Privacy Policy of the website http://www.estetique-wroclaw.pl
We inform you that if you visit our website, available at www. estetique-wroclaw.pl and our social media profiles, we may process your personal data.
We take care of the security of your data and make every effort to comply with your rights. We process personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (General Data Protection Regulation, hereinafter: the Regulation).
Who is your personal data controller?
Who is your personal data controller?
Your personal data controller is Estetique sp. z o.o. with its registered office in Warsaw, entered into the Register of Entrepreneurs of the National Court Register by the District Court for the Capital City of Warsaw , 13th Commercial Division of the National Court Register under the KRS number: 0000833733, NIP: 5272924100, REGON: 385806408, registered office address: ul. Burakowska 5/7, 01-066 Warsaw.
How can you contact the Controller?
Contact with the Data Controller is possible as follows:
a) by letter, sending the parcel to the address of the Controller’s medical facility: Centrum Estetique Bielany Wrocławskie – ul. Irysowa 1, 55-040 Bielany Wrocławskie,
b) by e-mail to the following address: rejestracja@estetique-wroclaw.pl,
c) by phone, calling the number: +48 71 778 92 26.
Information about Data Protection Officer
In our company, we have appointed a Data Protection Officer (DPO), i.e. a person responsible for ensuring the security of personal data, applying procedures and answering any questions related to data processing. You can contact the Data Protection Officer by sending an e-mail to the following address: iod@estetique.pl
On what basis and for what purpose do we process personal data?
We process personal data for various purposes and to a different extent in connection with the functioning of our website and our social media profiles. It mainly depends on the functionalities of the website you use and the interactions with us. We describe individual data processing activities below.
1) Visit on our website
If you visit our website, we process some personal data in connection with our use of cookies on the website and the recording of data on entering the website (logs). Therefore, we process data such as the IP address and data about the device you use, data about the operating system, data about the Internet access service provider or statistical data about your activity on the website.
These data are processed in order to enable the proper display of the website and to prevent faults, as well as to prevent violations of the law, which is our legitimate interest, allowing the processing of personal data pursuant to art. 6 section 1 letter f of the Regulation.
In addition, as part of our website, we have solutions for our marketing purposes, to analyze the traffic to our website and to create statistics in this regard. They are based on the Google Analytics service.
In the case of personal data that are processed in connection with our use of cookies other than technical cookies, the legal basis for the processing of such data is the provision of art. 6 section 1 letter a of the Regulation, according to which the processing of personal data is possible in a situation where the data subject has consented to the processing of his or her personal data for one or more specific purposes. These cookies are used to control the traffic on our website, create statistics on the use of the website by its users, and undertake marketing activities. Consent is entirely voluntary, but failure to provide data may prevent or hinder us from tailoring the website to your needs, including providing you with personalized marketing materials.
Consent to the use of cookies (other than technical cookies) is made by making a selection within the window appearing after entering the website – the User has the right to choose the range of cookies that may be active as part of his/her activity on the website. You can also manage cookies on your device as part of your browser settings.
2) Contact via information provided on the website
If you use the contact form on our website and send us a message or contact us by phone or e-mail, using the contact details provided on the website, we process your personal data (contained in the content of the form, e-mail or provided during a phone call) in order to answer your question and contact you. This also applies if you use the opportunity written to us via Messenger, Instagram or LinkedIn.
The necessity to process data in order to answer your question and maintain contact are our legitimate interest, and the legal basis for data processing in this regard is the provision of art. 6 section 1 let. f of the Regulation.
3) Conducting marketing activities
In connection with the functioning of our website and our profiles on social media, such as Facebook, LinkedIn or Instagram, we may direct paid advertising to users. We use services such as Google Ads or Facebook, including Facebook Pixel. Advertising may be targeted on the basis of general information that is collected by the providers of the services indicated above, such as the place of residence or the fact that you have previously visited our website or our fanpage/social media account. We do not use detailed information about you to direct marketing communications to you and do not process data in such a way that it may result in automated decision-making or significantly affect you.
Displaying marketing messages, including advertisements, is our legitimate interest as a data controller, and the legal basis for data processing in this respect is the provision of art. 6 section 1 let. f of the Regulation.
4) Signing up for the mailing list
If you subscribe to our mailing list, the legal basis for the processing of personal data in this respect is your consent. Consistently, we process your personal data on the basis of the provision of art. 6 section 1 letter a) of the Regulation, which provides that the processing of data is allowed in a situation where the data subject has consented to the processing of his or her personal data for one or more specific purposes.
5) Visiting our profiles on social media
We have a fanpage on social media such as Facebook, Instagram or LindkedIn. If you visit these profiles, we may also process your personal data. It also happens in connection with, for example, leaving likes or comments under our posts or writing private messages to us. In this regard, we process your personal data as an administrator, and the legal basis for data processing is our legitimate interest, i.e. the legitimacy of data processing in connection with maintaining profiles in social media. Thus, the basis for data processing is the provision of Art. 6 section 1 let. f of the Regulation.
