Privacy policy of the portal Takes-care.com
-
General information.
-
Administrator of the portal Takes-care.com,
www.takes-care.com is the company Takescare
With limited responsibility, based in Krakow, os. Słoneczny 8/43, 31-957
Krakow, entered in the Register of Entrepreneurs by the District Court for Krakow-Śródmieście in
Krakow, XI Economic Department of the National Court Register under the KRS number
0000648009, NIP No. 678-31-63-938, REGON 365933460, electronic address: Takescare@Takes-
Care.com .
-
The TC portal is used to provide an electronic service consisting in providing the system
ICT, enabling remote contact between a doctor or other
expert
from the medical or pharmaceutical industry and the patient, interested in obtaining a service.
As part of the service provided, the portal Takes-care.com ensures, at an individual request
Patient, data transmission (sending or receiving data) as well as storage
data
posted or gathered by the patient (or at his request - by another
User) on the individual patient's account, using or as a result of use
intended mechanisms available through the TC portal.
-
The TC portal provides electronic services and information about obtaining information about
Users and
their
behavior as follows:
-
Through information voluntarily entered in the forms.
-
By saving cookies in the end devices (so -called "cookies").
-
By collecting the logs of the web server by the Takescare hosting operator
Sp. z o.o, functioning at the address Słoneczne 8/43, 31-957 Krakow
-
Information in the forms.
-
The TC portal collects information provided voluntarily by the user.
-
The TC portal collects information provided voluntarily by the user.
-
Processing of users' personal data.
-
The administrator of users' personal data is the Takescare Limited Company
responsibility, based in Krakow, os. Słoneczne 8/43, 31-957 Kraków, Written
down
Register of Entrepreneurs by the District Court for Krakow-Śródmieście in Krakow, XI
Department
Economic of the National Court Register under the number KRS 0000648009, No. NIP 678-31-63-
938, REGON 365933460, Electronic address: Takescare@takes-care.com.
-
Takescare appointed the Data Protection Inspector. With the Data Protection Inspector, you can
to contact:
-
by e-mail: iod@takes-care.com
-
in writing to the address Takescare Spółka z o. o., with its registered office in Krakow, os. Sunny
8/43,
31-957 Krakow.
-
The data provided by the User is processed to provide the Service and for the purpose
enabling the user who is a patient to acquire online medical consultation.
-
The user acknowledges that the TC portal gathers, processes and uses
provided information and data, including personal data on health (so -called special category
personal data). Takescare processes this data based on the explicit consent of the user
(Article 6 (1) (A Art. 9 (2) of the GDPR). In order to perform the service, access to the abovementioned
data
He obtains a specialist or facility chosen by the patient. The above sharing
data
by the patient through the TC portal is voluntary but necessary for
obtaining an online consultation or other service for which these data is necessary or
required.
The patient may change the scope of institutions or specialists at the moment of his choice,
which his personal data, including medical personal data, is made available for
through the TC portal.
-
If the user agrees, then Takescare Sp. z o.o. can use the given data
User contact for marketing of own products offered by Takescare
Sp. o.o., currently performed and in the future within the limits set by
generally applicable law, in particular by phone contact
(call back) or by sending commercial information through funds
electronic communication (in particular e -mail).
-
Takescare Sp. z o.o. processes users' personal data with the required behavior
by the Polish law of security measures and respecting the applicable
the scope of legal provisions. Personal data is processed in accordance with the Protection Act
personal data, in particular with the provisions of art. 6 para. 1 lit. a, b and f rodo and
regulations
executive to the abovementioned Act. At Takescare Sp. z o.o. The so -called high level
safety.
-
The user has the right to access his personal data and it
correction, as well as the right of a written request to stop their processing and to
raising opposition, in view of their processing for marketing purposes, in cases
indicated in the Personal Data Protection Act.
-
Information about cookies.
-
The TC portal uses cookies.
-
Cookies (so -called "cookies") are IT data, in particular files
text,
which are stored on the end device of the TC portal and are intended for
Using websites of the TC portal. Cookies usually contain the name of the page
Internet from which they come, the time of storing them on the end device and
unique number.
-
The entity placing Cookies on the user's end device TC
and access to them is the TC operator. Cookies used
are in
the following purposes:
-
creating statistics that help you understand how users of the portal
TC
use websites, which allows you to improve their structure and
content;
-
Maintaining the user of the TC portal (after logging in), thanks to which
User
No
He must re -enter the login and password on each subpage of the TC portal;
-
determining the user profile to display matched materials in
advertising networks, in particular Google networks.
