kundtjanst@myclinic.nu 08 - 522 749 99
Contact us Inspiration Health Declaration
Book/Cancel

My Clinics Privacy Policy

We at My Clinic Sweden AB (org.nr 559309-3650, with address Vegagatan 8, 113 29 Stockholm) (hereinafter referred to as “My Clinic”, “us”, “our” or “we”) process your personal data when you visit our website, when you book a visit to My Clinic, when you then become a patient at My Clinic and also for a period of time after your time as a patient with us has ended. We also process your personal data if you are our contact person at one of My Clinic’s suppliers or partners. My Clinic cares about your privacy and wants you to feel safe in using our services. With this privacy policy, we want to inform you about how we process your personal data and how we ensure that the personal data processing we carry out is done responsibly and in accordance with the law, including the General Data Protection Regulation (“GDPR”). The policy also describes what rights you have and how you can exercise these.

Our website (hereinafter referred to as “https://www.myclinic.nu/”) collects and processes personal data in accordance with the EU General Data Protection Regulation (GDPR).

Cookie policy

Our website uses cookies to improve your user experience. Our policy on cookies is described below.

What are cookies?

Cookies are small data files that are stored on your computer or mobile device when you visit a website. They are used to store information about your settings, preferences and activities on the website.

What cookies do we use?

We use both first-party cookies (which we place on our website ourselves) and third-party cookies (which are placed by third-party providers).

First-party cookies

We use first-party cookies to store information about your session, including your preferences and settings. These cookies are also used to improve the performance and security of our website.

Third party cookies

We also use third-party cookies from various providers, including Google Analytics, to collect information about how visitors use our website. This information helps us to improve the functionality and user experience of the website.

How can you manage cookies?

You can choose to accept or reject cookies by adjusting the settings in your browser. Please note that some features of our website may not function properly if you block cookies.

We hope this policy has explained how we use cookies on our website. If you have any questions or comments, please

What does it mean to process personal data?

To ‘process personal data’ means to handle any type of information that can be directly or indirectly linked to a person. This can include names, social security numbers, addresses, images, e-mail addresses and IP addresses. Even information that cannot in itself identify a person can be counted as personal data if it can be linked to that person in combination with other data.

Purpose of the treatment

When you book a treatment and/or consultation with My Clinic, we collect personal data such as your name, social security number, telephone number, e-mail address, and in some cases images of the area to which the treatment relates. We may also process other information that you choose to provide in connection with the booking, such as details of the specific treatment or personal data in messages you send to us.

We collect this personal data in order to verify your identity, to provide you with the best possible treatment and/or consultation, and to send you booking confirmations and reminders for your scheduled treatments and/or consultations. We only process the personal data necessary to provide our services, and we only ask for information relevant to the specific treatment or consultation.

Legal basis for processing

We process personal data on the basis of your consent, which you can give and withdraw at any time. We may also process personal data to fulfill our contractual responsibilities towards you.

Security of personal data

We take appropriate technical and organizational measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized access or disclosure.

Your rights

You have the right to access, rectify or erase your personal data. You also have the right to restrict the processing of your personal data and to object to the processing of personal data for direct marketing purposes.

Customer support and contacting us

When you contact us at My Clinic for support or questions, we process your name, social security number, e-mail address, your relationship with My Clinic (potential/current/former customer), previous messages and notes about your case, information about the specific treatment/purchase/order and other information you provide to us that may be relevant to your case (e.g. pictures of treatment performed). We process this information in order to provide you with the best possible assistance and to ensure that we have the correct personal data related to the treatment or purchase in question. We process your personal data in accordance with the GDPR to protect your privacy and security.

My Clinic has legal obligations

My Clinic has legal obligations to comply with and therefore we process your personal data such as your name, social security number, contact details, payment history/information, as well as information about your purchases and customer service matters. This data is used to ensure that we comply with the requirements of laws such as the Accounting Act, the Money Laundering Act, patient responsibility and patient safety.

