Privacy policy

This Privacy and Cookie Policy outlines the principles of processing and protection of personal data. Both documents also aim to clarify the reasons for collecting and processing personal data as part of our business activities.

  1. What is personal data?

Personal data includes all information that allows an individual to be easily distinguished from others. This can directly relate to the person (such as their name, identification number, and sometimes even email address or online account) or information that does not describe them directly, such as their characteristics, health status, opinions, place of residence, habits, race, or religion.

  1. What personal data are we talking about in our case?

This refers to data provided to us by our Clients, Contractors, Collaborators, and Employees in connection with using our services, cooperating with us, or employment. These data are processed by us.

  1. What does data processing mean?

Data processing includes any operation that can be performed on personal data – related both to their active use, such as collecting, retrieving, recording, organizing, modifying, or sharing, as well as passive actions, such as storing, restricting, deleting, or destroying.

  1. Who is the Data Controller (meaning who influences their processing and security)?

The Data Controller is Krzysztof Mędrela, Parkowa 95, 32-087 Bibice, NIP: 5130254285.

You can contact the data controller:

by mail: Krzysztof Mędrela, Parkowa 95, 32-087 Bibice,

by email: krzysztof@medrela.com

  1. On what legal basis and for what purpose do we process your data?

Each data processing must be based on a proper legal basis, in accordance with applicable laws. Such a basis can be your consent to process data or other legal provisions allowing it, in line with the Act of May 10, 2018, on personal data protection (Journal of Laws of 2019, item 1781) and the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Your data may be processed by us for the following purposes:

  • If you are our client or interested in using our services or products, your personal data will be processed based on Article 6(1)(b) of the GDPR for processing necessary to perform a contract or to take steps at the request of the data subject before entering into a contract.
  • If you use our services, we may process your data for invoicing purposes and to fulfill other legal obligations under tax law, based on Article 6(1)(c) of the GDPR.
  • We may also process your data to ensure the safety of persons and facilities or network and information security. This is our legitimate interest, and data are processed based on Article 6(1)(f) of the GDPR.
  • If you are interested in working with us, your data in the application or CV are processed in paper or electronic form. The legal basis here is the fulfillment of legal obligations on the Administrator resulting from Article 22[1] § 1 of the Labour Code of June 26, 1974 (Journal of Laws of 2019, item 1040, as amended) and in accordance with Article 6(1)(c) of the GDPR, and to take steps at the request of the data subject before entering into a work contract – in accordance with Article 6(1)(b) of the GDPR.
  • If you subscribe to our newsletter – it is our legitimate interest, and data are processed based on Article 6(1)(f) of the GDPR and the consent given under Article 6(1)(a) of the GDPR.
  • If you use our website and its subpages where cookies are used – it is our legitimate interest, and data are processed based on Article 6(1)(f) of the GDPR.
  1. To whom do we disclose your data?

In accordance with the law, we may disclose your data to entities processing them on our behalf, such as hosting companies where we maintain our website or subcontractors of our services. We are also obliged to provide them upon request to authorized entities based on other legal provisions, e.g., Social Insurance Institution (ZUS), Tax Office (US), courts, or law enforcement agencies. In some cases, however, disclosure will only occur if they approach us with a request, indicating the law that allows them to make such a request.

The Administrator does not generally intend to transfer data to third countries outside the European Economic Area. However, due to the use of Google and Facebook services on our websites and social media, User Data may be transferred outside the European Union, to third countries, and if this happens, they will be transferred exclusively based on standard contractual clauses issued by the European Commission according to Article 46(2)(c) of the GDPR.

Detailed information is available in the privacy policy of each service provider, available on their websites. For example:

Google LLC: https://policies.google.com/privacy?hl=en

Facebook Ireland Ltd.: https://www.facebook.com/privacy/explanation

Currently, services provided by Google and Facebook are mainly delivered by entities located in the European Union. However, it is always necessary to familiarize yourself with the privacy policy of these providers to obtain current information on personal data protection.

In the European Union, in all member states, thanks to the GDPR, whose text is available HERE, you are guaranteed an identical level of protection for your data.

