Huisartsen Spoedpost Shoko

Life threatening situation? Always call 112

Loading

Loading

Life threatening situation? Always call 112
Home » Privacy

Privacy Statement

This privacy statement was last amended on 19-02-2026.

This is the privacy statement that applies to everyone who uses the website and the care and services of the Huisartsenpost Veldhoven: Samenwerkende Huisarts Organisatie Kempen en Omstreken, coöperatief U.A. verder SHoKo. SHoKo is located at De Run 4600, 5504 DB in Veldhoven. We can be reached via telephone no. 040 266 05 66 or by mail: secretariaat@shoko.nl.

SHoKo is responsible for the processing of personal data as shown in this privacy statement.  

General  

In order to provide good medical care, we record your contact details and medical data. We do this in line with the Medical Treatment Agreement Act (WGBO) and the General Data Protection Regulation (GDPR). This means that we only use your data for the provision of medical care and the associated administration and that we protect your data against infringement by third parties.  

Below is an overview of the personal data we process: 

  • Name, address and place of residence (name and address) details  
  • Gender  
  • Date of birth  
  • Phone number  
  • Citizen service number (BSN)  
  • Insurance details  
  • Your GP  
  • Medical data  
  • Other personal data that you actively provide in correspondence and/or telephone contact. We also receive data from other healthcare providers, possibly including your own GP, with whom we work in the context of your treatment. 

What SHoKo processes your personal data for

We only process your personal data when this is necessary for good and safe care. We use your data for:

Providing emergency care
To assess your health situation, provide appropriate treatment and share relevant information with your own GP or other healthcare providers involved.

Administration and invoicing
To record your care request and to handle the claim with your health insurer.

Quality improvement and internal evaluation
To monitor and improve the quality and safety of our care.

Supporting scientific research, education and quality projects
Only in anonymized form, so that data cannot be traced back to you.

Comply with legal obligations
Such as keeping a medical file and other obligations under healthcare legislation.

Bases for processing your data

We only process your personal data when this is permitted by privacy legislation. This is done on the basis of:

Execution of the treatment agreement
We need your data to be able to assess and treat you medically (WGBO).

Legal obligations
For example, keeping a medical file or passing on certain data to other healthcare providers when required by law.

Vital importance
In emergency situations, we may process data if this is necessary to prevent serious harm to your health.

Legitimate interest
For internal quality control and safety purposes. We guarantee that your privacy remains protected as much as possible.

Consent (only in exceptional cases)
Only when data is used for purposes other than those mentioned above, we explicitly ask for your permission. You can revoke this consent at any time.
We do not ask permission for regular care, because the care already has a legal basis.

Confidentiality

All general practitioners and employees within SHoKo are bound by a duty of confidentiality and handle your data with the utmost care. Processing of personal data provided is done in accordance with the requirements set by the General Data Protection Regulation (GDPR).  

Do you object to the use of your data to support scientific research, education and/or quality improvement? If so, you can indicate this via secretariaat@shoko.nl

We exchange data with other healthcare providers, such as general practitioners, pharmacies, hospitals, physiotherapists, etc. We do this through secure systems and only when necessary. Our staff and GPs only consult your data if this is necessary for the performance of their tasks.  

We ask for your permission before we make your medication data available to hospitals and pharmacies via the national LSP.  

We have engaged an ICT supplier for the maintenance and management of our information provision. We have carefully selected this supplier and made clear agreements with them about confidentiality and security. If, despite our measures, third parties gain unauthorised access to your data, we will report this to the Dutch Data Protection Authority. 

Contact details of the data protection officer

Mrs. E. de Waal takes care of the role of Data Protection Officer through the Privacy Care Foundation. 

Contact details:  

Address: Kerkenbos 1001, 6546BB Nijmegen 

Phone: 0800 – 1090  

Mail: info@privacyzorg.nl  

Web: www.privacyzorg.nl 

Automated decision-making  

SHoKo does not make decisions about matters that may have (significant) consequences for individuals on the basis of automated processing. These are decisions that are made by computer programs or systems, without the involvement of an employee of SHoKo.  

Retention periods  

SHoKo does not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected. We apply the following retention periods for the following (categories of) personal data, based on the closing date of the report. 

Category Retention period Reason 
Medical file 20 years Legal obligation   
Recordings of telephone conversations (not part of the medical file) 1 year Quality Purposes 
Camera images of the waiting room 3 months Quality Purposes 
Calamities  5 years Quality Purposes 
Incidents 5 years Quality Purposes 
Complaints 5 years Quality Purposes 
Claims 5 years Legal obligation 

Sharing personal data with third parties  

SHoKo shares your personal data with third parties if this is necessary for the execution of the agreement, and to comply with any legal obligation. We enter into a processing agreement with companies that process your data on our behalf to ensure the same level of security and confidentiality of your data. SHoKo remains responsible for this processing. When your data is provided to third parties (other than necessary for the execution of the agreement), your explicit permission is requested. Calamity reports are only shared with IGJ, not with patients or third parties.  

