Privacy and Cookies Policy

Privacy and Cookies Policy

This document sets out the conditions for the processing of personal data (hereinafter also referred to as “data”) and cookies in the area of the merad.pl website, run through the website, made available at the URL: merad.pl, hereinafter referred to as the “Service”.

TABLE OF CONTENTS

§1. HOW TO CONTACT THE DATA CONTROLLER

§2. ON WHAT BASIS DO WE PROCESS YOUR DATA

§3. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF CONCLUDING AND PERFORMING CONTRACTS, POSSIBLE CLAIMS, AND DEFENDING AGAINST THEM

§4. INFORMATION ON DATA PROCESSING FOR DIRECT MARKETING AND PROFILING

§5. INFORMATION ON DATA PROCESSING FOR SECURITY PURPOSES

§6. INFORMATION ON DATA RECIPIENTS

§7. ABSOLUTE RIGHTS OF DATA SUBJECTS

§8. RELATIVE RIGHTS OF PERSONS WHOSE DATA ARE PROCESSED

§9. COOKIES – INTRODUCTION

§10. DATA CONTROLLER COOKIES

§11. THIRD-PARTY COOKIES

§12. CONSENT TO USE AND MANAGE COOKIES

§13. CACHE

§14. LINKS TO OTHER WEBSITES OR SOFTWARE

§15. CHANGES TO THE PRIVACY AND COOKIES POLICY

§1. HOW TO CONTACT THE DATA ADMINISTRATOR

The administrator of the personal data processed within the Service is Medical Radiopharma Sp. z o.o. with its seat in Kraków, ul. Wyżynna 8h, entered into the Register of Entrepreneurs of the National Court Register under the KRS number: 0000936528, NIP: 6793228272, and REGON: 520616483. The Administrator of the data can be contacted by phone: +48 608372896 and by e-mail: info@merad.pl.

§2. ON WHAT BASIS DO WE PROCESS YOUR DATA

When collecting personal data, we always inform you of the legal basis for processing it. It stems from the provisions of the RODO (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data on the free movement of such data and repealing Directive 95/46/EC – General Data Protection Regulation). When we inform you about:

  • Article 6.1.a) RODO – it means that we process personal data on the basis of the received consent,
  • Article 6.1.b) RODO – this means that we process personal data because it is necessary for the performance of a contract or for taking action prior to entering into one, at your request,
  • Article 6(1)(c) RODO – this means that we process personal data in order to fulfill a legal obligation,
  • Article 6(1)(f) RODO – this means that we process personal data in order to pursue legitimate interests.

§3. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF CONCLUDING AND PERFORMING CONTRACTS, POSSIBLE CLAIMS, AND DEFENDING AGAINST THEM

  1. We may process any personal data necessary for the performance of the contract concluded with you. However, even before the conclusion of the contract, we may process the personal data necessary to take action at your request. The processing of this data is based on Article 6(1)(b) of the RODO.
  2. During the execution of the contract and after its execution, we process the personal data of the contracting party for the purpose of potential claims processing as well as their assertion. Our legitimate interest is, for example, the possibility of responding to a possible complaint, to which we are obliged under separate provisions of civil law. In this case, we will process personal data based on the legitimate interest of defending against or asserting possible claims. The processing of this data is based on Article 6(1)(f) of the RODO.
  3. We will store this data for the period necessary for the realization of the intended purpose, no later than until the statute of limitations for claims under separate provisions of law.
  4. You have the right to access, rectify, erase, and restrict the processing of your data, the right to data portability, as well as the right to lodge a complaint to the supervisory authority. In the situation of data processing for the purpose of dealing with or asserting claims, you also have the right to object to their processing.
  5. Providing this data is voluntary, however, failure to provide this data will prevent the conclusion of the contract or its execution.
  6. The recipients of this data are our web host, email service provider, IT service provider, telecommunications service provider, accounting and billing software service provider, banking and e-payment service provider, legal, consulting, and debt collection service provider, and other service providers we use for the designated purpose