  1. How long will we process your data?

We pay great attention to limiting the scope of data collected by us and the duration of their processing to a minimum. For this purpose, we systematically review the paper and electronic documents we hold, removing unnecessary ones whose utility has expired. Remember, depending on the basis on which we obtained your data, separate – independent of us – legal provisions may decide the duration of data processing, which may impose an obligation on us to store your data, regardless of your will or desire. Examples include labor law, social insurance law, or accounting and bookkeeping regulations.

If the data we hold were to be used for a purpose other than for which they were obtained, you would always be informed by us, and you could object to this.

  1. What are your rights regarding your data?

If we process your personal data, you always have the right to:

  • request access to data – within the limits of Article 15 of the GDPR,
  • their correction – within the limits of Article 16 of the GDPR,
  • request deletion – within the limits of Article 17 of the GDPR, or restriction of processing – within the limits of Article 18 of the GDPR,
  • object to data processing – within the limits of Article 21 of the GDPR,
  • data portability, including obtaining a copy – within the limits of Article 20 of the GDPR.

All these rights have been detailed in Articles 15 to 21 of the GDPR, the link to which we have provided above.

You can also withdraw your consent to the processing of personal data; in such a case, we will immediately delete your personal data unless there is a legal obligation requiring us to continue processing them. For example, if you request the deletion of your data from personnel documentation, we will immediately remove your data from the database. However, according to the provisions related to staff, we will still have them in our financial and accounting documentation for the period regulated by the currently applicable legal provision.

If you believe that we have violated your rights in any way – which of course we do not want – or have not ensured the security of your personal data, you have the right to lodge a complaint with the supervisory authority, which is the President of the Personal Data Protection Office.

  1. Automated decision-making and profiling information.

Based on your data, we do not make any decisions that would be automated, meaning they would take place without human intervention. We also do not undertake any actions aimed at profiling you.

Remember that our site may contain links to other websites. They will open in a new browser window or the same window. We are not responsible for the content conveyed by these sites, and you, as a User, are obliged to familiarize yourself with the privacy policy or regulations of these sites.

  1. How do we protect your data?

To ensure the security of your data, we use organizational and technical measures required by law. We have installed necessary physical protections in our headquarters to prevent access to personal data by unauthorized persons. Our employees have the required authorizations, appropriate confidentiality agreements, and data processing assignments, and can process data in a limited manner, i.e., only to the extent necessary for the proper performance of their official duties.

The security of your data transmitted electronically is ensured by the 128-bit SSL security protocol we use. Its graphic symbol is a green lock displayed in the web browser at the address of our site. Thanks to its encryption before transmission, you can be sure that you are entering our site, which has not been modified in any way while traveling to you through the Internet.

Remember that you, as a User, should also take care to secure your personal data transmitted over the Internet, especially not to disclose your login data to third parties, use antivirus protection, and update the software you have.

  1. The Administrator reserves the right to make changes to this privacy policy, in accordance with applicable law. The cause of changes may be changes related to the development of Internet technology, changes in generally applicable law, or the development of the Site through new administrative tools. The date of publication and update of the Privacy Policy is at the top of the page.
  2. The Administrator on its pages uses:

Subscription form for the newsletter – it requires providing your name and email address in the appropriate place. These fields are mandatory. The User may also provide their surname (optionally). Then, to add their email address to the Administrator’s newsletter subscriber list, the User must confirm their subscription by confirming in the received email message. The data obtained in this way are added to the mailing list for sending the newsletter.

Subscribing to the newsletter means that the User agrees to this Privacy Policy and consents to receive marketing and commercial information via electronic communication means, e.g., email, in accordance with the Act of July 18, 2002, on providing services by electronic means (Journal of Laws of 2019, item 123). By subscribing to the newsletter, the User also consents to the use of telecommunications terminal equipment by the Administrator (e.g., phone, tablet, computer) for direct marketing of the Administrator’s products and services and presenting the User with commercial information in accordance with Article 172(1) of the Telecommunications Law Act (Journal of Laws of 2018, item 1954, as amended).

  1. Disclaimer and Copyright

Our guide on the website www.medrela.com is for informational and educational purposes only. In no case can it replace professional consultation with a specialist in a given area of activity or reliance on the appropriate interpretation of applicable law. The authors are not responsible for its content to any extent, especially for any damage caused by its application, improper application, or failure to comply with it. In the guide, we share only personal experiences, acquired knowledge, and resources that can be found in generally available sources or publications. The content on the site is an expression of the authors’ views, who reserve the right to change them at any time. Using this content does not also build a legally binding contract relationship.

