top of page

PRIVACY POLICY

 

The Privacy Policy sets out the rules of conduct and information regarding the processing of personal data of users using the Website. Each person using the Website remains anonymous until they decide to reveal their identity. The processing of the shared personal data takes place only on the basis and within the limits of the law, and taking care of the security of users' data, the Website Administrator selects technical measures ensuring their fullest protection, including, in particular, against disclosure to unauthorized persons and processing in violation of the law.

 

 

Personal data controller

 

1. The administrator of personal data is Piotr Spychalski, running a business under the name of Praktyka Lekarska lek. Piotr Spychalski, ul. Piecewska 10/17, 80 - 288 Gdańsk, NIP 5891940048 and REGON number 384260841.

2. Contact with the Administrator can be made by correspondence to the address provided above or by e-mail at: info@houseofebm.com

 

The scope of processed data

 

1. The personal data administrator collects and processes identifying personal data, such as name, surname, date of birth, data on the conducted activity or place of employment, NIP, REGON number, data on education, information on educational institutions, professional title, publications and scientific and professional achievements, and contact details such as address, telephone number, e-mail address.

2. In addition, the Website also processes information that does not constitute personal data about the device on which the user uses the Website, enabling him to use the Website in the best and safest way - i.e. the computer's IP address, information contained in cookies or other similar technologies, session data, data browser, data on information on websites, and if the user has given additional consent - also information about geolocation.

Purpose and legal basis for data processing

 

1. The user's personal data is processed in accordance with:

a. The Act of May 10, 2018 on the protection of personal data,

b. Act of July 18, 2002 on the provision of electronic services,

c. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing

Directive 95/46 / EC (hereinafter: GDPR),

d. Act of July 16, 2014 - Telecommunications Law,

e. By the Act of April 23, 1964, the Civil Code.

2. In the event of a change in the regulations on the protection of personal data, the Administrator undertakes to comply with their new shape in this Policy.

3. The user's personal data will be processed for the purpose of accepting and implementing the Order, concluding, executing and withdrawing from the Agreement, answering questions or providing other information expected by the user, considering complaints, for marketing and statistical purposes, as well as for targeting content or advertisements.

 

The method of obtaining data

 

Personal data is obtained directly from the user as a result of their disclosure via the subscription form for the Newsletter or the Order Form. Other data, not constituting personal data, are sent automatically by the device used by the user when using the website.

 

 

 

Data sharing

 

1. The Administrator, on the basis of a detailed authorization or an agreement between the Administrator and the entity processing personal data, may transfer the user's data:

a. Administrator's employees and associates,

b. Google Analytics platform operated by Google LLC based in Menlo Park, California, USA

c. Facebook, operated by Facebook Inc. based in Palo Alto, California, USA,

d. Thinkific Labs Inc. based in Vancouver, British Columbia, Canada.

e. to other entities, on the basis of a data processing agreement, if it is necessary for the purposes of the Agreement.

2. The transfer of the user's personal data may take place only if necessary in connection with the handling of the user's application or inquiry via the contact form.

3. Considering the fact that the entities listed in point (a) b) and c) are registered in countries outside the European Economic Area, the Administrator also informs that for statistical purposes, optimization of advertisements, the possibility of social plug-ins, to a very limited extent, he provides data to two entities that meet the criteria of a Third State within the meaning of the GDPR. The headquarters of both entities are located in the United States and both entities have joined the Privacy Shield program, and the data is transferred on the basis of agreements containing clauses specified in the Decision of the European Commission 2010/87 / EU, and therefore the transfer of data to them is in accordance with the implementing decision of the European Commission from on July 12, 2016, and the scope of the transferred data makes it impossible to identify a specific person.

