PHARMACANN POLSKA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
I. Who are we?
- The administrator of your personal data is:
Pharmacann Polska Sp. z o.o. with its registered office in ul. Jana Pawla II nr 70, premises number 14, in Warsaw, entered in the r egister of entrepreneurs of the National Court Register kept by the District Court of Warsaw nr XII Commercial Division of the National Court Register, under number KRS: 0000685922 tax identification number NIP: 9522164490, statistical number REGON: 367579441, is the entity managing the website www.____________
The Administrator may be contacted, in particular, by e-mail at ___________ or in writing at our registered office.
II. What data do we collect about you?
Data collected when you contact us:
- When you contact us via the website, telephone, e-mail, you provide us with your personal data, e.g. name, surname, e-mail address and telephone number.
- When you register via our website, you may be asked to provide personal data such as your name, e-mail address, telephone number, age, correspondence address and possibly other data, in accordance with the displayed messages.
- Providing personal data is voluntary, but not providing it will prevent us from contacting you and providing services.
III. How do we use your data?
- Your personal data is processed in order to enable communication between the users of our website and the correct use of available functionalities.
- If you have asked a question through our website, we will use your data to answer it.
- We may market our own services within the scope of the provision of services. For this purpose, it is necessary to process the User’s data, and the legal basis is the legitimate interest of the Administrator, which is the marketing of own services (Article 6.1(f) RODO).
- In case of violation of the rules of our service, violation of law or when required by law, we can make your data available to the appropriate state authorities.
IV. Purpose and basis of the processing.
- Your data are processed in particular for the purpose of providing electronic services by the Administrator.
- Your personal data may also be used for the purpose:
- present an offer concerning the services provided by the Administrator,
- the provision of information and marketing communications,
- providing information on the Administrator’s activities,
- in the event of concluding an agreement with the Administrator covering the provision of services, your data shall be used for purposes related to the reliable performance of such an agreement, including accounting records.
- Your personal data will be processed:
- on the basis of the consent granted – until its withdrawal or termination of the purpose for which the data were collected. The consent granted may be revoked at any time without affecting the lawfulness of the processing performed on the basis of the consent before its revocation,
- in connection with the performance of the agreement concluded with the Administrator – until the expiry of the period in which the Administrator or you may pursue claims related to the concluded agreement, or until the expiry of the period in which proceedings may be instituted by public administration bodies in connection with the performance of the agreement,
- in connection with marketing and information activities – until the end of the Administrator’s activities consisting in the transfer of information concerning the business activity, or until you express your objection to such processing.
- We process your data on the basis of:
- Article 6.1(a) of RODO, i.e. consent to the processing of personal data and receiving information about the Administrator’s business activity, in particular expressed through the form available on the websites used by the Administrator,
- Article 6.1 (b) of the ARO, i.e. the necessity to perform the contract to which the data subject is a party and to discharge faithfully the obligations relating to the services provided;
- Article 6.1 (f) of RODO, i.e. the necessity resulting from the legitimate interests pursued by the Administrator, such as providing information on the Administrator’s activities and services offered, reliable performance of the obligations entered into by the Administrator, in particular the performance of contracts, offering services of the highest standard, as well as providing information on the Administrator. Processing of personal data in the aforementioned scope is within the scope of the Administrator’s business and is necessary to provide information and services to customers.
V. What are your rights?
The right to personal data protection includes a number of possibilities which you can take advantage of at any time. Your rights include:
- The right to access the content of your personal data and to receive a copy of it;
- The right to rectify your data;
- The right to erase your data;
- The right to limit the processing of personal data;
- The right to object to the processing of personal data;
- The right to data portability;
- The right to lodge a complaint to the supervisory authority – the President of the Office for the Protection of Personal Data;
- The right to withdraw the consent to the processing of personal data.
In order to exercise your rights, send a request to the e-mail address ______________
- The Administrator has formulated particular goals in the field of personal data security and has taken the necessary actions to make them appear in the enterprise run by him/her:
- ensuring the processing of personal data in accordance with the law, in a reliable and transparent manner for the data subject (“lawfulness, reliability and transparency”);
- ensuring that personal data are collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes (‘purpose limitation’);
- ensuring that the collection of personal data is adequate, relevant and limited to what is necessary for the purposes for which it is processed (‘data minimisation’);
- The Administrator shall take steps to ensure that personal data are accurate and, where necessary, kept up to date, and take all reasonable steps to ensure that personal data which are inaccurate in view of the purposes of processing are erased or rectified without delay (‘accuracy’);
- The Administrator shall take steps to ensure that personal data are kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed (‘retention restriction’);
- The Administrator shall take steps to ensure that personal data are processed in a manner ensuring their adequate security, including protection against unlawful or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organisational measures (‘integrity and confidentiality’).