Our website www.medrela.com also contains links to other sites, videos, and information that we deemed valuable or interesting. However, we are not responsible for the content on these pages, their possible changes, or the privacy policy practiced by their current or future owners.

All content placed on our website www.medrela.com is subject to copyright of specific individuals and/or the Administrator (e.g., photos, texts, videos, free materials, etc.). The Administrator does not consent to copying these contents in whole or in part without his express, prior consent.

Cookie Policy

  1. What are cookies and what are they used for?

Cookies are text files that are saved on your device and used by the server to recognize that device upon reconnection; they are downloaded each time you “enter” and “exit” from our site. Cookies are not used to determine your identity, only your device – among other things, to recognize the browser you use so that the displayed image is optimally adjusted to the technical capabilities of your equipment, such as its resolution or version.

Cookies are most commonly used in the case of counters, polls, online stores, sites requiring login, advertisements, and to monitor the activity of visitors. Cookies also enable, among other things, remembering your interests and adjusting web pages to them in terms of displayed content and matching advertisements. These files are used practically by all services operating on the Internet – search engines, information sites, blogs, online stores, government websites, etc. Our site also uses them.

  1. What do cookies do?

Generally, they work on the following principles:

  • They identify the computer and browser used to browse websites – allowing, for example, to find out if a particular computer has visited the site before,
  • The data obtained from “cookies” are in no way combined with personal data of users obtained, for example, during registration on the services,
  • They are not harmful either to you or your computers or smartphones – they do not affect the way they work,
  • They do not cause configuration changes in end devices or software installed on these devices,
  • The default parameters of “cookies” allow reading the information contained in them only to the server that created them,
  • Based on your behavior on visited websites, they transmit information to servers, which allows the displayed page to be better adjusted to individual preferences.
  1. What types of cookies are there?

There are the following types of cookies:

  • “Session cookies” are temporary files stored in the browser’s memory until the end of its session. These files are mandatory for some applications or functionalities to work correctly. They should be automatically deleted from the device on which you were browsing the page after closing the browser,
  • “Persistent cookies” facilitate the use of frequently visited pages. These files are stored in the appropriate folder for a longer time, which you can regulate in the settings of the browser you use. Each time you visit the site, data from these cookies are sent to the server. This type of cookie is sometimes called “tracking cookies” in English,
  • “Third-party cookies” are files usually coming from advertising servers, search servers, etc., cooperating with the owner of a given site. Thanks to them, displayed advertisements are adjusted to your interests and habits, which in turn often allows you to use part of the content of the service for free. They also help count “clicks” on ads, user preferences, etc.
  1. Do you need to consent to our use of cookies?

Remember that you have the ability to manage “cookies” independently. This is enabled, for example, by the internet browsers you use (usually the mechanism is enabled by default). In the most popular browsers, you have the option to:

  • accept the handling of “cookies”, which will allow you to fully use the options offered by websites,
  • manage cookies at the level of individual, selected sites by you,
  • specify settings for different types of “cookies”, for example, accepting persistent files as session ones, etc.,
  • blocking or deleting cookies. Information about the possibility of enabling and disabling cookies in the most popular browsers can be found in their settings options.

Leaving your browser settings unchanged means you agree to our use of cookies. Blocking or disabling the handling of some of their types may, however, prevent you from using the full functionality of the site or disrupt its proper functioning.

  1. What do we use cookies for?

The site uses both session and persistent cookies. We use them for the following purposes:

  • creating statistics, which allows improving the content of pages, their structure, and content,
  • maintaining the User’s session on the site. For the correct display of the page, the following information is collected: name and version of the internet browser, language settings, date and time of sending the request to the server, IP from which the request was sent, requested URL. These data are collected to enable proper handling of the site.

To create statistics, the internet analytics tool – Google Analytics, which collects data and uses its own cookies in accordance with the Privacy Policy of Google available at this address, is used.

Google collects data on its servers obtained from placing cookies on devices and uses this information to create reports and provide other services related to traffic and internet usage. Google may also transfer this information to third parties if required to do so by law or when such third parties process the information on Google’s behalf.

Data collected by our site are not disclosed or made available to third parties except for the appropriate law enforcement authorities authorized to conduct criminal proceedings in connection with its initiation at our request.