Direct contact? Call: +3188-8910088

HomePrivacy statement

Privacy statement

All GSA employees try to help and treat you as well as possible. However, it is possible that you are not completely satisfied with the treatment in the clinic. We look forward to hearing from you.

Talk to our employee / specialist

In the unlikely event that you are not satisfied with the treatment in our clinic, please inform us. Preferably, you should first raise your complaint with your practitioner or the employee you are complaining about. If you have already done so or if you prefer not to do so, you can submit your complaint in writing by e-mail to the clinic's management via: or in writing:

Gender Surgery Amsterdam
Attn: Operational Affairs Manager
Biltseweg 14
3735 ME Bosch and Duin

Confidentiality and privacy

Identification obligation

Healthcare providers are legally required to determine the identity of the patient. Patients are asked to bring identification (passport, driver's license or identification card) and insurance details with each visit to our clinic. Identification can also be requested for correct registration in the patient file and to prevent misuse of patient records and insurance data.

To guarantee safe care, we are obliged to constantly check your identity. That is why we make a photo of you at the first appointment, which we store in the medical file. You are not obliged to have your photo taken.

Patient file

For proper treatment it is necessary that we create a medical file. We do this in line with the Wet op de Geneeskundige Behandelovereenkomst (WGBO) (Medical Treatment Agreement Act) and the Algemene Verordening Gegevensbescherming (AVG) (General Data Protection Regulation). This means that we only use your data for the provision of medical care and the associated administration and that we protect your data against infringement by third parties. In this electronic patient file, all data collected about you is recorded electronically. The electronic patient file contains information about your health status, the examinations carried out, prescribed medication, etc ..

If you have had a consultation or treatment, this will be passed on to your own doctor by secure connection. This way, he will stay informed of the treatment at our clinic. We can also exchange data with other care providers such as hospitals, pharmacies, physiotherapists, etc. If you do not want your own doctor to be informed of your visit to our clinic, or you do not want your data to be shared with other care providers, you can tell us that during the consultation. Your data will not be forwarded in that case.

All telephone conversations with the clinic are recorded and saved electronically. These conversations are deleted after 13 months. The interviews are treated confidentially and are covered by medical professional secrecy. The conversations are recorded for quality purposes. The conversations can also be listened to and assessed in the event of errors or complaints.

Financial data

In some cases, your care must be declared to the healthcare insurance company. For this purpose, diagnostic data and performed activities will be linked to declaration codes. This is performed by the doctor that treated you. After that, these data are checked by the employees of the financial administration. They check your name and address, policy details, referral and other registrations that are important for a proper declaration of the delivered care to your healthcare insurance company.

Quality data

In order to guarantee the quality and safety of our care services, we have set up various procedures and (control) systems and we participate in (national) registration systems for care. This includes internal audits, patient satisfaction and experience research and PROMS. Permission is requested for participation in internal audits. We do not request permission for patient satisfaction and experience research and PROMS because these data processing is necessary to ensure the quality of the care provided. Finally, we do not request permission for processing for which we have a legal obligation to report such as care calamities or infectious diseases.

Internal audits

By means of internal audits we check whether the work is done properly and whether things can be improved. During an audit, it may be needed to have access to your medical file, and we may also ask you some questions.  With the results of these audits, we can improve our processes and train our employees further. No personal data can be found in the results/reports of these audits. Of course all our employees have a duty of confidentiality.

Patient Satisfaction Survey (PTO) and Patiënt Experience Survey (PREM)

To further improve our quality of care, we measure patient satisfaction and patient experiences by questionnaire surveys that can be anonymously filled out by you. The data from the PTO are not provided to other parties and are intended only for internal quality improvement. The data from the PREM are anonymised and used via a secure connection for participation in quality registrations (see "Healthcare Registration Systems").


With PROMS we measure whether your treatment has had the intended effect for you. That is important for us to know so that we give good care to you. We anonymize this data and deliver them, at organizational or location level,  to quality records, health insurers or referrers. You can think of something like: "X percent of our patients experience at least an improvement of more than 75% after surgery". In addition, we use this data for internal quality improvement.

Healthcare Registration Systems

We provide anonymous and aggregated data about our care provision to a number of registration systems:

  • Zorginstituut Nederland (Dutch Care Institute)
  • Inspectie voor de Gezondheidszorg (Healthcare Inspectorate)
  • De DBIR (Dutch Breast Implant Registry) bij plastisch chirurgische behandelingen

Your rights

You have the right to access your medical file. If it appears that data about you is not correct, you have the right to have it corrected or removed by us. It may not be possible to (fully) comply with a request (for example, if your perusal leads to a violation of the privacy of others). You are entitled to a copy of the data from your patient record.
You have the right to ask the clinic to send your data to another doctor, medical institution or health insurer. You can also authorize someone to view your file on your behalf or request a copy on your behalf. Your file will be kept for 15 years after the last consultation.

How do you request a copy of the patient record?

If you want to have a copy of your file please contact us
If you want to have someone else's file (for example, your children or parents), you must provide proof of the consent of the patient concerned (a written authorisation or proof of representation).

How do you request access to your file?

You can request access directly to your treated doctor at the clinic, for example if you speak to him or her during the consultation. If you want to view your dossier at another time, you can request it by telephone or in writing. If you want to see someone else's file, you need to have a proof of the consent of the patient concerned.

Who has insight into your data?

Doctors, nurses, surgery assistants and staff of the clinic who are involved in the direct care may view your data. They use a special login code for this. They shall have access only to those data in the dossier necessary for the exercise of their duties and this is also recorded. Doctors have professional secrecy and other employees of the clinic have a confidentiality obligation. Your privacy is guaranteed.

Duties of our Clinic

We are responsible for the security of the registrations of persons. We have taken measures to prevent loss/deterioration of data and to prevent unauthorized access or change of data. Strict measures have also been developed for the use and security of data in the electronic patient record. We are liable for any damage caused by failure to comply with the provisions of the Algemene Verordening Gegevensbescherming (AVG) (General Data Protection Regulation).
We have enabled ICT suppliers for the maintenance and management of our information services. We have carefully selected these suppliers and made clear agreements with them on confidentiality and security. If, in spite of our actions, the third party has unauthorized access to your data, we will notify the Autoriteit Persoonsgegevens (Authority of Personal Data).

Complaints or questions

If you have any complaints or compliments on how we treat your data, please contact our Data Protection Officer Mrs. V. van Vliet. If this is not satisfactory you have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Authority of Personal Data).