Get a free quote

Privacy Policy

Last updated: 27 February 2026

This Privacy Policy explains how TreatmentInEurope.com (“we”, “our”, or “us”) collects, uses, and protects your personal data when you visit our website, use our services, or submit a treatment inquiry form.

TreatmentInEurope.com is operated by SIA LuminaTech a company registered in Latvia, registration number 40203592273, with its registered office at Darzauglu Street 1-621, Riga, Latvia (“TreatmentInEurope” or “Company”).

For the purposes of the EU General Data Protection Regulation (GDPR), TreatmentInEurope acts as an independent data controller in relation to the personal and health data collected through this website and inquiry forms.

We are committed to protecting your privacy and ensuring compliance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our website or submitting a contact form, you agree to this Privacy Policy. If you do not agree, please do not use our services.

1. Interpretation and Definitions

Personal Data means any information relating to an identified or identifiable natural person.

Health Data / Special Category Data means information about your physical or mental health (e.g. height, weight, medical history, previous procedures).

Usage Data means automatically collected information generated through website usage, such as IP address, browser type, or pages visited.

You / User means the person accessing or using the website or submitting a form.

2. Types of Data Collected

2.1 Personal Data

When you contact us or submit a treatment inquiry form, we may collect the following personal data:

  • First name and last name
  • Email address
  • Phone number
  • Country or city of residence
  • Age or date of birth
  • General comments or information you voluntarily provide
  • Place of departure
  • Planned timeframe

2.2 Health / Medical Data (Special Category Data)

To help assess treatment suitability and provide accurate quotations, we may also collect limited medical information, such as:

  • Height
  • Weight
  • Previous medical procedures or treatments
  • General health information you choose to provide (e.g., pre-existing conditions)

This information is considered special category data under GDPR and is processed only with your explicit consent (see Section 4).

2.3 Usage Data

We automatically collect certain data when you browse our website, such as:

  • Internet Protocol (IP) address
  • Browser type and version
  • Pages visited and time spent
  • Device identifiers and referring URLs

This information helps us analyze website performance and improve user experience.

3. How We Use Your Data

We process your data to:

  • Provide and improve our services
  • Assess treatment suitability and prepare personalized quotations
  • Connect you with relevant partner clinics and medical providers
  • Communicate with you about your inquiry or treatment options
  • Maintain our internal records, analytics, and quality control
  • Comply with applicable laws and protect our rights

We do not sell your data or use your medical data for third-party marketing purposes.

TreatmentInEurope determines the purposes and means of the initial collection and transmission of your data to partner clinics and/ or its representatives. Once your data is shared with selected partners, these partners (clinics or their representatives) process your data independently in accordance with its own privacy policy and legal obligations.

4. Legal Basis for Processing

We rely on lawful bases for processing personal data under Articles 6 and 9 of the GDPR.

4.1 General Personal Data

We process general personal data on the following legal bases:

  • Article 6(1)(b) GDPR – processing necessary to take steps at your request prior to entering into a contract (e.g., responding to your inquiry and facilitating potential treatment arrangements);
  • Article 6(1)(a) GDPR – consent, where applicable;
  • Article 6(1)(c) GDPR – compliance with legal obligations;
  • Article 6(1)(f) GDPR – legitimate interests, such as improving our services, provided your fundamental rights do not override such interests.

4.2 Special Category (Health) Data

Under Article 9(2)(a) GDPR, we process your health data only on the basis of your explicit consent.

When submitting a treatment inquiry form, you are required to check a dedicated consent box stating:

I agree to the Privacy Policy and consent to TreatmentInEurope.com processing my personal and health-related information (such as weight, height, or previous procedures) for the purpose of assessing treatment options and responding to my inquiry. I understand I may be contacted by phone or email.”

You can withdraw your consent at any time by emailing info@treatmentineurope.com. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

We maintain records of consent provided by users, including timestamp and version of the Privacy Policy in force at the time of submission, in order to demonstrate compliance with Article 7 GDPR.

5. Data Sharing and Disclosure

We may share your personal and medical data with:

Partner Clinics, Their Representatives and Medical Service Providers

To assess your inquiry and prepare quotations.

Partner clinics, their representatives and medical service providers act as independent data controllers once they receive your personal and health data. They process your data under their own privacy policies and are independently responsible for their compliance with applicable data protection laws. We encourage you to review the privacy policy of any clinic you engage with.

Service Providers / Processors

Such as CRM, hosting, email, and analytics platforms. These providers act as data processors on our behalf and are bound by Data Processing Agreements in accordance with Article 28 GDPR.

Affiliates and Business Partners

Only where relevant and under appropriate data-protection safeguards.

Public Authorities

When legally required (e.g., to comply with court orders or regulatory obligations).

All third parties receiving personal or medical data are required to use it solely for the stated purpose and to apply appropriate data protection and security measures.

6. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Transfers to countries recognized by the European Commission as providing adequate protection;
  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • Other lawful transfer mechanisms under GDPR.

7. Data Retention

We retain your personal and health data only as long as necessary for the purposes stated in this policy or as required by law.

Typical retention periods:

  • Lead / inquiry data: up to 12 months after last contact, unless you request earlier deletion.
  • Converted patients: retained as long as necessary for service delivery, contractual obligations, or legal compliance.
  • Usage data: retained for analytical or security purposes for a limited time.

After the retention period, data will be securely deleted or anonymized.

8. Data Security

We use appropriate technical and organizational measures to protect your data, including:

  • Encrypted data transmission (HTTPS / TLS)
  • Secure databases and restricted access
  • Data Processing Agreements with third-party providers
  • Regular backups and security audits

Access to health data is limited to authorized personnel who require access for the performance of their duties.

While we take reasonable precautions, no system is completely secure, and we cannot guarantee absolute protection against unauthorized access.

9. Your Data Protection Rights

Under the GDPR, you have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your national Data Protection Authority

To exercise any of these rights, please contact info@treatmentineurope.com.

We will respond to your request within one month as required by Article 12 GDPR.

10. Children’s Privacy

Our website and services are intended for adults aged 16 or older. We do not knowingly collect personal or medical data from children. If you believe a child has provided us such data, please contact us and we will delete it promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be published on this page with a new “Last updated” date.

In case of significant changes - especially concerning the processing of health data - we may seek renewed consent where required.

12. Contact Information

If you have any questions, requests, or complaints regarding this Privacy Policy or how we process your personal data, please contact us at: info@treatmentineurope.com

Treatment in europe logo horizontal
Your trusted partner for affordable, high-quality medical care in Europe.
About
Contact UsAffiliate programBlogHow It Works
Services
Medical tourism ClinicsMedical ProceduresMedical Travel PackagePrice comparison in EuropeOnline Medical Consultations
Legal
Terms and ConditionsPrivacy PolicyCookie PolicyMedical disclaimer
Medical Procedures
OrthopedicsWeight-lossFertility treatmentAesthetic and plastic surgeryDental procedures
Clinics
Polish clinicsLithuanian clinicsEstonian clinicsLatvian clinics
© 2026 SIA "LuminaTech". Treatment In Europe. All rights reserved.
A Facbook iconAn Instagram iconA TikTok icon