Privacy policy

This Policy provides essential information about the purposes, methods and security of the processing of your personal data as a user of the website https://www.medissmedical.local/ (hereinafter referred to as the “Website”). By reading this Privacy Policy, you will learn who the controller of your personal data is, what personal data is collected by the Website, for what purposes it is used and how it is protected.

§1. Basic information.

  1. The controller of your personal data is Mediss Medical Sp. z o.o. with its registered office in Gdańsk, ul. Szymanowskiego 2/18.
  2. You can contact the Controller via e-mail at: kontakt@medissmedical.pl

§2. Principles of data processing.

The Controller processes personal data in compliance with the following principles:

  • based on a legal basis and in accordance with the law (legality);
  • fairly and honestly (fairness);
  • in a transparent manner for the data subject (transparency);
  • for specific purposes and not “just in case” (purpose limitation);
  • no more data than necessary (data minimisation);
  • with care for data accuracy (accuracy);
  • for no longer than necessary (storage limitation);
  • ensuring appropriate data security (integrity and confidentiality).

§3. Purposes, legal bases and scope of data processing.

  1. We will process your data:
    • for contact purposes, to provide you with a response to your message sent directly to us via e-mail or through the contact form, on the basis of the Controller’s legitimate interest related to the need to reply to your inquiry;
    • for technical purposes using technical cookies, on the basis of the Controller’s legitimate interest related to the proper functioning of the Website;
    • for statistical and analytical purposes, if you have consented to the use of analytical cookies;
    • for marketing purposes, if you have consented to the use of marketing cookies;
    • for purposes related to running our business profiles on social media platforms (such as Facebook / Instagram) under the rules set by the owners of those platforms, and informing users about our products, promotions and other updates, which we consider our legitimate interest.
  2. We process your data within the following scope:
    • if you send us an e-mail, we will process the data contained in that message. Providing such data is voluntary. You may request deletion of this data at any time;
    • if you use the contact form on our Website, we will process your e-mail address and name. Providing this data is required to allow us to respond to your inquiry;
    • other data processed by the Controller includes your IP address and other data stored in cookies. You decide to what extent we may use cookies. You may change your preferences at any time in your browser settings or by clearing cookies stored by our Website;
    • if you like or otherwise follow our social media profiles (e.g., Facebook), we will process the data you have shared on that platform. You may stop this processing by unfollowing our profile;
    • External partner APIs: Our Website may use APIs provided by external partners to integrate functionalities such as maps, analytics services, advertising tools, or social media features. The use of such APIs may result in the creation or use of cookies for processing user data. External partners may store and process this data according to their own privacy policies.

§4. Data recipients and transfer outside the EEA or to international organisations.

Your personal data may be disclosed to:

  1. if you have consented to marketing cookies, your cookie-stored data will be transferred to our advertising partners;
  2. if you have consented to analytical cookies, your cookie-stored data may be processed by analytics software providers (e.g., Google Analytics);
  3. Your data is not transferred outside the EEA or to international organisations, except for the following partners:
    • Google Inc. (USA) – for analytics (Google Analytics) and other functions (Google Maps, Google Search Console). See how Google processes and protects your data. A browser add-on is available to manage your data collection preferences in Google Analytics;
    • Google Inc. (USA) – for advertising and measuring ad effectiveness in Google Ads. You may manage your advertising preferences in Google systems;
    • Facebook Inc. (USA) – for managing accounts and data in Facebook/Instagram, advertising, and analytics via Facebook Pixel and Conversion API. See how Facebook processes and protects your data.

§5. Data retention period.

We cannot determine the exact period for which your personal data will be processed. If you provide your data via a form or e-mail for contact purposes, your data will be processed until you request its deletion, object to processing, or until we determine that our legitimate interest has been fulfilled.

§6. User rights.

  1. With regard to personal data processing, you have the following rights:
    • right of access to your data;
    • right to rectification, erasure and restriction of processing;
    • right to data portability;
    • right to object;
    • right to withdraw consent at any time, unless the processing is based on the performance of a contract, compliance with legal obligations, or legitimate interests of the Controller.
  2. You also have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw.
  3. More information regarding data protection is available on the UODO website: www.uodo.gov.pl

§7. Cookie information.

  1. Our Website uses cookies.
  2. Cookies are small text files stored on users’ devices while browsing the Website. They help improve usability, service quality and enable analysis of user behaviour.
  3. Cookies may be permanent or session-based. Permanent cookies remain on your device until deleted; session cookies are removed after the browser is closed.
  4. We use first-party cookies and third-party cookies. First-party cookies ensure proper functioning of the Website; third-party cookies support analytics, advertising and social media tools.
  5. Users can control cookie usage in their browser settings, including blocking, restricting or deleting cookies.
  6. Disabling cookies may affect Website functionality and service quality.
  7. We use various types of cookies to adapt the Website to users’ needs.
  8. Technical cookies: Essential for proper functioning (session maintenance, forms, preferences, security).
  9. Marketing cookies: Enable personalised advertising and remarketing, measure campaign effectiveness.
  10. Analytical cookies: Collect information about website usage (visits, behaviour, time spent, sources of traffic).

§8. Why do we use cookies?

  1. Improved user experience.
  2. Content personalisation.
  3. Preference storage (language, layout, colour settings).
  4. Login support.
  5. Session maintenance.
  6. Performance optimisation.
  7. Personalised advertising.
  8. Integration with social media.

§9. Functions of technical cookies.

  1. Maintaining user sessions.
  2. Storing user preferences.
  3. Supporting forms (login, registration, contact).
  4. Performance optimisation.
  5. Security (identity verification, intrusion detection, CSRF protection).

§10. Functions of analytical cookies.

  1. Website traffic measurement.
  2. User behaviour analysis.
  3. Conversion optimisation.
  4. User segmentation.
  5. A/B testing.

§11. Functions of marketing cookies.

  1. Personalised ads.
  2. Remarketing.
  3. Ad performance measurement.
  4. Multi-channel advertising management.
  5. A/B testing and content optimisation.

Last updated: 30.11.2023

INFORMATION CLAUSE REGARDING THE PROCESSING OF PERSONAL DATA IN THE RECORDING OF INCOMING PHONE CALLS IN MEDISS MEDICAL CLINIC

Based on Article 13(1) and (2) of the GDPR (Regulation (EU) 2016/679), we inform you that:

  1. The controller of personal data collected during the recording of incoming phone calls is Mediss Medical Sp. z o.o.
  2. You may contact the Data Protection Officer at: biuro@medissmedical.pl
  3. Consent to call recording is voluntary but necessary to complete the phone connection.
  4. Data processing is carried out for training purposes.
  5. The legal basis for processing is Article 6(1)(a) and (e), Article 9(2)(f) and Article 10 of the GDPR.
  6. Call recordings are stored for 90 days or for the duration of proceedings in which they serve as evidence.
  7. Recorded calls may be disclosed to authorised institutions (police, courts, prosecutor’s office) within their legal activities.
  8. You have the right to access, correct, delete or limit processing of your data, as well as to object and request data portability. You also have the right to lodge a complaint with the supervisory authority (UODO) if you believe your data is being processed unlawfully.
  9. Your data will not be transferred to data recipients or outside the EU unless required by law or based on your explicit consent.