The website owner ensures that his primary purpose is to provide people using the service privacy protection on a level at least equivalent to the requirements imposed by the applicable law, in particular, by the law of 29 August 1997 on personal data protection and by the Act of 18 July 2002 on electronic services.
The website owner may collect personal data and other data of a different nature. Collecting data takes place either automatically or by the actions of people visiting the service, depending on its character.
The website owner reserves the right to interpose changes to this document.
I. General information and cookie files:
- The owner and operator of the website is Klinika Medycyny Estetycznej Skin Beauty Spółka Cywilna with its registered office in Warsaw, address: Modzelewskiego, 02-679 Warsaw entered into the National Court Register kept by the District Court, Commercial Division of the National Court Register, under KRS number, NIP: 5213786398
- Service performs the function of obtaining information about the service users and their behavior in the following way:
- The service automatically collects information that is contained in the cookie files.
- Through data entered voluntarily by the service users in the forms available on the website.
- Through the automatic collection of web server logins by the web host provider.
- Cookies are computer data, in particular text files that are stored in the final device of the service user and are designed for use with web service. Cookies typically contain the name of the website from which they originate, their storage time on the final device and a unique number.
- During a visit on the site the service users data may be collected automatically concerning a given user visit and comprising of: the IP address, web browser type, domain name, number of pageviews, the type of operating system, screen colors, visits, the website addresses from which the pageview has been made, the time of use. These data is not personal data and does not allow identifying person who is using the service.
- The subject placing the cookie files on the service user final device and the entity receiving cookies to access them is the owner of the site.
- The cookie files are used in order to:
- Adapt the web content to user preferences and to optimize the use of websites; in particular, these files allow to identify the device of the service user and to properly display the web page tailored to the individual needs;
- to create statistics that help to understand how users use the websites, which allows the improvement of their structure and content;
- to maintain the service user's session (after logging in), so the user does not have to re-enter login and password on every page of the site.
- The following types of cookies are used as a part of the service:
- „ the necessary” cookie files enabling the use of the services available through the website, for example: authentication cookies,
- cookies used to ensure safety, eg. used to detect fraud,
- "Performance" cookies that are used to obtain information about the usage of the web site by users,
- "advertising" cookies allowing to provide users the advertising content more suited to their interests,
- "functional" cookies, enabling to "remember" the settings selected by the user and to customize the service to the user, eg. in terms of the selected language.
- There are two basic types of cookies used within the service: "Session" (session cookies) and "fixed" (persistent cookies). Session cookies are temporary files, stored in the final device until the user leaves the website, logs off or disables software (switches off the web browser). Persistent cookies are stored in the final device of the user for the time defined in the parameters of cookie files or until they are deleted.
- In the overwhelming number of cases, the software used to browse web pages allows to store cookies on the users’ final device by default. Service users have the possibility to change the cookie settings whenever they like. These settings can be changed in the options of the web browser (software) in a manner that will prevent the automatic handling of cookies or forces to inform about them each time they are placed on the user’s device. Detailed information about the possibilities and ways of handling cookies are available in the web browser settings.
- Cookies placed in the user’s final device may also be used by the advertisers and partners of the service owner.
II. Processing of personal data and information on forms:
- In the case of the collection of personal data by the service provider it is processed on the basis of Art. 23. 1 Section 1 or Section 5 of the Act on the Protection of Personal Data (Dz. U. of 2002., No. 101, item. 926, as amended).
- As part of the service comes the processing of personal data that is voluntarily provided by its users.
- As part of the registration form the following personal information of the service user may be collected: name, address, email address, username, password.
- The data contained in the forms, transmitted by the service user to the provider are not available to third parties (excluding parties that are affiliates to service provider) otherwise than with the consent of the user.
- The data provided in the form is processed in order resulting from the function of a particular form, eg. in order to register as part of the service and for marketing of products and services, and products and services of parties related to the service provider, in particular to offer products, advertisement and also for obtaining records and statistics. The consent of the data subject is expressed by selecting the appropriate window in the registration/verification form or in an e-mail.
