Privacy policy

§ 1 General Provisions

1. The data controller is Adrian Łuba “Łuba Dental Clinic”, located at ul. Jana Karola Chodkiewicza 8, 02-593 Warsaw, Poland, NIP: 5272323323. You can contact Adrian Łuba “Łuba Dental Clinic” in writing at the address above or via email at: clinic@lubadentalclinic.pl.
2. Adrian Łuba “Łuba Dental Clinic” has appointed a Data Protection Officer, who can be contacted via email at: clinic@lubadentalclinic.pl.
3. This Privacy Policy is an integral part of the Terms and Conditions. By using our services, you entrust us with your personal data. This document aims to help you understand what data we collect, for what purpose, and how we use it. Personal data is very important to us, so please read this document carefully. It outlines the principles of processing and protecting personal data as well as the use of cookies.
4. We comply with data protection regulations, including the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
5. Upon request from a data subject, we provide detailed information on how their data is processed. We also inform what data is collected, how it is used, to whom it is transferred, and how we protect it when shared with third parties.

§ 2 Privacy Principles

1. We respect your privacy and strive to ensure a comfortable experience when using our services.
2. We value the trust you place in us by sharing your data. We process personal data fairly, responsibly, and only to the extent necessary to provide our services.
3. Users have the right to obtain clear information about the processing of their personal data, including its purpose, scope, recipients, and their legal rights.
4. If you have any doubts regarding data processing, we will promptly respond and clarify all concerns.
5. We take reasonable measures to protect personal data from unauthorized access and misuse.
6. The legal basis for processing personal data includes:
   1. Article 6(1)(a) GDPR – consent of the data subject,
   2. Article 6(1)(b) GDPR – necessity for the performance of a contract,
   3. Article 6(1)(c) GDPR – legal obligation of the controller,
   4. Article 6(1)(d) GDPR – protection of vital interests of a natural person,
   5. Article 6(1)(e) GDPR – performance of a task in the public interest,
   6. Article 6(1)(f) GDPR – legitimate interests pursued by the controller.
7. Personal data related to contract execution will be processed for the duration of the contract and for the period required by law, but no longer than 10 years from the end of the calendar year in which the contract was fulfilled.
8. Data processed for the purpose of entering into future contracts will be stored until an objection is raised.
9. You have the right to: access your data, rectify it, delete it (right to be forgotten), restrict processing, transfer data, object to processing, and file a complaint with the supervisory authority (UODO).
10. If you believe that your data is being processed unlawfully, you may file a complaint with the President of the Personal Data Protection Office (UODO).
11. We cooperate with supervisory and law enforcement authorities. In the absence of specific regulations, we apply generally accepted data protection standards.
12. If you have questions, please contact us through the website from which you were redirected to this policy.
13. To facilitate contact, please provide your full name.

§ 3 Scope and Purpose of Data Collection

1. We process personal data solely for the purpose of providing services and fulfilling accounting obligations.
2. The scope of collected data includes:
   • full name,
   • residential address,
   • correspondence address (if different),
   • tax identification number (NIP),
   • email address,
   • phone number,
   • web browser data,
   • other voluntarily provided data.
3. Providing data is voluntary but necessary for the provision of services.
4. Data may be transferred to servers and affiliated entities in EEA countries, in accordance with applicable laws.
5. Entities that may have access to your data include:
   • hosting providers,
   • newsletter service providers,
   • IT service and maintenance providers,
   • online and mobile payment operators,
   • accounting offices,
   • courier and postal services.

§ 4 Cookies

1. We use cookies to tailor content and services to user preferences and for statistical purposes.
2. Our website uses:
   • internal cookies,
   • external cookies (e.g., third-party scripts),
   • session cookies,
   • persistent cookies.
3. Types of cookies:
   • essential cookies,
   • security cookies,
   • performance cookies,
   • functional cookies,
   • advertising cookies.
4. By default, browsers allow cookies, but you can change your settings at any time.
5. Using the website without changing cookie settings means you consent to their use. You can withdraw your consent by changing your browser settings.

§ 5 Social Media Plugins

1. Our website includes plugins for:
   • Facebook (Facebook Inc., USA) – https://developers.facebook.com/docs/plugins,
   • Twitter (Twitter Inc., USA) – https://dev.twitter.com/web/tweet-button.
2. These plugins may transfer data to providers, especially if you are logged into the relevant social media account.
3. To prevent this, log out of your account before visiting our website.

§ 6 Rights and Obligations

1. The data controller has the right or legal obligation to provide selected or all personal data to public authorities or third parties if required by Polish law.
2. The user has the right to:
   • access personal data,
   • rectify personal data,
   • delete personal data,
   • restrict processing,
   • transfer data,
   • object to processing,
   • file a complaint with the supervisory authority.
3. In the case of a deletion request, data may be anonymized. The controller may refuse deletion if it is necessary to protect legitimate interests (e.g., violation of Terms and Conditions). For newsletters, users can unsubscribe using the link in each email message.