1. The aim of patient registry is to make anonymous and aggregated individual data accessible for medical and research purposes. The registration is also based on voluntary consent from patients and be should given in advance the context of a written declaration, using concise, transparent, and easily accessible form as well as clear and plain language.

2. The patient have the right to obtain restriction of data processing and the erasure of personal data concerning him or her and we shall have the obligation to erase personal data without undue delay.

3. Appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including pseudonymization and encryption of personal data, the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.

4. By default, only personal data which are necessary for each specific purpose of the processing are processed. That obligation applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. Such measures shall ensure that by default personal data are not made accessible without the individual’s intervention to an indefinite number of natural persons.