are appropriate, and your contact details to send appointment notices and reminders.
Legal basis: this is necessary to fulfill the agreement with you as a patient (i.e., to actually perform the treatment you have booked) and so that we, as a healthcare provider, can meet our statutory obligations regarding patient safety and record-keeping. Note that the GDPR permits the processing of sensitive health data when it is carried out to provide health and medical care and under confidentiality (GDPR Article 9(2)(h)).
Record-keeping by law: A patient record must be kept for each patient under the Patient Data Act. The healthcare provider responsible for your care (either Dr. Matteo Amoroso or one of our consultant physicians, see Consultant Physician Companies above) will therefore keep a record containing all the information needed for good and safe care. This includes documenting diagnoses, treatment measures, prescriptions, and relevant communication. Legal basis: the law requires this handling. We have no option to refrain from record-keeping, nor can you request that we omit things that the law requires to be in the record.
Administration and planning: Some data is processed to manage the more practical side of care – such as appointment booking, staff scheduling, internal statistics on how many procedures we perform, etc. This is done so that our business runs smoothly and ultimately so that you, as a patient, receive the best possible service (e.g., short waiting times and good follow-up). Legal basis: usually our legitimate interest in running a high-quality healthcare business. Such statistics are handled at an aggregated level or with pseudonymization where possible, so that no more personal data than necessary is used. You always have the right to object if you believe we are processing data unnecessarily under this basis (see Your Rights).
Quality follow-up and patient safety: To ensure high quality in our business, we use our records system for internal follow-up, for example through quality controls or audits of randomly selected records. This always takes place under strict confidentiality and only by authorized care staff. The purpose is to improve care over time, detect any shortcomings, and increase patient safety.
Dr. Matteo Amoroso also participates in the national Breast Implant Registry (BRIMP, www.brimp.se), which is a quality registry for operations involving breast implants – such as insertion, removal, adjustments, and any complications. Our participation in BRIMP is voluntary and takes place as part of our quality work and in accordance with recommendations from our industry organization, the Swedish Association for Aesthetic Plastic Surgery (SFEP).
As a patient, your relevant data is registered in BRIMP in connection with you undergoing a breast implant procedure with us. However, you always have the right to decline registration (opt-out) or to subsequently request that your data be removed. You can also contact BRIMP directly to request an extract of your registered data.
If we use data for research purposes or for other quality registries not directly linked to your care, this only takes place in anonymized form or after specific consent in accordance with applicable rules.
Communication and support: We may need to use your contact details to communicate with you as a patient beyond the care visit itself – for example, to send home instructions ahead of an operation, aftercare advice, or to reach out for follow-up. We may also send surveys to measure your satisfaction or similar; you decide for yourself whether you want to respond. Such communication is sent either directly by email, SMS, or via one of our digital records systems (see below).
Statutory reporting: In certain cases, healthcare providers must report data to authorities or registries as required by law. Examples may include the National Board of Health and Welfare (Socialstyrelsen), IVO (the Health and Social Care Inspectorate), or quality registries within plastic surgery, if required. We then comply with these legal requirements, and the reporting is carried out in a manner compatible with confidentiality rules.
In summary, our patient data storage relies on several legal bases: most often, the contractual basis (to provide the care you ordered) is combined with legal obligation (since healthcare must comply with the PDL and other laws). In cases where we wish to do something beyond this, e.g., use your contact details to send information that is not necessary for care, or use images in marketing, we will obtain your consent in advance.
Dr. Matteo Amoroso uses both traditional paper records and modern digital records systems to document care. We assure you that all systems we use meet high security requirements and that your data is protected from unauthorized access.
Digital records systems: Our main digital systems for records and clinic administration include Meridiq, Adoreal, Crisalix, and FileMaker. Meridiq and Adoreal are examples of secure cloud-based records systems adapted for clinics in aesthetic care. Crisalix is used mainly for 3D simulations and planning ahead of aesthetic procedures (e.g., to show you, as a patient, possible results), which means photographs, personal data such as name and personal ID number, and certain anatomical measurements may be processed there in connection with a consultation. FileMaker is a database tool that we have historically used for certain administrative purposes.