-
maintaining the user's session, allowing access to content and services
available
only
for logged in,
-
navigation support within the site,
-
gathering statistics regarding traffic on the site that allows
optimize
her
contents,
-
conducting promotional activities.
-
On our website, cookies can also use the Houses cooperating with the TC portal
media and research companies.
-
As part of the TC portal, the following types of cookies are used:
-
session - temporary files that are stored in the end device
User
Until logging, leaving the website or disabling
software
(web browser)
-
permanent - these files are stored in the user's end device for time
specified in the parameters of cookies or until they are deleted by
User
-
third parties - set by other services than Takescare, e.g. Google
Analytics.
-
Web browsing software (Internet browser) usually
By default, it allows you to store cookies on the user's end device.
Users of the TC portal can change the settings in this area. Browser
The internet allows you to delete cookies. Automatic is also possible
blocking
Cookies Detailed information on this subject contains help or documentation
web browser.
-
Restrictions on the use of cookies may affect some functionalities available
On the website of the TC website.
-
Cookies posted on the TC user's end device and used
They can also be by advertisers cooperating with the TC operator and
partners.
-
We recommend reading the privacy policy of these companies to learn the rules
use
from cookies used in statistics: Google Privacy Protection Policy
Analytics
-
Cookies can be used by advertising networks, in particular the Google network,
down
Views of ads tailored to the way the user uses the TC portal. In
This purpose can maintain information about the user navigation path or time
remaining
on a given page.
-
In the field of information about the user preferences collected by the advertising network
Google
The user can view and edit information resulting from cookies using
Tools: https://www.google.com/ads/preefers/
-
Server logs.
-
Information about some users' behavior is logged in to the layer
server. These data are used only to administer the TC portal and
in
to ensure the most efficient service of hosting services rendered.
-
The resources viewed are identified by URLs. In addition, the entry may be subject to:
-
the arrival time of the inquiry,
-
time sending a response,
-
Customer station name - identification implemented by the HTTP protocol,
-
information on errors that took place when the HTTP transactions were made,
-
URL website url previously visited by the user (Referer Link) - W
case
when the transition to the TC portal occurred through the link,
-
information about the user's browser,
-
Information about the IP address.
-
The above data is not associated with specific people browsing the pages.
-
The above data is used only for the Portal Administration purposes.
-
Data available.
-
Data are subject to external entities only within the law
allowed.
-
The data contained in the forms and then saved on the User's account is not
made available to third parties differently than with the consent of the User and on the terms
specified in the regulations of the internet portal Takes-care.com
-
The administrator may be obliged to provide information collected by the TC portal
authorized authorities on the basis of lawful demands to the extent resulting from
tasks.
-
Managing cookies - how to experience and withdraw consent in practice?
-
If the user does not want to receive cookies, he can change the settings
browsers.
We reserve that disabling cookies necessary for processes
authentication,
safety, maintenance of user preferences can make it difficult, and in extreme
cases may prevent the use of websites
-
To manage the cookies settings, select from the list below the browser
internet/
System and follow the instructions:
-
Internet Explorer
-
Chrome
-
Safari
-
Firefox
-
Opera
-
Android
-
Safari (iOS)
-
Windows Phone
-
BlackBerry
-
Security of stored data
-
Data storage - all data stored and sent by Users
They are encrypted. Our bases have been registered with the Chief Protection Inspector
Personal data. Due to the nature of stored data, we meet the requirements
the highest, third level of security, determined by the abovementioned institution.
-
Safe connection - throughout the use of the Website, user connection
is
encrypted with a 256-bit SSL key. We took care of the highest level of security and to
transmission encryption we use the most trusted certificates such as
applied
are
in electronic banking. The authenticity of our certificate can be at any time
to check.
-
Entrusting the processing of personal data
-
Parties' statements
-
The conclusion of the contract means for the administrator (service provider), the need to entrust
Specialist (service recipient), also known as the processing entity, to
processing of personal data belonging to third parties (in particular
patients),
introduced by the Service Recipient into the software. Entrusting processing
data
passenger centers regulates the "contract of entrusting data processing", which
provisions
They are in this paragraph.
-
If there is a "contract" in this paragraph - it should be understood as a contract about
providing the service by electronic means, while the "entrustment agreement" - means
contract
regarding entrusting for the processing of personal data.
-
Entrustment subject:
-
The parties decide that in order to meet the obligations arising from the provisions
rights,
and in
in particular art. 28 para. 3 GDPR, and the proper implementation of the provisions
concluded contract,
Administrator, entrusts the data processing entity for processing data
personal,
gathered on the TC portal, as part of the processing entity
Services,
to the extent specified in this entrustment agreement. The entrusted data is not further
processed. The data is stored on monitored servers.
