Privacy Policy

BioEximi OÜ’s Privacy Policy

BioEximi OÜ (BioEximi) processes personal data in accordance with the Estonian Personal Data Protection Act and the European Union General Data Protection Regulation. Based on this, we have developed a privacy policy that governs the collection, use, disclosure, transmission and storage of customer data.

Legal grounds for processing:

BioEximi is a healthcare provider with obligation of confidentiality and the right under Article 11 of the Health Information System Statute and Article 41 of the Health Services Organization Act to process personal data necessary for the provision of health care without the consent of the data subject. The legal basis for the processing of personal data in Bioexim is derived from the following laws, procedures and regulations:

  • the General Data Protection Regulation (GDPR) in the European Union;
  • Personal Data Protection Act;
  • Health Services Organization Act;
  • Law of Obligations Act;
  • Health Insurance Act
  • the conditions and procedures for documentation of the provision of health care services and for the preservation of such documents;
  • Accounting Act;
  • Employment Act;
  • Bioexim Personal Data Processing Procedures.


Precautions are taken to ensure the security of data stored in BioExim information systems to protect information from loss, misuse and alteration. Security and privacy policies will be periodically reviewed and improved as necessary. Only authorized persons have access to your information.

BioEximi’s websites  www.fertilityclinicnordic.comwww.viljakus.eewww.munarakudoonor.ee;  www.next-fertilitynordic.com and www.lapsesoov.ee have the necessary measures to protect the integrity, accuracy and privacy of the personal data collected. Websites use an up-to-date SSL certificate, which allows the use of a private encrypted communication channel (HTTPS) on the public Internet, which provides confidential and complete data transmission. BioEximi does not disclose user information on its websites to third parties.

Protection of personal data:

BioEximi takes all precautionary measures, including administrative, technical and physical measures, to protect the patient’s personal information. Only authorized personnel have access to edit and process data.

We will collect and process your personal information if you:

  • have booked an appointment via (digital) reception, e-mail or phone – identifying information (name, address, phone number, e-mail address, etc.) entered / provided by the user
  • are visiting our site – information about the use of your computer and our site (such as your computer’s IP address, geographical location, browser type and version, operating system, time and duration of your visit, pageviews, and page traffic statistics).
  • would like to have your own medical records issued
  • Send us a request for clarification, e-mail or request for information
  • Give us a suggestion, feedback or a letter of thanks
  • Apply for a job with us
  • The patient has marked you as their contact person


To whom BioEximi discloses your personal information:

  1. by lawful request – eg police, health insurance, health board, insurer in case of insured event, etc.
  2. protect your rights and ensure your security – for example, in cases of suspected fraud.


BioEximi processes the information itself and uses third parties who may process personal data on behalf of and for BioExim (for example, we have outsourced data management services to external servers where the data is stored. The server is protected and maintained by an external service provider).

Depending on the service we provide, we may disclose personal information to third parties only in accordance with applicable laws and regulations.

As a rule, BioExim personal data will not be transferred outside the European Union / European Economic Area. Only in exceptional cases may we transfer personal data outside the EU / EEA area (for example, if a person is interested in exporting gametes or embryos, it is necessary to transfer that person’s data to the receiving clinic).

In cases where such transfer or processing takes place, such transfer will be subject to European Commission Decision 2010/87 / EU on the transfer of Personal Data outside the EU / EEA or be subject to similar legal protection as the EU General Regulation on the protection of personal data (2016/679) approved.

How you can access your personal data:

You have the right to access the data we have collected about you. Applications can be submitted digitally signed to: info@ivfnordic.com

The data is issued on the basis of an identity document or encrypted on the personal identification code.

NB! For the sake of security of your data, telephone data and research / analysis results will not be released.

Personal data shall not be disclosed if it may:

  • undermine the rights and freedoms of others,
  • prevent the prevention of a crime or the capture of a criminal,
  • make it difficult to establish the truth in criminal proceedings,
  • endanger the secrecy of the child’s parentage.


Rights protection and contact details:

If you have any questions regarding the processing of your personal data, please contact our clinic’s Data Protection Officer. BioEximi’s Data Protection Officer is Eerika Eensalu, tel +372 607 0017, e-mail: eerika.eensalu@ivfnordic.com , address: Veerenni 51, 10138 Tallinn, Estonia.


The Controller is BioEximi OÜ, reg code 11767227, address Veerenni 51, 10138, Tallinn, Estonia, e-mail info@ivfnordic.com; phone +372 607 0017


If you find that we have violated your rights with regard to the processing of your personal data, you may contact the BioExim Data Protection Officer or the Data Protection Inspectorate (Tatari 39, Tallinn 10134, e-mail: info@aki.ee).


BioEximi OÜ will do its utmost to protect your personal information, comply with data protection and privacy laws.