Usually, My Clinic collects the above information directly from you. However, sometimes we may need to obtain your address information from public records or credit information from credit reference agencies and banks. We may also use information from third party websites such as Qliro, FileZilla, Constant Contact, Merdiq, Zapier, WP Forms, Bokadirekt, Mail, One.com, Google, Facebook and Instagram where some information is stored.

What are the legal bases for processing personal data?

We always process your personal data in accordance with applicable law, including the GDPR.

When we process your personal data in order to process your booking or purchase, we do so in order to fulfill our obligations under the purchase agreement between you and My Clinic. If we cannot process this data, the booking or purchase cannot be completed.

When we process your personal data in order to provide customer service and assistance, inform you about news and offers, improve and develop our website, and contact you in your role as a contact person at a supplier or partner, we do so on the basis of our legitimate interest. We have taken into account and weighed your privacy interests in relation to our interest and purpose of processing personal data. Taking into account both positive and negative effects, we have concluded that our interest is legitimate.

When we process your personal data to comply with legal obligations, we do so in order for My Clinic to fulfill an obligation under law or government decision.

When we process data about your health to ensure that treatments are carried out in a patient-safe manner, or when we process images of you for marketing or educational purposes, we need your consent to process such data. This consent is given at the time of your treatment or consultation. You have the right to withdraw your consent at any time, which means that your processing by us must cease.

If we are going to process your personal data for any purpose other than those mentioned above, we will inform you of this.

What are my rights?

You have the right, in accordance with applicable data protection law, to request access to the personal data processed about you at any time. You also have the right to request the rectification or erasure of your personal data, to restrict the processing of your personal data, to exercise your right to data portability and to object to the processing of your personal data.

You also have the right to lodge a complaint at any time with the Data Protection Authority, the applicable supervisory authority, if you consider that your personal data is being processed in breach of applicable data protection law.

Who is responsible for the processing of personal data at My Clinic?

My Clinic Sweden AB, corporate identity number 559309-3650, is the data controller for the processing of your personal data.

Please note that our payment solution providers, such as Qliro, are responsible for the processing of personal data they perform in connection with purchases via our www.bokadirekt.se.

How do I contact My Clinic with questions about my personal data under the GDPR?

The data controller for processing your personal data is My Clinic Sweden AB. If you have any questions regarding how we process your personal data, please contact us via the following contact details:

My Clinic Sweden AB
Vegagatan 8, 113 29 Stockholm
privacy@myclinic.nu
08-522 749 99

Please note that when you contact My Clinic, you will need to provide sufficient information for them to verify your identity and process your request.

What personal data is collected and why?

If you are a prospective, current or former patient of ours at My Clinic

As a prospective, current or former patient of My Clinic, we mainly collect the personal data necessary for us to provide our services to you. This means that we need to process your personal data in order to provide you with good and safe care. If you do not want us to process your personal data, we cannot offer you our services.

During treatment and/or consultation at My Clinic

At My Clinic, we process your personal data in accordance with the GDPR. We collect and process your name, social security number, telephone number, e-mail, information about the specific treatment, any images you provided before the visit, your wishes with the treatment, as well as information about your health to the extent necessary to be able to perform the relevant treatment in a medically safe manner. This may include previous treatments, allergies and underlying diseases, as well as images of the area to be treated before and after the treatment.

The purpose of collecting this personal data is to be able to offer our treatments and services in a patient-safe manner. We also process the data to send reminders and booking confirmations and to document your treatment history at our clinic.

We may also use the images we take before and after processing for marketing and educational purposes if you give your explicit and specific consent. Consent is voluntary and is obtained at the time of processing. We treat your personal data with the utmost confidentiality and in accordance with applicable law.

