The confidentiality of data and the protection of the privacy of our patients and clients is our priority. Therefore, to ensure security of your data and compliance with the law, Centrum Medyczne Damiana sp. z o.o. has established a policy defining the rules of personal data collection, processing and use.
- Personal data - within the meaning of Art. 4 item 1 of the GDPR means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified directly or indirectly;
- Processing - within the meaning of Art. 4 item 2 of the GDPR means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection);
- Controller - within the meaning of Art. 4 item 7 of the GDPR means the data controller, i.e. an entity that alone or jointly with others, determines the purposes and means of the processing of personal data. Whenever this Policy refers to the Controller, it is understood as Centrum Medyczne Damiana Holding Sp. z o.o. (hereinafter also: Centrum Medyczne Damiana), which independently decides about the purposes and methods of personal data processing;
What data can we process?
The scope of personal data that we will process may vary depending on the service you use. We may obtain your personal data in the following ways:
- While using our services provided electronically, via the website, and when contacting us using the contact details provided on the website:
- In order to use some of the functionalities offered by our services, you will have to be signed in or registered.
- Some functionalities and services do not require signing in, however, access to them is possible after submitting the appropriate forms.
- We can also obtain your data when you contact us, using the contact details provided on the website.
- Automatically, when you use the website.
As part of off-site activities, Centrum Medyczne Damiana Holding Sp. z o.o. may also process other personal data relating to you. Below are links with detailed information on the processing of your data by Centrum Medyczne Damiana Holding Sp. z o.o .:
- The processing of personal data by Centrum Medyczne Damiana Holding Sp. z o.o. on social networks:
- The processing of personal data by Centrum Medyczne Damiana Holding Sp. z o.o. in connection with the provision of health services and medical care.
- The processing of personal data by Centrum Medyczne Damiana Holding Sp. z o.o. in connection with recruitment activities.
Processing of personal data
§1. Data Controller and Data Protection Officer
The Controller of your personal data is Centrum Medyczne Damiana Holding sp. z o.o. with headquarters in Warsaw 02-739, ul. Wałbrzyska 46 (hereinafter referred to as: Centrum Medyczne Damiana).
You can contact us:
- by post at the following address: Centrum Medyczne Damiana Holding sp. z o.o., ul. Wałbrzyska 46, 02-739 Warszawa;
- via the contact form on the website www.damian.pl;
- by e-mail: email@example.com;
- by phone: 22 566 22 22.
We have appointed a Data Protection Officer whom you can contact in all matters relating to the processing of personal data and the exercise of rights related to data processing. You can contact the Officer in the following ways:
By post at the address:
Data Protection Officer
Ms Natalia Jagiełło is currently serving as the Data Protection Officer
§2. What data do we collect and how do we use them?
Each time we ask for any personal data, we will inform you exactly about the conditions of their processing.
Your data may be used by Centrum Medyczne Damiana Holding for the following purposes:
- in connection with the provision of services to you by Centrum Medyczne Damiana, i.e. in order to take steps to conclude a contract in connection with your request, including to prepare an offer dedicated to you, and in the event of a contract between you and Centrum Medyczne Damiana also for the purposes of executing the concluded contract, pursuant to Art. 6 sec. 1(b) of the GDPR, until the contract is fulfilled or until its termination or expiry;
- if you use paid services or those financed from public funds subject to reimbursement, in order to fulfil the legal obligations incumbent on Centrum Medyczne Damiana, including those resulting from accounting and tax acts, pursuant to Art. 6 sec. 1(c) of the GDPR in connection with the wording of these acts, for the period resulting from the provisions contained therein;
- responding to your inquiry to Centrum Medyczne Damiana - based on the need to implement our legitimate interest in the form of answering the inquiry addressed to us, i.e. pursuant to Art. 6 sec. 1(f) of the GDPR, until an answer to this inquiry is provided, or until an effective objection to the processing of your data is submitted;
- marketing of own products and services - based on the implementation of our legitimate interests in the form of direct marketing of own products and services, i.e. Art. 6 sec. 1(f) of the GDPR, and in accordance with the provisions of Art. 10 of the Act on the provision of electronic services and Art. 172 of the Telecommunications Law, we need additional consent to use the specified communication channels in order to conduct marketing activities. If you are the contact person for us for our contractor, we conduct direct marketing of our products and services in the context of business cooperation between us and the company you represent, also on the basis of our legitimate interests in the form of direct marketing of our own products and services, i.e. Art. 6 sec. 1(f) of the GDPR. As part of such a business relationship, we will, among other things, send invitations to meetings, information about products, promotions and competitions, and conduct marketing research. We may process data for this purpose until you object to their processing or until you withdraw your consent to receive marketing and information materials by electronic means;
- to create statistics and summaries that will be used by us to improve the effectiveness of our marketing activities and build a business strategy - the vast majority of such statistics are created based on non-personal data or anonymised data. In the event that personal data will be used for this purpose, their processing will take place on the basis of the necessity to implement our legitimate interest in the form of analytical and statistical activities for the purpose of our development, i.e. pursuant to Art. 6 sec. 1(f) of the GDPR, until an effective objection to the processing of your data is filed.