- On the basis of Art. 32 paragraph 1 Section 8 of the Act on the Protection of Personal Data, the user has the right to object to the processing of personal data by the Administrator of Personal Data for marketing purposes or for the transmission of personal data to another data controller, by sending a request together with the user's name.
- In the case of the processing of personal data by the service provider on the basis of Art. Paragraph 23. 1 point 1 of the Act on the Protection of Personal Data, ie. the consent of the data subject, in accordance to Art. 7 Section 5 of the above act, the consent may be revoked at any time. This right is realised by sending an e-mail with the request together with the service user name.
- The service user may refuse by checking the appropriate window in the registration form, or consent to receive commercial information by electronic means, in accordance with the Act of 18 July 2002 on the provision of electronic services (Dz. U. of 2002, No. 144, item. 1024, as amended.). In the event that the user agreed to receive commercial information by means of electronic communication, he has the right to appeal from this consent at any time. The usage of the right to withdraw from consent to receive commercial information is accomplished by sending e-mail with a request together with the user's name.
- The data provided in the forms can be forwarded to parties pursuing certain services technically - in particular it concerns the provision of information about the holder of a domain to entities being operators of Internet domain (in particular: the Naukowa i Akademicka Sieć Komputerowa - NASK), services that support payments or other entities the service provider cooperates with.
- The personal data is stored in a database, which uses technical and organizational measures to ensure the protection of the data processed in accordance with the requirements set out in the regulations on the protection of personal data, including the regulation of the Minister of Internal Affairs and Administration of 29 April 2004 on personal data processing documentation and technical and organizational conditions which should be fulfilled by devices and computer systems used for processing personal data (Dz. U. of 2004., No. 100, item. 1024).
- The user has the right to inspect his/her data and has the possibility of updating and deletion at any time. To prevent re-registration of persons whose participation in the service was terminated due to the unauthorized use of service the operator may refuse to remove the data necessary to block the possibility of re-registration . The legal basis for the refusal is based in Article 19 paragraph . 2 item 3 in conjunction with Art. Paragraph 21 . 1 of the Act of 18 July 2002 on the provision of electronic services (15 October 2013 Dz. U. of 2013, poz. 1422 ). Refusal of the removal also takes place in the cases provided by law.
- In cases provided for by law Fachowcy.pl Ventures SA may share some personal information of users to third parties for the purpose of protecting their rights, in particular for the protection of copyright, except that it occurs at the written request of such person. The party requesting is required to demonstrate the fact of violating of his/her rights, and in particular, to demonstrate the fact that he/she possesses the copyright to the piece. There also must be a presumed to infringement of the applicant’s rights. The service provider may also share collected personal information on the Service / service user's consent or at the request of state authorities authorized by law. Mail addressed to the service provider is archived and may in some cases be used for evidential purposes.
- The operator reserves the right to send emails to notify on important changes to the site to all users of the service. The operator has the right to send e-mails of a commercial nature, especially advertisements and other commercial nature of the information if the user has given his consent. Advertisements and other information of commercial nature may also be attached to the emails coming in and from the system account.
II. Server logs:
- In accordance with standard practice for most websites, the service provider holds the HTTP requests to the server of the service provider (information about some of the user’s behaviors are subject to log into the server layer) . The viewed resources are identified through URLs. The exact list of information stored in a web server log files is as follows:
The data above is not associated with individual persons browsing the Website pages. In order to ensure the highest quality of service, the operator of the site occasionally analyzes the log files to determine which pages are most frequently visited within the site, what web browsers are used, whether the structure of the pages contains errors, etc.
- public IP address of the computer from which the request came,
- the name of the client’s station - identification performed by the http protocol if possible
- user’s name provided in the authentication process (login)
- date of request,
- http response code,
- the number of bytes sent by the server,
- URL of the page previously visited by users of the service (referrer link) - in the case where there has been a transition to the site by a link
- information about the user's web browser,
- information about errors that occurred at http transaction.
- The logs collected by the operator are stored for an indefinite time as auxiliary material, used to properly administer the site. The information contained therein will not be disclosed to any other parties than the operator or entities associated with the operator personally, financially or contractually. Statistics helping in the service administration may be generated on the basis of the information contained in these files. Summaries containing such statistics do not include features identifying the service visitors.