-
The Administrator entrusts the processing entity for processing personal data
belonging to third parties, i.e. patients, users, specialists. Subject
The processor is obliged to process personal data contained in
he kept on the TC portal of medical records for the purpose of performing
Services. The processing entity is obliged to keep secret
all
information that concerns patients and which were obtained in connection with
implementation
Contracts. This secret also applies after the patient's death.
-
The scope of personal data provided by the Administrator for processing
will be
He depended on what the user would enter into the patient's/specialist account. Data
personal
entered by the user may include, in particular, the data collected in
as part of medical records, i.e.:
-
Patient designation:
-
surname and name (names);
-
date of birth;
-
gender designation;
-
address of the place of residence (or registration address);
-
PESEL number, if it was given; In the case of a newborn - a number
Pesel
mothers, and in the case of people who do not have a PESEL number given
- type and
Document number confirming identity
-
Phone number;
-
e-mail adress;
-
If the patient is a minor, completely
incapacitated or incapable of conscious consent -
Surname and first name (names) of the statutory representative and address
his place
residence.
-
Specialist designation:
-
name
-
name
-
professional/scientific title
-
specializations
-
permission number
-
e-mail adress
-
Phone number
-
image
-
experience
-
Date of birth (ZUS signature)
-
Personal data of people authorized by the patient:
-
surname and name,
-
surname and name,
Phone number
-
surname and name,
e-mail adress
-
Personal data will be processed by the processing entity for the period
execution
Contracts until they are removed.
-
The processing entity will make every effort to entrust the processing
data
passenger on the Takescare portal, did not cause disruption in
realization
Services, in particular the processing entity will ensure, without undue delay,
access to
data contained in medical records collected on the TC portal.
-
The obligations of the parties
-
The processing entity declares that he undertakes to use the data
personal, only to the extent necessary to perform the entrustment agreement i
Contracts for
Provision of electronic services and for the purposes specified therein.
-
The processing entity declares that it uses security measures
requirements
GDPR.
-
The processing entity declares that it has infrastructure resources,
experience
and knowledge to the extent enabling the proper performance of the entrustment agreement, in
in harmony
with applicable law. In particular, the processing entity
declares,
that the principles of processing and securing personal data resulting in are known to him
with
GDPR.
-
The processing entity after completing the provision of services depending on the decision
The administrator deletes or returns all personal data and deletes all of them
existing copies - unless the law obliges the processing entity to
storage
data. In this case, the processing entity stores data as
independent
Personal data administrator.
-
The processing entity provides the Administrator with all necessary information
down
demonstrating the fulfillment of the obligations specified in art. 28 GDPR.
processing
enables the administrator or auditor authorized by the Administrator
conducting audits, including an inspection regarding this entrustment agreement
processing and contributes to them.
-
The processing entity when processing personal data is obliged to
use
Technical and organizational measures to protect processed data. In
relationship
except that on the basis of an entrustment contract, data collected in
as part of medical records, the processing entity is obliged to:
-
software protection against damage or loss
gathered in it
data
-
maintaining metadata integrity and content of kept documentation
behind
help
TC portal, i.e. protection against changes by persons
unauthorized
by the administrator;
-
ensuring constant access to data for the user and security
before
access of unauthorized persons;
-
As part of securing the data entrusted to the processing, the Administrator obliges
to:
-
systematic analysis of threats related to data storage
in
Service, and if it is required to assess the planned effects
surgery
processing for the protection of personal data;
-
developing and using procedures for securing the documentation produced in
within
Software and services provided on the TC portal;
-
the use of security measures adequate to threats, including
encryption of personal data and the ability to quickly restore availability
personal data and access to them in the event of a physical incident or
technical;
-
ongoing controlling the functioning of all organizational and technical
IT methods of security, as well as periodic evaluation
the effectiveness of these ways;
-
preparation and implementation of plans to store documentation in a long time, in
this
her
transfer to new IT data carriers and to new data formats,
if
This is required to ensure continuity of access to documentation.
-
As far as possible, the processing entity helps the Administrator in the necessary
The scope of the obligations specified in art. 32-36 of the Regulation.
-
The processing entity will support the Administrator if a person
physical, whose personal data is processed using the TC portal, will pay
down
Administrator with an application, having a legal basis in generally applicable
regulations regarding processed data.
-
The processing entity will provide the Administrator with assistance in contacts with the competent
The authority of supervision over the protection of personal data or other state body, in
in particular by providing, at the user's reasonable request,
necessary
information and documentation.