 

 

Uprawnienia użytkownika

 

Osobie, której dane osobowe są przetwarzane przez Administratora danych osobowych przysługują następujące uprawnienia:

  1. Prawo dostępu do własnych danych osobowych (art. 15 RODO), w tym do uzyskania kopii danych podlegających przetwarzaniu, także w formie elektronicznej, do uzyskania informacji dotyczących celów przetwarzania, kategorii danych osobowych, kategorii odbiorców, którym dane mogą zostać ujawnione, planowanym okresie przechowywania danych osobowych.

  2. Prawo do sprostowania (poprawienia) (art. 16 RODO) własnych danych osobowych, jeżeli są niepoprawne, bądź niekompletne.

  3. Prawo do żądania usunięcia danych osobowych (art. 17 RODO), gdy:

    • nie są już niezbędne do celów, w których zostały zebrane lub w inny sposób przetwarzane;

    • osoba, której dane dotyczą, cofnęła zgodę i nie ma innej podstawy prawnej przetwarzania;

    • osoba, której dane dotyczą, wnosi sprzeciw wobec przetwarzania i nie występują nadrzędne prawnie uzasadnione podstawy przetwarzania;

    • dane osobowe były przetwarzane niezgodnie z prawem;

    • dane osobowe muszą zostać usunięte w celu wywiązania się z obowiązku prawnego przewidzianego w prawie Unii lub prawie państwa członkowskiego, któremu podlega Administrator;

    • dane osobowe zostały zebrane w związku z oferowaniem usług społeczeństwa informacyjnego;

  4. Prawo do żądania ograniczenia przetwarzania danych (art. 18 RODO), gdy:

    • osoba, której dane dotyczą, kwestionuje prawidłowość danych osobowych - na okres pozwalający Administratorowi sprawdzić prawidłowość tych danych;

    • przetwarzanie jest niezgodne z prawem, a osoba, której dane dotyczą, sprzeciwia się usunięciu danych osobowych, żądając w zamian ograniczenia ich wykorzystywania;

    • Administrator nie potrzebuje już danych osobowych do celów przetwarzania, ale są one potrzebne osobie, której dane dotyczą, do ustalenia, dochodzenia lub obrony roszczeń;

    • Osoba, której dane dotyczą, wniosła sprzeciw wobec przetwarzania - do czasu stwierdzenia, czy prawnie uzasadnione podstawy po stronie Administratora są nadrzędne wobec podstaw sprzeciwu osoby, której dane dotyczą;

  5. Prawo wniesienia skargi do Prezesa Urzędu Ochrony Danych Osobowych (PUODO), Adres: ul. Stawki 2, 00-193 Warszawa.

  6. Aby skorzystać z przysługujących uprawnień użytkownik powinien skontaktować się z Administratorem drogą korespondencyjną lub elektroniczną; Administrator zobowiązany jest do udzielenia informacji o podjętych w związku z żądaniem działaniach w terminie 1 miesiąca; w sprawach szczególnie skomplikowanych bądź wobec znacznej liczby zgłoszeń termin ten może zostać przedłużony do 3 miesięcy.

 

User permissions

 

The person whose personal data is processed by the Personal Data Administrator has the following rights:

1. The right to access your own personal data (Article 15 of the GDPR), including obtaining a copy of the data subject to processing, also in electronic form, to obtain information on the purposes of processing, categories of personal data, categories of recipients to whom the data may be disclosed, and the planned storage period personal data.

2. The right to rectify (correct) (Article 16 of the GDPR) your own personal data, if it is incorrect or incomplete.

3. The right to request the deletion of personal data (Article 17 of the GDPR) when:

- they are no longer necessary for the purposes for which they were collected or otherwise processed;

- the data subject has withdrawn the consent and there is no other legal basis for the processing;

- the data subject objects to the processing and there are no overriding legitimate grounds for processing;

- the personal data has been processed unlawfully;

- personal data must be removed in order to comply with the legal obligation provided for in the Union law or the law of the Member State to which the Administrator is subject;

- the personal data has been collected in relation to the offering of information society services;

