Poliklinika Sinteza
Schedule an appointment

Privacy Policy

POLYCLINIC SINTEZA Ltd., with its registered office at Frana Folnegovića Street 1C, Zagreb, entered in the court register of the Commercial Court in Zagreb under company registration number (MBS): 080652714, and personal identification number (OIB): 08554648822 (hereinafter referred to as: the “POLYCLINIC”), is the controller of your personal data.

The term “user” or “data subject” in this Privacy Policy refers to all individuals who are receiving or have received healthcare services, as well as any other individuals who have given their consent to receive notifications from the POLYCLINIC, either for themselves or for children under the age of 16 as holders of parental responsibility.

The POLYCLINIC collects the minimum necessary amount of personal data and uses it solely for the purpose for which it was collected, and of which you have been informed. Likewise, the POLYCLINIC does not share data with third parties without informing you beforehand. The POLYCLINIC always strives to process and store your data only for as long as necessary for the purposes for which it was collected, or as required by a contract or applicable law.

1. Data We Collect

The POLYCLINIC collects various types of data in order to provide high-quality services. This includes: (a) Data collected directly from you through forms completed at the POLYCLINIC premises, via forms on the website www.sinteza.hr, through email, social media platforms, or by telephone; (b) Data collected regarding your use of POLYCLINIC services; (c) Data obtained from third parties.

The POLYCLINIC collects the following categories of data from you:

  • Identification data (full name, personal identification number, gender, nationality, residence/address)
  • Contact data (email address, telephone number, mobile number)
  • Health-related data and information (medical findings, medical history, diagnosis data, procedures, etc.)
  • Administrative data (insurance identification number, health insurance card, supplementary insurance card, proof of payment, etc.)
  • Any additional data you voluntarily provide as a user of our services.

The POLYCLINIC may also process your data and/or the data of your child, if the child is under the age of 16 or 18, depending on the purpose of processing, and you are the holder of parental responsibility.

The POLYCLINIC collects data regarding your use of the website www.sinteza.hr, including how you interact with the site. Such data is necessary for us to ensure the proper and high-quality functioning of the www.sinteza.hr website, to deliver quality services to you, and to fulfill our legal obligations and legitimate interests related to the continuous improvement of the services we provide.

The website www.sinteza.hr uses cookies. Details about cookies, how they are used, stored, and blocked, can be found on our website under the “Cookies” section, available at the following link: https://sinteza.hr/kolacici/

Furthermore, the POLYCLINIC may collect data about your geo-location. Such data may become accessible during your browsing and use of the website www.sinteza.hr, based on your device’s IP address or GPS location data. This information is used to improve our services and to ensure the quality of service we provide to you. The POLYCLINIC emphasizes that your devices have the option to disable or restrict the sharing of location data, and you are free to use these settings at your discretion.

When collecting personal data, certain information may be stored by the Google Analytics platform, which is further explained in our Cookie Policy.

For more information about Google Analytics’ privacy policy, you can visit the following link:

Some of our services available through online content allow you to contact the POLYCLINIC directly to submit inquiries or schedule appointments for services provided by the POLYCLINIC. In connection with these services, we may request certain personal information from you in order to facilitate the use of those services and to enable the POLYCLINIC to respond to your request accordingly. In such cases, your personal data is necessary, as the POLYCLINIC cannot act upon your request without it. Therefore, you will be presented with a form confirming that you have been informed of our privacy policy, which you will be required to acknowledge by checking the appropriate box. For example, in such cases, you may be asked to provide your email address, first and last name, mobile phone number, and similar information. Some services allow you to communicate with other individuals. These communications will be transmitted through our systems and stored within them.

In certain situations, the POLYCLINIC collects data about you using other online platforms and sources, which may be combined with other data you have made available to us. For instance, in order to provide you with high-quality services tailored to your preferences and interests, the POLYCLINIC uses the Facebook Pixel tool, which tracks your activity on this website and transfers that data to Facebook. As a result, you may receive promotional messages and information via social media platforms, tailored to your preferences and interests based on your browsing activity. In this way, you are enabled to access services and receive information about offerings that you might not otherwise become aware of, with the aim of enhancing your user satisfaction and improving the quality of services provided by the POLYCLINIC. Such tools may be embedded in online content, videos, or emails and may allow servers to read certain types of data from your device. This includes the ability to detect when you have viewed specific content or an email message, as well as the date and time of viewing and the IP address of your device. The POLYCLINIC, along with certain third parties, uses tracking technologies for various purposes, including the analysis of service usage and, in combination with cookies, the delivery of content and advertisements tailored to your needs and interests. This website uses retargeting (remarketing) technologies. Third parties may collect information about your visits to our website and your interaction with it, including advertisements. Retargeting technologies analyze cookies and display ads based on your previous behavior during visits to our site. For example, if you have viewed some of our services on our website, retargeting can read cookies in your browser and display ads for those services on social media platforms such as Facebook, where you will see our services or ads during your use of that platform. The processing of data collected by these cookies is based on your consent (Article 6, 6. Paragraph 1, Item (a) of the General Data Protection Regulation). In the Cookie Settings, you will find a list of all cookies within each category (necessary, statistical, marketing cookies, and cookies for targeted advertising).

