Your next steps
Go to cabinet

A step into the future – we launched the InvitroZen app! 🙌🤳
022 903 999
Online discount 15%
0 My order
0 My order
Selected Services

Total for payment:

0.00 MDL

Notification

Service requires

Add services

  • Home page
  • Privacy Policy for the “InvitroZen” Mobile Application

Privacy Policy for the “InvitroZen” Mobile Application

Privacy Policy for the “InvitroZen” Mobile Application

1. Data Controller

The controller of the personal data processed through the mobile application is:

Invitro Diagnostics SRL
Republic of Moldova, Chișinău, 19/1 Nicolae Testemițanu Street, MD-2025
E-mail: [email protected]
Phone: +373 22 903 999

Invitro Diagnostics SRL acts as a data controller within the meaning of Law No. 133/2011 on Personal Data Protection.

2. Scope

This policy applies to all users of the “InvitroZen” mobile application and regulates the manner of collection, use, storage, protection, and disclosure of personal data processed through the application.

By using the application, the user confirms that they have read this policy.

3. Categories of Data Processed

3.1 Identification and Contact Data

  • First name, last name
  • Phone number
  • Email address
  • Authentication data (login, password)
  • Date of birth

3.2 Medical Service Data

  • Medical test results
  • History of requests and medical appointments
  • Data necessary for issuing invoices or confirming payments
  • Other information provided in the context of medical service provision

3.3 Technical Data Collected Automatically

  • IP address
  • Device type
  • Operating system
  • Unique application identifiers
  • Security logs

3.4 Payment Data

Payments are processed through authorized payment service providers. Invitro Diagnostics does not store full bank card details; such information is processed by banking or payment institutions.

4. Legal Grounds for Processing

Data are processed based on:

  • performance / request of a medical services agreement
  • legal obligations (accounting, tax, medical records)
  • the user’s consent (marketing, notifications)
  • the legitimate interest of the controller (security, fraud prevention)

5. Purposes of Processing

  • creation and administration of the personal account
  • provision of test results
  • appointment scheduling and service management
  • payment processing
  • administrative communications
  • fulfillment of legal obligations
  • ensuring application security

6. Authentication and Security

Access to the application is carried out through login and password.

Data transmission is performed via secure protocols (SSL/TLS).

The controller implements technical and organizational measures to protect data against unauthorized access, loss, or alteration.

7. Confidentiality of Medical Data

Health-related data are accessible exclusively to:

  • the authenticated user
  • authorized medical personnel
  • competent authorities, in cases provided by law

Such data are not used for marketing purposes.

8. Storage Period

Data are retained:

  • for the duration of the commercial relationship for the provision of medical services
  • in accordance with the time limits established by medical and tax legislation (10–15 years for financial and accounting documents)
  • until withdrawal of consent for marketing purposes

9. Data Transfer

Data may be transferred to:

  • IT service providers (based on data processing agreements)
  • payment processors
  • competent public authorities, exclusively upon their lawful request or for the fulfillment of the Controller’s legal obligations

Transfers outside the Republic of Moldova shall be carried out only in compliance with legal requirements regarding adequate data protection and in accordance with national and international legal standards.

10. User Rights

In accordance with Law No. 133/2011 on Personal Data Protection, the user benefits from the following rights:

• Right to information – the right to receive clear information regarding how their personal data are processed.

• Right of access – the right to obtain confirmation as to whether or not data are being processed and access to such data.

• Right to rectification – the right to request correction of inaccurate data or completion of incomplete data.

• Right to erasure – the right to request deletion of data under the conditions provided by law, insofar as there are no legal retention obligations.

• Right to restriction of processing – the right to request limitation of data use in certain situations provided by law.

• Right to object – the right to object to processing based on legitimate interest or for direct marketing purposes.

• Right to data portability – the right to receive the provided data in a structured, commonly used, and machine-readable format.

• Right to lodge a complaint – the right to address the competent personal data protection authority of the Republic of Moldova.

Requests regarding the exercise of rights may be sent to: [email protected].

The Controller will respond within a maximum of 30 days, in accordance with legal provisions.

11. Amendment of the Privacy Policy for the “InvitroZen” Mobile Application

This Privacy Policy is applicable starting from the date of its publication in the “Invitro Diagnostics” mobile application.

Invitro Diagnostics SRL reserves the right to periodically modify or update this policy depending on legislative, technological, or organizational changes.

In case of substantial changes regarding the manner of personal data processing, users will be informed through the application or by other means of communication that allow the sending and receipt of such notifications.

Achită online cu 15% reducere la analize!
call close
Banner
Health in your pocket
Download the mobile app InvitroZen app logo
App store Google play
Background decor image
Call request

Leave your contact details below and we’ll get back to you

Convenient time
-
Call Centre hours:

Monday - Friday

07:00 - 19:00

Saturday

08:00 - 16:00

Sunday

07:30 - 14:00