- The objectives set out in paragraph 1 shall be achieved by taking appropriate measures and applying effective safeguards, which include in particular:
- adequate security of IT systems in which personal data are processed,
- continuous improvement of awareness and knowledge of employees/co-operators in the field of personal data security,
- communicating to employees/co-operators the consequences, including disciplinary ones, in the event of a breach of personal data security,
- granting access to documents, materials or systems containing personal data only to authorised persons,
- securing documents, materials or systems against loss or destruction of personal data contained therein,
- implementation of detailed rules defining the manner of managing user rights and authentication rules in all systems operated by the Administrator,
- conducting thorough tests in the process of preparing new software,
- Information Security Incident Reporting,
- regular risk analysis in the area of information security and design of measures to minimise potential risks,
- entrusting personal data only to such third parties that provide sufficient guarantees that appropriate technical and organizational measures are implemented to ensure that the processing complies with the requirements of generally applicable laws, this document and protects the rights of data subjects.
- Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of the processing and the risk of violation of rights or freedoms of natural persons with different probability of occurrence and seriousness of risk resulting from the processing, the Administrator has implemented – both when defining the means of processing and during the processing itself – appropriate technical and organisational measures designed to effectively implement data protection principles so as to meet the requirements of generally applicable laws and to protect the rights of data subjects. When processing personal data, we use, among others, encryption of the connection by means of SSL certificate.
VII. How we will contact you?
- If you have asked a question by e-mail, you can receive e-mails from us regarding your case. If you have given us your phone number, we can also contact you by phone.
- If you have subscribed to our e-newsletter or otherwise agreed to receive it, you will receive it from us by e-mail.
- Cookies do not contain any personal data. They are stored in the memory of your device in the form of small text files.
- By using the appropriate options of your browser, you can delete cookies at any time or block their use on our website. If you would like to know how to disable or change the way cookies are stored in your browser, you can use the help function of your browser.
IX. Facebook Pixel
- The Service uses the Facebook Pixel tool provided by Facebook Inc. 1601 S. California Ave. Palo Alto, CA 94304, USA. The tool is designed to coordinate and conduct personalized marketing activities within Facebook.
- Facebook Pixel processes information that is not personal data and does not allow for the identification of the User.
- Data collected by Facebook Pixel is transferred to a server located in the United States for storage purposes.
- Facebook Inc. with its registered office and technical infrastructure in the USA, has joined the EU-US-Privacy Shield programme confirming compliance with the appropriate security measures for the processing of personal data required by European legislation.
X. Google Analytics
- The website uses Google Analytics provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. It is used to create statistics based on collected data and to further analyze them in order to improve the quality of the service.
- Google Analytics processes non-personally identifiable information, such as time spent on the website, browser type, and information about the operating system you are using.
- The data collected by Google Analytics is collected automatically and transferred to a Google server in the United States for storage.
- For further information on this tool, how it works and how it can be removed, please visit the website of Google: https://support.google.com/analytics/answer/6004245
- Google LLC, with its registered office and technical infrastructure in the USA, has joined the EU-US-Privacy Shield programme, which confirms that it has taken appropriate security measures to process personal data required by European legislation.
XI. Google Tag Manager
- The service uses Google Tag Manager provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. It is used to check how you use the Service and to coordinate our advertising activities.
- Google Tag Manager processes data in order to manage the website’s tags through an interface. Google Tag Manager does not store cookies or collect personal data.
- Detailed information about this tool, how it works and how to deactivate it can be found on the website of Google: https://policies.google.com/privacy
- Google LLC, with its registered office and technical infrastructure in the USA, has joined the EU-US-Privacy Shield programme, which confirms that it complies with the appropriate security measures for processing personal data required by European legislation.
XII. External services
- We use the services of external entities to whom your data may be transferred in order to implement the assumptions of the Company. In such a case, each time there is an agreement on entrusting the processing of personal data with entities such as:
- an accounting office,
- IT service provider,
- a marketing agency.
- Personal data are not made available to third parties, unless such access results from the applicable provisions of law obliging the Administrator to transfer the data to authorized entities.
DODAJEMY ŁĄCZE DO FACEBOOK
Strona musi mieć możliwość rozbudowy (technicznie – CMS)