Limited Liability Company “WIMED”, st. Tarnowska 48, 33-170 Tuchów, NIP: 6852209596, REGON: 180188573

In accordance with Art. 13 sec. 1 and sec. 2 Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of individuals with respect to the processing of personal data and on the free movement of such data, as well as on the repeal of Directive 95/46 / EC (general data protection regulation, hereinafter also “RODO”), below is basic information about the rules processing of personal data in connection with a visit to the website www.wimed.pl.


Data identifying the Administrator of personal data:

The administrator of your personal data is “WIMED” Limited Liability Company, st. Tarnowska 48, 33-170 Tuchów, NIP: 6852209596, REGON: 180188573.

The administrator pays special attention to protecting the interests of the subjects, in particular, so that the personal data collected by him:

  • processed in accordance with the law, fairly and transparently,
  • collected for specific, explicit and legitimate purposes and were not further processed in a manner incompatible with these purposes,
  • adequate, relevant and according to the purpose for which they are collected,
  • fix and update if necessary,
  • store in a form that allows the identification of the subject, no longer than is necessary for the purposes for which the data is recorded,
  • processed in a manner that ensures proper security of personal data, including protection from unauthorized or illegal processing and accidental loss, destruction or damage, using appropriate technical and organizational measures.


You can contact the administrator of personal data in writing at the following address:

  • “WIMED” Limited Liability Company, st. Tarnowska 48, 33-170 Tuchów
  •  email address: iod@wimed.pl
  • phone: +48 695 803 011


Purpose and scope of data collection

  • The Administrator processes personal data in the form of first and last name, email address and telephone number in order to answer questions asked by the Site User, in particular, questions regarding the Administrator’s proposal.
  • The Administrator has the right to entrust personal data to organizations through which the Administrator implements the purposes of processing personal data specified in this policy, in particular, employees, contractors and other organizations with which the Administrator cooperates, including, in particular, a website hosting provider. The administrator ensures the protection of personal data entrusted to these organizations on the terms set forth in this policy and in the provisions of the current legislation.


Embedded content from other sites

Articles on this site may contain embedded content (such as videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the user has visited a specific website directly.

Sites may collect information about you, use cookies, connect additional external tracking systems, and track your interactions with the embedded content, including tracking your interactions with the embedded content if you have an account and are logged into this site.


Rights for the processing of personal data

The legal basis for the processing of personal data in order to fulfill the obligation is the concluded contract (Article 6 (1) (b) of Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 protection of natural persons with regard to the processing of personal data and free movement of such data and cancellation of Directive 95/46 / EC – “RODO”).


The legal basis for the processing of personal data in order to take action at the request of the data subject prior to concluding a contract is voluntary consent (Article 6 (1) (a) of the Regulation of the European Parliament and of the Council (EU)) 2016/679 of April 27, 2016 on the protection of natural persons. persons in relation to the processing of personal data and on the free movement of such data, as well as on the repeal of Directive 95/46 / EC – “RODO”).


The administrator also has the right to process personal data, regardless of the consent provided, in a situation when:

  • processing is necessary to fulfill the legal obligations imposed on the controller;
  • processing is necessary to protect the vital interests of the data subject or other natural person;
  • processing is necessary for the performance of a task performed in the public interest or in the exercise of state powers entrusted to the controller;
  • processing is necessary for the purposes of legitimate interests pursued by the controller or a third party, unless these interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, in particular when the Subject is a child.

The data subject has the right to withdraw consent to the processing of personal data at any time. The revocation of consent does not affect the legality of the processing that was carried out on the basis of the consent prior to its revocation. Consent can be withdrawn in writing to the Administrator’s address or electronically to the e-mail address iod@wimed.pl.

In case of withdrawal of consent, the Administrator may still have the right to process personal data in accordance with the provisions of applicable law. In such a situation, the Administrator will process personal data only for the purposes and to the extent permitted by law, despite the lack of consent of the data subject.