Data processors: When we use external systems such as those mentioned above, we ensure that data processing agreements are in place with the suppliers. This means they undertake to handle the information according to our instructions and not for their own purposes. They may not access your record other than to store it and display it to authorized care staff. In our agreements with the system suppliers, it is guaranteed that data is stored within the EU/EEA or with equivalent protection.
Access and authorization: Only authorized healthcare staff at Dr. Matteo Amoroso have access to the records systems. By "authorized" we mean those directly involved in your care, such as plastic surgeons, anesthesiologists, nurses, and necessary administrative staff (e.g., medical secretary and operations manager). Everyone who handles patient records is bound by professional secrecy under the law and internal policies. We work according to the principle of least intrusive measure – that is, each person can only see the data required for their task. The systems are password-protected, often require two-factor authentication, and all logins and record views are logged (so that it can later be seen who looked at what). Accessing a record without authorization is a serious breach that can have employment and legal consequences. As a patient, you have the right to request a log extract showing who has read your record and when, in accordance with Chapter 4, Section 3 of the Patient Data Act.
Paper records: Some information may exist on paper, e.g., completed health declarations or consent forms you sign. These documents are stored securely under lock when not in use and are often scanned into the digital system. Paper copies are destroyed securely (shredded) when they no longer need to be kept in original form.
By maintaining these systems and procedures, we ensure that your patient information is accessible to the right people, at the right time, while being protected from unauthorized parties. This is an important part of the Patient Data Act and something we take very seriously.
In order to improve your experience, plan procedures, and be able to offer, for example, 3D simulation of possible results, we may use external medical systems and partners.
What data may be shared?Depending on the service, this may include, for example, photographs, name, and certain identity/patient data (e.g., year of birth/personal ID number or another identifier), as well as relevant measurements or treatment-related data needed to perform a simulation or planning. We always share the minimum amount of data for the purpose.
When does sharing take place and on what basis?Sharing with such services does not take place without your knowledge and normally only after you have given your approval/consent for that particular type of use. You can choose to decline or withdraw your consent at any time. Withdrawal does not affect the care you receive, but it may mean that we cannot offer that particular additional service.
Roles and responsibilities (GDPR):Our suppliers handle the data in accordance with the GDPR and are either:
Storage and erasure:Data in patient records (including medical images that are part of the record) is retained according to the rules of the Patient Data Act. For data processed in external visualization/planning systems, storage is governed by each service's settings and our agreements; we strive to ensure that data is not stored longer than necessary for the purpose and that it is deleted/anonymized when no longer needed, to the extent possible and compatible with applicable rules.
Any transfers outside the EU/EEA:If any supplier or sub-supplier processes data outside the EU/EEA, we ensure that the transfer takes place with appropriate safeguards in accordance with the GDPR (e.g., standard contractual clauses).
The main rule is that data from your record stays with us at the practice. We do not disclose information about you to outside parties unless there is a clear medical reason or a legal requirement. Below are the situations in which your personal data may nevertheless need to be shared with third parties, and how we do so in a controlled manner:
Other healthcare providers in case of referral or consultation: If your matter requires us to collaborate with another healthcare provider (e.g., if we refer you to a specialist, or if you come to us on referral), relevant record data will be transferred to that provider. This is done for the sake of your continued care and in accordance with confidentiality legislation – the receiving care staff have the same professional secrecy as we do. We inform you in cases where a referral is written or if we otherwise communicate with an external healthcare provider about you.
Other healthcare providers within our collaboration (Consultant Physician Companies): We collaborate with independent specialist physicians who perform treatments under the name Dr. Matteo Amoroso but through their own companies. If your care takes place with such a physician, relevant record data and information will be handled by that physician's healthcare company in their records system, since that company is your healthcare provider and the data controller for the treatment. The physician treating you is obliged to inform you which healthcare provider is involved in these cases, and that physician has the same professional secrecy and obligation to protect your data under the law as we do. You will find these named under the heading Consultant Physician Companies above.
Laboratories or medical partners: For certain procedures, samples may need to be sent to a lab (e.g., blood samples or tissue samples). The necessary identifying data (such as your date of birth or a code) is then sent with the sample so that the result can be linked to you. However, the lab does not see your entire record, only what is relevant to the analysis. They are subject to medical confidentiality.
