Home > 

Privacy Policy


Effective Date: 5/1/2018
Last Updated: 6/2/2026

1. Who We Are

This website is operated by:

XΡΙΣΤΟΦΟΡΟΣ ΣΤΥΛΙΑΝΙΔΗΣ Ι.Ε.Π.Ε
Address: ΑYIA ZONIS 33, LIMASSOL, Cyprus
Phone: 25320245
Email: info@eyestylianides.com

We are an ophthalmology medical practice based in Cyprus and act as a Data Controller under the GDPR.

2. Legal Framework

We process personal data in accordance with:

  • EU General Data Protection Regulation (GDPR) (EU) 2016/679
  • Cyprus Data Protection Law 125(I)/2018
  • Applicable medical confidentiality obligations under Cyprus law

3. Personal Data We Collect

Personal Identification Data

  • Full name
  • Phone number
  • Email address
  • Address
  • Date of birth

Health Data (Special Category Data)

We may collect and store health data necessary to provide medical care, including:

  • Medical history
  • Vision and eye examination results
  • Diagnostic imaging and test results
  • Prescriptions
  • Treatment notes
  • Appointment records

Technical Data (Website Use)

When you visit our website, we may automatically collect:

  • IP address
  • Browser type
  • Device type
  • Pages visited
  • Date and time of visit

4. Legal Basis for Processing

Provision of Healthcare

(GDPR Art. 6(1)(b), 6(1)(c), 9(2)(h))

  • Medical diagnosis
  • Provision of ophthalmology care
  • Healthcare management
  • Compliance with medical record obligations

Legal Obligations

(GDPR Art. 6(1)(c))

  • Medical record retention requirements
  • Tax and accounting requirements

Legitimate Interests

(GDPR Art. 6(1)(f))

  • IT security
  • Fraud prevention
  • Service improvement

Consent

(GDPR Art. 6(1)(a), Art. 9(2)(a) where applicable)

  • Marketing communications
  • Optional contact forms
  • Non-essential cookies

You may withdraw consent at any time.

5. How We Use Personal Data

  • Provide ophthalmology medical care
  • Schedule and manage appointments
  • Maintain medical records
  • Communicate regarding treatment and appointments
  • Process billing and insurance claims (if applicable)
  • Comply with legal and regulatory obligations
  • Improve our website and services

6. Storage of Patient Information

Patient information may be stored securely in:

  • Electronic medical record systems
  • Practice management systems
  • Secure document storage systems

If third-party software providers are used, they act as Data Processors under GDPR and are bound by data processing agreements.

7. Data Sharing

We do not sell personal or medical data.

We may share data with:

  • Healthcare professionals involved in your treatment
  • Diagnostic laboratories
  • Insurance providers (if applicable)
  • IT and software providers supporting our systems
  • Authorities where legally required

All third parties are required to maintain confidentiality and security.

8. International Data Transfers

If data is transferred outside the European Economic Area (EEA), we ensure safeguards such as:

  • EU Standard Contractual Clauses
  • EU adequacy decisions

9. Data Retention

We retain personal data only as long as necessary for:

  • Medical treatment and follow-up
  • Legal and regulatory compliance
  • Medical record retention obligations in Cyprus

10. Your GDPR Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (where legally permitted)
  • Restrict processing
  • Data portability
  • Object to certain processing
  • Withdraw consent

You may also lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus).

11. Cookies

We may use cookies to:

  • Ensure website functionality
  • Analyse website usage (if applicable)
  • Remember preferences

Non-essential cookies are used only with your consent.

12. Data Security

We implement appropriate technical and organisational security measures, including:

  • Secure hosting
  • Encrypted connections (HTTPS)
  • Access controls
  • Staff confidentiality obligations

No system can guarantee absolute security.

13. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

14. Children's Data

We do not knowingly collect personal data directly from children via the website. Medical data relating to minors is handled in accordance with applicable medical and legal requirements.

15. Changes to This Privacy Policy

We may update this policy periodically. Updates will be posted on this page with a revised date.

16. Contact and Data Protection Requests

Email: info@eyestylianides.com
Phone: 25320244
Fax: 25320245
Data Protection Officer: NATALIE HERODOTOU

  • Website Development by Website Bakers