Privacy policy

Privacy Policy

  1. The Controller of Personal Data on the website: www.narejsy.pl (hereinafter the Website) is NAREJSY.PL Spółka z Ograniczoną Odpowiedzialnością with its registered office in Wrocław at ul. Strzegomska 52, 53 – 611 Wrocław, entered into the register of entrepreneurs by the District Court for Wrocław – Fabryczna in Wrocław, VI Commercial Division of the National Court Register under number NIP 8943253517, REGON 540895705, KRS 0001155054, share capital: 5,000.00 PLN.
  2. The Data Controller undertakes to maintain the security and confidentiality of the personal data obtained from you. All employees have received appropriate training in the processing of personal data.
  3. The Data Controller has implemented appropriate safeguards and technical and organisational measures to ensure the highest degree of personal data protection. Additionally, we cooperate with the supervisory authority where necessary.
  4. Every identified data security breach is documented, and in the event of one of the situations specified in the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter GDPR) or the Act of 10 May 2018 on the Protection of Personal Data, data subjects and – if applicable – the supervisory authority are informed of such a personal data protection breach.
  5. The personal data processed by the Data Controller originates from the data subjects. Providing the data specified in this section is necessary in the cases set out herein, including in particular for the purpose of providing our services or responding to your queries related to our services, and enabling contact via email, postal mail, or telephone. We process only those categories of personal data that are necessary to achieve the purposes mentioned in this section, i.e.:
    a) name and surname, phone number, e-mail address – when you provide them to us in the event of contact via e-mail, the contact form available on our Website, as well as via traditional post or during telephone contact,
    b) NIP – Tax Identification Number is obtained from entrepreneurs and individuals who request an invoice and have a NIP number,
    c) PESEL,
    d) the device's IP address or browser identifier – information resulting from general internet connection rules, such as the IP address (and other information contained in system logs), is used for technical and statistical purposes, including in particular for collecting general demographic information (e.g. about the region from which the connection originates),
    e) Optionally, other data may be collected if you voluntarily provide it via email, the contact form available on our website, postal mail, or telephone contact.
  6. Each of you, as a user of our online Service, has the option to choose whether and to what extent you wish to use our services and share information and data about yourself.
  7. We process personal data for the period necessary to achieve the stated purposes
    In point 5 above. Personal data may be processed for a longer period if such authorisation or obligation imposed on us as Controller arises from specific legal provisions, from the legitimate interest of the controller (i.e. for the period of limitation of claims or the termination of relevant proceedings, if they were initiated within the limitation period) or when the service we perform is of a continuous nature.
  8. The legal basis for processing your personal data via our website is your consent (Article 6(1)(a) of the GDPR) concerning any contact with us through the website's functionalities, as well as via email, telephone, etc. The legal bases for processing your data may also include Article 6(1)(b) of the GDPR, i.e. the necessity of processing data for the performance of a contract to which you are a party, or for taking steps at your request before entering into a contract, Article 6(1)(c) of the GDPR, i.e. the necessity for fulfilling legal obligations incumbent upon the Controller, and Article 6(1)(f) of the GDPR, i.e. the legitimate interests of the Controller, which consist of establishing, pursuing, or defending claims until they become statute-barred or until relevant proceedings are concluded, if initiated within that period.
  9. Our website uses cookies to tailor its functionality to your individual needs. As such, you may consent to your entered data and information being remembered, thereby allowing it to be used on your subsequent visits to our website without the need to re-enter it. If, however, you do not consent to the personalisation of the website, we suggest disabling cookie support in your web browser's options.
  10. Personal data is not transferred by us to a third country or international organisation within the meaning of the GDPR. Should personal data be transferred to a third country or international organisation, you will be informed of this in advance, and the Controller will implement the safeguards referred to in Chapter V of the GDPR.
  11. We do not share personal data with third parties without the explicit consent of the data subject. Personal data may only be shared without the consent of the data subject with public law entities, i.e. authorities and administrations (e.g. tax authorities, law enforcement agencies, and other entities empowered by generally applicable legal regulations).
  12. In the case of links placed on the Website to social media Administrator accounts, such as Meta Platforms, Inc. (Facebook, Messenger, Instagram) – data concerning, in particular, the IP address or web browser identifier, is processed under joint administration with Meta Platform Ireland Limited, located at: MERRION ROAD, DUBLIN 4, D04 X2K5, IRELAND. If, in the cases referred to in this section, personal data were to be transferred to third countries, this would take place in accordance with the principles set out in point 10.
  13. Personal data may be entrusted for processing to entities processing such data on our behalf as the Data Controller. In such a situation, we conclude a data processing agreement with the processor. Without entrusting your personal data for processing, we would not be able to conduct our business within the online Service. As the Data Controller, we entrust personal data for processing to entities providing hosting services for our online Service.,
    and providing us with other services necessary for the ongoing operation of the Website.
  14. Personal data is not subject to profiling by us as the Controller within the meaning of the GDPR regulations. In the scope of ordinary profiling, the Controller uses the Google Analytics tool.
  15. Every person whose personal data we process as a Data Controller has the right to: be informed about the processing of personal data, access their personal data, rectify, supplement, update, or correct personal data, erasure of data (the right to be forgotten), restrict processing, data portability, object to the processing of personal data, where the legal basis is consent to the processing of personal data – the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal, not to be subject to profiling, lodge a complaint with a supervisory authority (i.e. the President of the Personal Data Protection Office).
  16. If you wish to exercise your rights referred to in point 15 above, as well as submit applications or make inquiries or complaints regarding the processing of personal data by the Administrator, please send a message via e-mail to: biuro@narejsy.pl or in writing to the Administrator's correspondence address provided in point 1. The content must clearly indicate: the data of the person or persons concerned by the application or submission, the event that is the reason for the submission, your requests and the legal basis for these requests, and the expected way of resolving the matter.
  17. The provisions of this Privacy Policy shall apply, to the extent possible, accordingly to all individuals with whom we have legal relationships and for whom we are also the Controller of their personal data, including, in particular, our patients or contractors.
  18. In matters not covered by this Privacy Policy, the relevant provisions of applicable general law shall apply.