Information clause

  • The Administrator of your Personal data is MNM Diagnostics sp. Z o. O. with its registered office in Poznań at ul. Macieja Rataja 64, hereinafter referred to as the Administrator.
  • “Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • The GDPR is understood as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the repealing Directive 95/46/EC.
    The term “Website” is understood as the websites established by the Administrator or social networks on which the Administrator has created accounts.
    The term “User” is understood as any natural person visiting the Website or using one or more services or functions made available on the Website.
  • The Data Protection Officer at the Administrator’s is: Mr. Piotr Topolski, e-mail: [email protected].
  • In connection with the User’s use of the Website, the Administrator collects data to the extent necessary to provide individual services offered, as well as information about the User’s activity on the Website. Personal data of all natural persons using the Website (including IP address or other identifiers and information collected via cookies or other similar technologies) are processed by the Administrator:
    •  In order to provide electronic services in the field of providing Users with content collected on the Website (e.g., entries, comments) – the legal basis for processing is then the necessity to process for the performance of the contract (Art. 6 of the Act 1 letter b of the GDPR);
    • For analytical and statistical purposes – then the legal basis for processing is the legitimate interest of the Administrator (Art. 6 of the Act 1 letter f of the GDPR), consisting in conducting analyzes of Users’ activity, as well as their preferences, in order to improve the functionalities used and the services provided.
    • In order to possibly establish, investigate or defend against claims – the legal basis for processing is the legitimate interest of the Administrator (Art. 6 of the Act 1 letter f of the GDPR) consisting in the protection of its rights.
    • User’s activity on the Website, including his personal data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and activities related to the IT system used for the provision of services by the Administrator). The information collected in the logs is processed primarily for purposes related to the provision of services. The Administrator also processes this data for technical and administrative purposes, for the purposes of ensuring the security of the IT system and its management, as well as for analytical and statistical purposes – in this respect the legal basis for processing is the legitimate interest of the Administrator (Art. 6 of the Act 1 letter f of the GDPR).
  • The Administrator provides the option of contacting him using electronic contact forms. Using the form requires providing personal data necessary to contact the User and answer the inquiry. The User may also provide other data in order to facilitate contact or handling the inquiry. Providing data marked as mandatory is required in order to accept and handle the inquiry, and failure to do so results in the inability to handle it. Providing other data is voluntary.
    • In order to identify the sender and handle his inquiry sent via the provided form – the legal basis for processing is the necessity of processing to perform the contract for the provision of the service (Art. 6 of the Act 1 letter b of the GDPR);
    • For analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Art. 6 of the Act 1 letter f of the GDPR), consisting in keeping statistics of inquiries submitted by Users via the Website in order to improve its functionality.
  • The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, the data is processed for the duration of the service, until the consent is withdrawn or an effective objection to data processing is raised in cases where the legal basis for data processing is the Administrator’s legitimate interest.
  • The data processing period may be extended if the processing is necessary to establish and pursue any claims or defend against claims, and after this period, only if and to the extent that it will be required by law. After the expiry of the processing period, the data is irretrievably deleted or anonymized.
  • The User has the right to access the data and request their rectification, deletion, processing restrictions, the right to transfer data and the right to object to data processing, as well as the right to lodge a complaint with the supervisory body dealing with the protection of personal data.
  • To the extent that the User’s data is processed on the basis of consent, it can be withdrawn at any time by contacting the Administrator or using the functions available on the Website.
  • The User has the right to object at any time to the processing of their data for direct marketing purposes, including profiling, if the processing takes place in connection with the legitimate interest of the Administrator.
  • The User also has the right to object at any time to the processing of his data for reasons related to his particular situation in cases where the legal basis for data processing is the legitimate interest of the Administrator (e.g. in connection with the implementation of analytical and statistical purposes, including profiling)
  • In connection with the provision of services, Personal data will be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems used to provide services, entities such as research companies, marketing agencies (in the field of marketing services).
  • The administrator reserves the right to disclose information about the User to the competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with applicable law.
  • The level of personal data protection outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator transfers personal data outside the EEA only when it is necessary and with an adequate level of protection, primarily through:
    • Cooperation with entities processing personal data in countries for which an appropriate decision of the European Commission has been issued;
    • Use of standard contractual clauses issued by the European Commission;
    • Application of binding corporate rules approved by the competent supervisory authority.
  • The administrator conducts a risk analysis on an ongoing basis to ensure that personal data is processed by him in a safe manner, ensuring, above all, that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks they perform. The administrator makes sure that all operations on personal data are recorded and performed only by authorized employees and associates.
  • The administrator takes all necessary steps to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures in each case when they process personal data on behalf of the Administrator.

Any questions?

Contact us

Contact page