Privacy Policy and Cookies

1. DEFINITIONS

  1. Administrator  – Frankowski Dental ul. Subisława 19 80-354 Gdańsk-Żabianka
  2. Personal data  – all information about a natural person identified or identifiable through one or more specific factors determining their physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technologies.
  3. Policy  – ​​this Privacy Policy.
  4. GDPR  – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  5. Website  – website run by the Administrator at frankowski.pl
  6. User  – any natural person visiting the Website or using one or more services or functionalities described in the Policy.

2. DATA PROCESSING IN CONNECTION WITH THE USE OF FRANKOWSKI.PL

  1. In connection with the User’s use of the Service, the Administrator collects data to the extent necessary for commercial contact as well as information about the User’s activity on the Service using cookies. Below are described the detailed principles and purposes of processing personal data collected during the User’s use of the Service.

3. PURPOSES AND LEGAL BASIS FOR DATA PROCESSING ON THE WEBSITE

USING THE FRANKOWSKI DENTAL SERVICE

1. Personal data of all persons using the Website (including IP address or other identifiers and information collected via cookies or other similar technologies) who are not registered Users (i.e. persons who do not have a profile on the Website) are processed by the Administrator:

  1. in order to provide services electronically in the scope of making the content collected on the Website available to Users, providing contact forms – then the legal basis for processing is the necessity of processing for the performance of the contract (Article 6, paragraph 1, letter b of the GDPR);
  2. for the marketing purposes of the Administrator and other entities, in particular those related to the presentation of behavioural advertising – the principles of personal data processing for marketing purposes are described in the “MARKETING” section.
  3. The User’s activity on the Website, including their personal data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and activities concerning the IT system used to provide services by the Administrator). Information collected in the logs is processed in connection with the provision of services. The Administrator also processes them for technical purposes, in particular, data may be temporarily stored and processed in order to ensure the security and proper functioning of IT systems, e.g. in connection with making backup copies, testing changes in IT systems, detecting irregularities or protection against abuse and attacks.
CONTACT FORMS

1. The Administrator provides the possibility of contacting him using electronic contact forms. Using the form requires providing personal data necessary to contact the User and respond to the inquiry. The User may also provide other data to facilitate contact or handling the inquiry. Providing data marked as mandatory is required in order to accept and handle the inquiry, and failure to provide them results in the inability to handle it. Providing the remaining data is voluntary.

2. Personal data are processed:

  1. in order to identify the sender and process their inquiry sent via the form provided – the legal basis for processing is the necessity of processing for the performance of the service provision agreement (Article 6, paragraph 1, letter b of the GDPR);

4. MARKETING

1. The Administrator processes the personal data of Users in order to carry out marketing activities, which may consist of:

  • sending e-mail notifications about interesting offers or content, which in some cases contain commercial information;
  • conducting other types of activities related to the direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities).

2. In order to carry out marketing activities, the Administrator uses profiling in some cases. This means that thanks to automatic data processing, the Administrator assesses selected factors relating to natural persons in order to analyze their behavior or create a forecast for the future.

5. DIRECT MARKETING

1. If the User has agreed to receive marketing information via e-mail, SMS and other electronic means of communication, the User’s personal data will be processed for the purpose of sending such information. The basis for data processing is the legitimate interest of the Administrator in sending marketing information within the limits of the consent granted by the User (direct marketing). The User has the right to object to the processing of data for the purposes of direct marketing, including profiling. The data will be stored for this purpose for the duration of the legitimate interest of the Administrator, unless the User objects to receiving marketing information.

6. SOCIAL MEDIA PORTALS

1. The Administrator processes personal data of Users visiting the Administrator’s profiles maintained in social media (Facebook, YouTube, Instagram). This data is processed solely in connection with maintaining the profile, including for the purpose of informing Users about the Administrator’s activity and promoting various types of events, services and products, as well as for the purpose of communicating with users via the functionalities available in social media. The legal basis for the processing of personal data by the Administrator for this purpose is its legitimate interest (Article 6, paragraph 1, letter f of the GDPR) consisting in promoting its own brand and building and maintaining a community associated with the brand.

7. COOKIES AND SIMILAR TECHNOLOGY

1. Cookies are small text files installed on the device of the User browsing the Service. Cookies collect information that facilitates the use of the website – e.g. by remembering the User’s visits to the Service and the actions they take.

“SERVICE” COOKIES

1. The Administrator uses so-called service cookies primarily to provide the User with services provided electronically and to improve the quality of these services. In connection with this, the Administrator and other entities providing analytical and statistical services to the Administrator use cookies, storing information or accessing information already stored in the User’s telecommunications terminal device (computer, telephone, tablet, etc.). Cookies used for this purpose include:

  1. cookies with data entered by the User (session identifier) ​​for the duration of the session (user input cookies);
  2. authentication cookies used for services that require authentication for the duration of the session (authentication cookies);
  3. cookies used to ensure security, e.g. used to detect authentication abuse (user centric security cookies);
  4. multimedia player session cookies (e.g. flash player cookies), for the duration of the session (multimedia player session cookies);
  5. persistent cookies used to personalize the User interface for the duration of the session or slightly longer (user interface customization cookies),
  6. cookies used to remember the contents of the shopping cart for the duration of the session (shopping cart cookies);
  7. cookies used to monitor website traffic, i.e. data analytics, including Google Analytics cookies (these are files used by Google to analyze how the User uses the Service, to create statistics and reports on the functioning of the Service). Google does not use the collected data to identify the User, nor does it combine this information to enable identification. Detailed information on the scope and principles of data collection in connection with this service can be found at the link:  https://www.google.com/intl/pl/policies/privacy/partners .
“MARKETING” COOKIES