Insurance companies or financing companies: If your treatment is covered by health insurance or if you choose to use a financing solution (e.g., installment payment through a credit company such as Medical Finance), we may need to disclose certain data to that company. This mainly concerns information confirming that a particular treatment took place and cost a certain amount, or data for a credit assessment. We only share what is necessary – for example, treatment date, type of procedure, and cost, as well as your personal ID number if the finance company needs it for a credit check. These companies are independent data controllers for their handling, which means they also have their own obligations to comply with the GDPR. We ensure that they understand the data comes from a care contact (which in itself imposes confidentiality requirements on them as well).
Payment intermediaries: When you pay by card, the transaction is handled through an external payment provider (for example, Adyen N.V., which is PCI-DSS certified). We ourselves do not store your card details. The payment provider receives information about the amount, your card number, etc., in order to carry out the payment, and may in connection with this have access to your name and order reference. Adyen acts as an independent data controller for the payment data and complies with both the GDPR and strict security standards for payments.
Authorities: In rare cases, we may be legally obliged to disclose information, e.g., during a supervisory review by IVO, a request from the National Board of Health and Welfare, or if you claim compensation via patient insurance and the investigation requires record copies. Before disclosing anything, we always ensure there is legal support and that the recipient has the right to receive it (and we inform you as far as possible, unless this would impede an official investigation).
Beyond the situations above, we do not use your patient data for any other purposes and do not share it with other outside parties. We never sell information about our patients. All possible partners (IT suppliers, laboratories, finance companies, etc.) have agreements with us that govern how they may process the data – they may not misuse it or use it for their own purposes.
Photographs are an important part of the work within aesthetic and reconstructive surgery or other parts of our business. They help us document the starting point and the result of treatments. At the same time, images of a person constitute personal data, especially if the face or other identifying features are visible. The main rule is that relevant before-and-after images are documented as part of the record. In exceptional cases, the scope of the documentation can be discussed with the responsible physician. Here we explain how we handle the photos we take of our patients:
Part of the patient record: All before-and-after images taken by the practice for a medical purpose are treated as record documents. This means they are stored securely in the records system and are subject to the same confidentiality as other record data. Only authorized care staff can see them, and the purpose is to have a basis for your care (procedure planning, documentation of results, follow-up over time). For example, we often take images before an operation in order to compare with the result at follow-up checks. These images may not be distributed or shown to others without your permission.
Internal use for care quality: In some cases, images may be used internally for educational purposes or for medical conferences within the practice, e.g., so that several physicians can jointly assess a treatment result. Even then, they are handled under confidentiality and the patient's identity is protected as far as possible.
Publication for marketing requires consent: Sometimes patients ask whether their before/after images can be used as a reference for others, or we may want to ask your permission to show the images to help other patients understand possible results. However, no images that can identify you will ever be used externally (on our Website, on social media, in advertising, or in brochures) without us first obtaining your express written consent, which can be given in writing or digitally by email. Giving such consent is entirely voluntary, and regardless of your decision it does not affect the care you receive. If you consent to photo publication, you can change your mind at any time later – let us know and we will remove the image from further use.
Anonymization: In some cases we may want to display results without revealing identity, e.g., by cropping images so the face is not visible or the eyes are covered. We will still ask for your approval, since even a body image (e.g., before/after of a nose or abdomen) combined with a description can be regarded as personal data. We take no risks here – your privacy comes first.
Storage of images: Since the images are part of the record, they are stored for at least ten years, just like other record data. If you have objections to us storing images at all (some patients may find it sensitive), talk to us – in exceptional cases, how much needs to be documented can be discussed. However, the basic rule is that relevant images are needed to ensure quality and the ability to make a medical assessment, and we follow the National Board of Health and Welfare's recommendations regarding the recording of images in records.
In summary: Your images belong to you, and we only borrow them to improve your care and – if you wish – to be able to show examples of our work. We ask first, and we respect your decision. All images are protected just as strictly as the rest of your record.