§4. INFORMATION ON DATA PROCESSING FOR DIRECT MARKETING AND PROFILING

  1. We may process your personal data for direct marketing purposes. This happens, for example, when we reply to your message with details of our offer.
  2. For direct marketing purposes, we may use profiling, which is the automated decision to display advertisements to you. This decision is made on the basis of your actions on the Website, in particular on the basis of contracts concluded or pages viewed. In practice, profiling aids the usability of our Services by allowing us to present you with content that may potentially be of interest to you.
  3. The processing of this data is based on Article 6(1)(f) of the RODO.
  4. We will retain your information for as long as necessary for the purpose of fulfillment.
  5. You have the right to access, rectify, erase, and restrict processing, the right to data portability, the right to object to data processing, as well as the right to lodge a complaint to the supervisory authority.
  6. You have the right not to be subject to profiling unless you have given your consent. However, in this case, the basis for the processing of your data will be the consent you have given (Article 6.1.a) RODO), which you can withdraw at any time. In that case, your data will also be processed until the withdrawal of the granted consent.
  7. Providing this data is voluntary, and failure to provide this data will prevent direct marketing activities.
  8. The recipients of this data are our hosting provider, IT service provider, e-mail service provider, telecommunication service provider, advertising service provider, and the provider of the instant messenger available on the Website.

§5. INFORMATION ON DATA PROCESSING FOR SECURITY PURPOSES

  1. From the moment you launch our website, we process data such as:
  2. • the public IP address of the device from which the request came,
    • type and language of the browser,
    • date and time of the request,
    • the number of bytes sent by the server,
    • the URL of the previously visited website, if the visit was made via this link
    • information about errors that occurred during the query.
  3. Our legitimate interest in this process is to maintain server event logs and to protect the Service from potential hacking attacks and other abuses. This includes being able to determine the IP address of anyone performing unauthorized activity in an area of the Service, such as attempting to breach security, publishing prohibited content, or attempting unauthorized activities using our servers.
  4. The processing of this data is based on Article 6(1)(f) of the RODO.
  5. We will store this data for the period necessary for the realization of the intended purpose, no later than until the statute of limitations for claims under separate provisions of law.
  6. You have the right to access, rectify, erase, restrict processing, object to the processing of your data, as well as the right to lodge a complaint to the supervisory authority.
  7. Providing such data is a condition for using the Website. Failure to provide such data will prevent the use of the Website.
  8. The recipient of this data is our web host, IT service provider, and telecommunications service provider.

§6. INFORMATION ON DATA RECIPIENTS

When processing personal data, we use third-party services. Therefore, the recipients of your personal data may be third parties. When collecting personal data, we always inform you about these recipients, but for the primacy of the readability of the communication, we do so briefly. Therefore, we hereby clarify that when we inform about particular categories of recipients, these are the following:

• IT service provider: https://dhosting.pl
• Hosting provider: https://dhosting.pl
• Email service provider: https://dhosting.pl

§7. ABSOLUTE RIGHTS OF DATA SUBJECTS

When we write about rights related to the processing of your personal data, we refer to the rights described below. The possibility of exercising the rights below is independent of the legal basis for the processing of your personal data.

Right of access to data

You have the right to obtain confirmation from us as to whether we are processing personal data about you. If we do, you have the right to obtain access to that data, as well as to receive additional information about:

  • processing purposes,
  • categories of relevant data,
  • recipient(s) or categories of recipients to whom the data has been or will be disclosed, in particular recipients of third countries or international organizations,
  • where possible, the intended period of data retention and, where this is not possible, the criteria for determining this period,
  • The right to request that you rectify, erase or restrict the processing of your data, object to such processing, and the right to lodge a complaint with a supervisory authority,
  • The source of the data, if your data was not collected from you,
  • automated decision-making, including profiling, and the modalities of such decision-making, as well as the significance and anticipated consequences of such processing for you.

