Data confidentiality and the protection of our customers’ privacy is a priority issue for us. Therefore, out of concern for the security of personal data, we have established a policy setting out the rules on how personal data is processed on the websites belonging to Medicover Benefits Sp. z o.o.. Personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as GDPR).
The phrases and expressions used in this Policy have the following meanings:
- personal data – within the meaning of Article 4(1) GDPR means any information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly;
- processing – within the meaning of Article 4(2) GDPR means an operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- controller – within the meaning of Article 4 (7) of the GDPR means data controller, i.e. the entity which alone or jointly with others determines the purposes and means of the processing of personal data. Whenever this Policy refers to the Controller, it shall mean Medicover Benefits Sp. z o.o.
WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The controller of your personal data within the meaning of Article 4(7) of the GDPR is Medicover Benefits Sp. z o.o. in Warsaw (00-807), Aleje Jerozolimskie 96, entered in the Business Register of the National Court Register kept by the District Court for the Capital City of Warsaw, 13th Commercial Division of the National Court Register, under KRS number 0000391554, VAT no. (NIP): 118-207-54-86 and REGON: 143-875-756, (hereinafter referred to as the Controller).
HOW CAN YOU CONTACT US?
You can contact us as follows:
Ø by post at the following address: Medicover Benefits Sp. z o. o., Al. Jerozolimskie 96, 00-807 Warszawa
Ø by telephone: +48 22 290 34 90
DATA PROTECTION OFFICER
We have appointed a data protection officer (Karolina Białkowska). This is a person you can contact on all matters concerning the processing of your personal data and the exercise of your rights in relation to data processing. You can contact the DPO as follows:
- by post at the following address: Personal Data Protection Officer, Medicover Benefits Sp. z o. o., Al. Jerozolimskie 96, 00-807 Warszawa
- by email: IOD@medicoverbenefits.pl
FROM WHICH SOURCES DO WE OBTAIN YOUR DATA?
Personal data are obtained directly from you by completing the contact form or through cookies.
WHAT DATA DO WE PROCESS?
FOR WHAT PURPOSE AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR DATA WHEN YOU USE OUR WEBSITE?
|Purpose of data processing||Legal basis|
|To provide a response to a person who has made contact with the controller via the contact form, by telephone or by post.||Legitimate interest of the controller – Article 6 (1)(f) of the GDPR.|
|To provide the contacts necessary for the handling and performance of the contract entered into with the entity on whose behalf you are entering and to maintain your business relationship.||Legitimate interest of the controller – Article 6 (1)(f) of the GDPR.|
|Handling of any complaints or claims, as well as the establishment, investigation and defence of claims.||Legitimate interest of the controller – Article 6 (1)(f) of the GDPR.|
|Fulfilment of legal obligations imposed on the Controller concerning the exercise of data subjects’ rights.||Fulfilment of a legal obligation incumbent on the controller – Article 6 1 lit. c) RODO.|
|Sending marketing content (including, in particular, information on the company, new products, current offerings) by e-mail.||Entities processing personal data on behalf of Medicover Benefits Sp. z o. o|
|To carry out direct marketing activities in accordance with the communication channel preferences you have expressed.||Legitimate interest of the controller – Article 6 (1)(f) of the GDPR.|
|Collection of information on website traffic statistics.||Legitimate interest of the controller – Article 6 (1)(f) of the GDPR.|
ARE YOUR DATA PROFILED ?
We may carry out profiling, which is the automatic assessment of certain personal factors about you, based on your personal data. We carry out profiling in order to appropriately select communication and promotional materials for our business. We will select appropriate content for communication and promotional materials based on your profile. When profiling, we take into account data about your behaviour on websites and mobile apps.
WHO HAS ACCESS TO YOUR PERSONAL DATA?
The recipients of your personal data will be entities processing personal data on behalf of the Controller for the fulfilment of the purposes for which the data are collected (in particular, entities providing IT solutions and IT and technical support services). These entities will only have access to your personal data to the extent necessary to perform the tasks incumbent upon them, on the basis of the contracts between us.
CAN YOUR PERSONAL DATA BE TRANSFERRED OUTSIDE THE EUROPEAN ECONOMIC AREA?
In order to ensure the highest possible quality of service, the controller uses other suppliers, e.g. for IT support. Accordingly, your personal data may be transferred outside the European Union. We assure you that in such a case the transfer of data will be based on an appropriate agreement between the controller and such entity containing standard data protection clauses adopted by the European Commission, or on the basis of a relevant decision of the European Commission.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The duration of data processing is related to the purposes and grounds for processing, therefore:
- data processed on the basis of a legal obligation incumbent on the Controller will be processed for the period indicated in the specific provision of commonly applicable law;
- data processed on the basis of the legitimate interest of the Controller will be processed until an objection is successfully lodged or this interest ceases, e.g. data processed for the purpose of asserting or defending against claims will be processed for a period equal to the period of limitation of these claims;
- data processed on the basis of consent will be processed until consent is withdrawn.
WHAT RIGHTS DO YOU HAVE IN RELATION TO THE PROCESSING OF YOUR PERSONAL DATA?
You are entitled to:
- request access to your personal data;
- request the rectification of personal data;
- request the deletion of personal data (only if we are not obliged by law to process it);
- request the restriction of the processing of personal data;
- request portability of your personal data, i.e. the right to receive your personal data from us, in a structured, commonly used machine-readable computer format. You may send these data to another Controller or request that we transfer your data to another Controller. However, we will only do this if such a transfer is technically possible;
- where the processing of personal data is based on the legitimate interests of the Controller, the right to object at any time to the processing of personal data on grounds relating to the particular situation of the person;
- where the legitimate interest is to carry out direct marketing activities, the right to object at any time to the processing of personal data for the purpose of carrying out marketing activities, without having to justify its decision,
- to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal,
- lodge a complaint to the supervisory authority, i.e. the President of the Office for Personal Data Protection.
A request to exercise your rights may be sent to the contact details given at the outset.
- What are cookies for?
- What cookies does Medicover Benefits use?
The medicoverbenefits.pl website uses performance cookies, i.e. cookies used to collect information about the way the website is used so that it works better, and functional cookies, i.e. cookies that allow the website to “remember” your settings (e.g. language, font size). These include:
google-analytics.com cookies – statistics for the medicoverbenefits.pl website
– session cookies (expire after the session has ended)
- How to increase the level of protection?
The cookie protection level is set in each browser: You can set the level of protection against cookies in your browser – up to and including blocking cookies completely. This increases the level of security and data protection, but may also prevent certain functions, e.g. logging into an email account.
- How do I change my settings on the most popular search engines?
a) Google Chrome
You have to click on the menu (top right corner), tab Settings > Show advanced settings. In the “Privacy” section, you have to click on Content settings. In the “Cookies” section, you can change the following cookie settings:
- Deletion of cookies
- Default blocking of cookies
- Allowing cookies by default
- Default retention of cookies and site data until the browser is closed
- Specifying exceptions for cookies from specific sites or domains
b) Internet Explorer 6.0 and 7.0
From the browser menu (top right corner): Tools >Internet Options > Privacy, Sites button. Use the slider to set the level, confirm the change by clicking OK.
c) Mozilla Firefox
From the browser menu: Tools > Options > Privacy. Activate the Firefox box: “will use user settings”.
The decision about the cookies is made by clicking – or not clicking – on the Accept cookies item.
From the browser menu: Tool > Preferences > Advanced.
Cookies are decided by ticking – or not ticking – the Cookies item.
In the Safari drop-down menu, you need to select Preferences and click on the Security icon. Here, you select the security level under “Accept cookies”.