We strive not to store personal data longer than necessary. Different types of data may be subject to different legal requirements and practical needs that govern the retention period:
Patient records: Under the Patient Data Act, we must keep record data for at least ten (10) years after the last entry was made. In practice, this means that if your most recent contact with us was in 2025, your record will normally be eligible for erasure (removal) at the earliest in 2035 or later. We may keep it longer if there are special reasons, but never shorter than ten years. (In the unlikely event that the practice were to cease operations, we would still be responsible for ensuring your records are preserved for at least 10 years and that they are handed over to an archive or another healthcare provider according to applicable procedures.)
Accounting and payment data: Data linked to finances, e.g., invoices, receipts, and payment history, is kept in accordance with the requirements of the Accounting Act for seven (7) years after the end of the calendar year in which the financial year ended. This means, for example, that an invoice from 2025 must be kept until the end of 2032. This data is kept accessible only to our finance department/auditor and is not shared externally other than to authorities during an audit.
Contact requests (non-patient): If you have only contacted us with questions but have not become a patient, we keep your data, as mentioned above, only until the matter is closed. Minor notes (such as email conversations) are cleared out regularly, normally within one year.
Newsletter lists: Your data for communications remains as long as you are a subscriber. Upon unsubscribing, it is removed immediately from our distribution list (with the exception of any retained information that you previously gave consent, which in that case is stored for at most a couple of extra years so that we can demonstrate it if questioned).
Website data: Analytics data from Google Analytics or similar tools is usually anonymized and aggregated, but raw visitor logs are deleted after a few months. Cookies in your browser are stored for at most a couple of years (many disappear earlier or at the end of the session, depending on type). You can also delete cookies yourself whenever you want.
Other: If the law requires a certain retention period, we of course follow it. If not, we work on the principle of not storing unnecessarily. When data no longer needs to be processed for the purpose for which it was collected, we delete it or anonymize it so that it can no longer be linked to you. We document our erasure procedures in our internal data management policy.
Note that your rights include being able to request the erasure of certain data (see below), but if the law requires us to keep it, we cannot delete it immediately even if you request it. For example: we cannot remove your patient record earlier than 10 years as required by law, and we cannot delete transaction data belonging to the accounting before 7 years have passed. In such cases, we will instead ensure that the data is only used to comply with the law and nothing else.
As a data subject (i.e., the person the data concerns), you have a number of rights under the GDPR. We want you to know them and how you can use them:
Right to information and access: You have the right to obtain confirmation of whether we process personal data about you, and if so, to access that data along with information about how we process it. This is often called the right to a register extract. At your request, we will compile the personal data we hold about you and an explanation of the purposes, who we may have shared it with, how long it will be stored, etc. For patient-specific data, this in practice means the right to receive a copy of your record. A register extract/copy is provided free of charge once (for repeated or unreasonable requests, a fee may be charged in accordance with the GDPR).
Right to rectification: If you discover that we hold incorrect or incomplete data about you, you have the right to have it corrected. This could be, for example, that your name is misspelled or that your contact information has changed. When it comes to medical data in the record, we are not permitted for legal reasons to delete anything retroactively, but we can mark the record with a rectification note and add your correcting information so that it is clear what is correct.
Right to erasure ("the right to be forgotten"): In certain cases, you have the right to ask us to delete your personal data. If, for example, you have given consent to something (such as newsletters or image publication) and change your mind, you have the right to have that data removed. We must also delete data that is no longer needed for its purpose. Exception: This right is not absolute. We cannot delete data that we are legally obliged to keep. This means patient records and financial transactions cannot be deleted on request before the retention period has expired. Nor can we delete data needed to establish, exercise, or defend legal claims. But such data will then only be retained for that purpose and nothing else.
Right to restriction of processing: You have the right to ask us to restrict the processing of your data under certain circumstances. This means we mark the data so that it may only be used for certain limited purposes. You can request restriction, e.g., if you believe the data is incorrect (while we investigate this), or if you have objected to processing based on legitimate interest (while we verify the balancing of interests). If processing has been restricted, we may in principle do nothing more with the data beyond storage without your consent, except where it is needed for legal claims or to protect another person's rights.