Upon receipt of such a request, we are obliged to provide a copy of the personal data being processed. If such a request is received electronically and unless we receive another objection, we will also provide the information electronically.

Right of rectification

You have the right to request that we promptly rectify any personal data concerning you that is inaccurate. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by providing an additional statement.

The right to erasure (being forgotten)

You have the right to request deleting personal data concerning you immediately. We are then obliged to delete your personal data without undue delay if one of the following circumstances applies:

  • you have withdrawn your consent to process your personal data and we have no other basis for processing it,
  • you have made an effective objection to the processing of data relating to you,
  • Your personal data was processed unlawfully,
  • Your personal data must be deleted in order to comply with a legal obligation,
  • Your data was collected in connection with the offering of information society services.

Right to restrict processing

You have the right to request that we restrict processing in the following cases:

  • when you question the accuracy of the data – for a period allowing us to check its accuracy,
  • the processing is unlawful and you object to the erasure of the data, requesting instead that the use of the data be restricted,
  • we no longer need personal data for the purposes of the processing, but you need it to establish, exercise, or defend your claims,
  • you have objected to the processing of your data – until such time as we determine whether the legitimate grounds on our side override the grounds for your objection.

Automated decisions, including profiling

You have the right not to be subject to a decision that is based solely on automated processing, including profiling, and produces legal effects on you or similarly significantly affects you.

The law does not apply if this decision:

  • is necessary to enter into or perform a contract between you and us,
  • is permitted by Union or Republic of Poland law and which provides for appropriate measures to protect your rights, freedoms, and legitimate interests, or
  • is based on your express consent.

Right to lodge a complaint

You have the right to lodge a complaint regarding the processing of your personal data to the supervisory authority: President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw, tel. 22 531 03 00, fax. 22 531 03 01, e-mail: kancelaria@uodo.gov.pl.

§8. RELATIVE RIGHTS OF PERSONS WHOSE DATA ARE PROCESSED

When we write about rights related to the processing of your personal data, we refer to the rights described below. The possibility of exercising these rights in each case depends on the legal basis for the processing of your personal data.

Right to withdraw consent to the processing

If we process your personal data on the basis of your consent to do so, you have the right to withdraw your consent at any time. Naturally, the revocation of the consent given does not affect the lawfulness of the previous processing of your personal data.

Right to data portability

You have the right to receive your personal data provided to us, in a structured and commonly used machine-readable format. You also have the right to send this personal data to another controller without hindrance from us if the processing takes place:

  • on the basis of consent or under contract, and
  • by automated means.

When exercising your right to data portability, you have the right to request that we send your personal data directly to another controller, insofar as this is technically possible. This right must not adversely affect the rights and freedoms of others.

Right to object

Where we process your personal data on the basis of Article 6(1)(f) of the RODO, you have the right to object to the processing of this data on grounds relating to your particular situation.

At this point, we are no longer allowed to process that personal data unless we can demonstrate the existence of:

  • valid and legitimate grounds for the processing, and those grounds must override your interests, rights, and freedoms, or
  • grounds to establish, assert or defend claims.

Also, if you object to the processing of your personal data for direct marketing purposes, then we will not be able to process it for such purposes.

§9. COOKIES – INTRODUCTION

The website of the service uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g., computer, laptop, tablet, smartphone) used when visiting the Website. This information is sent to the memory of the browser used, which sends it back the next time you visit the website. We can categorize cookies according to three methods of division.

In terms of the purposes for using cookies, we distinguish between three categories of cookies:

  • Necessary files – these files enable the proper functioning of the Website and its functionalities, e.g., authentication or security cookies. Without saving them on your device, using the Website will be impossible.
  • Functional files – files that make it possible to remember your selected settings and adjust the Website to your needs and preferences, e.g. with respect to the selected language, font size, and website layout. They allow us to improve the functionality and efficiency of the website. Without saving them on your device, using some functionalities of the Website will be limited.
  • Business cookies – this category includes, for example, advertising cookies. They make it possible to adjust advertising displayed on or off the website to your preferences. Without storing them on your device, using some functionalities of the Website may be limited.

