Dear Clients
For the past 28 years, we have been providing the most up-to-date medical information for physicians and health-care professionals and for over 6 years, we have also functioned as a resource of medical knowledge for all those who are not part of the health-care system.
We continuously strive to broaden our offer and the range of our services. We have also been approaching your personal data and privacy with due diligence, and we protect your rights in that respect.
On 25 May 2018, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or the GDPR), has entered into force.
In accordance with the GDPR as well as other laws and regulations on personal data protection in force, we are obliged to provide you with information concerning the processing of the said data.
The information is detailed below:
1. PERSONAL DATA CONTROLLER
Your Personal Data Controller (the “Data Controller”) shall be:
"Medycyna Praktyczna" Wojciech Bodzoń, Piotr Gajewski, Jarosław Kużdżał, Wiesław Latuszek-Łukasiewicz, Bernard Wirkijowski Spółka jawna
with its offices at: ul. Rejtana 2, 30-510 Kraków, Poland
Tel.: +48 12 293 40 00, fax: +48 12 293 40 10
Tax ID [NIP]: 6790044689
Business ID [REGON]: 350023040
You may contact our data protection officer at the above address or at the following email: iod@mp.pl
2. DATA PROCESSING PURPOSE
Your personal data shall be processed for the following purposes:
– execution and performance of an agreement on providing electronic services pursuant to the use of websites provided by the Data Controller
– execution and performance of product and services sales agreements offered by the Data Controller
– market and statistical research for the purpose of business activity conducted
– marketing or business activity conducted individually or in cooperation with other entities.
3. LEGAL BASIS FOR DATA PROCESSING
The legal basis for your data processing are the following:
– your consent
– the necessity to perform an agreement to which you are the party or to conduct activities prior to concluding an agreement with you
– reasonable lawful interest of the Data Controller or any third party.
4. DATA PROCESSORS
Your personal data can be transferred to the following processors:
– trusted entities (processors) which, pursuant to an agreement with the Data Controller, perform specific tasks clearly defined by the Data Controller (e.g. conference and training organization can be run by a partner who will receive your personal data for the purpose of participant registration, certification purposes, issuing invoices, etc.)
– courier and postal services so that you can receive correspondence
– telecommunications operators so that you can receive text messages
– online payment operators so that you can make online payments
– banks so that you can receive wire transfers from us
– accounting services which keep the Data Controller’s accounting records
– law firms
– entities or bodies entitled pursuant to specific laws (courts, prosecutors’ offices, police)
– other entities at your request or following your separate agreement.
5. DATA PROCESSORS FROM OUTSIDE THE EU
Pursuant to the fact that the websites provided by the Data Controller use Cookies, data collected with Cookies can be transferred to third countries, i.e. countries outside the EU (e.g. USA) as a result of:
– your actions in social media and the use of plug-ins and other tools from these services (such as e.g. Facebook, Twitter, Google+) in our websites
– the use of analytical tools and tools used to anonymously analyze user behavior, in particular Google Analytics and Gemius Traffic
– the use of advertising platforms to obtain financial means for the operation of our websites (e.g. Google AdSense).
The details concerning Cookie use are included in Section 10. Cookies below.
6. DATA PROCESSING TIME
Your data processing time depends on the purpose for which the data is being processed. The Data Controller shall process your data for a specific period of time depending on the following factors:
– legal requirements which can oblige the Data Controller to process data for a specific period of time (e.g. tax regulations)
– the time in which we provide you with our services
– the time which is necessary to protect the Data Controller’s best interests (e.g. expiry of your claims towards the Data Controller in connection with the services provided by the Data Controller)
– the duration of your consent.
7. RIGHTS OF THE PERSONS WHOSE DATA IS PROCESSED
We inform that pursuant to your personal data being processed by the Data Controller you are entitled to:
– access your personal data
– correct your personal data
– withdraw your consent at any point in time (this does not however affect data processing prior to consent withdrawal)
– remove your personal data or limit the scope of its processing (these rights are limited by specific GDPR provisions)
– object any further processing of your personal data – in the event that data is being processed pursuant to legal interests of the Data Controller or other entity (this is subject to limitations set out in the GDPR)
– transfer your personal data to another data controller
– instigate claims at the President of the Personal Data Protection Office, if you suspect that your personal data processing violates GDPR provisions.
8. EXERCISING YOUR RIGHTS
The respect for your rights has always been one of the main values in the course of our business. Consequently, we accept all your requests in this respect in any of the forms listed below:
a. by email
b. by post
c. by telephone
d. by fax.
For some services you may also communicate your requests, decisions, additional data or information via www forms or by text messages. In such cases, if possible, your request may be processed automatically.
For instance: an “unsubscribe” request can be effected by clicking into a link placed at the bottom of each newsletter email; after you complete a simple form available from our website, your address will be removed from our mailing list; for text messages, “unsubscribe” request consists in sending a text message containing the word “STOP” in reply to the last message received.
For some services, in particular ones that do not enable user identification e.g. anonymous browsing of our webpages without registering or logging in, you can exercise your rights directly by managing mechanisms for blocking Cookies by your web browser. Additional information on this subject is given below, in Section 10. Cookies.
9. PROFILING AND AUTOMATED DECISION-MAKING
We use profiling in our websites and to some extent also in other marketing activities. Consequently, the content, offers and marketing presented can be modified in such a way as to better suit your needs.
