Acting as the Controller of your personal data, we hereby refer you to the essential information on data collection under Article 13 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR, General Data Protection Regulation).
Who is the Controller of your personal data? | The Controller of your personal data is the group of INVICTA companies (hereinafter referred to as INVICTA), acting as a joint controller of personal data (INVICTA spółka z o.o., INVICTA Management Sp. z o.o., Medyczne Laboratoria Diagnostyczne INVICTA Sp. z o.o., Klinika Antiaging INVICTA Sp. z o.o., INVICTA Software Sp. z o.o., Zarządzanie Nieruchomościami INVICTA Sp. z o.o., INVICTA Nieruchomości Sp. z o.o. based in Sopot (81-740), ul. Polna 64, tel. 58 58 58 800, email invicta@invicta.pl. | |
Who can I contact in matters related to my personal data? | With regard to all matters related to your personal data, you may contact our Data Protection Officer: Beata Gozdecka ul. Polna 64 | |
Is providing personal information voluntary? | Providing personal data for the provision of medical services, with the exception of telephone number and email address, which are voluntary, is a statutory requirement. Failure to provide the aforementioned data may prevent the proper execution of the treatment process. Failing to provide an email address and telephone number may make the notifications regarding the organisation of the treatment process, e.g. information on cancelling a medical appointment, difficult to provide. As regards the consent to receiving information and consent to target the provided information: the provision of data is voluntary but may hinder staying in contact and the ongoing service. In other cases (e.g. using the Medipoint.pl account, taking part in the process of qualifying for being a donor), providing data is voluntary; however, a failure to provide data will preclude the patient from using certain services or taking part in selected processes. | |
For what purpose and on what legal basis is your data processed? | Purpose of data processing | Legal basis for processing Data retention period |
Use of medical services | ||
Your personal data is processed for the purpose of providing health services, including preventive healthcare or occupational medicine, medical diagnosis, providing healthcare, treatment or managing healthcare systems and services. To this end, your personal data will be processed:
We will send the surveys in a way that does not violate your rights. If you do not wish to receive such messages, please let us know. |
Data retention period: Your personal data shall be kept for the period required for the storage and archiving of medical records as specified by law, in particular the Act of 6 November 2008 on Patients’ Rights and Patients’ Rights Ombudsman (Article 29) and the Act of 25 June 2015 on Infertility Treatment.. | |
Participation in the process of donating reproductive cells: | ||
Your personal data shall be processed for the purpose of:
|
the data subject has given explicit consent (…) Data retention period: until consent is revoked
Data retention period: Your personal data shall be kept for the period required for the storage and archiving of medical records as specified by law, in particular the Act of 6 November 2008 on Patients’ Rights and Patients’ Rights Ombudsman (Article 29) and the Act of 25 June 2015 on Infertility Treatment.. | |
Selling services and tests on the Internet | ||
Your personal data is processed for the purpose of completing the order you have placed for the sale of services and/or tests and booking biological material, which take place through our websites. Sometimes the provision of the service requires additional data (e.g. PESEL number), for example, for creating the patient’s file. |
Processing is necessary for the performance of the contract Data retention period: 5 years counted from the end of the calendar year in which the purchase was made.