For more information about these tools, you can refer to the following links:

In addition, the POLYCLINIC uses Zendesk Support and Zendesk chat tools for online live communication, which may also contain your personal data.

For more information, see here:

Regarding the above, the POLYCLINIC does not perform special processing or storage of data provided through these tools; they are used solely for communication purposes. For example, your username created during chat interactions will not be linked to a specific individual by the POLYCLINIC. However, if you were to ask a specific question or request services while using communication tools (such as scheduling an appointment), our staff may ask for your contact details in order to process your request or respond to your inquiry or request made via communication tools, such as chat.

Similarly, if you were to submit inquiries, requests, or requirements through web forms on the website www.sinteza.hr on incorrect pages, for example, if you used the “ask the doctor” form to request the exercise of your rights, access to other information, or to schedule an appointment, the POLYCLINIC may use the personal data you provide to identify and contact you in order to process your request, inquiry, or submission.

All interactive options, especially communication through private messages, chat, forums, or other methods of sending messages or communicating with one another, are public and do not have the status of confidential and verified information. Therefore, the POLYCLINIC may monitor and remove inappropriate content from user communications without their knowledge or prior approval. Since the POLYCLINIC is not required to control or authorize the content of messages or information that may appear on the website www.sinteza.hr, the POLYCLINIC is not responsible for any actions the user may take on any part of the website www.sinteza.hr, nor for the content the user may post on it.

By accessing and using this website, you agree to the use of the described tools and other data on your device. Additionally, you agree that the POLYCLINIC and third parties may access cookies, local storage technologies, Pixel, and data.

2. Why we collect data and who has access to the data

Your data is collected and processed for the following purposes:

  • To enable your use of services;
  • To contact you regarding medical procedures;
  • To provide services and fulfill your requests;
  • To provide you with content and recommendations based on your activities on the website;
  • For advertising and sending promotional materials;
  • For the improvement of our business operations and the development of services provided to you;
  • For the assessment and analysis of activities on this website, our market, users, products, and services;
  • For communication with you;
  • For analyzing how individuals (including you) use our services and content in order to improve them and develop new products and services tailored to user preferences;
  • For processing necessary to comply with the POLYCLINIC’s legal obligations;
  • For notifying competent authorities and storing data in accordance with healthcare regulations;
  • For other purposes with your consent.

Your data will not be made public. We take special care in determining to whom we provide your data and will not disclose it to third parties for their independent marketing or business purposes without your consent. In the event of data transfer, we will take all necessary measures to protect the data and, where possible and reasonably necessary, pseudonymize or otherwise make it difficult to link the data to you. In exceptional situations, we will strive to fully anonymize your data, especially if we assess that there is a risk to the protection of your rights.

Your data may be disclosed to entities directly involved in business relations with the POLYCLINIC and who are an integral part of the POLYCLINIC’s operations (such as the company FUTURA MEDICAL GROUP d.o.o., OIB: 95346564252). Reliable and secure business partners whose services and products are part of the services provided by the POLYCLINIC, especially healthcare services, may also receive your data.

An example of such business partners includes manufacturers of medical devices used by the POLYCLINIC in operational procedures. It is important to highlight that the POLYCLINIC uses services from top-tier and high-end manufacturers of medical and diagnostic devices. Again, your security is always our top priority. It is also possible that we may disclose your data to business partners who provide services on our behalf, such as companies that assist us with billing or send emails on our behalf. These entities are limited in their ability to use your data for purposes beyond providing services to us.

If required by law or an order from an administrative or judicial body, data may be disclosed to the relevant authorities and other parties:

  • To comply with the law or to respond to mandatory legal procedures (such as a search warrant or other court order);
  • To verify or achieve compliance with the rules governing our services;
  • To protect the rights, property, or safety of users, clients, and the POLYCLINIC itself.

In some cases, the POLYCLINIC may transfer personal data to countries outside the European Union and the European Economic Area, which may have different and possibly lower standards of data protection than those required in the Republic of Croatia. In such cases, the POLYCLINIC will take appropriate protective measures (e.g., using EU standard contractual clauses for the transfer of personal data to third countries) to ensure that your personal data is adequately protected in accordance with applicable data protection rules.

For transfers that go beyond the legitimate interests of the POLYCLINIC and which, by their nature, do not fall under regular transfers and are not necessary for the POLYCLINIC to ensure security and a high level of service provision, your consent will be requested.

The POLYCLINIC regularly updates and improves its system for collecting and processing personal data in order to ensure compliance with legal regulations and, of course, your security. In doing so, reasonable physical and technical data protection measures are employed, and efforts are made to monitor technological advancements and the guidelines from the authorities responsible for personal data, both at the national level (Croatia) and at the EU level.

