Privacy and cookies policy

Applies to the processing of data on the
This Privacy Policy regulates all matters required by the Regulation of the European̨ Parliament and Council (EU) of 27 April, 2016 on the protection of personal data in connection with the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (general data protection regulation) (OJ188, 11.12.1998,ólne rozporzap.1). EU L 119 of 4.5.2016, p. 1) (“GDPR”)̨ related to the rules on the processing of personal data. We indicate which data we collect, for what purposes we do it, on what legal basis, how long we store it. We also inform you of the rights granted to the persons whose data we process.

1. Controller of personal data

The controller of personal data is:

Individual Medical Practice Artur Kierach with its registered office at 25a Zaręby Street, 43–100 Tychy, Tax ID: 9491936246

Contact the Administrator:

  1. by letter: Individual Medical Practice Artur Kierach, 25a  Zaręby Street, 43-100 Tychy
    02-972 Warsaw, Poland
  2. by email

2. Purposes and scope of data processing

As a controller of personal data, we process data for the following purposes:

  • improve the website and the further improvement and development of this website, – analytical and statistical,
  • identify, prevent and investigate attacks on our website,̨,
  • answer questions sent via the contact form,
  • provide services related to the possible investigation of́ claims – fulfiling legal obligation.

Data we process:

When you visit our website we can collect the following data: date and time of̨ access to

  • the website, internet protocol address(IP address),̨name and version of the internet browser,̨ selected settings for them, operating system, provider of internet services from which the website was redirected to our website, cookies,
  • the data to be provided in the contact form,
  • if you use a medical service –we will process your health data.

3. Legal attitudes of data processing:

  1. your consent to be contacted by telephone or e-mail (legal basis: Article 6(1)(a) GDPR)
  2. your consent to receive an electronic and free newsletter (legal basis: Article 6(1)(a) GDPR)
  3. If you subscribe to the www.about-hair.pĺstwa  newsletter, please indicate the e-mail address to which you will be sending the Newsletter. Your provision of e-mail data is always voluntary. Each newsletter subscriber has the right to change or delete their e-mail address from our mailing database at any time.
  4. the need to perform a contractor act before concluding a contract for the performance of medical services(legal basis: Article 6(1)(b) GDPR);
  5. receiving a request via the contact form and replying to the message(legal basis: Article 6(1)(a) and (f) of the GDPR);
  6. legitimate interest in particular, the conduct of analytical activities in order to improve the quality of services, the possibility of requesting the consent of the medical services to be submitted to our offer(legal basis: Article 6(1)(f) GDPR).

4. Legal attitudes of data processing in the case of medical services:

  1. medical care, appointments and medical consultations, information on planned medical consultations, medical outcomes or other matters related to health services provided or planned(legal basis: Article 6(1)(f)in accordance with Article9(2)(h) GDPR). The provision of personal data in the case referred to in this section is voluntary,̇ however ,failure to provide data will result in a lack of ability to provide health services;
  2. verification of the identity before joining the medical service and the keeping,̨ use and storage of medical records – (legal basis: Art. Article 6(1)(c)in the annex to Article9(2)(2) and Article 24(1) and (n) of the Act of 6 November 2008 on patient rights and the Patient Ombudsman (Journal of Laws of 2017, item 1318 and 1524). The applicability of your data is based on the legal provisions indicated. Failure to provide data will result in a lack of ability to deliver health benefits;
  3. to account for the health services and the investigation of claims related to the conduct of business activities(legal basis: Article 6(1)(f)in accordance with Article9(2)(h) GDPR).

5. Recipients of data- personal data can be entrusted for processing to entities with which we work together:

  • other health care providers,
  • our service providers and IT systems (including Google Analytics),
  • our suppliers of legal,̨ audit and consulting services, – postal operators and courier companies,
  • payment operators and companies verifying financial credibility..

Entrusting your personal data to the above-mentioned recipients is based on the entrustment of the processing of personal data.

6. Transfer of data to third countries

Your personal health data will not be transferred to a third country or to a national organization.

Personal data located in your profile of a particular social network service in accordance with́ your privacy settings may be transferred to a third country (among others the U.S.) in connection with the activities we take on social services and the use of plug-ins and other tools that come from these services (including Facebook, Twitter, Google+) and, as a result, personal information entrusted by you to these services.

Your personal data, such as IP addresses, may be transferred to third-party countries using analytical data and used as ananonymized service to be retained by Google Analytics rendered by Google Inc. IP addresses are anonymized so that they cannot be specified. The information generated in the cookie sis sent to a Google server in the USA and stored there. In any case, your IP address is not associated with other Google data. This information is also provided to third parties if required to do so by law or if third parties process the data on request.

7. Retention Period-Your personal data will be stored:

  1. in the case of data processing referred to in points 3 and 4(c), until the end of the limitation period for claims related to the conduct of business;
  2. in the case of data processing referred to in points 3 and 4(c) for the period required by the Accounting Act.
  3. in the case of data processing referred to in point 4, for the period required by the Patient Rights Act and the Patient Ombudsman, i.e. for 20 years, in accordance with Article 29(1) of the Patient Rights Act and the Patient Ombudsman, subject to it provided for by the Act (Article 29(1) (points 1a, 2, 3 and 4 of the Patient Rights Act and the Patient Ombudsman)
  4. in the case of consent to marketing, the data will be stored for the duration of the consent given or until the consent is withdrawn by the State.

8. Profiling information

Your personal data is not subject to automated decision-making in this profiling.

9. Your rights related to the processing of personal data

  • the right to access your personal data,
  • the right to rectify your personal data, a
  • the right to delete your personal data only if we are not obliged by law to process them,
  • the right to restrict the processing of your personal data,
  • the right to transfer your personal data (if technically possible),
  • the right to lodge a complaint with a national authority concerned with the protection of personal data, i.e. to the President of the Office for The Protection of Personal Data.

10. Cookies

  • Cookies are used on our „cookies website. You can use the storage conditions or access your data by changing the ‘cookies  settings in your browser.
    ‘Cookies’ are text files that are stored in a browser or on the hard drive of the computer of the user of the website on which the ‘cookies’ files are used. If you visit the website again, the ‘cookies’  allow you to recognize the user’s end device and adapt the website to their preferences.
    ‘Cookies’ may have different functions. The basic ones are to remember your preferences and to adapt the content of websites to them, to allow you to prepare the statistics on website visits.
  • We use ‘cookies’ for statistical and analytical purposes for internal purposes.
  • ‘Cookies’ collect anonymous information without identifying personal data of the user.

You can delete ‘cookies’ or block them yourself on your device. To use this ,go to the privacy settings in your browser.

We would like to ensure that all measures are taken to ensure that personal data is physically, technically and organizationally protected from accidental or intentional damage, accidental loss, change, unauthorized disclosure, use or access, in accordance with all applicable laws. We are open to suggestions about not improving the security of your personal data. Please direct them to the contact details of the data controller.

The controller reserves the right to make changes and adjustments to this privacy policy.