In terms of how long they are valid, we distinguish between two categories of cookies:

  • session files – existing until the end of a given session,
  • persistent files – existing after the session is completed.

In terms of differentiating the entity that administers cookies, we distinguish:

  • our cookies,
  • third-party cookies.

§10. DATA CONTROLLER COOKIES

The cookies we administer allow:

  • access authentication,
  • maintaining a session after logging in,
  • securing the Service against hacking attacks,
  • “remembering” by the browser the contents of the fields of completed forms (optional),
  • “remembering” items added to the cart by the browser,
  • adapting the content of the Website pages to your preferences.

This makes it easier and more enjoyable to use the functionality of the Service.

§11. THIRD-PARTY COOKIES

We use cookies administered by Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043, the United States as part of our services:

  • Google Analytics – these allow for evaluation of the quality of advertising campaigns carried out using the Google Ads service, as well as for studying user behavior and traffic and compiling traffic statistics,
  • Google Maps – these allow us to store information about you that enables you to use the map functionality available through the Google Maps service. Google Inc. may track your location,
  • YouTube – they allow them to store information about you that enables you to use the functionality of the YouTube service. Google Inc. may track your video playback.

The data collected by Google Inc. is anonymous and aggregated. In particular, they do not contain identifying characteristics (understood as personal data) of the users of the Website. When using the aforementioned services we collect such data as the source of obtaining the users visiting the Website, as well as their behavior on the Website, information on the devices and browsers they use, IP address, domain, demographic data (age, gender), interests, and geographical data.

We use cookies used by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. These cookies may be used to link your account to the third-party social networking site Facebook with your account on the Service (where we provide such functionality and where you use that account. These cookies may also be used to process on Facebook your actions performed with the “Share” or “Like” buttons. The processing of these activities may be public.

The use of third-party cookies is subject to the privacy and cookie policies of those third parties. The current policies of third parties in this regard can be found here: https://www.e-regulaminy.pl/biuletyn/polityki-prywatnosci-i-plikow-cookies/

§12. CONSENT TO USE AND MANAGE COOKIES

Consent to the processing of cookies is voluntary and can be withdrawn at any time. However, please note that the lack of consent for the use of certain cookies may result in restrictions on the use of the Website and its functionality or even prevent such use.

Granting permission to process cookies can occur:

  • by means of the software settings installed in the telecommunications terminal equipment used by the User,
  • by using a button containing a statement of consent to the processing of cookies or confirming that you have read its terms.

Most browser settings by default allow the placement of cookies and other information on your terminal device. If you do not agree with the saving of these files, it is necessary to change your browser settings accordingly. It is possible to disable their saved data for all connections from a given browser or for a specific website or delete them. How you manage these files depends on the software you use.

You can find the current file management policy in the settings of the web browser you are using, as well as here: https://www.e-regulaminy.pl/biuletyn/polityka-cookies-obsluga/.

CACHE

When you use the website, we may automatically use the cache memory installed on your device. Within local memory, it is possible to store data inter-seasonally, i.e. between successive visits to the Service website. The purpose of using the cache is to speed up the use of the Website by eliminating the situation where the same data would be repeatedly downloaded from the Website, thereby overloading the User’s Internet connection. The cache may also store data such as your login password.

§14. LINKS TO OTHER WEBSITES OR SOFTWARE

The Website may contain links to other websites or software. We are not responsible for the privacy and cookie policies of such websites or software. We recommend that you read the privacy and cookie policies of these websites and software when you access them or before you install them.

§15. CHANGES TO THE PRIVACY AND COOKIES POLICY

  1. The Privacy and Cookies Policy takes effect on the date of publication on the Website.
  2. A change in the Privacy and Cookies Policy can be made by publishing its new content on the Website.
  3. We will publish information about changes to the Privacy and Cookies Policy in the Website area no later than 3 days prior to the effective date of its new wording.