Data subject rights

Data access

The data subject has the right to obtain from the Administrator confirmation of whether personal data concerning him is being processed, and if so, he has the right to access this data and the following information:

  • the purposes of personal data processing;
  • categories of processed personal data;
  • information about the recipients or categories of recipients to whom personal data have been or will be disclosed, in particular, about recipients in third countries or international organizations, as well as the applied guarantees related to the transfer of data to recipients in third countries or international organizations
  • if possible, the planned storage period for personal data, and if this is not possible, the criteria for determining this period;
  • information on the right to demand from the administrator to correct, delete or restrict the processing of personal data relating to the data subject, and to object to such processing;
  • information on the right to lodge a complaint with a supervisory authority;
  • if personal data was not received from the data subject – any available information about their source;
  • information about automated decision making, including profiling.

Upon request, the administrator provides the data subject with a copy of the processed personal data. For any subsequent copies requested by the data subject, the Controller may charge a reasonable fee based on administrative costs. If the data subject requests a copy by electronic means and, unless otherwise specified, the information will be provided by electronic means, if possible.

Rectification

The data subject has the right to request the Administrator to immediately rectify incorrect personal data concerning him. Taking into account the purposes of processing, the data subject has the right to request that incomplete personal data be supplemented, including by providing an additional statement.

Deleting data

The data subject has the right to demand that the administrator delete his personal data immediately, and the administrator is obliged to delete the personal data without undue delay if one of the following circumstances occurs:

  • personal data are no longer needed for the purposes for which they were collected or otherwise processed,
  • the data subject has actually withdrawn the consent on which the processing is based and there is no other legal basis for the processing
  • the data subject objects to the processing and there is no legally justified basis for the processing
  • the data subject objects to the processing of data for direct marketing purposes
  • personal data was processed unlawfully
  • personal data must be deleted in accordance with a legal obligation provided for by EU law or the law of a member state to which the Administrator is subjec
  • personal data were collected in connection with the offer of information society services.

Restriction of data processing

The data subject has the right to demand from the administrator the restriction of data processing in the following cases:

  • the data subject disputes the accuracy of the personal data – for a period allowing the Administrator to verify the correctness of these data,
  • the processing is illegal and the data subject opposes the deletion of personal data, instead requesting the restriction of their use,
  • the controller no longer needs personal data for the purposes of processing, but they are necessary for the data subject to establish, assert or defend claims,
  • the data subject objects to the processing – until it is determined whether the legitimate grounds on the part of the Controller outweigh the grounds for the objection of the data subject.

Restriction of the processing of personal data should be understood as the storage of personal data in order to limit their further processing.

If, in accordance with the aforementioned request, the processing of data has been restricted, such personal data may be processed, except for storage, only with the consent of the data subject or for the creation, exercise or defense of legal claims, or to protect the rights of another natural or legal person or for important public reasons. interests of the European Union or a member state. Before lifting the restriction of processing, the administrator informs the data subject who requested the restriction of this.

Data exchange

  • The data subject has the right to receive, in a structured, widely used, machine-readable format, personal data about him that he has provided to the administrator, and has the right to send this personal data to another administrator without any hindrance from the administrator to whom the personal data was provided, if the processing based on consent or contract and if the processing is carried out by automated mean
  • When exercising the right to transfer the data specified above, the data subject has the right to demand that the personal data be sent by the Administrator directly to another administrator, if technically possible.
  • The data subject has the right not to be subjected to a decision based solely on automated processing, including profiling, and which has legal consequences or significantly affects a person in a similar way.

Objection

  • The data subject has the right to object at any time – for reasons related to his particular situation – against the processing of his personal data on the basis of the provisions of Art. 6 sec. 1 lit. e, f of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, including profiling based on these provisions.
  • Following an objection, the Administrator is no longer allowed to process this personal data unless he demonstrates that there are valid legal grounds for processing overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims.
  • If personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of his personal data for such marketing purposes, including profiling, to the extent that the processing is related to such direct marketing. If the data subject objects to processing for direct marketing purposes, the personal data can no longer be processed for such purposes.

