Alex Rubin M.D.

dralexrubin.com

Privacy Policy

Effective date: July 2026 · Version 1.0

1. Controller & Scope

This Privacy Policy ("Policy") describes how Dr Alexey Rubin ("Controller", "we", "us") collects, uses, and protects personal data submitted through the website dralexrubin.com ("Site").

The Controller operates across multiple jurisdictions — the United Kingdom, United Arab Emirates, Germany, and Russia. This Policy reflects the highest applicable standard across all of them. Where UK GDPR / EU GDPR applies (visitors from the UK or EEA), those rules govern. Where UAE Federal Law No. 45 of 2021 on Personal Data Protection applies, those rules govern. Russian visitors are additionally covered by Federal Law No. 152-FZ.

By using this Site you acknowledge that you have read and understood this Policy. If you do not agree with it, please discontinue use of the Site.

2. Data We Collect

We collect only data you voluntarily provide:

  • Name and surname;
  • Email address;
  • Telephone number;
  • The content of any message or enquiry submitted via the contact form;
  • Technical data collected automatically in anonymised form: IP address, browser type, pages visited, date and time of access — via standard web analytics tools.

This Site does not collect medical records, clinical histories, or health information. Any clinical detail shared voluntarily through the contact form is treated solely for the purpose of organising an initial consultation and is handled with strict professional confidentiality.

3. Purposes & Legal Basis

We process personal data for the following purposes and on the following legal bases:

  • Responding to your enquiry — legal basis: legitimate interests (UK/EU GDPR Art. 6(1)(f)); consent (UAE PDPL); consent (152-FZ).
  • Organising a consultation — legal basis: performance of a contract or pre-contractual steps (UK/EU GDPR Art. 6(1)(b)).
  • Compliance with legal obligations — legal basis: legal obligation (UK/EU GDPR Art. 6(1)(c)).

We do not use personal data for marketing, profiling, or automated decision-making.

4. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it was collected:

  • Contact form submissions — no longer than 3 years from the date of receipt, unless a longer period is required by applicable law;
  • Anonymised technical/analytics data — in accordance with the settings of the analytics provider used.

Upon expiry of the applicable retention period, data is securely deleted or anonymised.

5. Disclosure to Third Parties

We do not sell, rent, or share personal data with third parties for commercial purposes. Data may be disclosed only in the following limited circumstances:

  • Where required by applicable law or a court order;
  • To technical service providers (e.g. hosting, web analytics) acting as data processors under appropriate contractual safeguards — solely to the extent necessary to operate the Site;
  • With your explicit prior consent.

6. International Transfers

The Site is hosted on servers located in the Russian Federation. If you access the Site from the UK, EEA, or UAE, your data may be transferred to and processed in Russia. We take steps to ensure that such transfers are subject to appropriate safeguards consistent with the requirements of UK GDPR, EU GDPR, and UAE PDPL.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Jurisdiction
Rights
UK & EU (GDPR)
Access · rectification · erasure · restriction · portability · object · lodge complaint with ICO (UK) or relevant supervisory authority (EU)
UAE (PDPL)
Access · correction · deletion · restriction · withdrawal of consent · lodge complaint with UAE Data Office
Russia (152-FZ)
Information · clarification · blocking · deletion of incomplete or unlawfully obtained data · withdrawal of consent · lodge complaint with Roskomnadzor

8. Cookies & Analytics

The Site may use standard web analytics tools to collect anonymised usage data (page views, session duration, browser type). This data is not linked to any identifiable individual.

The Site does not use advertising cookies, tracking pixels, or third-party behavioural profiling tools. If analytics tools are used, they are configured to anonymise IP addresses before any processing occurs.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. All data submitted via the contact form is transmitted over encrypted connections (TLS/HTTPS).

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any breach in accordance with applicable law.

10. Contact

To exercise your rights, withdraw consent, or raise a question about how your data is handled, please contact:

Controller: Dr Alexey Rubin
Website: dralexrubin.com
Email: office@alexrubinmd.com

We will respond to all requests within 30 days of receipt. Where a request is complex or numerous, we may extend this period by a further two months and will notify you accordingly.

11. Changes to This Policy

We reserve the right to update this Policy at any time. The current version will always be available at dralexrubin.com/privacy. Continued use of the Site following publication of changes constitutes acceptance of the revised Policy. Material changes will be communicated prominently on the Site.


Medical Disclaimer
The content of this website is provided for informational purposes only and does not constitute medical advice, a diagnosis, or a treatment recommendation. It does not create a physician–patient relationship. Individual results vary. All surgical procedures carry risks. A formal in-person consultation is required before any clinical decision can be made. If you are experiencing a medical emergency, contact the emergency services in your country immediately.