Privacy Policy – FitPen Clinics B.V.

At FitPen Clinics B.V., we highly value the privacy and protection of your personal data. In this privacy policy, we explain what data we collect, why we collect it, how we use it, and what your rights are. We process all personal data in accordance with the General Data Protection Regulation (GDPR).

1. Who we are

FitPen Clinics B.V.

Healthcare provider specialized in medical weight management and GLP-1 treatments

Chamber of Commerce: 95671196

Email: info@fitpen.com

Website: www.fitpen.com

Data Controller: Ms. C. Waal

2. What personal data do we process?

We process the following data when you become a client of FitPen Clinics:

  • Full name
  • Address information
  • Date of birth
  • Citizen Service Number (BSN, only if legally required for prescriptions)
  • Email address and phone number
  • Medical information such as weight, BMI, medication use, and health history
  • GLP-1-related information and treatment plans
  • Information related to appointments, communications, and prescriptions

3. How do we collect your data?

We collect your data through:

  • Online intake forms (processed via Typeform)
  • Email communication (secured email system)
  • Our electronic medical record system: Promedico ASP by SANDAY
  • Coordination with our partner pharmacy, Thuisapotheek B.V., for prescriptions

4. Why do we process your data?

We process your personal data only for the following purposes:

  • To provide you with medical care
  • To create a tailored treatment plan
  • To prescribe and coordinate medication delivery
  • To meet legal and administrative obligations
  • To communicate with you about appointments and your treatment

We process your data based on:

  • Performance of a treatment agreement (Article 6(1)(b) GDPR)
  • Legal obligations (Article 6(1)(c) GDPR)
  • Explicit consent for processing health data (Article 9(2)(a) GDPR)

5. Do we share your data with third parties?

We only share your data with third parties directly involved in your care, such as:

  • Thuisapotheek B.V. – for medication fulfillment
  • Promedico ASP (SANDAY) – our system for medical records
  • Typeform – for processing online intake questionnaires

These parties act as data processors under contract and only process your data on behalf of FitPen Clinics.

6. How do we secure your data?

We implement appropriate technical and organizational measures to protect your data against loss or unlawful access, including:

  • Encrypted email communication
  • Secured medical record storage
  • Access control to internal systems
  • Regular audits of data protection protocols

7. Your rights under the GDPR

You have the following rights under the GDPR:

  • Access to your personal data
  • Rectification of inaccurate data
  • Erasure (“right to be forgotten”)
  • Restriction of processing
  • Objection to processing
  • Data portability
  • Withdrawal of previously given consent

To exercise your rights, contact us at info@fitpen.com. We will respond within 30 days.

8. Questions or complaints?

If you have questions about this privacy policy or wish to file a complaint about how we handle your data, please contact us via info@fitpen.com. You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at www.autoriteitpersoonsgegevens.nl.

9. Changes to this policy

FitPen Clinics reserves the right to amend this privacy policy as needed. The most current version is always available at www.fitpen.com/privacy.