I represent a hair implant clinic and I have some questions regarding GDPR.
- Is the GDPR applicable to the clinic if we have EU customers?
- We ask for some information form possible patients details about their health conditions and allergies. Is there any specific conditions to comply with?
- Do we need a DPO?
- Do we need to ask for consent before asking the health data?
- We have a contract with a hotel where we keep the patients after the procedure. We send them the names of the patients to the hotel. Do we need to do something?
- How much would it take to be compliant with GDPR?
Thank you in advance