In accordance with Art. 13(1)-(2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119, p. 1) – hereinafter referred to as GDPR – we hereby inform you that:

I. Data Controller:

  1. The Controller of your personal data is SMART Medical Solutions Spółka z ograniczoną odpowiedzialnością (Limited Liability Company) with its registered office in Katowice, 40-599, ul. Żeliwna 38, Poland, registered in the District Court Katowice-Wschód in Katowice, VIII Commercial Division of the National Court Register, under KRS number: 0001055194, NIP (Tax ID): 634-30-27-875, REGON: 526271536.

II. Data Protection Contact:

  1. The Controller has appointed a data protection team, which the service user may contact regarding the processing of their personal data via email: bok@smartmedical.online.

III. Purposes and Legal Bases for Processing: The purposes of processing your data have been defined. As the Controller, we will process your data:

  1. for the purpose of concluding a contract based on your interest in our offer (basis: Art. 6(1)(b) GDPR);
  2. for the purpose of performing and based on the concluded contract (basis: Art. 6(1)(b) GDPR);
  3. for archival (evidentiary) purposes, constituting our legitimate interest in securing information in case of a legal need to prove facts (basis: Art. 6(1)(f) GDPR);
  4. for the purpose of possible establishment, exercise or defence of legal claims, constituting our legitimate interest (basis: Art. 6(1)(f) GDPR);
  5. for the purpose of issuing and forwarding invoices, keeping accounting books and tax documentation, fulfilling legal obligations incumbent on the Controller (basis: Art. 6(1)(c) GDPR);
  6. for the purpose of direct marketing (including sending a newsletter), if you have consented to it (basis: Art. 6(1)(a) GDPR).

IV. Right to Object:

  1. You have the right to object at any time to the processing of your data described above. We will cease processing your data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or your data is necessary for the establishment, exercise or defence of legal claims.

V. Data Retention Period:

  1. Personal data processed on the basis of consent will be stored until the consent is withdrawn;
  2. Personal data will be stored for the duration of the contract execution, and subsequently for the period indicated by tax and accounting regulations. In connection with the pursuit of claims, data may be stored until the limitation period for such claims expires, however, no longer than for 3 years;
  3. Personal data processed on the basis of the Controller’s legitimate interest will be stored: a. until an objection is lodged, b. in the case of complaint proceedings, for the period necessary to close such proceedings.

VI. Data Recipients (potential data processors):

  1. Law firms, sales representatives, courier companies, Polish Post (Poczta Polska), banks, online payment systems, entities providing technical services entrusted with data processing (e.g., developing and maintaining IT systems and websites, hosting providers), entities authorized to obtain information under the law.
  2. Newsletter and email marketing service providers. To send the newsletter, we use the services of an external provider – the Ecomail platform (Ecomail.cz s.r.o.). Your data (email address) is entrusted to this entity for the technical handling of the dispatch. Please be informed that marketing messages may be sent to you from the domain medismart.care. This domain is associated with the Controller and is used to handle marketing communications for the smartmedical.online service.

VII. Rights of Data Subjects: In accordance with the GDPR, the user has:

  1. the right to access their data and receive a copy of it;
  2. the right to rectification (correction) of data if the data processed by the Controller is incorrect or incomplete;
  3. the right to erasure of data (“right to be forgotten”);
  4. the right to restriction of processing;
  5. the right to object to data processing;
  6. the right to data portability, i.e., the right to receive the personal data provided to the Controller and to transmit it to another controller;
  7. the right to withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal);
  8. the right to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office).

VIII. Information on the Requirement/Voluntary Nature of Providing Data:

  1. Providing data is voluntary but necessary to conclude a contract or receive the newsletter.

IX. Automated Decision Making:

  1. We do not make automated decisions.

X. Transfer to Third Countries or International Organizations:

  1. Personal data will not be transferred to a third country (outside the European Economic Area) or an international organization.

If you would like to learn more, please contact us:

POLAND

SMART Medical Solutions Sp. z o.o.

ul. Żeliwna 38
40-599 Katowice, Polska
NIP 6343027875

bok@smartmedical.online
+48 666 409 725

ČESKÁ REPUBLIKA

Smart Medical Solutions a.s.
TECHNOLOGICKÉ CENTRUM Hradec Králové z. ú.

Piletická 486/19 – letiště
503 41 Hradec Králové

obchod@smartmedical.online
+420 605 111 211

Privacy Policy