Privacy Policy

Privacy Policy

This Privacy Policy explains how Diaverum AB (hereinafter: “Diaverum”) collects, uses, and discloses personal data of platform users (hereinafter: “User or Users”) using the d.HOLIDAY platform (hereinafter: the “Platform”). For the purpose of this policy, personal data means any information relating to a natural or legal person, even indirectly, by reference to any other information.

The data controller is Diaverum AB, reg. no. 559140-5344, Hyllie Boulevard 53, SE 215 37 Malmö, Sweden. Phone number: +46 46 287 3000. E-mail: holiday@diaverum.com.

Diaverum has appointed a Data protection officer who can be reached using the above contact information, or by e-mail: SE.DPO@diaverum.com.

Date of last modification: 14 November, 2025.


Collaboration with Bookdialysis.com

On d.HOLIDAY, you can find the Diaverum clinics that offer holiday dialysis. To book and manage bookings, you are directed to Bookdialysis.com where an account must be created.

Bookdialysis.com has a separate privacy policy and you need to consent to Bookdialysis.com’s use of your personal data before you are able to create and manage bookings. Click this link to read bookdialysis.com's privacy policy.

1. COLLECTED INFORMATION

Provided Information

Diaverum collects information the User is sharing via the Platform and when otherwise communicating with Diaverum. The following information provided by the Users is collected:

  • Information provided by the Users to Diaverum by email, phone, while filling in a form, responding to surveys, information from reviews and ratings, participating in promotions.

  • Newsletter Subscriptions: When you sign up for the d.HOLIDAY newsletter you provide only your email address. Diaverum will use the email address only to send you the newsletter, and the email address will not be shared with anyone else. If you no longer want to receive the newsletters, you can unsubscribe by following the instructions included in the newsletters, alternatively you can contact us at holiday@diaverum.com.

Fly Back Programme information 

Applies only to d.HOLIDAY Users eligible for the d.HOLIDAY Fly Back Programme.

When using the Fly Back Programme services you may be required to provide the following personal data: Full name, gender, date of birth, mobile number, e-mail address, travel information (travel origin, destination, hospital address, special needs for travelling), medical certificate, bank details.

The purpose of collecting and further processing the personal data, based on your informed consent, is to facilitating the coordination of travel and treatment within the framework of the Fly Back Programme.

Diaverum AB, as the data controller, has contracted service providers to assist in managing the Fly Back Programme. The service providers are formally contracted by Diaverum AB to handle the personal data in strict compliance with applicable data protection regulations and to adhere to this Privacy Policy:

  • d.VENTURES AB as data processor – providing the call centre function and coordinating the travel arrangements within the programme.

  •   Lingmerths Group AB as separate data controller – a travel agency providing the comprehensive booking service, covering all stages, including planning, booking, ticket issuance, invoicing, and delivery.

The Fly Back Programme call centre will share your personal data with the travel agency in order to arrange the travel.

If the User arranges his/her own travel the following personal data needs to be provide: receipts, invoices, etc. for claims of reimbursement, medical certificate, bank details for reimbursement.

When contacting the Fly Back Programme call centre by phone, the call will be recorded for quality assurance purposes. The recordings are kept for a period of 90 days maximum after which they will be permanently erased.

Read the specific terms and conditions for the Fly back programme here

Automatically Collected Information

Diaverum automatically collects from the Platform the following information about the services and how they are used:

  1. Usage: information about User’s interaction with the Platform - visited pages or other content viewed, searches, reservations, availability checks, bookings and other actions on the Platform;

  2. Location: general information about User’s location;

  3. Log Data: information on when the Platform is used, how it is used, IP address, access times, hardware and software information, device information and similar.

Automatically collected data may be anonymized as soon as technically feasible, after which it may be used for analytical, statistical, or other legitimate purposes. Once anonymized, the data may also be shared with third parties without restriction, as it no longer identifies any individual.

2. COOKIES

When you use our services, Diaverum can collect data about your devices using cookies and other similar technologies. The website may also include cookies and similar technologies from third parties. You can get more information and learn how to manage cookies by reading our cookie policy.