Right to object: You always have the right to object to processing that relies on our legitimate interest (Article 6(1)(f) GDPR). If, for example, you do not want us to use certain data for internal statistics or marketing that we have assessed to be a legitimate interest, you can let us know. We must then either cease the processing or be able to demonstrate compelling legitimate reasons that outweigh your reasons. If you object to direct marketing (e.g., the sending of newsletters), we of course cease it immediately – that is not something we can override.
Right to data portability: For the data you have provided to us yourself and that we process on the basis of your consent or to fulfill an agreement, you have the right to receive it in a structured, machine-readable format, or to request that we transfer it to another service provider where technically possible. In practice, this is most relevant for simpler data such as contact details or booking history. Your medical record data is not directly covered by portability (since it is processed on the basis of legal requirements, not consent or a direct agreement), but you can always receive a copy of the record and give it to any other physician.
Right to withdraw consent: If we process any data based on your consent (e.g., the use of your email for newsletters, or our use of your images in marketing), you have the right to withdraw your consent at any time. Contact us and we will arrange it immediately. Withdrawal does not affect the lawfulness of the processing already carried out, but it means we cease further processing of the specific data and for the purpose the consent covered.
To exercise your rights, contact us (see Contact above). For certain actions, mainly register extracts or sensitive changes, we may need to verify your identity – this can be done through, e.g., a written signed request or identification with valid ID during a visit. This is to protect your privacy so that we do not disclose data to the wrong person. We will respond to you as soon as possible, usually within 1 month as required by the GDPR. If for any reason we need more time or cannot fulfill a request (e.g., delete a statutory record), we will inform you of the reasons.
Finally, we want to remind you that you always have the right to lodge any complaints regarding our personal data processing with the Swedish Authority for Privacy Protection (IMY). IMY is the supervisory authority in Sweden, and you can visit their website at imy.se for information on how to file a complaint. However, we hope that you will primarily want to talk to us directly so that we can clear up any misunderstandings.
We take technical and organizational measures to protect personal data against unauthorized access, loss, or other unlawful handling. This includes, among other things, that we use encryption, access controls, and logging in our systems and that we train staff in data security and confidentiality. Our IT suppliers are responsible for carrying out security reviews, and we continuously update our procedures to ensure that the level of protection is high.
Professional secrecy: As a healthcare provider, confidentiality legislation is very strict. All staff, including administrative staff, are subject to statutory professional secrecy (public healthcare providers under the Public Access to Information and Secrecy Act, private healthcare providers through agreements and ethics). Disclosing patient data to an unauthorized person is not only grounds for disciplinary action but also potentially a violation of the law. We never speak about our patients in an identifiable way with outsiders. Internally, patient cases are only discussed for professional purposes and behind closed doors.
Incident management: Should a personal data breach occur, against expectations (e.g., unauthorized access, data loss, or similar), we have procedures to handle it. We will notify affected individuals and report to IMY within 72 hours if the breach is deemed to pose risks to the rights of data subjects, all in accordance with the GDPR's provisions. We work proactively to avoid incidents arising.
Through these measures, we want to ensure that your data is in safe hands with us. Technology and the threat landscape are constantly changing, but we continuously update our security methods to stay one step ahead. If you have specific questions about our data security, you are always welcome to ask. It is very important to us that you feel confident in how we protect your privacy.
This privacy policy may be updated when necessary – e.g., if the laws change or if we introduce new systems that affect how we handle personal data. If we make significant changes, we will provide information about it, either via our Website or directly to those affected (e.g., by email to patients/customers if it is something more important). The latest version of the policy is always published on our Website. The date from which it applies is stated at the top of the policy.
We recommend that you read through the policy at regular intervals to stay informed. If you continue to use our services after an updated policy has taken effect, we consider this as you accepting the changes. Should any change require your consent (if, for example, it concerns a new purpose for which we want to use your data), we will of course obtain it separately.
Thank you for taking the time to read our privacy policy. Your privacy and your trust mean a great deal to us. We always do our best to protect your data and your right to privacy. If you have further questions, you are warmly welcome to contact us – we are here to help you!
Dr. Matteo Amoroso, 2026-01-01