Notwithstanding the foregoing, personal data that is processed as part of Facebook or Instagram are also processed by Meta Platforms Ireland Limited and its affiliates, as well as LinkedIn Corporation and its affiliates – they act as a separate personal data controller in this respect. If you wish to exercise your rights under the Regulation, you can contact us in this regard or directly the owners of the above-mentioned social media (contact details are included in the privacy policies of these entities)– if you contact us, we will inform you about this information, to which we have access, and additionally we can support you in passing your question directly to the above-mentioned entities.
To whom can your personal data be shared?
In order for us to provide our services properly, we use the help of certain third parties. Therefore, the personal data you provide may be transferred to the provider of hosting services for our website.
Additionally, in connection with the use of our website, we may transfer your personal data to:
- Google Ireland Limited – this entity has access to personal data that we process in connection with the creation of statistics on the use of our website and displaying advertisements in the Google search engine. This entity is a subsidiary of Google LLC based in California, USA. Any transfer of personal data to the USA may take place on the basis of Standard Contractual Clauses, i.e. a special agreement, the template of which has been approved by the European Commission,
- Meta Platforms Ireland Limited – this entity processes personal data in connection with visiting our fanpage on Facebook, Instagram or contacting us through the Messenger application. It is a subsidiary of Meta Platforms, based in Menlo Park, California, USA. Any transfer of personal data to the USA may take place on the basis of Standard Contractual Clauses, i.e. a special agreement, the template of which has been approved by the European Commission,
- LinkedIn Corporation based in Sunnyvale, California, USA and its affiliates – these entities process personal data in connection with the visit to our profile on LinkedIn; any transfer of personal data to the USA may take place on the basis of Standard Contractual Clauses, i.e. a special agreement, the template of which has been accepted by the European Commission.
- Entity that provides us with e-mail hosting services and website – if they decide to send us an e-mail or use the contact form, the data contained in the message may be processed using the services of this entity.
Time of personal data storage
We try to store your personal data only for as long as we really need it – afterwards we delete it. Therefore, we can inform you that:
- if you are a person who has entered our website, we process your personal data as long as you use the website and for a certain period after leaving it,
- if you are the person who wrote to us using the contact form on our website, contacted us by phone or e-mail – we process your personal data as long as the contact between us and you lasts. After its completion and 3 months, we delete the personal data that we have obtained in this way, unless further storage of your data is justified by another purpose,
- if you have consented to the processing of personal data, we process the data until the consent is withdrawn or activities for which such consent has been obtained cease,
- if you visited our profile on social media, left a like or comment under an entry on social media or wrote to us via the Messenger application, we process the data as long as our profile exists within the given social network, but no longer than for a period of time when you are a user of such a website.
What rights do I have in connection to the processing of my personal data?
In connection with the processing of your personal data, under the terms of the Regulation, you have the right to:
- request access to your personal data,
- demand that your personal data is rectified,
- demand the erasure of your personal data,
- demand the restriction of processing of your personal data,
- transfer your personal data, to the extent that data processing is based on consent,
- object to the processing of your personal data, to the extent that the processing takes place on the basis of the legitimate interest of the controller, (art. 6 section 1 letter f of the Regulation),
- to the extent to which data processing takes place on the basis of consent – withdrawal of consent at any time, which will not affect the correctness of data processing before the consent is withdrawn,
- file a complaint with the supervisory body, i.e. the President of the Personal Data Protection Office.
We do not process your personal data for the purpose of automated decision-making based on profiling. Possible targeting of advertisements via social networks may be based solely on general criteria and does not involve decision making.
Cookies
Due to the fact that you visit our website, cookies used by us may be saved on your device. Cookies are small files that enable or facilitate the use of certain website functions. They can be saved on your device directly by us or by third parties with whom we cooperate. As part of the use of cookies, we can process your personal data such as, in particular, IP address, history of using the application or website, or information about the device or software used. On our website, we also use other technologies similar to cookies to optimise their operation, in connection with which personal data may be processed. If we refer to cookies in this Policy, this also means technologies similar to cookies. Cookies are used to control traffic on our website, create statistics on the use of the website by its users, undertake marketing activities, prevent errors and technical defects, ensure website security or prevent abuse and violations of the law.
Session cookies: they are stored on your device at the time you use our website (they are deleted when you close your browser). Session cookies enable proper use of our website. Blocking them may result in errors or prevent you from using our website or application.
Persistent cookies: they are stored on your device until you delete them. They are used to analyze the traffic to our website and to link your presence on the website to the social networks you use. We make every effort to use only such entities that guarantee the security of your device, software and your data. This also applies to cookies used by these entities.
In the event of limiting the use of cookies, the use of individual services provided by us may be limited, and in some cases it may turn out to be impossible.