Sharing of personal data

We share personal data with our partners, including service providers who help administer the website, app and our services. We also share personal data with Qliro, Constant Contact, Merdiq, Zapier, WP Forms, Bokadirekt, Mail, One.com, Google, Facebook and Instagram to serve ads relevant to your interests. We also share personal data with Merdiq to enable medical history forms. Our economists have access to personal data collected by Qliro to retrieve reports on turnover.

Our employees have access to personal data, including customer data and medical records, in order to perform their duties.

When buying and ordering a treatment at My Clinic

You can choose between different payment methods, such as Qliro, Swish, Gift card via TruePos/Bokadirekt or Medical Finans. When you make a purchase or order, we process your personal data such as name, social security number, address, telephone number, e-mail, payment history, credit information and information about the specific purchase or order. We process your personal data in order to provide the chosen treatment and to process the payment.

Processing of personal data on the My Clinic website and other systems

When you visit our website, we process personal data about you, such as your age, gender, location, click and visit history, technical data from the devices you use (e.g. IP address, operating system, language, browser settings) and information about your location when you visit our website, how long you visit different parts of the website and whether you have encountered technical problems. This information is used to improve our website and our product range, and to understand how we can tailor your experience when you visit our website.

We also use third-party websites such as FileZilla, Qliro, Constant Contact, Zapier, WP Forms, Bokadirekt, Mail, One.com, Qliro and Bokadirekt for processing payments, marketing and bookings. These websites process personal data such as your name, social security number, address, telephone number, e-mail, payment history, credit information and information about specific purchases and orders. We also use systems such as Merdiq for record keeping, where personal data such as your name, social security number, telephone number, email and information about specific treatments and consultations are stored.

We may also use personal information you provide on our website, such as email address, to send you information about our products and services via email. In addition, we may use information collected from our website and other systems, such as your contacts on Mail, Google, Facebook and Instagram, to personalize marketing and communications to you. We process personal data in accordance with applicable data protection laws and you can request that we delete your personal data from our systems at any time.

How long does My Clinic store my personal data?

If you are a prospective, current or former patient of My Clinic, the data collected about you will be stored for as long as necessary, e.g. until payment and treatment have been completed or for as long as you are a patient of My Clinic. All personal data is stored for up to 24 months after it has been collected to ensure that sufficient time has elapsed between treatments, to facilitate new treatments and to follow up certain cases. Data processed on the basis of your consent will be kept for as long as it is stated in the consent. Please note that some data must be stored for a longer period if required by law, such as the Patient Data Act. No information about you will be stored for longer than is necessary or in a way that is not compatible with the law.

If you are My Clinic’s contact person at a supplier or partner, My Clinic will process your data for as long as you are their contact person at their supplier or partner. They also save e-mails and other information from you that may contain personal data for as long as it is necessary to secure evidence of agreements entered into and/or contracts between your employer and My Clinic.

In order for us to provide you with our services, it will in some cases be necessary for us to share your personal data with other companies. Companies that process your personal data on our behalf and according to our instructions are called data processors. The processor will always enter into a processor agreement with us to ensure that a high level of protection is maintained for your personal data.

We use processors to process your payment (payment service providers and banks), to market our services (media agencies, advertising agencies, etc.) and for our IT services (operation and technical support of the website, medical record systems and other IT systems).

We may also disclose personal data to authorities if we are required to provide such information by law or government decision.

Your health data processed on the basis of your consent will never be shared with third parties other than as stated in the consent.

My Clinic strives to process your personal data only within the EU/EEA. Although our IT systems and servers are located within the EU/EEA, it may happen that your data may need to be shared with a supplier or subcontractor outside the EU/EEA, for example for support of our IT systems. Transfers outside the EU/EEA are protected by Standard Contractual Clauses (SCC) or equivalent safeguards to ensure your data remains protected. If this is the case, we will take the necessary steps to ensure that your data is treated with the same level of protection as in the EU/EEA. If you have any questions about the security measures taken or would like a copy of these, you are welcome to contact us.