Profiling is done on the basis of data collected, including especially: physician status and specialization, geographical location data and information collected with Cookies.
Profiling is to meet your anticipated interests and preferences, for example:
– users with doctor status will be the first to receive information on training for their specialization and close to their place of residence or workplace
– users with doctor status will be the first to receive scientific information that is more useful for their specialization, medicine advertisements and information on treatments useful in their practice (tailored offer).
Profiling by no means does not limit your access to any content, offers or communications, for example, MDs interested in a conference which is not related to their specialization will be able to easily find information on such conference and register through our website.
Profiling does not increase the intensity of marketing and for some users it can even decrease it.
We do not use any automated decision-making mechanisms which could lead to your entering into unfavorable agreements or result in your facing any adverse legal effects.
10. COOKIES, PLUG-INS AND OTHER THIRD PARTY ITEMS IN OUR WEBSITES
Cookies are small files which are sent from browsed websites and stored on a user’s computer (different Cookies are created for each user and each browser). Cookies can be read only by websites within a given domain. Here you can find a list of Cookie types according to their function:
a) essential – they support the operation of a website and if they are not present the website cannot function properly or at all; for example if there are no Cookies which store the user login information in an extreme situation would result in a necessity to log in every time a user would go to another page within the same website; it also would not be possible to store the shopping cart info without relevant Cookies because every time the user went to another page, the shopping cart would get empty;
b) customization – store information concerning your preferences and choices within a website. Their absence does not stop the website from working but can significantly affect its functioning; for example the browser would not “remember” the language option you chose and thus pages would be opened in a random language version, or notices, which as a rule should be displayed only once, would reappear every time you open a page;
c) analytical – are usually created for external analytical services which specialize in collecting anonymous information (no user identification) concerning service use, aggregating the data and generating reports. An analysis of website browsing history is of key importance for strategic decisions concerning further website development. Absence of analytical Cookies in a high percentage of users can disrupt analytical processes which can lead to less favorable decisions concerning e.g. some parts of the website which appear less popular in the reports but actually is not so;
d) marketing – can be created both for a domain in which the website operates and for third parties. Among other things, such Cookies help to limit the number of displays of a marketing information for a single user and, to the extent possible, adjust the message to users’ preferences and interests. This type of third-party Cookies are created in an anonymous version (do not identify the user) and the evaluation of user preferences is made mainly based on an analysis of the user’s activity in several services which use the said technology. If these Cookies are absent, the intensity of marketing is not limited but marketing is then made absolutely random.
10.1. We use all the above types of Cookies in our websites, domains and sub-domains:
– mp.pl
– empendium.com
– pamw.pl
10.2. Cookies for our domains allow:
– to share selected content (logging-in is required) without the necessity to log-in after each session ends
– for persons logged in as MDs, automated redirecting to the websites for MDs and others to the patients’ portal
– better targeted advertising
– to adjust scientific content to specialization (e.g. homepage includes default scientific info for an MD’s specialization saved in our database but if the MD selects another specialization, this choice will be stored by Cookies).
10.3. In our domain Cookies:
– user information (GUID) is coded so that users can be identified only by our server
– we do not record any data publicly
– bazalekow.mp.pl website saves geographic location identified by a web browser (if allowed by the user) to be used in the future
– poczet.mp.pl (www.mp.pl/lekarz) website we save geographic location identified by a web browser (if allowed by the user) to be used in the future
– for poczta.mp.pl session ID is saved.
10.4. We allow third-party Cookies in our websites for the following domains:
- facebook.com
- google.com
- gemius.pl
- hit.gemius.pl
- doubleclick.net
- neuca.api.dmp.nsaudience.pl
10.5. We use the following third-party widgets in our websites:
- apteline.pl (in bazalekow.mp.pl only)
- ktomalek.pl (in bazalekow.mp.pl only)
- Facebook Likebox
- Google+
10.6. To be displayed, two widgets require additional parameters:
i. apteline.pl:
- geographic location identified by a browser (if allowed by the user)
- product IDs (medicines) visible on the webpage
- product prices (medicines) visible on the webpage
ii. ktomalek.pl:
- geographic location identified by a browser (if allowed by the user)
- product ID of the first product (medicine) visible on the page or ID of a product (medicine) selected by the user.
10.7. We allow the following limited third-party JavaScript in our websites:
– ktomalek.pl
– Google:
https://ssl.google-analytics.com/ga.js
http://www.google-analytics.com/ga.js
https://pagead2.googlesyndication.com/
https://stats.g.doubleclick.net/
– Neuca:
http://track.adform.net/
– https://neuca.api.dmp.nsaudience.pl
– Gemius:
http://gapl.hit.gemius.pl,
– Facebook:
http://connect.facebook.net/pl_PL/all.js (Facebook Likebox widget display)
All well-known web browsers allow Cookies by default. However, the users have full control over allowing and blocking these Cookies:
– globally – all Cookies
– collectively – only third-party Cookies
– selectively – separate Cookies for each domain.
If you have any questions, concerns or doubts regarding our Privacy Policy or the way we process personal data, or claims related to these issues, please send a letter by email to the data protection officer or to the Data Controller at the address shown in Section 1 above.
We will answer all your queries and claims.
On our part, we would like to thank you for your trust and ensure you that we will put our best effort into safeguarding your personal data and make certain that it is processed in accordance with the laws and regulations in force.
With best regards,
Medycyna Praktyczna