4. The right to request the restriction of data processing (Article 18 of the GDPR) when:

- the accuracy of the personal data is contested by the data subject - for a period enabling the Controller to verify the correctness of this data;

- the processing is unlawful and the data subject opposes the deletion of personal data and requests the restriction of their use instead;

- The administrator no longer needs personal data for the purposes of processing, but they are needed by the data subject to establish, assert or defend claims;

- The data subject has objected to processing - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for objection of the data subject;

5. The right to lodge a complaint to the President of the Personal Data Protection Office (PUODO), Address: ul. Stawki 2, 00-193 Warsaw.

6. To exercise the rights, the user should contact the Administrator by correspondence or by e-mail; The administrator is obliged to provide information about actions taken in connection with the request within 1 month; in particularly complex cases or due to a large number of notifications, this period may be extended to 3 months.

Data storage period

 

In accordance with the applicable legal grounds, the Administrator will store personal data for the duration of the Administrator's legitimate interest, but no longer than for the period of limitation of the Administrator's claims against the data subject.

 

 

Data safety

 

The personal data administrator uses appropriate technical and organizational measures to fully protect the user's personal data - in particular, securing them against unauthorized access, loss or destruction.

 

 

Cookies

 

A cookie is a small piece of text that a website sends to your browser and which the browser sends back on subsequent visits to the site. The use of cookies on the website, although legally related to the obligation to instruct the user about their use, does not significantly affect the data processing itself, mainly serving the convenience of the website user, and partly - the development of its owner. Cookies are used to optimize the use of websites by giving them an individual character tailored to a given user, using, among others:

1. identification of computer data and its browser used to browse websites - e.g. by stating whether a given computer has already visited this website;

2. adjusting the display of the website to the user's preferences thanks to anonymous analysis of their behavior on the Internet;

3. remembered expectations for the website, such as language, color, content layout;

4. enabling the operation of individual accounts on websites;

5. exclusion of the obligation of onerous logging in to each separate subpage of the website;

6. "Memory" about the advertisements presented so as not to present the user with repeated and uninteresting content.

 

Cookies never change the way devices work and are in no way harmful to them; do not change the configuration of browsers and are not shared with other websites, advertisers, etc. apart from the entities indicated above in § 5. On each of the websites, the user has the option of accepting or blocking them, which, however, may hinder or prevent access to many possibilities and functionalities of the website. Regardless of the choice made, each browser allows you to clear all cookies stored in it.

 

This Policy is effective from December 16, 2020.

NEWSLETTER

 

General information

1. The Regulations of the Newsletter Service define the rules for the provision of the service of delivering content by e-mail (hereinafter: Newsletter or Service) by the Service Operator.

2. To use the Newsletter service, it is necessary to have access to the Internet and an e-mail address, but it is not necessary to meet specific technical requirements apart from having a standard operating system and a standard web browser.

3. The Newsletter service consists in sending by the Service Operator to the e-mail address provided by the User, messages containing information about the offer, events and news of the Seller or its related entities.

4. By concluding a contract for the provision of the Newsletter service with the Service Operator, the User provides his e-mail address provided in the registration form in order to receive the messages referred to in the above provisions.

5. The provision of the Newsletter service will start after the conclusion of the contract for the use of the Newsletter service.

 

Service operator

The operator of the service is Piotr Spychalski, running a business under the name of Praktyka Lekarska lek. Piotr Spychalski, ul. Piecewska 10/17, 80 - 288 Gdańsk, NIP 5891940048 and REGON number 384260841.

 

 

 

Terms of Service

1. The newsletter is a free service.

2. Anyone can use the Newsletter, and the messages sent by the Service Operator do not contain any content that requires age restrictions. The only condition for using the Newsletter is to provide your e-mail address in the "Subscription Form" field and select the "Submit" button, which will send the address provided to the Service Operator and start its provision.

