Make an appointment

Documents

GDPR INFORMATION CLAUSE

GDPR INFORMATION CLAUSE

Information Clause on the Processing of Personal Data (GDPR)

In accordance with Art. 13(1) and (2) and Art. 14(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR), the Controller informs that:

  1. The Controller of your personal data is Lekarze w Warszawie spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, at ul. Czerniakowska 139/Lu 1, 00-454 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register under KRS number: 0001082871, NIP: 7011185389, REGON: 527516201, share capital of 1,000,000.00 PLN (hereinafter referred to as the "Controller"). You can contact us via e-mail: biuro@lekarzewaw.pl or by mail to our registered office address.
  2. For all matters regarding the processing of personal data and the exercise of rights related to the processing of such data, you may contact the Data Protection Officer via e-mail: biuro@twojlekarz-wawa.pl.
  3. This information clause constitutes the fulfillment of the information obligation related to obtaining a natural person's data for the purpose of providing medical services.
  4. Obtaining and processing personal data occurs for the following purposes:
    • a) creating a patient file, registering a visit, and providing medical services – the basis for such processing is the necessity of processing activities for the execution of the patient's claim and the consent granted by the patient, as well as the legal obligation incumbent on the Controller (Art. 6(1)(a, b, c) of the GDPR);
    • b) storing the patient's medical documentation – the basis for such processing is a legal obligation requiring the Controller to store medical data (Art. 6(1)(c) of the GDPR);
    • c) storing billing documentation – the basis for such processing is a legal obligation requiring the Controller to store billing documents and the Controller's legitimate interest (Art. 6(1)(c, f) of the GDPR).
  5. In addition to the purposes indicated above, your personal data will be processed:
    • a) for the implementation of current activities, including maintaining contact between the Parties, due to the Controller's legitimate interest – in the case of correspondence in traditional and any electronic form (e.g., via e-mail, chat messengers), SMS messages, telephone contact, and the contact form – based on Art. 6(1)(f) of the GDPR;
    • b) for the realization of legitimate interests by the Data Controller, which the Controller considers in particular to be the assertion of and defense against claims – based on Art. 6(1)(f) of the GDPR.
  6. The implementation of data processing purposes requires obtaining identification data, contact data, health data, and data on previous treatment history.
  7. In connection with establishing cooperation and the implementation of all related processes, the recipients of your personal data may be external entities providing services to the Controller, such as laboratory, medical, legal, accounting, auditing, IT, postal, and courier services, as well as entities to which the Controller makes personal data available in accordance with applicable law, particularly public institutions, including the Tax Office.
  8. Due to the provision of medical services in various parts of the country within a group of related companies, your data may also be shared with entities personally and financially related to the Controller to maintain full comfort in using medical services in all facilities providing services under the "**Twój Lekarz**" brand: Twój Lekarz w Warszawie sp. z o.o. (KRS 0000820550), Twój Lekarz we Wrocławiu sp. z o.o. (KRS 0000988065), Twój Lekarz w Krakowie sp. z o.o. (KRS 0000989669), Twój Lekarz w Poznaniu sp. z o.o. (KRS 0000989743). The processing of personal data by related companies takes place on identical principles, solely for the purpose of ensuring the possibility of uninterrupted use of medical services in every facility operating under the "Twój Lekarz" brand.
  9. Your personal data will be processed and stored:
    • a) regarding identification, contact, and treatment history data – for the period required by generally applicable law, which is currently 20 years from the date of the last visit;
    • b) regarding billing data – for the period required by generally applicable law, which is currently 5 years from the end of the calendar year in which the settlement was made, but no shorter than the statute of limitations for the financial claims of the parties.
  10. Your personal data will not be transferred to a third country or an international organization.
  11. You have the right to access your data, including the right to request a copy of the data, the right to rectification, erasure, restriction of processing, the right to data portability, and the right to object to data processing under the conditions specified by law. In case of an objection, it will be necessary to delete your data across all related companies whose services you have not yet used. This may cause future problems with accessing medical documentation within individual physical facilities.
  12. Lodging an objection results in us ceasing further processing of such data unless processing is necessary due to the existence of valid legitimate grounds on the Controller's part or grounds for asserting or defending against claims.
  13. To the extent that personal data is processed based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  14. You have the right to lodge a complaint with the **President of the Office for Personal Data Protection** (ul. Stanisława Moniuszki 1A, 00-014 Warsaw, tel. 22 531-03-00, e-mail: kancelaria@uodo.gov.pl) if you believe that the processing of your personal data violates the provisions of the GDPR or other applicable regulations concerning personal data processing.
  15. Providing personal data is voluntary but necessary to conclude and perform the Agreement.
  16. Your personal data is not subject to automated decision-making, including profiling.