Your rights 

At SHoKo, we care about your privacy. According to the General Data Protection Regulation (GDPR), you as a patient have the following rights:

  • Access: You may view your personal data.
  • Correction: Incorrect data corrected.
  • Deletion: Have your data deleted (in certain cases).
  • Restriction: Restrict the processing of data.
  • Transfer: Requesting your data to take to another healthcare provider.
  • Objection: Object to the processing of your data.

You can submit a request for inspection, correction, deletion, restriction, transfer or objection to the processing of your personal data via the form Request for Inspection, Correction or Destruction of Personal Data.  This form can be requested from the secretariat and after completion it can be emailed to the secretariat via email address: secretariaat@shoko.nl.

Your interests can also be represented by a representative (such as a written representative, or your curator or mentor). We will respond to your request within four weeks of receiving the form.  

To ensure that the request has been submitted by you, we ask you to send a copy of your proof of identity with the request. In this copy, black out your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN). This is to protect your privacy. If you want to identify yourself personally, you can make an appointment with the secretariat.  

It may not be possible to (fully) comply with a request, for example if your access leads to an invasion of the privacy of others or if deletion of data results in you not being able to provide proper care.  

SHoKo would also like to point out that you have the option of submitting a complaint about the way in which your data has been handled to the national supervisory authority, the Dutch Data Protection Authority. You can do so via the following link: Dutch Data Protection Authority

Self-triage service “Do I Need to Go to the Doctor”

SHoKo uses the self-triage service “Do I Have to Go to the Doctor” (hereinafter: App). When using the App, you enter certain personal data and leave certain personal data behind. Because it concerns privacy-sensitive data, we think it is important that it is handled with care.

When using the App, you enter personal data about yourself or about someone else for whom you use the App and a conclusion is given. The personal data that we process from you through this service are:

  • Gender
  • Date of birth
  • Outcome of each triage (urgency)

Not in all cases is the data you enter personal data. An example of this is the fact that the App creates a UID (Unique Identifier for the device used). Nevertheless, we want to inform you clearly about what we do with your data. The information entered is primarily necessary to be able to answer the question ‘do I need to go to the doctor?’. Your gender and date of birth will be processed anonymously by the back-end of the App for the purpose of analyzing the use of the App. This can then ensure that the App works even better in the future and we can generate anonymous statistics. Your IP address is processed anonymously by the web server into a session number, so your personal data cannot be traced.

Scientific research
After you have received advice from the App, you may be asked for your help to improve the App. You will be asked a maximum of 4 questions and you will then be asked if you would like to participate in a study at Radboudumc. The aim of this research is to gain insight into what patients do with the advice of the App. If you participate, you will receive an e-mail from Radboudumc after a week with a link to a short online questionnaire (maximum 4 questions). In order to participate, you must write down your e-mail address and agree to the processing of your data. Your e-mail address and your answers will be processed anonymously according to the GDPR and will only be used for this research.

In addition, “Do I have to go to the doctor?” conducts scientific research in collaboration with various general practitioners. This means that “Do I need to go to the doctor?”, in collaboration with general practitioner emergency stations, monitors and improves the effect of self-triage, the security and performance of the App. The data used by the General Practitioner for this purpose cannot be traced back to an individual person, namely: patient ID, time stamp of the start of telephone triage, age in years, gender, NTS entry complaint, urgency, triage duration and the call result. A link will be made on the basis of this telephone triage data and on the basis of the self-triage data. Based on the self-triage advice and the call result of the telephone triage, researchers from Radboudumc can determine the effect, safety and performance of the App for the General Practitioner.

Your location is only stored on the device you use to use the website and if you use the link with a map application (such as Google Maps) to get directions directly to your GP. This data is not stored by us, but by the supplier of the map application. We encourage you to read the relevant privacy statement.

Please note

If you have any questions about the outcome of the App’s self-triage or whether you need to see a doctor, you should contact your GP or the General Practitioner. You can therefore only report incorrect or incomplete data via the contact form and you can also ask for technical support. If you provide feedback about the App, you are not supposed to include any medical data relating to yourself.

Feedback

We invite you to leave feedback for us. When you accept this invitation, we will use your feedback, in combination with your gender and date of birth, to improve our services. We will keep your feedback for up to two years after you submit it.

Providing information to others

The personal data you enter into the App will not be shared with third parties for commercial purposes. Furthermore, SHoKo may engage third parties in the context of the performance of its services. For example, the App is developed and hosted by a third party. Third parties are processors of SHoKo. SHoKo makes agreements with processors to ensure that the personal data is adequately protected by these parties. SHoKo will not provide your personal data to a third party that has not been engaged by SHoKo to enable the intended use by the user, unless SHoKo is obliged to do so on the basis of the law, you have given your permission for this or SHoKo has a legitimate interest in doing so. In the event of a suspicion of misuse of our website and App, we may hand over personal data to the legally competent authorities.

Security of personal data
We take appropriate security measures to limit misuse of and unauthorized access to your personal data. In this way, we ensure that only the necessary persons have access to your data, that access to the data is protected and that our security measures are regularly checked.

Cookies

SHoKo uses functional, analytical and tracking cookies. For more information about this , see Cookies.

Adjusting privacy statement.  

We reserve the right to amend this privacy statement. Changes will be published via this website. It is recommended that you consult this privacy statement regularly so that you are aware of these changes.