Privacy Policy
1.0. INTRODUCTION
The Privacy Policy describes why and how we (Nivalit) collect and use personal data and provides information about individuals’ rights. When using personal data the Privacy Policy is to be transparent about why and how we process your personal data.
We may use personal data for a variety of purposes. Especially, we process personal data provided to us for purposes described below or as otherwise stated at the start of processing your personal data.
1.1. DEFINITION OF PERSONAL DATA
Personal data means any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier. Personal data also refers to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.
2.0. PERSONAL DATA CONTROLLER
The contorller of your personal data is Nivalit spółka z ograniczoną odpowiedzialnością, the company organized under the laws of Poland, with its registered office at: Wadowicka 6/67, 30-415 Kraków, Poland, entered into the register of business entities maintained by the National Court Register in the District Court (Sąd Rejonowy) for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register, under the registration number: 0000857093, tax identification number (NIP): 6762584557, statistical identification number (REGON): 386863710 (hereinafter referred to as „Nivalit” or „The Personal Data Controller”).
3.0. LEGAL BASIS FOR PROCESSING:
Fulfilling the obligations according to the art. 13 sec. 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter be referred to as “GDPR” the Personal Data Controller informs that legal bases for each processing activity might be different, depending on the purpose of processing personal data – specified in the relevant sections.
3.1. BUSINESS CONTACTS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. f) of the GDPR [legitimate interests pursued by the Nivalit]
-
- Offering of Nivalit’s services;
-
- Developing Nivalit’s businesses and services;
-
- Providing information to you about us and our range of services;
-
- Performing analytics such as on market trends, relationships maps or sales opportunities;
-
- Improving the quality of our services;
-
- Sending newsletters and informing about Nivalit’s – applies only for data subjects who gave explicit consent for receiving marketing communication;
-
- Exercising legal claims.
3.2. CONTRACTORS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. b) of the GDPR [the performance of a contract to which the data subject is a party]
-
- Concluding and executing the contract;
-
- 6 sec. 1 let. c) of the GDPR [a legal obligation] or art. 9 sec. 2 let. B) and h) of the GDPR [carrying out the obligations and exercising specific rights in the field of social security and social protection law and the provision of health or social care or treatment or the management of health or social care systems and services]
-
- Collecting the advance for the personal income tax (PIT), social security contributions
or health security contributions;
- Collecting the advance for the personal income tax (PIT), social security contributions
-
- 6 sec. 1 let. f) of the GDPR [legitimate interests pursued by the Nivalit];
-
- Business related advertising, marketing and public relations in accordance with the provided services;
-
- Personnel management, surveys, benchmarking and other personnel related analyses;
-
- Exercising legal claims, investigating and defending against claims;
-
- Monitoring of business mobile devices computers, file and database servers and network traffic
3.3. CLIENTS AND SUBCONTRACTORS WHO ARE NATURAL PERSONS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. b) of the GDPR [the performance of a contract or to take steps at the request of the data subject prior to entering into a contract]
-
- Establishing cooperation with a corporate Client or Subcontractor;
-
- Enabling the provision of professional services to Clients;
-
- Ordering and receiving services from Clients and Subcontractors;
-
- 6 sec. 1 let. c) of the GDPR [compliance with a legal obligation]
-
- Fulfilling tax obligations
-
- 6 sec. 1 let. f) of the GDPR [legitimate interests pursued by the Nivalit];
-
- Clients and Subcontractors relationship management;
-
- Performing data analytics
-
- Administration and management;
-
- Offering of Nivalit’s services;
-
- Exercising legal claims, investigating and defending against claims.
3.4. NATURAL PERSONS WHOSE PERSONAL DATA WE GAIN IN CONNECTION WITH SERVICES PROVIDED TO OUR CLIENTS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. a) of the GDPR [legitimate interests]
-
- Enabling the provision of professional services to Clients;
-
- Administration of services;
-
- Developing Nivalit’s businesses and services;
-
- Administration and management, in particular the website, IT systems and business applications;
-
- Performing data analytics;
-
- Safety management and operational risk assessment;
-
- Exercising legal claims, investigating and defending against claims;
-
- Administration, management and development of FamiSpot (Nivalit’s application).
3.5. RECRUITMENT
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. a) of the GDPR [consent]
-
- Participating in recruitment processes
-
- Sending informations about job offers
-
- 6 sec. 1 let. b) of the GDPR [taking steps at the request of the data subject prior to entering into a contract] or art. 6 sec. 1 let. c) of the GDPR [legal obligation art. 221 § 1 of the Labor Code and the Ordinance of the Minister of Family, Labour and Social Policy regarding keeping documentation related to employment] or art. 6 sec. 1 of the GDPR [consent applies if candidate points out another data than in Labor Code] or art. 9 sec. 2 let. a) of the GDPR [consent applies if special categories of personal data (sensitive data) are contained in application] or art. 10 of the GDPR [processing is authorised by Union or Member State law applies if a job position requires collecting personal data relating to criminal convictions and offences or related security measures]
-
- Performing a recruitment process for the job offered
-
- 6 sec. 1 let. f) of the GDPR [legitimate interests pursued by the Nivalit];
-
- Administration and management;
-
- Exercising legal claims, investigating and defending against claims.
