Privacy Policy
The website beleyurologie.fr is the official website of Dr. Sébastien Beley, a specialist physician registered with the National Council of the Order of Physicians.
What personal data do we collect?
| Situation | Data collected | Main purpose |
|---|---|---|
| Contact form / appointment booking | Name, surname, email, telephone number, reason for request, preferred time slots | Appointment management and responding to requests |
| Comment area (if applicable) | Comment content, IP address, user agent | Spam prevention and security |
| Uploading medical documents | Documents you choose to send (X-rays, reports, etc.) | Creating or updating your medical file |
| Site navigation | Technical cookies and anonymized audience measurement | The site is functioning correctly, and aggregated statistics are available. |
No health data is collected without your explicit action (submitting a secure form or uploading a document).
Legal basis for processing
| Purpose | Legal basis |
|---|---|
| Appointment management, remote monitoring, creation of medical records | Performance of the care relationship (Article 9 §2 h GDPR) |
| Responding to requests via form or email | The firm has a legitimate interest in communicating with its patients. |
| Anonymized audience measurement | Consent (cookie banner) |
Shelf life
| Data | Duration |
|---|---|
| Medical file | 20 years from the date of the last payment (article R1112-7 CSP) |
| Inquiries without medical follow-up | 1 year |
| Technical cookies | 13 months maximum |
| Security logs | 6 months |
Cookies
Strictly necessary cookies: ensure basic functions (session, language).
Audience measurement cookies (Matomo or equivalent configured in GDPR mode, anonymized IP).
You can configure your choices at any time via the “Manage cookies” banner.
Integrated content (videos, maps, etc.)
Content embedded from third-party platforms (YouTube, Doctolib, Google Maps, etc.) behaves as if you were visiting those services directly; therefore, they may place their own cookies and collect data according to their respective policies. You can block this content via your browser or our consent manager.
Where and with whom is your data shared?
| RECIPIENT | Role | Guarantees |
|---|---|---|
| HDS Hosting Provider (OVH) | Secure storage of health data | Certification “Hosting of Health Data” (decree of 22/03/2017) |
| Appointment booking provider (e.g., Doctolib) | Calendar, SMS reminders | GDPR subcontractor, HDS servers |
| Health or judicial authorities | Legal obligations | Transmission restricted to what is strictly necessary |
No transfer outside the European Union is carried out without adequate safeguards (EU standard contractual clauses / adequacy decision).
Your rights
You have the following rights at any time:
-
- Access to your data and its copy,
-
- Correction of inaccurate data,
-
- Deletion (except where legally required to retain),
-
- Limitation or opposition to certain treatments
-
- Portability (medical record in compatible format).
To exercise these rights: contact us or write to the Data Protection Officer (DPO) (contact details below). Proof of identity may be required. You can also lodge a complaint with the CNIL (French Data Protection Authority).
Security
-
- TLS encryption for all HTTPS connections.
-
- HDS certified hosting, daily encrypted backups.
-
- Access to medical records is limited to doctors and authorized personnel, via strong authentication.
-
- Automated traffic analysis (firewall, anti-spam protection, logging).
Data Protection Officer (DPO)
Nanor Beley – direction@urologieparisopera.fr
Policy update
Last updated: June 30, 2025. Any substantial changes will be announced on the website.