Privacy Policy
**INFORMATION CLAUSE**
In accordance with Article 13 of the General Data Protection Regulation (GDPR) of April 27, 2016 (Official Journal of the EU L 119 of May 4, 2016), hereinafter referred to as “GDPR,” we inform you that:
The data controller for personal data processed through the website is:
Medseven Spółka z ograniczoną odpowiedzialnością, ul. Michała Kleofasa Ogińskiego 2, 85-092 Bydgoszcz, NIP 5542785431, REGON 34041627200000, registered in the business register maintained by the District Court in Bydgoszcz, XIII Commercial Division of the National Court Register under number 0000298764, with a share capital of 646,000 PLN.
The Administrator has appointed a Data Protection Officer. Contact: odo@medseven.eu
We inform you that we process your data only to the extent necessary and ensure its security. We collect your personal data to provide you with the services we offer. Your personal data will be processed for the purpose of entering into and performing a contract, sending offers, commercial information, and marketing services of the Administrator.
The personal data processed includes: names, date of birth, PESEL number, address, including email address, and phone number.
The legal basis for processing your personal data is:
– According to Article 6(1)(a) GDPR*1 – consent to process personal data for the purpose of establishing potential cooperation, entering into a contract, or continuing existing business relations, sending commercial information, or receiving marketing information,
– According to Article 6(1)(b) GDPR – performance of a contract (referred to as “Contract”), where processing data is necessary, and personal data is processed solely for the purposes related to the execution of the Contract, as well as to undertake necessary actions before entering into the Contract, and to establish, pursue, or defend claims,
– According to Article 6(1)(c) GDPR – to fulfill a legal obligation imposed on the Administrator,
– According to Article 6(1)(f) GDPR – for purposes arising from the legitimate interests pursued by the Administrator, such as marketing activities and pursuing claims.
Personal data will be processed for direct marketing of products and services until you object to their processing for this purpose or until the Administrator determines that the data is outdated.
Providing personal data is voluntary; however, not providing it will result in the inability to conclude and execute the Contract, including making purchases, rentals, obtaining technical support, or carrying out marketing activities.
Data will be stored no longer than necessary, i.e., until the Contract is terminated, but not less than the limitation period for any claims related to the conclusion and execution of the Contract, or until consent is withdrawn, if required, or until an objection is raised.
Your data may be shared with recipients if required by law or if necessary for the service you have ordered. Recipients of personal data include: entities providing accounting, IT, courier, legal, and payment services.
Personal data will not be transferred outside the European Economic Area or to international organizations.
You have the right to access your data and obtain a copy of it, as well as the right to correct, delete, restrict processing, transfer data, withdraw consent to processing at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to object to the processing of your data.
You have the right to receive personal data concerning you in a structured, commonly used, machine-readable format, which was provided based on consent or a contract, and you may request that this data be sent directly to another entity.*2
You have the right to lodge a complaint with the President of the Office for Personal Data Protection or another competent supervisory authority if you believe that the processing of your personal data violates GDPR provisions.
*1 GDPR refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, Official Journal of the EU L 119.1
*2 if processing is based on legal consent or contract
—
Medseven Sp. z o.o. provides technical and organizational measures to secure personal data transmitted electronically from unauthorized access and modification, specifically by requiring a valid login and password to access the customer account (securing data from processing by unauthorized individuals).
To properly secure personal data, do not disclose your password or login to third parties. Always remember to log out from your customer account after using the website. Additionally, exercise particular caution when using computers located in public places or accessible to many users.
Our website does not automatically collect any data except for data contained in cookies during the use of the website.
Cookies are small text files sent by the online store and stored on your computer, containing information related to your use of the website and the online store. The cookies used by the online store can be temporary or persistent. Temporary cookies are deleted when you close your browser. Persistent cookies are stored even after you finish using the website and are used to store information such as your password or login, making it faster and easier to use the site.