Company logo link back to homepage
Search button
Hamburger menu icon

Personal data policy at Maigaard Fertility Clinic

When you are a patient with us, we process your personal data. In this context, we are obliged to provide you with a number of information, which you will find in this personal data policy.

Who are we?

Maigaard Fertilitetsklinik A/S, CVR-no. 41495936, and Bay Gynækologisk Klinik v/Bjørn Bay, CVR-no. 40915079, are part of a group and in this connection offer different types of treatment. This means that the processing of your personal data is done jointly between Maigaard Fertilitetsklinik and Bay Gynækologisk Klinik and that Bay Gynækologisk Klinik are joint data controllers for the processing of your personal data.

You can always contact us if you have any questions about our processing of your personal data. Our contact information is mail@maigaard.dk and/or tel. +45 86 10 13 88

​​What personal information do we collect and why?

When you are a patient with us, we process a variety of personal data about you. Below you can read more about the categories of personal data we may process about you and for what purposes we process them.
We process the following personal data when you are a patient with us:
General personal data , including, for example, name, contact information, address, CPR number, payment information, passport/driving license copy, employment, information about weight, smoking/alcohol habits as well as information about donor sperm, treatment course and results and genetic and biometric data that is not collected for the purpose of identification.
Special categories of personal data (“sensitive personal data”) , including information about racial and ethnic origin and health data.
​We primarily process your personal data for the purpose of providing you with the agreed treatment in the clinic, cf. Article 6(b) of the General Data Protection Regulation and to comply with our legal obligations, cf. Article 6(c) and Article 9(f) of the General Data Protection Regulation. We process your CPR number to ensure unique identification, to comply with our legal obligations, and when public authorities require disclosure thereof, cf. Section 11(2) of the Danish Data Protection Act.
If our processing of your personal data requires your consent, we will ask you for consent separately in connection with the collection. Such consent can be revoked at any time, which does not affect the lawfulness of our processing until the revocation.
We primarily collect information directly from you or from relevant public authorities after prior agreement with you.
You are not obliged to provide your personal data to us or to give us permission to collect information from public authorities, but if you do not wish to provide certain personal data, this may mean that we cannot provide you with the requested treatment.

​Who do we disclose your personal information to?

We only disclose your personal data when it is necessary for your processing with us, or if it results from a legal obligation incumbent on us as data controller.

In connection with your processing, we may disclose your personal data to the following general categories of recipients and data processors:

  • Operating and software suppliers and other data processors
  • Intra-group companies
  • Public authorities

​The list is not exhaustive. This means that we may disclose your personal information to other recipients.

If we disclose your personal data to recipients who are part of an international organization or established in countries outside the EU/EEA that do not ensure a sufficient basis for the transfer, we will always ensure that there is a sufficient basis for the transfer prior to the transfer to the third country in question, including, for example, by entering into the EU Commission’s standard contracts.

​​How long do we process your personal information?

We process your personal data for as long as it is necessary in relation to the purposes for which your personal data was collected.
​We are subject to a number of legal obligations to retain information that we collect in connection with your treatment, including the Danish Record Keeping Act, according to which we must retain records for 10 years after the end of the treatment.
Depending on the treatment you receive, we may be legally obliged to retain your personal data for up to 30 years after the treatment has ended.

​Safety precautions

We prioritize personal data security very highly and focus on ensuring that we process your personal data in accordance with applicable legislation.
​We continuously assess the risks that may be associated with our processing of your personal data. We are particularly aware of protecting your personal data against discrimination, identity theft, financial loss, loss of reputation and data confidentiality.
​We have adopted internal rules on information security, which contain instructions and measures that protect your personal data from being destroyed, lost/altered and from unauthorized disclosure or accidental access.
To avoid loss of personal data, we regularly back up our systems and use encryption or other security measures where necessary.
Finally, we train our employees in the safe and responsible handling of personal data, and all our employees are bound by confidentiality in every respect.
​In the event of a security breach that poses a high risk to your rights, we will notify you of the security breach as soon as reasonably possible under the circumstances.

​Your rights

When we process your personal data, you have a number of rights towards us.
If you have any questions about our processing of your personal data or wish to exercise these rights against us, you can always contact us as stated above under point 1.

Your rights:

  • Insight . You have the right to gain insight into and a copy of the personal data we process about you.
  • Correction . If we have registered incorrect information about you, you generally have the right to have such incorrect personal information about you corrected.
  • Deletion . In special cases, you have the right to have the personal data we process about you deleted.
  • Restriction of processing . In special cases, you have the right to have the processing of your personal data limited to storage.
  • Objection . In special cases, you have the right to object to our processing of your personal data.
  • Data portability . In special cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transferred from one data controller to another without hindrance.
    You can also read more about your rights in the Danish Data Protection Authority’s guidance at www.datatilsynet.dk .

Complaint to the data authority

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data, but we of course hope that you will contact us first so that we can hopefully find a solution.
You can find the Danish Data Protection Agency’s contact information and complaints instructions at www.datatilsynet.dk .

​Reservation for changes to this policy

We reserve the right to change this privacy policy. The latest version will always be available on our website.