3. The Newsletter offer is addressed only to people who have expressed their will to receive it; the website user should not provide an address that he or she does not have permission to dispose of.

 

 

 

 

Use of the newsletter content

Individual graphic and text messages sent as part of the Newsletter are works within the meaning of copyright law and are protected by law, therefore their copying, modification and use in a way that goes beyond private, non-commercial use requires the consent of the Service Operator.

 

 

Duration of the service

1. The contract for the delivery of the Newsletter is concluded for an indefinite period, and the User has the unlimited right to terminate it without giving a reason at any time, with immediate effect. The termination may be submitted by e-mail, including by clicking on the link in the messages, or by traditional correspondence.

2. The Service Operator may suspend or terminate the delivery of the Newsletter, of which he will inform the User.

3. The operator also reserves the right to remove all incorrect or non-existent e-mail addresses.

 

 

Processing of personal data

The Service Operator is also the Administrator of personal data processed in order to provide the Newsletter service - personal data is processed on the basis of a registration application, during which the user provided his e-mail address. Personal data will be processed until the User withdraws his consent to receive the Newsletter, and after this period - only to the extent and for the duration of the justified interest of the Operator.

On the basis of a detailed authorization or an agreement between the Administrator and the entity processing personal data, they may be transferred to entities cooperating in the provision of the Newsletter service.

Detailed information on the scope, basis and purpose of data processing, applied protection measures and the rights of the entity whose data is processed can be found in the "Privacy Policy" section.

 

 

 

 

Complaints

1. If it is considered that the Operator provides the service improperly or in any other way, it is possible to infringe the legitimate interests of the User in connection with its provision, the User has the right to submit a complaint to the following e-mail address: info@houseofebm.com or by correspondence to the Operator's address.

2. The content of the complaint should include the data necessary to send information about the result of the complaint and a description of what the irregularities in the course of the service would be. The operator will respond to them immediately, but not later than within 30 days from the date of receipt of the notification.

 

 

 

These Regulations are valid from December 16, 2020.

GDPR CONSENT TO ORDER

I consent to the processing by the Website Administrator of the personal data provided by me in the form in order to accept the Order and perform the Agreement and any subsequent rights related to it. Expressing consent is voluntary and may be withdrawn at any time without giving a reason. On the same principles, the person whose data will be processed has an unlimited right to access, rectify and delete data. Detailed information on the scope and method of data processing, as well as your rights and how to exercise them can be found in the Privacy Policy available at the following link: www.houseofebm.com/prywatnosc

 

MARKETING AGREEMENT

I consent to the processing by the Website Administrator of the personal data provided by me in the form for marketing purposes based on the information provided by me. Expressing consent is voluntary and may be withdrawn at any time without giving a reason. On the same principles, the person whose data will be processed has an unlimited right to access, rectify and delete data. Detailed information on the scope and method of data processing, as well as your rights and how to exercise them can be found in the Privacy Policy available at the following link: www.houseofebm.com/prywatnosc

 

CONSENT TO THE NEWSLETTER

I agree to join the Newsletter service provided in accordance with the Regulations available at the link: www.houseofebm.com/prywatnosc and the processing of personal data provided by me related to the service. Expressing consent is voluntary and may be withdrawn at any time without giving a reason. On the same principles, the person whose data will be processed has an unlimited right to access, rectify and delete data. Detailed information on the scope and method of data processing, as well as your rights and how to exercise them can be found in the Privacy Policy available at the following link: www.houseofebm.com/prywatnosc

 

 

COOKIES

This website uses cookies and other technologies to ensure that its operation remains reliable and safe, while meeting the expectations of the Customer or User to the fullest possible extent. By continuing to browse it, you consent to the collection and use of cookies, and the consent may be withdrawn or modified at any time. Detailed information in this regard is available in the Privacy Policy www.houseofebm.com/prywatnosc.

Agreement withdrawal form

bottom of page