3.6. WEBSITE VISITORS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. a) of the GDPR [consent]
-
- Monitoring and enforcing compliance with our terms and conditions for use of our website;
-
- Offering of Nivalit’s services;
-
- Providing information to you about us and our range of services;
-
- Administering and managing our website;
-
- Aggregating data for website analytics and improvements;
-
- Exercising legal claims, investigating and defending against claims.
3.7. NEWSLETTER
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 6 sec. 1 let. a) of the GDPR [consent] or art. 6 sec. 1 let. f) of the GDPR [legitimate interest]
-
- Sending newsletter;
-
- Developing our services;
-
- Informing about activity of Nivalit;
-
- Offering Nivalit’s products and services;
-
- Identifying clients with similar needs.
3.8. MEDICAL SYSTEMS
Nivalit processes your personal data on the following legal bases and for the following purposes:
-
- 9 sec. 2 let. h) of the GDPR [medical purposes] or art. 9 sec. 1 let. a) of the GDPR [medical consent] or art. 6 sec. 1 let. a) of the GDPR [consent] or art. 6 sec. 1 let. f) of the GDPR [legitimate interests pursued by the Nivalit]
-
- Providing with health benefits and medical services, protecting health, preventing health care;
-
- Managing the provision of services aforementioned;
-
- Identifying Patients with similar needs.
The remaining provisions of the Privacy Policy shall apply accordingly.
4.0. DISCLOSURE OF INFORMATION
Your personal data will not be disclosed to third parties except the following recipients:
- service providers to proces data on a Nivalit’s behalf;
- governmental or regulatory authorities, courts and law enforcement authorities or agencies as required by or in accordance with applicable law or regulation.
5.0. TRANSFERING TO OUTSIDE COUNTRIES
Your personal data may be transferred to countries outside the European Economic Area (EEA) – third countries, based on:
- 45 sec. 1 of the GDPR [European Commission’s adequacy decision];
- 46 sec. 2 let. c) of the GDPR [standard data protection clauses adopted by the European Commission].
6.0. PERSONAL DATA STORAGE
Your personal data will be retained until the end of Client’s cooperation with Nivalit. After that, personal data might be stored only for the period indicated by statutory provisions of law or as long as you or us may pursue legal claims towards each other.
6.1. THE PERIOD OF STORAGE OF YOUR PERSONAL DATA IN CONNECTION WITH MEDICAL SYSTEMS
Nivalit store the data that process in connection with Medical Systems until the expiry of the period period required by legal provisions, and in the legitimate interests of the Data Controller until an objection is made.
7.0. RIGHTS RELATED TO PROCESSING PERSONAL DATA
In accordance with processing your personal data you have the following rights:
- right of access,
- to rectification (updating),
- to erasure,
- to restriction of processing,
- to data portability,
- to object.
8.0. PROVISION OF PERSONAL DATA
The provision of personal data is:
- necessary in order to establish and perform Client’s cooperation with Nivalit – in the scope of processing purposes pursued within the Nivalit legitimate interests;
- mandatory – in the scope of processing purposes pursued within the legal obligation.
9.0. PROFILING
Our profiling, which is an automatic assessment of certain personal characteristics pertaining to you, is based on your personal data.
Profiling helps us better choose the materials to communicate and promote the Data Controller’s business. Based on your profile, we will select appropriate informational and promotional materials.
We use the following data for profiling purposes: patient’s number, name, surname, age, gender, language, date of birth, city, facilities visited, types of purchased products, and data source.
10.0. MINORS
Our Website is not designed for use by minors under the age of sixteen years. It is not our purpose to collect information about minors under the age of sixteen years.
11.0. COOKIES
A cookie is a small piece of data stored on the user’s computer by the web browser while browsing our website. Cookies were designed to be a reliable mechanism for websites to remember stateful information or to record the user’s browsing activity. Cookies can also be used to remember pieces of information that the user previously entered into form fields, such as names, addresses, passwords, etc.
We use cookies to build a better communication with you. We want to provide you with an improved user experience and to personalize content. If you use this website or Nivalit’s application, you consent to the use of cookies. You can manage cookies by using your browser. Please notice that blocking or removing cookies can impact on your user experience
11.1. TYPES OF COOKIES
-
- Temporary (session) – temporarily stored in the browser’s memory, which remain in its memory until the end of the session (turning off the browser).
-
- Constant – remain in the browser’s memory as long as the browser settings selected by the user allow it.
-
- External – originating from an external site than nivalit.com website (Google Analytics; Adobe; YouTube; Facebook; Twitter; Instagram).
-
- Necessary – enable the use of services available on the website.
-
- Functional – allow users to remember the website functionalities preferred by the user.
-
- Advertising – enable the delivery of advertising content tailored to the interests of the user.
12.0. COMPLAINTS
If you want to complain about our use of personal data, please send us an email with the details of your complaint to gdpr@nivalit.com. You can also submit a complaint to the competent supervisory authority in Poland at:
Urząd Ochrony Danych Osobowych
Stawki 2 Street,
00-193 Warsaw
Poland
13.0. CONTACT
If you have any questions about this Privacy Policy or how and why we process personal data, please contact us at:
Nivalit spółka z ograniczoną odpowiedzialnością,
Wadowicka 6/67 Street,
30-415 Cracow, Poland
E-mail: contact@nivalit.com
Phone : +48 737 301 685
14.0. VERSION OF THE PRIVACY POLICY
This Privacy Policy was last updated on April 2023.