Privacy policy
§1. General
This Privacy Policy has been created for the website available at medicalinventi.pl (hereinafter referred to as the “Website”) to provide information to its Users on how to protect their personal data provided in connection with using the Website.
Medical Inventi shall act with due diligence to protect the interests of data subjects, users of the Website (hereinafter referred to as the “User”), and in particular shall ensure that the collected data is processed lawfully.
The Website can be accessed using the most popular web browsers. The content of the Website is the property of the Data Controller and is protected by law.
The personal data controller is Medical Inventi S.A. with its registered office in Lublin,
ul. Nałęczowska 14, 20-701 Lublin
(hereinafter referred to as the “Controller”, “Medical Inventi”).
Regarding the processing of personal data, the Controller can be contacted at the e-mail address: biuro@medicalinventi.pl or in writing at the Controller’s registered office address indicated above.
§2. Personal data
Types of data processed
Like most websites, we store http:// requests directed to our server. Browsed resources are identified by URL addresses. As part of the Website we process the data of the User who sends the content of the Website’s contact form to us, as well as the data, if any, provided in the content of the query sent via the provided form – full name, telephone number and e-mail address.
Data processing purpose and legal basis
Personal data relating to Users who use the Website may be processed for the purpose of identifying the User who sends the content of the Website’s contact form and handling their enquiry sent via the provided form – the legal basis for processing is the User’s consent (Article 6(1)(a) of the GDPR).
The personal data of Website Users may be processed on the basis of Article 6(1)(f) of the GDPR, i.e. in connection with processing necessary for the purposes of the Controller’s legitimate interests – ensuring access to and use of the Website (including the proper functioning, configuration, security and reliability of the Website), monitoring session status, analyses, statistics, research and audit of the Website’s views, as well as enabling contact with the Controller via the contact form.
Information on personal data recipients
Personal data may be outsourced to third parties only for the purposes of running the Website.
The entities that process personal data on behalf of the Controller are the cloud system provider, advertising agencies, IT service and analytical tool providers. Information on illegal activities may be passed on to insurance companies, public authorities and law enforcement agencies.
Personal data processing period
The provided personal data shall be processed for the period necessary to fulfil the purposes described above or until consent to data processing is withdrawn. The User’s personal data shall be securely deleted if it is no longer needed for these purposes.
§3. Cookies policy
The User’s data is collected automatically when the User is browsing the Website. This data includes the IP address, domain name, browser type, and operating system type. This data can be collected using cookies and Google Analytics, and can be saved in server logs.
Cookies are small text files sent to the User’s computer or other end device when the user is browsing the Website. Cookies record the User’s preferences allowing enhancement of the quality of services provided, improvement of the search results and the accuracy of the information displayed, and tracking the User’s preferences. The User may choose not to accept cookies (or change the appropriate preference setting for their use in the web browser they are using) by selecting the appropriate settings in the web browser they are using.
Consent to the storage of or access to cookies by the Controller is expressed by the User when they first visit the Website, by reading the message on the use of cookies, closing this message, and not changing the default settings of their web browser.
Medical Inventi uses the following types of cookies:
- Essential files – files of key significance which enable Users to navigate the Website and use its functionalities, such as accessing secure areas on the Website.
- Performance files – collect information about how Users use the Website and which parts of the Website they visit the most often.
- Functional files – record the choices made by Users (such as User name, language, or region where Users are located).
Google Analytics is a web analytics system which provides insight into Website traffic and is used for marketing purposes.
Third party social media (e.g. Facebook, Twitter, LinkedIn, Google+) may record information about the User, for example, when they click on the “Add” or “Like” button on a particular social media portal while browsing the Website. Medical Inventi does not control third-party sites or their activities. Information on social media sites is available on the aforementioned pages.
§4. Principles of data processing and user’s rights in relation to their personal data
The User shall have the right to contact the Controller at any time to request access to their personal data, data portability, rectification and erasure or restriction of data processing.
Notwithstanding the above-mentioned rights, the User may object to data processing.
As the provision of personal data by the User is based on consent, the User shall have the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of that consent prior to its withdrawal.
The User shall have the right to lodge a complaint with the President of the Personal Data Protection Office in the event that the User’s personal data is considered to be processed unlawfully.
The User’s personal data may be transferred to a country outside the European Economic Area to the minimum extent necessary for the proper functioning of the Website.
The Users’ personal data shall not be used for the purpose of automated data processing within the meaning of Article 22 of the GDPR.
§5. Changes to the privacy policy
The Policy is kept under review and updated as necessary.
The Controller shall notify Users of the relevant changes and their effective date by posting a notice on the Website.