Data Privacy Statement

We are pleased about your visit to our website. The protection of your personal data is an important concern for us and we want you to feel safe when you visit our website. We protect your privacy and your personal data. We process your personal data in accordance with the content of this data protection declaration, the country-specific data protection regulations that apply to us and the General Data Protection Regulation (“GDPR”).

Name and address of the Controller

SYNLAB Eesti OÜ (address: Veerenni 53a, 10138, Tallinn, Estonia), as operator of the websites and, is the responsible party in terms of the GDPR and other, country-specific data protection regulations.

Data Protection Officer

You can contact our data protection officer, at any time with all data protection issues at: andmekaitse(at)

Personal data

Personal data shall mean any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an on-line identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal data also includes information about your use of our website. In this context we collect personal data from you as follows: Information about your visits to our website, such as the extent of data transfer, the location from which you access data from our website and other connection data and files and other content you access. This is usually done through the use of log files and cookies. For more information about log files and cookies, see our “Cookie policy” (

Purpose and personal data concerned

The extent and nature of the collection, processing and use of your data differs according to whether you visit our website merely to call up generally available information or to make use of additional services:

a) Informational use

For a purely informational use of our website, it is generally not necessary for you to provide personal data. Rather, when you call up our website, we only record the data that your Internet browser automatically transmits to us, such as

  • the IP address of your computer
  • Date and time of page view
  • Your browser type, the browser version and your browser settings
  • the operating system used (Windows, iOS, Linux etc.)
  • the transferred data volume and status of transfers
  • from which website the access to our site was made
  • other similar data and information which serve to avert danger in the event of attacks on our information technology systems.

The IP address of your computer is only stored in so-called log files for the time of your use of the website and is then immediately deleted or made anonymous by a shortening. The remaining data is stored for a limited period of time. We use this data for the operation of our website, in particular to detect and correct website errors, to determine the website load and to make adjustments or improvements.

b) Use in case of use of further services

If you make use of further services of our company via our website, it may be necessary for you to provide personal data.

Which personal data is required for the provision of services is determined by the respective input mask.

We will only collect those personal data that are necessary to provide the service you have chosen, for example your e-mail address is used for communication about our services if you have selected it. If you have selected SMS notification, you will be notified by SMS only.

During payment, for example by credit card, you will be forwarded to the pages of a third party provider. We would like to point out that we have no influence on the collection, processing and use of personal data by this third party provider, so this privacy policy does not apply to the third party provider.

You can provide further information voluntarily. You can tell which information is required and which is voluntary by the fact that the required information is marked with a symbol (*) to indicate that it is required.

The collection, processing and use of your data is exclusively for the purpose of providing the service you requested.

Contact form

On our website we offer you the possibility to get in contact with us and other companies of the SYNLAB group by means of a contact form.

Subject to the following explanations, the recipient of your message will be determined by the description in the respective contact form. If you do not send us a contact request, we will not be informed about the content of these messages, since the messages are received directly by the respective companies. Questions regarding invoicing are directly sent to our invoicing centre, which processes the inquiries on behalf of the medical practices, hospitals and medical care centres stated in the invoices. Your inquiry will therefore also be known to persons at these clients.

The personal data that you provide in the context of this contact enquiry will only be used to process your enquiry and will be deleted from the web server immediately. We would like to point out that the recipients of the messages may retain the messages within the scope of legally existing retention obligations. Subject to the foregoing, no information will be passed on to third parties.

The transmission of data entered in the contact forms is encrypted, whereby we have chosen end-to-end encryption in addition to TLS 1.2 transport encryption.


If you want to order our newsletter, we need your e-mail address and the confirmation that you are the owner of the e-mail address and agree to receive the newsletter. This data is only collected for the purpose of sending you the newsletter and to document our authorization in this regard. The data will not be passed on to third parties. You can cancel your order for the newsletter at any time with effect for the future.

The following data is collected during registration:

  • IP address of the calling computer
  • Date and time of registration

In addition, the following data is collected via our newsletter tool:

  • Type of entry
  • IP address of the calling computer
  • Date and time
  • User agent
  • Operating system (Windows, iOS, Linux, etc.)
  • From which website the access was made

For the processing of the data, your consent will be obtained during the registration process and reference will be made to this data protection declaration.

No disclosure of your personal data

We do not pass on your personal data to third parties, unless you have consented to the passing on of data or we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may, in particular, involve the provision of information for the purposes of criminal prosecution, averting danger or enforcing intellectual property rights.

Data protection and third-party Websites

The website may contain hyperlinks to and from third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or guarantee for third-party content or compliance with data protection conditions. Please make sure you are aware of the applicable data protection terms and conditions before you submit personal data to these websites.

Data security

All the information you send us is stored on servers within the European Union. However, we secure our website and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. In particular, your personal data will be transmitted encrypted.

Your rights

You have the right to ask us

  • to receive information free of charge about the personal data stored by us about your person (right to information)
  • obtain confirmation as to whether we are processing personal data relating to you (right to confirmation)
  • to demand from us that the personal data relating to you be deleted by us without delay, insofar as processing of the data is no longer necessary and the other requirements of the DSGVO for deletion are also fulfilled (right to deletion)
  • to request the immediate rectification and integration of incorrect personal data concerning you (right to rectification)
  • to demand the restriction of the processing of your personal data (right to restrict processing)
  • to receive personal data concerning you in a structured, common and machine-readable format (right to data transferability)
  • to object to the processing of your personal data (right to object)
  • You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effect vis-à-vis you or affects you in a similar way (right of decision on a case-by-case basis)
  • Furthermore, you have the right to revoke your consent to the processing of your personal data at any time with effect for the future.

For further information on your rights, please contact our data protection officer.

Deletion and blocking of personal data after fulfilment of purpose

We process and store personal data only as long as it is necessary for the fulfilment of the purpose, at the latest, however, until the expiry of the statutory retention and storage periods. Upon fulfilment of the purpose and expiry of the statutory retention and storage periods, the personal data will be deleted or blocked in accordance with the data protection regulations.

Right of appeal

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority Data Protection Inspectorate of the Republic of Estonia (info(at) if you consider that the processing of personal data concerning you is in breach of the legislation.

Last update: 10.01.2022

Veerenni 53a
Tallinn 10138