General provisions
- The administrator of your personal data is Norax Medical Sp. z o.o., 42 Karczunkowska Street, 02-871 Warsaw, NIP: 5213773800 , REGON: 366883881.
- Personal data shall be processed in accordance with applicable laws, including in particular the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) - hereinafter referred to as "RODO".
- The Administrator shall exercise special care to protect the interests of data subjects, and in particular shall ensure that the data it collects are processed in accordance with the principle of legality, reliability and transparency, the principle of purpose limitation of data processing, the principle of data minimization, the principle of data accuracy, the principle of data storage limitation, the principle of data integrity and confidentiality, and accountability.
- The Administrator shall guarantee the confidentiality of any personal data provided and shall ensure that all security and personal data protection measures required by applicable laws are taken. Personal data shall be collected with due diligence and adequately protected from access by unauthorized persons. Personal data shall be processed exclusively in the territory of the European Union.
§ 2 Source of personal data, type of personal data, purpose of personal data processing and legal basis
- We have received your data directly from you through the contact form on the website, including the Livechat option, or in connection with the conclusion of a sales contract or through cooperating entities to which you have provided your data.
- The catalog of personal data processed by the Administrator includes: name, e-mail address, telephone number, mailing address, tax ID number, occupation.
- Your personal data will be processed:
(a) pursuant to Article 6(1)(b) of the RODO - for the purpose of performing the contract linking the Administrator with you or intending to conclude a contract, including making payments, handling complaints, withdrawing from the contract, responding to inquiries made by e-mail or postal mail, and contacting
You, including for purposes related to the performance of the contract.
b) on the basis of Article 6(1)(c) of the RODO - to fulfill a legal obligation incumbent on the Administrator, i.e. for tax and accounting purposes,
c) on the basis of Article 6 par. 1(f) RODO - the legitimate interests of the Administrator, in order to conduct marketing activities towards you, including direct marketing of its own services, tailoring advertisements in accordance with the content you have previously viewed, contacting you, including for purposes related to permitted marketing activities, in particular and with your consent - by e-mail and telephone, handling your inquiries submitted via e-mail or contact form, including the Livechat option, also when they are not directly related to the performance of the contract, debt collection, conducting statistical analysis, storing data for archiving purposes, and ensuring accountability,
d) on the basis of Article 6(1)(a) - your consent, for the purpose of storing data in cookies, collecting data from websites and mobile applications.
(2) We share your personal data with entities supporting the Administrator in the implementation of the sales contract and the provision of services by electronic means, including, in particular, suppliers responsible for the operation of IT systems, entities such as banks and payment operators, entities providing accounting, legal, auditing, consulting services, couriers (in connection with the implementation of the order), marketing agencies (within the scope of marketing services) and entities or bodies authorized under the legal regulations
- The Administrator does not intend to transfer your data to a third country or international organizations.
- your personal data will be processed for the duration of the contract concluded with you, as well as after its termination for the purposes of:
(a) the assertion of claims in connection with the performance of the contract, (b) the performance of obligations under the law, including in particular tax and accounting, statistical and archiving obligations,
(c) prevention of fraud and abuse,
d) for a maximum period of 10 years from the date of completion of the contract.
- For the purpose of accountability, i.e. to prove compliance with the regulations on the processing of personal data, we will keep the data for the period in which the Administrator is required to retain the data or the documents containing them for the purpose of documenting the fulfillment of legal requirements and enabling control of their fulfillment by public authorities.
Rights of data subjects
- You have the following rights: a) the right of access to the data, b) The right to rectification of data, c) the right to erasure of data ("right to be forgotten"), d) the right to restrict processing, e) the right to data portability, f) the right to object, g) the right to withdraw consent to the processing of personal data for a specific purpose, if you have previously given such consent, h) the right to lodge a complaint with a supervisory authority in connection with our processing of personal data.
- The above rights may be exercised in accordance with the principles described in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (RODO), by contacting the Administrator at info@noraxmedical.com or at the mailing address: Norax Medical Sp. z o.o., 42 Karczunkowska Street, 02-871 Warsaw.
- You may exercise your rights: a) in the case of a request for data rectification when: you notice that your data is incorrect or incomplete; b) in the case of a request for deletion of data when: your data will no longer be necessary for the purposes for which they were collected by the Administrator; you revoke your consent to data processing; you object to the processing of your personal data; your data is processed unlawfully; your data should be deleted in order to comply with an obligation under the law, or your data was collected in connection with the provision of electronic services offered to your child; c) if you request the restriction of data processing when: you notice that your data is inaccurate - you may request a restriction of the processing of your data for a period of time that allows the Administrator to verify the accuracy of the data; your data is being processed unlawfully, but you do not want it deleted; your data is no longer needed by the Administrator, but may be needed by you to defend or assert claims; or you object to the processing of your data - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for the objection; d) in the case of a request for data portability when: the processing of your data
is carried out on the basis of your consent or a contract concluded with you, and when this processing is carried out by automated means; e) in the case of a request to object when: the processing of your personal data is carried out on the basis of a legitimate interest or for statistical purposes, and the objection is justified by your particular situation, your personal data is processed for direct marketing purposes, including profiling for this purpose.
- You also have the right to lodge a complaint with the President of the Office for Personal Data Protection when you consider that the processing of personal data concerning you violates the provisions of the RODO.
- Consent to the processing of personal data, you can revoke at any time without affecting the legality of the processing carried out on the basis of consent before its revocation.
- Your provision of personal data is voluntary, but necessary for the performance of the contract concluded with the Administrator and the provision of electronic services.
- Your personal data will be processed by automated means (including profiling), but this will not have any legal effect on you or similarly significantly affect you. Profiling will involve processing your data (including by automated means) by using it to evaluate certain information about you, in particular to analyze or forecast your personal preferences and interests.
§ 4 Cookies and other tracking technologies
- The website www.noraxmedical.com uses cookies to provide the Buyer with the best experience of the offers on the website.
- Cookies are small textual information stored on a terminal device (e.g. computer, tablet, smartphone) that can be read by a data communications system.
- Cookies allow: a) ensure proper functioning of the website, b) adjust the content of the website to the User's preferences and optimize the use of the website, in particular, these files allow you to recognize the User's device and properly display the website, tailored to his individual preferences, c) create statistics that help to understand how Users use the websites, which allows to improve their structure and content, d) improve the speed and security of website use, e) use marketing tools, f) target personalized advertising.
- Consent to the use of cookies can be given by appropriate configuration of the browser, and can be withdrawn at any time, in particular by clearing the history of cookies and disabling cookies in the browser settings. Restricting the use of cookies, may affect some of the functionality available on the website.