However, the POLYCLINIC must highlight that due to the rapid development of technology, every user of the internet system must be aware that no system is completely secure, and it is objectively impossible to foresee all risks that may arise on the internet. The POLYCLINIC is particularly unable to influence the shortcomings of services provided by third parties that are necessary for the existence of this website. Unauthorized attacks on this website are always possible, and the POLYCLINIC reasonably strives to minimize all risks that may arise.

In any case, the POLYCLINIC will continue its efforts to make its personal data protection system as secure as possible.

3. Statement on Online Payment Security

When making payments on our online store, you use CorvusPay – an advanced system for secure acceptance of payment cards over the internet.

The payment data entry form is secured with an SSL transport encryption of the highest reliability. All stored data is further protected with encryption, using a cryptographic device certified according to the FIPS 140-2 Level 3 standard. CorvusPay meets all security requirements related to online payments prescribed by leading card brands and operates in compliance with the PCI DSS Level 1 standard – the highest security standard in the payment card industry. When paying with cards enrolled in the 3-D Secure program, your bank, in addition to the card’s validity, will further confirm your identity using a token or password.

Corvus Info treats all collected information as bank secrets and handles it accordingly. The information is used exclusively for the purposes for which it was intended. Your sensitive data is fully secure, and its privacy is guaranteed by the most modern protective mechanisms. Only the necessary data required to perform the task in accordance with the prescribed online payment procedures are collected.

Security controls and operational procedures applied to our infrastructure ensure the immediate reliability of the CorvusPay system. Additionally, by maintaining strict access controls, regularly monitoring security, conducting in-depth checks to prevent network vulnerabilities, and systematically implementing information security provisions, CorvusPay continuously maintains and improves the security level of the system, protecting your card data.

Thank you for using CorvusPay!

Data Protection Method

The entry and transmission of personal data and credit card details are protected by the highest security standards, ensured by the CorvusPay™ system for online credit card authorization, in compliance with card issuer requirements, card brand standards, and the PCI DSS standard. Authorization and Payment of Credit Cards are carried out using the CorvusPay™ system for real-time authorization and card payment processing.

Statement on the Protection, Collection, and Use of Personal Data

The POLIKLINIKA is committed to protecting the personal data of customers by collecting only the necessary and basic information about customers/users required to fulfill our obligations; informing customers about how the collected data is used, and regularly giving customers the opportunity to choose whether they want to have their name removed from the lists used for marketing campaigns. All customer data is strictly protected and is only accessible to employees who require it to perform their job duties. All employees and business partners are responsible for respecting the principles of privacy protection.

To protect the personal data of the subjects, POLIKLINIKA takes appropriate protective measures in accordance with applicable privacy and personal data protection regulations.

This also includes the requirement for service providers of POLIKLINIKA to implement appropriate measures to protect the confidentiality and security of personal data.

In its operations, POLIKLINIKA has implemented technical, physical, and organizational measures to protect personal data from accidental or unlawful destruction, accidental loss, damage, alteration, unauthorized disclosure or access, and from all other forms of unlawful or excessive processing.

4. Other

If, despite the content of this Privacy Statement and Personal Data Protection, some things are still unclear, or if you feel that certain details have not been sufficiently explained, please feel free to contact our Data Protection Officer with any reasonable inquiries. They will, to the best of their objective abilities, attempt to respond to all reasonable inquiries and, in cooperation with our technical services, always strive to provide you with all reasonably available information to ensure your awareness.

In accordance with applicable laws, we are obliged to inform you that you have the right to file a complaint regarding the processing of your personal data, both to POLIKLINIKA and to the Personal Data Protection Agency. Upon your request, POLIKLINIKA will provide you with information on how your personal data is processed. If personal data is inaccurate, you may request it to be corrected. In such cases, and in other cases foreseen by applicable regulations, you can request a limitation on processing. Also, you have the right to request the transfer of your data to another data controller.

All Your inquiries will be examined by our Data Protection Officer, who will, if possible, respond within 30 days, provided the legal basis of your request is valid. The timing of the response depends on the nature of your inquiry and, in general, on the volume and nature of other potential inquiries. In case of unreasonable, excessively detailed, frequently repeated, or otherwise unjustifiably burdensome requests, POLIKLINIKA reserves the right to charge a reasonable fee for responding to your inquiry. In exceptional cases, POLIKLINIKA will refuse to respond to your inquiry.

The DPO of POLIKLINIKA is:
Irena Bosanac
Phone: 01/5005-970
Mail: dpo@futuramedical.hr

Contact us with confidence

Request your appointment for a consultation, treatment or procedure by phone +385 1 5005 970 or send an inquiry.
Our staff will contact you within 24 hours by phone or email and offer you the appointment that best suits you.

Contact us