3. PURPOSE OF USE OF COLLECTED INFORMATION

Based on our legitimate interest, Diaverum uses, stores and otherwise processes information about Users in order to create and maintain a safe environment, and in particular to:

  1. detect and prevent fraud, spam, abuse, security incidents and any other harmful activity;

  2. comply with legal obligations;

  3. resolve disputes with any User;

  4. implement Terms and Conditions for Users, and other policies.

Diaverum uses, stores and processes information about Users for advertising and marketing purposes and in particular to:

  1. send to the Users promotional emails/messages, marketing, advertising and other information that may be of interest to the Users based on collected data on their preferences;

  2. personalize, measure and improve advertising;

  3. administer surveys, contests and other promotional activities or events sponsored and managed by Diaverum.

In general, the legal basis for the processing of this personal data is informed consent.

4. PERSONAL DATA STORAGE TIME

We will retain your personal data, including your email address provided for newsletter subscriptions, only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations. If you unsubscribe from our newsletter, we will promptly remove your email address from our mailing list and delete it from our systems, unless we are legally required to retain it for a longer period. For cookies and similar techniques, please refer to the cookie policy. We regularly review our retention periods to ensure compliance with the principle of storage limitation under the GDPR.

5. SHARING & DISCLOSURE

Service Providers

Diaverum uses third party service providers, data processors, to support the Platform. Service providers may:

  1. provide customer service and advertising;

  2. provide technical assistance, support, back-up and management of the Platform.

The third party providers have limited access to User’s information to perform these tasks on Diaverum’s behalf, and are contractually obligated to handle the personal data in strict compliance with applicable data protection regulations and to use it consistent with this Privacy Policy.

Safety and Compliance with Law

In order to comply with the law, Diaverum will cooperate with government and law enforcement officials and private parties. Diaverum will disclose any information about Users to relevant state authorities and courts as it believes necessary or appropriate to respond to claims and legal process, to protect the property and rights of Diaverum or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, an illegal, unethical or legally actionable activity. Diaverum will endeavour to notify Users about these requests, if allowed.

Business Transfers

If Diaverum undertakes or is involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then it may sell, transfer or share some or all of its assets, including Users’ information for the same purpose of providing the services to the Users via the Platform. In the event that the User’s information is transferred and becomes subject to a different privacy policy with potentially different purpose of processing, Diaverum will notify in advance and ask the Users for consent.

Aggregated Data

Diaverum may also share aggregated and anonymized information (information about Users combined together so that it no longer identifies or references an individual User) and non-personally identifiable information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.

6. SECURITY

Diaverum is continuously implementing and updating organizational, technical, and physical security measures to help protect Users’ information against unauthorized access, loss, destruction, or alteration. However, the Internet is not an absolutely secure environment so Diaverum cannot guarantee the security of the transmission or storage of User’s information.

7. CHANGES TO THE POLICY

Diaverum reserves the right to modify this Privacy Policy at any time in accordance with this provision. If Diaverum makes changes to this Privacy Policy, the revised Privacy Policy will be posted on the Platform..

8. YOUR RIGHTS

This is a summary of your rights in relation to your personal data that Diaverum processes:

  • You are entitled to know what Personal Data we are processing regarding you, and you can request a copy of such data.

  • You are entitled to have incorrect Personal Data regarding you corrected, and in some cases you may request that we delete your Personal Data (if, for example, the Personal Data is no longer necessary since the purpose of processing the data has been completed).

  • If you have given your consent to processing of your personal data for an explicit purpose you may always withdraw your consent.

  • You also have the right to object to certain processing of your Personal Data, and request that the processing of your Personal Data be limited.

  • You are entitled to extract your Personal Data in a machine-readable format and to transfer the Personal Data to another controller.

To exercise your rights, please contact Diaverum at holiday@diaverum.com.

9. CONTACT

For any questions or complaints about this Privacy Policy or Diaverum’s information handling practices as data controller of personal data stated here, you may contact Diaverum using the contact information at the top of this document.

10. COMPLAINTS

Your privacy is very important to us and we will always strive to protect and secure your personal information in the best possible way. If, in your opinion, we fail to do so, you have the right to file a complaint with the Data Protection Authority of your choice, e.g. one of the EU authorities, https://edpb.europa.eu/about-edpb/about-edpb/members_en.