Privacy policy

Who is the controller of  your personal data and how may they be contacted?

The controller of your personal data is

Aesthetic Med Andrzej Dmytrzak

with seat at Niedziałkowskiego 47/ 5, 71-403 Szczecin, Poland,

e-mail: aestheticmed[at]aestheticmed.com.pl.

When and what data is collected

1. We may collect personal data at various stages of usage of the company services, in particular:

a) When making appointments for medical and auxiliary medical services

b) During transactions of purchase of services and products

c) When the owner of the data contacts the administrator (by phone, by e-mail)

d) Automatically during a visit at the company seat

e) During the recruitment process

2. The following data, including personal data, is collected: First name, last name, e-mail address, phone number; medical data – specific for every treatment; bank account number, NIP (tax identification) number, the likeness and other data pursuant to the Polish Labour Code.

For what purpose is the personal data used?

1. The personal data of the owners is process for the purpose of execution of services provided by the entity.

2. The personal data of the owners of the data may furthermore be processed for the purpose of marketing of own services of the controller or their partners.

3. With the consent of the user, the personal data may be transferred to entities from the medical and auxiliary medical industries, as well as from accounting, computer sciences, legal affairs, marketing and training.

4. The consent can be withdrawn at any time. The withdrawal of the consent does not influence the legality of processing of your personal data during the validity period of the consent. You may make use of the right to withdraw the consent by sending a message to iod[at]aestheticmed.com.pl.

5. You are entitled to submit an objection to the processing of your personal data for the purpose of direct marketing at any time. This right may be made use of by sending an e-mail to the address iod[at]aestheticmed.com.pl.

6. Based on your personal data, the Controller will not make any automatic decisions concerning you, including decisions being the result of profiling.

7. The provision of personal data is voluntary, however, failure to provide them may prevent the execution of services offered by the company.

Safety of personal data

1. In order to ensure the integrity and confidentiality of the data, the Controller had assumed a data protection policy that describes comprehensively the rules of protection of personal data. Implemented were also procedures that allow access to the data solely to authorised persons, and solely in the extent that this would be necessary due to the tasks carried out by them.

2. The Controller utilises organisational and technical solutions to ensure registration of personal data processing operations and identifiability of the persons performing the processing.

3. The Controller applies due diligence so that the entities cooperating with them would provide guarantees of usage of relevant security measures in every case they process personal data upon the order of the Controller.

4. The Controller conducts running risk analyses and monitors the suitability of the utilised data security measures against the identified threats.

Who has access to your personal data?

1. Access to your personal data is possible by recipient who help us maintain the computer system in which orders are executed, who provide you with retail and marketing information as well as provide delivery services. In addition, in some cases, access to your data will be provided to entities from the medical industry.

2. All our employees and co-workers who have access to personal data were individually authorised to process this data and taught about the obligations in terms of the protection of privacy of our customers that rest upon them.

How long do we store your personal data?

1. Your personal data is stored over the period necessary for the achievement of the objective, for which the data is processed, e. g. in case of data processed in relation to:

a) the execution of medical and auxiliary medical activities – over a period of twenty years, pursuant to the provisions relevant for this kind of activity

b) marketing activity – until the time of receipt of any objection or the demand to remove the data

c) recruitment of employees and personnel – up to three years.

2. The period of data storage may be extended, should the processing be necessary to determine or raise claims or for the purpose of defence against claims, and, following this period – in cases and in the scope required by provisions of the law.

3. After the expiry of the period of storage of the data, it will be permanently removed or anonymised.

What rights do owners of the data have?

1. You are entitled to:

a) Access your personal data (e. g. check, what kind of data is processed by the Controller, to acquire a copy of these as well as acquire information on the purpose and legal basis for the processing of data of a specific user by the Controller, whom the data is made available to and when shall it be deleted).

b) Correct personal data (should they prove to be wrong),

c) Amend personal data (should it turn out that they are incomplete).

d) Transfer personal data (meaning, convey the personal data in a structured, commonly used machine-readable format, e. g. .txt, .pdf, .odt, . doc, .rtf, .jpeg, .xml, .json, .csv).

e) Request a limitation of the processing of personal data (in which case we would only be allowed to store your personal data),

f) Removal of the personal data

2. The rights mentioned above can be made use of by sending an e-mail to the address iod[at]aestheticmed.com.pl.

3. In relation to our processing of your personal data you are entitled to file complaints with the supervisory body. This body is presently the Polish Personal Data Protection Office (https://giodo.gov.pl/pl/493).

Cookie policy

1. The website www.aestheticmed.pl automatically collects in particular data on the IP address, the type of web browser, the operating system as well as information stored in so-called Cookie files.

2. Cookie files is computer data, in particular text data, which is stored on the end device of the user of the website, and which is foreseen for the usage of the website pages. Cookie files usually contain the name of the website they originate from, the time of their storage on the end user device and a unique number.

3. Cookie files are used for the following purposes:

a) To adapt the content of the website to the preferences of the user and for the purpose of optimisation of usage of the website; in particular, these files permit the recognition of the device of the site user and to display the website appropriately, adapting it to their individual needs;

b) Create statistical data that permit the understanding, just how users of the website make use of the pages, permitting the improvement of their structure and content,

4. As part of the website, two fundamental types of cookies are used: Session cookies and persistent cookies. Session cookies are temporary files stored on the end user device until time of log-off, departure from the website or until the software (web browser) is shut down. Persistent cookie files are stored on the end user device over the time set out in the cookie file parameters, or until they are removed by the user.

5. As part of the website, the following types of cookie files are used:

a) ‘necessary’ Cookie files, permitting the usage of services that are provided as part of the website, e. g. authentication cookie files used for services requiring authentication as part of the website,

b) Cookie files serving the assurance of security, e. g. used to detect abuse spanning authentication as part of the website;

c) Performance Cookie files, permitting the collection of information on the mode of use of the website pages;

d) Functional Cookie files permitting the storage of certain settings selected by the user and the personalisation of the user interface, e. g. in terms of the selected language or region of origin of the user, the font size, form of the website, etc.

e) ‘Advertising’ cookie files, permitting the supply to the Users of advertising content that is better adapted to their interests.

6. In many cases, the web browser software (web browser) will by default permit the storage of cookie files on the end user device. Website users may at any time change the settings concerning cookie files. These settings may be changed in particular so as to block the automatic processing of cookie files in the web browser settings or to inform each time of their placement on the end user device. Detailed information on the options and modes of handling cookie files are available in the software (web browser) settings.

7. The Controller notifies that the limitations to the use of Cookie files may influence certain functionalities available on the website pages and limit their availability.

8. Cookie files placed on the end device of the website user may also be used by advertising providers and partners cooperating with the website operator.

Changes to the privacy policy

The controller reserves the right to change the present privacy policy by publishing a new version of the policy on the website.