PRIVACY POLICY

 

This Privacy Policy sets out the principles for the processing of personal data and information on customers of https://topsilmed.com/sklep/ by TopsilMed. SP. z o.o.

 

PRELIMINARY PROVISIONS.

 

Definitions:

  • Privacy Policy – this document,
  • TopsilMed – a company under the name TopsilMed. SP. z o.o. with its registered office in Słubica B 96-321, ul. Graniczna 6, having a National Court Register no. (KRS): 0000572262, Tax ID no. (NIP): 529-180-73-35 and the Statistical no. (REGON) number: 362324653,
  • Customer – a person who: a) made a purchase through the Website, or b) uses the TopsilMed services in any other way, or c) whose data was collected by TopsilMed through the Website or other communication channels or based on any other activity of such person, d) whose data was made available to TopsilMed under an agreement with a business partner of TopsilMed, or e) whose data was collected by TopsilMed in any other way in accordance with applicable law,
  • The GDPR- the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC,
  • Website- a website available at the following address https://topsilmed.com.

 

 PERSONAL DATA CONTROLLER CONTACT DATA. 

 

  1. Personal data concerning customers is collected and processed by the company under the name TopsilMed. SP. z o.o. with its registered office in Słubica B 96-321, ul. Graniczna 6, having a National Court Register no. (KRS): 0000572262, Tax ID no. (NIP): 529-180-73-35 and the Statistical no. (REGON) number: 362324653 that is the controller of the Customer’s personal data. TopsilMed may also be an entity entrusted with the processing of personal data of customers by its business partners on the basis of a data sub-processing agreement with the view to performing the agreement between TopsilMed and its business partner.
  2. Customers can contact TopsilMed in the following manners:
  • in writing, by sending correspondence to the address: TopsilMed, Słubica B 96-321, ul. Graniczna 6,
  • by phone at the number: +46 819 30 75,
  • in points and branch offices indicated on the website https://topsilmed.com;

 

PURPOSES OF PERSONAL DATA PROCESSING AND THE LEGAL BASIS OF THEIR PROCESSING.

 

TopsilMed processes personal data and customer information in the following cases and for the following purposes:

  • submitting an offer to conclude an agreement and placing orders (Article 6 (1.a and f) of the GDPR);
  • concluding and executing the agreement(s) (Article 6 (1.b) of the GDPR);
  • providing services by electronic means, including access to the Website (Article 6(1.b) of the GDPR);
  • establishing, defending and pursuing claims (Article 6(1.f) of the GDPR);
  • direct marketing of TopsilMed goods and services (Article 6(1.f) of the GDPR);
  • sending information about promotions, contests, marketing activities by e-mail, SMS, MMS or in a mobile application (Article 6(1.a) of the GDPR), provided that a separate Customer’s consent has been obtained, pursuant to Article 172 of the Telecommunications Law Act of 16th July 2004, as well as the Act of 18th July 2002 on the Provision of Services by Electronic Means;
  • marketing through telephone calls (Article 6(1.a) of the GDPR), provided that a separate Customer’s consent has been obtained, pursuant to Article 172 of the Telecommunications Law Act of 16th July 2004, as well as the Act of 18th July 2002 on the Provision of Services by Electronic Means;
  • satisfaction surveys on the cooperation of customers with TopsilMed and on the services provided by TopsilMed (Article 6(1.f) of the GDPR),
  • fulfilling TopsilMed’s legal obligations (e.g. providing information to authorities entitled to request it) (Article 6(1.c) of the GDPR);
  • conducing operating activities of TopsilMed (reporting, statistics, accounting) (Article 6(1.f) of the GDPR);
  • securing of TopsilMed property, verification of the proper performance of the agreement by the Customer (Article 6(1.b) of the GDPR);
  • verification of Customers’ payment credibility in the Economic Information Bureau (Article 6(1.a) and f of the GDPR);
  • archiving purposes in the case when TopsilMed needs to prove facts or fulfil its obligations (Article 6(1.f) of the GDPR).

 

PROCESSED PERSONAL DATA AND INFORMATION CONCERNING THE CUSTOMER.

 

  1. TopsilMed processes the following personal data of the Customer:
  2. first name(s) and surname,
  3. residence address,
  4. registered address,
  5. Polish resident ID no. (PESEL),
  6. date and place of birth,
  7. e-mail address,
  8. phone no.,
  9. identity card number or other identity document,
  10. Tax ID no. (NIP):
  11. business address, Customer’s business name,
  12. bank account number,
  13. first name and surname of the person representing the Customer,
  14. name and surname, phone number and e-mail address of the contact person authorized by the Customer,
  15. name and surname, phone number and e-mail address of the person dedicated to placing orders on behalf of the Customer,
  16. e-mail address for sending invoices and other accounting documents as well as requests for payment,
  17. geolocation data.
  18. TopsilMed may use customers’ Internet logs and IP addresses for statistical purposes, collecting information on errors related to server operation, analysis of possible security breaches or website management. The data shall be used in a way that makes it impossible to identify the Customers.
  19. TopsilMed does not process special categories of personal data within the meaning of the GDPR.