- to establish cooperation, if you are our contact person for a contractor or a potential contractor, to contact you in current matters, including the performance of contracts between us and your employer/entity you represent, presenting offers, receiving orders, and responding to questions. The legal basis for data processing is our legitimate interest in the ability to keep in touch with our contractors (i.e. their employees/associates), pursuant to Art. 6 sec. 1(f) of the GDPR, until an effective objection to the processing of your data is filed.
Your data may also be processed in order to establish, investigate or defend against any claims that may arise in connection with the use of services provided by Centrum Medyczne Damiana, or if you are a contact person for our contractor in connection with our contract with the entity for whom you work or represent, i.e. our contractor - if a dispute arises regarding the contract. In this case, your data will be used based on the need to implement the legitimate interest of Centrum Medyczne Damiana in the form of securing claims, i.e. pursuant to Art. 6 sec. 1(f) of the GDPR, for the time provided for by legal provisions regarding the limitation of claims. After this period, your data will be irretrievably deleted from the database of Centrum Medyczne Damiana.
§3. Who can have access to your data?
Your data may be shared with external entities to the extent necessary to achieve the above-mentioned purposes of their processing. These are entities cooperating with Centrum Medyczne Damiana, i.e. law and tax offices, entities providing debt collection services and entities providing services to Centrum Medyczne Damiana on the basis of separately concluded entrustment agreements (e.g. hosting provider, entities providing IT services, marketing agencies).
Your data may also be shared with entities authorised to access them in accordance with the provisions of generally applicable law (e.g. the police).
In addition, if you give your consent or request it, Centrum Medyczne Damiana may also disclose your personal data to other entities authorised by you.
Recipients of data may be based in a country outside the European Economic Area (EEA), but in this case, Centrum Medyczne Damiana will ensure an appropriate level of security to ensure protection of the data subject. Data may be shared with countries outside the EEA for the following reasons:
- activities on social networking sites and the use of plugins and other tools from these sites (including Facebook, Twitter),
- using analytical tools and anonymized tracking of user behaviour, in particular Google Analytics, Hotjar, Hellobar.
§4. Additional information
Providing personal data is voluntary, however, it is required to conclude a contract with Centrum Medyczne Damiana or it may be required by law - all depending on the service and scope of services provided by Centrum Medyczne Damiana. Each time, we will inform you in an appropriate information clause whether disclosure of personal data to Centrum Medyczne Damiana is voluntary or required.
You have the following rights related to the processing of personal data:
- The right to object to the processing of data for marketing purposes - as we process your data for marketing purposes on the basis of a legitimate interest,
- The right to object to the processing of data due to a special situation - in cases where we process your data on the basis of our legitimate interest,
- The right to withdraw consent,
- The right to access your personal data,
- The right to request the rectification of your personal data,
- The right to request the deletion of your personal data only if we are not obliged by law to process them,
- The right to request restriction of the processing of your personal data,
- The right to transfer your personal data, i.e. the right to receive your personal data from us, in a structured, commonly used, machine-readable IT format. You can send this data to another data controller or request that we send your data to another controller. However, we will only do so if it is technically possible.
To exercise the above rights, please contact us or our Data Protection Officer.
You also have the right to lodge a complaint with the supervisory body dealing with the protection of personal data, i.e. the President of the Office for Personal Data Protection.
Personal data are protected against unlawful disclosure to unauthorised persons, removal by unauthorised persons, destruction, loss, damage or alteration, as well as processing inconsistent with the provisions of generally applicable law. We use appropriate security measures to protect your data. These include internal controls of collected data, storage and processing procedures, and physical and IT security measures to protect against unauthorised access to the systems in which we store personal data. The transmission of personal data and communication with our servers is encrypted and takes place using the SSL (Secure Socket Layer) protocol. Access to personal data processed by Centrum Medyczne Damiana is protected against unauthorised access.