Exercise of rights

  • The above rights are exercised at the request of the Administrator in writing or by e-mail to the address iod@wimed.pl. Any inquiries regarding the rights of the data subject can be sent to the same email address. The administrator makes every effort to clearly and clearly explain his rights and enable the data subject to exercise them.

Complaint

The data subject has the right to lodge a complaint with a supervisory authority, in particular

in the Member State of his habitual residence, place of work or place of the alleged violation, if he considers that the processing of personal data concerning him violates this Regulation. The above complaint must be submitted to the supervisory authority, the President of the Office for Personal Data Protection, at the following address: st. Bets 2, 00-193 Warsaw.


Profiling

Personal data will not be processed automatically, including profiling.


Data transferred outside the European Economic Area

Personal data will not be transferred to a third country / international organization outside the European Economic Area.


Newsletter

  • The Administrator provides the Data Subject (hereinafter: the User) with a newsletter service in accordance with the principles set out in this Privacy Policy, as well as in the Newsletter Rules posted on his website.
  • The administrator guarantees that the use of the newsletter is free and voluntary.
  • The user can subscribe to the service by specifying an email address and expressing the consent specified in art. 6 paragraph 1 lit. GDPR.
  • The Administrator, after the prior consent of the User, has the right to send through the Newsletter to the specified e-mail address commercial information within the meaning of the Law of July 18, 2002 on the provision of electronic services.
  • The ordered newsletter is only sent to the email address specified by the user.
  • The user has the right to unsubscribe from the newsletter at any time. The subscription can be canceled by using the deactivation link in the content of each newsletter sent or by sending the content of the aforementioned request to the e-mail address iod@wimed.pl.
  • Detailed rules for the provision of the newsletter service are set out in the Regulations available on the Administrator’s website www.wimed.pl.


Cookies and other technologies

Please note that on our website we use cookies (text files) and other technologies to record information about the pages or subpages visited by the user and their activities.

Cookies are information stored by the browser. They do not affect software or hardware. Cookies are associated only with the browser of a specific device without specifying the user’s first or last name (anonymous user). This is information stored by the server on the user’s device, which the server can read every time it connects to the user’s device.

We use cookies to ensure the highest level of user experience on our website, and the data collected is only used internally by our company to optimize our operations.

We use the following cookies on our website:

  • “Necessary” cookies to enable the use of the services available on the website, such as authentication cookies used for services that require authentication on the website,
  • Cookies used for security purposes, for example, to detect authentication fraud on a website,
  • “Performance” cookies to collect information about how you use the pages of the website,
  • “Functional” cookies that allow you to “remember” the settings selected by the user and personalize the user interface, for example, in terms of the selected language or region, where the user came from, font size, appearance of the site, etc.

The administrator also uses cookies to collect static data using analytical tools: Google Analytics (cookie administrator: Google Inc., USA).

The user can disable or restore the ability to collect cookies at any time by changing the settings in the web browser.

If you do not want to receive cookies, you can change your browser settings. At the same time, we would like to point out that disabling cookies required for authentication, security and settings will make it difficult to use the websites, and in extreme cases may interfere with their use.

Most browsers allow users to control cookies in their preferences settings.

Users should read the privacy policies of these browsers for their cookie policy. Restricting the ability to set cookies may impair the overall quality of the website.


Final statements

The extent to which the rights of the data subject can be exercised may be limited by law, in particular due to the rights and freedoms of others or due to public interest.

The data subject’s rights detailed in this Privacy Policy are derived from generally applicable law and the provisions of this Privacy Policy do not in any way limit these rights.

To ensure a high level of protection of personal data, the controller will regularly review this privacy policy.

Changes to it in the event of a change in the volume of processed personal data, the processing technology of such personal data, as well as in the event of a change in the applicable legislation or guidelines for their application.