-
The processing entity will notify, without undue delay (no later than on time
48
hours after finding a violation), an administrator with any violations
personal data security that is processed on the basis of this
Contract
entrustment. The administrator will assess the received on his own
notifications and
will notify the supervisory authorities and natural persons whose violations
concern. The notifications referred to in previous sentences will be made
road
electronic to the administrator's e-mail address in a manner enabling obtaining
information
such as the nature of the violation, possible categories and the approximate number of people,
whose
data
concern, category and the approximate number of personal data entries it relates to
violation, possible consequence of violation, measures used for the purpose
remedies
Data protection violation.
-
In order to perform the obligations referred to in the previous points, the entity
The processor is obliged to carry out the requirement
IOD designation in accordance with art. 37 GDPR and notify the recipient of its result
stating
IOD contact details.
-
The processing entity is not entitled to transfer personal data
people
Third, excluding persons cooperating or working for the entity
processing as part of maintaining the efficiency and functionality of the TC portal. In
purpose
to avoid doubts, on behalf of the entity processing entrusted data
personal
They can only process people who have previously obtained written from him
authorization. Each authorization or its withdrawal of the processing entity
obliged
is to receive in writing.
-
The processing entity is obliged to train its employees or
collaborators in the scope of how to secure processed data.
-
Cooperation of the parties
-
During this entrustment agreement, the parties undertake strictly
cooperate through designated persons, informing each other about
all circumstances having or may affect the implementation of the contract
entrustment.
-
Responsibility
-
Each party is responsible for damages caused to the other side and persons
third
in
connection with the performance of the entrustment agreement, in accordance with the provisions of the Act of 23
April 1964 - Civil Code, provisions of the Act and GDPR and in accordance with
provisions of this contract entrusting data processing.
-
In the event of damage caused by the intentional action of the processing entity,
The processing entity will be liable for any damage
incurred
by the administrator.
-
In order to avoid doubt, the processing entity is responsible for
activities of their employees, subcontractors and other people with whom
Provides the entrusted personal data as for its own action and omission.
-
Duration and termination of the data processing agreement
-
The entrustment agreement is concluded during the duration of the contract for the benefit
services
electronically.
-
The administrator is entitled to terminate the entrustment contract without notice
in
in the case of a gross violation of the principles of processing personal data specified in
this contract.
-
The administrator is entitled to terminate the entrustment contract without notice
if
As a result of the control of the authority responsible for supervising data processing
passenger or other state authority will be revealed inappropriate
safeguard
personal data collected on the TC portal.
Information clause - information on the processing of personal data:
Where do we have your data from?
We obtained your data:
-
directly from the state,
-
From the entity that has concluded with Takes-care.com Agreement about
provision of services to you
item,
-
from a partner / third party cooperating with Takes-care.com , which he made available
Your personal data based on your consent.
Who is the administrator of your data?
Takescare Limited Liability Company ("
Takes-care.com "), based in Krakow,
axis. Słoneczne 8/43, 31-957 Kraków, entered in the Register of Entrepreneurs by the District Court for
Krakow-Śródmieście in Krakow, XI Economic Department of the National Court Register under
KRS number 0000648009, NIP No. 678-31-63-938, REGON 365933460, share capital in
PLN 5,000.00, electronic address:
toescare@takes-care.com
What data do we process?
TC processes the following data categories:
-
Contact details: i.e. name, surname, email address;
-
Identification data for the purposes of concluding the contract, performing the service and invoice issuing;
-
identification data (including medical data) necessary to provide online services,
Electronic services providing services;
-
Data necessary to provide you with an appropriate marketing offer and services
Takes-care.com (e.g. about Takes-care.com, Z
which you used
earlier).
What will we use your personal data for?
Your personal data will be processed in one or more of the following purposes:
-
In order to implement the activities performed at your request before the conclusion of the contract, which
The subject of using the services and functions of the website Takes-care.com ;
-
The provision of the abovementioned electronic services;
-
In order to conclude and perform the contract with Takes-care.com ;
-
In order to perform the contract concluded with Takes-care.com
for you as a third party
(Article 393 of the Civil Code), when the party is a different entity;
-
In order to fulfill the legal obligation on Takes-care.com , e.g. in the scope
storage of medical records, invoice or invoice;
-
for marketing purposes of products and services Takes-care.com ;
-
Adjusting the content of websites to preferences and interests;
-
detection of bots and abuse in services;
-
If you agree and only to the extent that you agree,
We will process the following data:
-
statistical measurements and improvement of services (analytical goals);
-
Marketing, including profiling and analytical goals;
-
for marketing of third parties;
-
in order to provide your personal data to entrepreneurs with whom Takes-care.com cooperates so that they can
Use them for marketing purposes.
