Privacy Policy

• Endala s.r.o.
• Na Příkopě 31, 110 00 Prague 1
• Company ID: 29006104
• E-mail: recepce@endala.cz
• Phone: +420 604 226 652

• identification data, such as name, surname, title, date of birth and other data necessary for the provision of services
• contact details, such as e-mail address, phone number and address
• data related to appointment booking, communication and the course of care
• health data and other special categories of personal data where necessary for the provision of healthcare services
• technical data related to the use of the website, such as IP address and system logs

• appointment booking and communication with clients
• provision of healthcare and related services
• maintenance of medical records
• compliance with legal obligations
• protection of the Controller's rights and legitimate interests
• operation and security of the website
• sending marketing communications where an appropriate legal basis exists

• performance of a contract or steps taken prior to entering into a contract
• compliance with a legal obligation
• the Controller's legitimate interest
• consent, where required for a specific purpose
• in the case of health data, also the provision of healthcare and maintenance of medical records under applicable legal regulations

• directly from you
• when you book an appointment or communicate with us
• during the provision of services
• from other healthcare providers or other authorised entities where permitted by law or based on your instruction

• our contractual processors, such as IT, hosting, booking system, accounting or legal service providers
• public authorities and other entities where required by law
• other authorised persons involved in the provision of healthcare services
• persons designated by you

As a rule, personal data is processed within the European Union or the European Economic Area. If, in exceptional cases, data is transferred outside this area, such transfer will only take place in compliance with GDPR and subject to appropriate safeguards.

We retain personal data only for as long as necessary for the relevant purpose. Data related to healthcare services and medical records is retained for the period required by applicable legal regulations. Other personal data is retained for the duration of the contractual relationship, for the period required by law, for the time necessary to protect our legal claims, or until consent is withdrawn where processing is based on consent.

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or alteration. Personal data is accessible only to those who need it for the performance of their duties and who are bound by confidentiality obligations.

We do not carry out automated individual decision-making or profiling within the meaning of Article 22 GDPR unless you are explicitly informed otherwise in a specific case.

• request access to your personal data
• request correction of inaccurate data
• request restriction of processing
• object to processing where the legal basis is legitimate interest
• request data portability where applicable
• withdraw consent where processing is based on consent
• lodge a complaint with the supervisory authority

Where we are required by law to process and retain certain data, especially in relation to medical records, some of these rights may not apply in full.

If you have any questions regarding personal data protection, you can contact us at recepce@endala.cz or +420 604 226 652.

You also have the right to lodge a complaint with the Czech supervisory authority: Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, www.uoou.gov.cz.

This Privacy Policy is effective as of 27 April 2026.