 

DATA RECIPIENTS.

 

The recipients of your personal data may be the following entities:

  • persons authorised by TopsilMed to process personal data (e.g. employees/co-operators),
  • data subjects
  • TopsilMed partners with whom TopsilMed cooperates – with the view to concluding or performing agreements with Customers or to performing Agreements with these partners,
  • authorised under the applicable legal provisions to obtain information on personal data (e.g. The Police, the Public Prosecutor’s Office, the court),
  • the Economic Information Bureau,
  • the purchaser of liabilities,
  • the payment card issuer,
  • providers of business services and subcontractors of TopsilMed (e.g. providers of hosting services, providing systems for analysing traffic on the Website, systems for analysing the effectiveness of marketing campaigns and other entities providing IT, marketing, analytical, telephone or electronic service, payment, accounting, tax, auditing, legal, debt collection, agency, delivery of correspondence and parcels, insurance, and repair services).

 

DATA STORAGE PERIOD.

 

  1. The storage period for personal data varies, depending on the type and extent of the personal data and the purpose for which they are stored. Should a different storage period be specified for the same data on the basis of the following provisions, a longer storage period shall apply.
  2. TopsilMed shall store customer data for the time necessary to achieve the objectives set out in section III above. Customers’ personal data shall be stored until the prescription of claims under the agreement or until the expiry of the obligation to store data specified in the legal provisions, in particular the obligation to store accounting documents related to the agreement.
  3. Where TopsilMed processes personal data based on TopsilMed’s legitimate interest in processing personal data, personal data shall be processed as long as there is a legitimate interest in processing personal data for a particular purpose; however, the data shall not be processed if the Customer submits a legitimate objection against such processing and TopsilMed fails to demonstrate the existence of valid legitimate grounds for processing or for establishing, pursuing or defending claims.
  4. If TopsilMed processes personal data:
  • on the basis of the Customer’s consent – personal data shall be processed until the moment of its withdrawal;
  • in connection with cookie files technology – personal data shall be processed until these files are deleted using browser settings or another device.
  1. Geolocation data are processed by TopsilMed for as long as necessary for the purposes for which the data were collected or for other legal purposes, including determining, pursuing or defending claims and providing information to authorised entities.

 

RIGHTS OF DATA SUBJECTS

 

The Customer is entitled at any time to:

  • access personal data, rectify their content, restrict their processing or delete them;
  • transfer personal data which the Customer has provided on the basis of a consent or in order to perform the agreement, i.e. to receive such personal data in a structured, commonly used machine-readable format;
  • Subject to clause 4) below, object at any time (for reasons related to the specific situation of the Customer) to the processing of personal data related to the Customer based on Article 6(1.f) of the GDPR, including profiling; TopsilMed shall cease to process personal data unless TopsilMed demonstrates the existence of valid legitimate grounds for processing, overriding the interests, rights and freedoms of the Customer or grounds for determining, pursuing or defending claims;
  • object at any time to the processing of the Customer’s personal data for the purposes of direct marketing, including profiling, in the scope in which the processing is related to such direct marketing. Personal data shall not be processed after an objection has been lodged,
  • withdraw at any time the Customer’s consent to the processing of personal data (Article 6(1.a) of the GDPR), which shall not affect the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. Withdrawal of the consent does not have any negative consequences for the Customer, but may prevent him or her from further use of the services or features that TopsilMed is legally entitled to provide only upon a consent,
  • request the deletion of all or some personal data (‘the right to be forgotten’) if:
  1. the data are no longer necessary for the purposes for which they were collected or otherwise processed,
  2. withdraw a specific consent in so far as personal data were processed on the basis of his/her consent;
  3. the Customer has objected to the use of his data for marketing purposes;
  4. personal data are processed in breach of the law;
  5. personal data must be deleted in order to comply with a legal obligation under the EU law or the law of the Member State binding upon TopsilMed;
  6. personal data have been collected in connection with the provision of information society services.

Despite a request to delete personal data in relation to lodging an objection or consent withdrawal, TopsilMed may retain certain persona data in the scope, in which the processing is indispensable for  determining, pursuing or defending claims, and also for complying with the legal obligation that requires processing in accordance with the EU law or the law of the Member State binding upon TopsilMed. This applies in particular to personal data that include: name, surname, email address, which are retained for the purpose of handling complaints and claims in relation to the use of TopsilMed services, or in addition the address of residence/address for correspondence, and the order number, which are retained in relation to handing complaints and claims in relation to the concluded sales agreements or service provision.

