Privacy Policy

At Hanul Micul Samaritean, protecting the personal data and dignity of our seniors is a priority. This policy explains what data we collect, how we use it, and how we protect it.

1. Data Controller

SC HANUL MICUL SAMARITEAN SRL CIF: 49037290

J24/1592/2023 Address: Str. Cloșca 34, Baia Sprie, Maramureș

Email: contact@micul-samaritean.ro

Phone: +40 745 300 113

2. What Data Do We Collect?

a) Data collected through the website:

  • First and last name

  • Email address

  • Phone number

  • Messages sent via the contact form

  • Technical data (IP address, browser, cookies)

b) Data collected during the admission process (offline): (These are not collected online, but the policy must cover them)

  • Personal identification data (ID card, Personal Identification Number – CNP)

  • Health status data (diagnoses, medication, mobility)

  • Data regarding family members / contact persons

  • Financial-administrative data (contracts, billing)

  • Social and functional assessment

These are considered sensitive data according to GDPR (Art. 9).

3. Purposes of Processing

Data is used for:

  • Communicating with interested parties

  • Analyzing and responding to requests sent via the site

  • Admission and management of nursing home residents

  • Developing individual care plans

  • Administering medication

  • Contacting family members in case of need

  • Compliance with legal and accounting obligations

  • The safety of residents

  • Reporting to authorities, in accordance with social and medical legislation We do not use data for external commercial purposes.

4. Legal Basis

  • Consent of the individual

  • Execution of a contract

  • Legitimate interest (safety, prevention)

  • Legal obligations (accounting records, public health)

  • Protection of the vital interests of residents

5. To Whom Do We Disclose Data?

Data may only be disclosed to:

  • Medical staff and social workers

  • Competent authorities (DSP, DGASPC, CAS, etc.)

  • Medical partners (laboratories, physicians)

  • IT service providers, strictly for maintenance purposes All parties are bound by confidentiality agreements.

6. Storage Period

  • Website data: up to 12 months

  • Contractual data: for the duration of the contract + the legal term

  • Medical data: according to healthcare obligations (typically 5–10 years)

7. Rights of the Data Subject

  • Right of access

  • Right to rectification

  • Right to erasure (within legal limits)

  • Right to restriction of processing

  • Right to object

  • Right to data portability

  • Right not to be subject to automated decision-making

  • Right to lodge a complaint with the ANSPDCP (National Supervisory Authority for Personal Data Processing) Requests can be sent to: contact@micul-samaritean.ro

8. Data Security

We implement:

  • Restricted staff access

  • Monitoring systems

  • Secure servers

  • Documents kept in locked spaces

  • Internal confidentiality policies

9. Minors

We do not intentionally collect data regarding minors.

10. Modifications

Updates to this policy will be published on the website.