1. The Administrator also uses cookies for marketing purposes, including in connection with targeting behavioral advertising to Users. For this purpose, the Administrator stores information or gains access to information already stored in the User’s telecommunications terminal device (computer, telephone, tablet, etc.). The use of cookies and personal data collected through them for marketing purposes, in particular in the field of promoting services and goods of third parties, requires obtaining the User’s consent. This consent may be expressed through the appropriate browser configuration, and may also be withdrawn at any time, in particular by clearing the cookie history and disabling cookies in the browser settings.

8. PERSONAL DATA PROCESSING PERIOD

1. The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service provision or order fulfillment, until the consent is withdrawn or an effective objection to data processing is filed in cases where the legal basis for data processing is the legitimate interest of the Administrator.

2. The data processing period may be extended if processing is necessary to establish and pursue potential claims or defend against them, and after that time only if and to the extent required by law. After the processing period, the data is irreversibly deleted or anonymized.

9. USER RIGHTS

Data subjects have the following rights:

  1. The right to information on the processing of personal data  – on this basis, the Administrator provides the person making such a request with information on the processing of personal data, including in particular the purposes and legal basis for processing, the scope of data held, entities to which personal data are disclosed and the planned date of their deletion;
  2. The right to obtain a copy of the data  – on this basis, the Administrator provides a copy of the processed data relating to the person submitting the request;
  3. The right to rectification  – on this basis, the Administrator removes any inconsistencies or errors concerning the processed personal data, and supplements or updates them if they are incomplete or have changed;
  4. The right to delete data  – on this basis, you can request the deletion of data whose processing is no longer necessary to achieve any of the purposes for which they were collected;
  5. The right to restrict processing  – on this basis, the Administrator ceases to perform operations on personal data, with the exception of operations to which the data subject has given consent and their storage, in accordance with the adopted retention principles, or until the reasons for limiting data processing cease to exist (e.g. a decision of the supervisory authority is issued permitting further data processing);
  6. The right to transfer data  – on this basis, to the extent that the data is processed in connection with the concluded contract or the expressed consent, the Administrator issues the data provided by the person to whom it relates in a format that allows them to be read by a computer. It is also possible to request that this data be sent to another entity – provided, however, that there are technical possibilities in this respect on the part of both the Administrator and that other entity;
  7. The right to object to the processing of data for marketing purposes  – the data subject may object to the processing of personal data for marketing purposes at any time without having to justify such objection;
  8. The right to object to other purposes of data processing  – the data subject may at any time object to the processing of personal data based on the legitimate interest of the Controller (e.g. for analytical or statistical purposes or for reasons related to property protection). The objection in this respect should contain a justification and is subject to the Controller’s assessment;
  9. The right to withdraw consent  – ​​if data is processed on the basis of consent, the data subject has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before the withdrawal of that consent;
  10. The right to complain  – if it is found that the processing of personal data violates the provisions of the GDPR or other provisions regarding the protection of personal data, the data subject may file a complaint with the President of the Personal Data Protection Office.
  11. An application regarding the exercise of data subjects’ rights may be submitted:
    1. in writing to the following address: Frankowski Dental ul. Subisława 19 80-354 Gdańsk-Żabianka
    2. by e-mail to the following address:  [email protected]
    3. what right the person submitting the request wishes to exercise (e.g. the right to receive a copy of the data, the right to delete the data, etc.);
    4. what processing the request concerns (e.g. use of a specific service, activity on a specific website, receipt of a newsletter containing commercial information to a specific email address, etc.);
    5. what processing purposes the request relates to (e.g. marketing purposes, analytical purposes, etc.).
  12. If the Administrator is unable to determine the content of the request or identify the person submitting the request based on the submitted notification, it will ask the applicant for additional information.
  13. A response to applications will be provided within one month of their receipt. If it is necessary to extend this period, the Administrator will inform the applicant of the reasons for such extension.
  14. The response will be provided to the e-mail address from which the application was sent, and in the case of applications sent by post, by regular mail to the address indicated by the applicant, unless the content of the letter indicates a desire to receive feedback to the e-mail address (in which case the e-mail address should be provided).

10. DATA RECIPIENTS

1. In connection with the provision of services, personal data will be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems, entities such as legal entities and entities associated with the Administrator.

2. The Administrator reserves the right to disclose selected information concerning the User to competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with the provisions of applicable law.

11. TRANSFER OF DATA OUTSIDE THE EEA

1. The Administrator does not transfer the collected data outside the EEA.

12. PERSONAL DATA SECURITY

  1. The Administrator conducts ongoing risk analysis to ensure that personal data is processed by him in a secure manner – ensuring, above all, that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. The Administrator ensures that all operations on personal data are recorded and performed only by authorized employees and associates.
  2. The Administrator shall take all necessary measures to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process personal data on behalf of the Administrator.

13. CONTACT DETAILS

1. Contact with the Administrator is possible via e-mail  at [email protected]

14. CHANGES TO PRIVACY POLICY

1. The policy is constantly reviewed and updated if necessary.