  • request that data processing be restricted in the following cases:
  1. if he/she questions the accuracy of his/ her personal data, TopsilMed will limit their use to the time it necessary for the verification of data accuracy, however no longer than for 7 days;
  2. if the data processing is illegal and instead of deleting the data, the User demands that the use of the data should be limited;
  3. when personal data are no longer necessary for the purposes for which they were collected or used, but they are needed by the User in order to establish, enforce or defend claims;
  4. if he/she objected to the use of his/ her data, then the limitation is introduced for the time necessary to consider whether, due to the User’s particular situation, the protection of his/ her interests, rights and freedoms outweighs the interests of TopsilMed in processing the User’s personal data;
  • request that TopsilMed promptly correct any personal data concerning him/her that are inaccurate;
  • lodge a complaint with the supervisory authority in charge of personal data protection (the Office for Personal Data Protection).

 

INFORMATION ON AUTOMATED DECISION-MAKING, INCLUDING PROFILING.

 

  1. TopsilMed analyses Internet activity on the basis of profiling, including the use of cookies, in order to create and present to the Customer dedicated offers tailored as much as possible to the Customer’s preferences.  They may result in an advantageous, temporary offer addressed at the Customer, based on the history of using TopsilMed services and behaviours on TopsilMed web pages.
  2. When using the cookie technology applied on TopsilMed web pages, it is possible to learn about the preferences of Customers – e.g. by analysing how often they visit a website, so that TopsilMed can present the customer with advertisements tailored to him or her as well as create and display offers intended for the Customer.

 

INFORMATION ON THE OBLIGATORY OR VOLUNTARY PROVISION

 

The provision of personal data by the Customer is voluntary, but is indispensable for the conclusion and performance of agreements between the Customer and TopsilMed. The provision of personal data for marketing purposes is voluntary.

 

COOKIE FILES

 

  1. The Website or some of its elements may use cookie files (cookies). Cookies are small files containing IT data, in particular text files, which are stored on the Customer’s end device from which the website is viewed (e.g. computer, laptop, tablet, other mobile devices) and allow, among other things, to adjust the website to the Customer’s needs and preferences, and are used by TopsilMed to collect statistical data. Cookies are not used for identification and the identity of the person browsing the website is not established on their basis.
  2. Cookies used on the website are not harmful to the Customer’s end equipment, so TopsilMed recommends that cookies should not be disabled in the browsers. Most web browsers accept cookies saving by default. TopsilMed hereby informs that limiting the use or total disabling of cookies may have a negative impact on the operation of the Website, including the ability to use some of its functionalities. The Customer, however, may at any time has independently determine the conditions of use of cookies and may restrict TopsilMed access to them using the settings of the used Internet browser – for example, there is the possibility to partially / temporarily limit or completely disable the saving of cookies. In order to make a change in the use of cookies, it is necessary to change the settings of the used browser. The way of changing the use of cookies varies, depending on the browser used, and detailed information on how to remove cookies should be found in the appropriate tab of the browser used by the Customer (e.g. “Help”).
  3. Two basic types of cookies are used within the Website: “session” and “permanent” ones. Session cookies (temporary files) are stored in the Customer’s end equipment until the Customer logs out or leaves the Website. “Permanent” cookies are stored in the Customer’s end device for a period of time specified in the parameters of cookies or until they are deleted by the Customer.
  4. The settings of the browser of the device from which the Website is operated, which allows cookies to be saved, means that the Customer agrees that these files are saved on the Customer’s device. In the case of disagreement with the above, it is necessary to change the cookies settings of the Internet browser, in accordance with the information provided in paragraph 2 above.
  5. TopsilMed monitors Customer information using Google Analytics, which records customer behaviour on the Website.

 

OTHER PROVISIONS.

 

  1. TopsilMed applies policies and procedures to protect personal information against unauthorized loss, misuse, alteration or destruction in accordance with legal requirements.
  2. TopsilMed reserves the right to change the contents of the Privacy Policy, in particular in the event of changes in the applicable laws, new guidelines from the authorities responsible for supervising personal data protection processes, or best practices in the area of personal data protection. The Customer will be informed about such a change by new contents of the Privacy Policy published on the website.
  3. In the event of any conflict or between the contents of the Policy and the consents given by the Client or any related doubts, regardless of the contents of the Policy, the basis for the scope of action taken and determined by TopsilMed are the consents voluntarily given by the Customer or applicable legal provisions. This document is for general information purposes only and does not constitute a source of obligation for the Customer, and in particular does not constitute any agreement or regulations.
  4. The Privacy Policy has been in force since 01.01.2019.