Privacy Policy

PRIVACY POLICY & CONSENT TO PERSONAL DATA PROCESSING

(in accordance with the General Data Protection Regulation — GDPR)

1. Who We Are

This website is owned by NEURO-ONCOLOGY INSTITUTE (hereinafter referred to as “we”, “us”, or “the data controller”).

2. What Data We Collect

We may collect the following personal data through the forms on our website:

  • Full name

  • Email address

  • Phone number

  • Messages submitted via contact forms

3. Legal Basis for Processing

We process your personal data based on:

  • Your explicit consent (Art. 6.1(a) GDPR)

  • Performance of a contract or steps taken prior to entering into a contract (Art. 6.1(b))

  • Legitimate interests, such as website functionality and analytics (Art. 6.1(f))

4. How We Use Your Data

We may use your personal data to:

  • Respond to your inquiries

  • Send informational materials (with your consent)

  • Improve website performance and user experience (analytics)

  • Provide technical support

5. Cookies

We use cookies, including analytical cookies, only with your consent. You can manage cookie preferences in your browser settings or through a cookie consent banner.

6. Who May Receive Your Data

Your data may be shared with:

  • CRM systems (for processing inquiries)

  • Analytics services (Google Analytics, Meta Pixel)

  • Technical service providers

All third parties act as data processors under contracts compliant with Article 28 of the GDPR.

7. Data Retention Period

We retain your personal data only for as long as necessary for the purposes described or as required by applicable law. After that, your data is either deleted or anonymized.

8. Your Rights Under the GDPR

You have the right to:

  • Access your personal data

  • Request corrections

  • Request deletion (“right to be forgotten”)

  • Restrict data processing

  • Receive your data in a portable format (data portability)

  • Withdraw your consent at any time

  • File a complaint with the Data Protection Authority in your country

9. Data Transfers Outside the EEA

If your data is transferred outside the European Economic Area (EEA), we ensure an adequate level of protection in accordance with Articles 44–49 of the GDPR, for example by using Standard Contractual Clauses (SCCs).

10. Consent to Data Processing

By submitting your personal data through this website, I confirm my consent to its processing in accordance with this Privacy Policy. I acknowledge that I understand my rights and may withdraw my consent at any time by contacting the data controller.