-
In order to conduct the following types of market research and opinions: quantitative research
(surveys and tests) or qualitative research (personal interviews).
Are you required to provide personal data?
To the extent that the processing of your data is made to conclude and perform the contract
with
Takes-care.com , providing your data is
voluntary, but necessary for conclusion and
performance of the contract, and the basis for processing personal data by
Takes-care.com is
performance of the contract you are or take action at your request, before
conclusion of the contract. Providing data is voluntary, but is necessary to conclude
and performance of the contract. If personal data fails to do not, the contract will not be concluded, and
The service will not be able to be implemented.
Providing the data necessary to issue an invoice is a statutory obligation and results from
Act on tax on goods and services.
In the remaining extent, providing personal data is voluntary, it is not a requirement
statutory or contractual, as well as does not constitute a condition for the conclusion of the contract.
How to withdraw consent?
In those cases where the processing of your personal data is based on
prior consent, consent may be canceled, without affecting the processing made on
based on consent before its dismissal.
You can express both consent or some of them and not express any.
In those cases where the processing of your personal data is based on
Previous consent at any time you can withdraw the consent granted
Takes-care.com , which is not
It is associated with negative consequences. Just send an e-mail, call or send
Traditional message to the contact details indicated above. I prefer to withdraw your consent
can be expressed in any way, the only condition is for it to reach ours
messages. Withdrawal of consent does not affect the lawfulness of the processing of your data
before it is made, i.e. until the consent is withdrawn by the processing of your data by
Takes-care.com is legal.
How to contact our Personal Data Protection Inspector?
This can be done via an e-mail to the following address:
iod@takes-care.com
On what basis will we process your personal data?
The basis for processing personal data is, depending on the activities performed:
-
Conclusion and performance of the contract with Takes-care.com ,
-
fulfillment of the legal obligation incumbent on Takes-care.com (e.g. issuing an invoice),
-
legitimate interest Takes-care.com
(direct marketing of your products and
services or performance of the contract concluded with Takes-care.com For your thing as a person
third, when a party to the contract is a different entity),
-
consent expressed by you.
When and to whom can we provide data and who will we not give it?
If you agree, we will provide your personal data with entrepreneurs, z
which
Takes-care.com cooperates ("Partners
Takes-care.com ”) so that they can them
Use for marketing purposes. The data will only be made available to these partners with Takes-
Care.com where you agree.
Your data can be disclosed to recipients in the form of companies cooperating with us and
performing tasks on our behalf and our thing. In this case, it is concluded with these
entities an agreement ensuring the security of your data. Due to the fact that these entities
They change often, we are not able to present their complete list if you want
Know who we are currently working with, you can always ask about it. However, we will not
transfer your personal data to a third country (outside the European area
Economic). Your personal data will also be made available to institutions and specialists from which
You will use services - such entities will also be independent administrators
Your personal data.
What can you do with personal data transferred to us?
You have the right to demand from
Takes-care.com access to
your personal data, their
correction (correction), removal or restriction of processing, and we can also
Transfer your request to another data administrator. Regarding the processing of the state
data to marketing your own products or services
Takes-care.com You can bring
objection. To what basis for processing your data is consent, you can
withdraw this consent.
Until when will we store your data?
Your personal data will be stored as long as necessary to perform
contracts connecting the state with
Takes-care.com or contract concluded
by another entity for you
thing, and after this time for a period of time corresponding to the limitation period for claims
It can raise
Takes-care.com and what can be raised
towards
takes-care.com .
If your personal data will be processed to fulfill the legal obligation
incurring on the administrator, personal data will be stored for the time necessary for
fulfilling this obligation.
We will process data processed on the basis of consent until you withdraw by you
this consent.
If your personal data will be processed on the basis of a legitimate interest
administrator, when the basis of this processing is the performance of a contract concluded with Takes-
Care.com for you, the data will be processed until it is completed legally
justified interest constituting the basis of this processing or objection.
If your personal data will be processed on the basis of a legitimate interest
administrator, when the basis of this processing is the direct marketing of your products and
Services, your personal data will be processed until you have an objection.
Where you can lodge a complaint about the processing of personal data by Takes-care.com ?
Currently, such complaints can be sent to the President of the Office for Personal Data Protection.
How will we not process personal data?
Your personal data is not subject to automated processing (e.g. profiling), which
has legal effects to you or in a similar way significantly influences you,
Nevertheless, we use cookies and other traffic registration systems
our websites (profiling for marketing purposes).