the data subject has given explicit consent (…) Data retention period: until consent is withdrawn, unless the data becomes part of the medical record. | |
Maintaining accounting books | ||
INVICTA maintains accounting books and performs tax obligations, including the maintenance of tax records. |
Data retention period: 5 years counted from the end of the calendar year in which the tax liability arose | |
Exercise of legal claims | ||
Your data may be processed for the purpose of exercising or defending legal claims for the services we provide. |
processing is necessary for the establishment, exercise or defence of legal claims Data retention period: until the expiration of the statute of limitations for any claims. | |
Enabling the use of an account on the Medipoint.pl Portal | ||
INVICTA provides Users with the possibility to create an account on the Medipoint.pl Portal and use the functionalities that the Portal provides. Patients can have their medical data sent to their account from the patient’s file. |
the data subject has given explicit consent to the processing of those personal data Data retention period: until consent is revoked | |
Video surveillance system | ||
Your image may be recorded in order to secure the persons and property located at the Clinic. |
processing is necessary for the purposes of the legitimate interests pursued by the Controller Data retention period: 14 days | |
Recording telephone conversations | ||
Your personal data is processed for the purpose of improving the quality of service and verifying the provided information. |
the data subject has given explicit consent to the processing of those personal data Data retention period: until the expiration of the statute of limitations for any claims. | |
Recording conversations in the form of a video conference (ZOOM) | ||
Your personal data is processed for the purpose of archiving consents, submitted declarations or statements. The recordings are archived in medical records. |
processing is necessary for the purposes of the provision of health or social care or treatment or the management of health or social care systems and services Data retention period: Your personal data shall be kept for the period required for the storage and archiving of medical records as specified by law, in particular the Act of 6 November 2008 on Patients’ Rights and Patients’ Rights Ombudsman (Article 29). | |
Information about INVICTA activities, services and promotions | ||
Your data may be processed for the purpose of receiving (by email, sms, mms, incoming calls to your phone number) information from INVICTA about INVICTA’s activities and events, including services, products and news, as well as discounts, promotions and benefits. |
the data subject has given explicit consent to the processing of those personal data Data retention period: until consent is revoked. | |
Image | ||
If you agree to share your image, it may be used on our website, on our social media profile, and in our communication materials, depending on the extent of your consent. |
the data subject has given explicit consent to the processing of those personal data Data retention period: until consent is revoked | |
Automated data processing | ||
Your personal data may be processed in order to tailor the provided information to your needs and expectations (profiling). If you give consent to the automated processing of personal data, including profiling for the purpose of tailoring the provided information, the data received from you will be linked to the information on characteristics, behaviours or preferences in order to match commercial information to known or anticipated needs or expectations (profiling). This will provide you with the kind of information that suits your needs and interests. |
the data subject has given explicit consent to the processing of those personal data Data retention period: until consent is revoked. | |
What authorisation do I have? |
| |
Who will receive my personal data? | Your personal data, especially data concerning your health, is confidential and subject to protection of a high degree. Your personal data may be transferred to entities that take part in the treatment process, if this is necessary for the purposes covered by the consents provided or by law. Your personal data may be transferred to the following:
The transfer of your personal data to a third country will only be possible upon your explicit request. |
Who is the Controller of personal data? | The controller of your personal data is the Invicta group of companies (hereinafter Invicta), acting as a co-controller of personal data (Invicta spółka z o.o., Invicta Management Sp. z o.o., Medyczne Laboratoria Diagnostyczne Invicta Sp. z o.o., Invicta Software Sp. z o.o., Zarządzanie Nieruchomościami Invicta Sp. z o.o., Invicta Nieruchomości Sp. z o.o. based in Sopot (81-740) at Polna 64, phone: 58 58 58 800, e-mail invicta@invicta.pl. | ||
Who can I contact regarding my personal data? | In all matters related to personal data you can contact our Data Protection Officer: Beata Gozdeckae-mail address daneosobowe@invicta.plul. Polna 64 81-740 Sopot | ||
Is providing personal data voluntary? | Providing personal data (name, telephone number, e-mail address, title, name of the represented entity and registered office of this entity) is completely voluntary but necessary to get acquainted with the offer, participate in the tender procedure, conclude the Agreement, and the refusal to provide the data results in the impossibility of establishing cooperation, signing and implementing the Agreement, participating in the tender procedure, including the one financed from public funds (e.g. EU funds). | ||
For what purpose and on what basis are the data processed? | Purpose of data processing | Basis of processing Data retention period | |
Establishment of cooperation | |||
Your personal data will be processed in order to get acquainted with the offer presented by you or the company on behalf of which you act.
Your personal data will also be used in proceedings for the award of contracts, including contracts carried out as part of projects financed by EU funds or other public funds. | · Article 6(1)(b) GDPR processing is necessary to take steps at the request of the data subject prior to entering into a contract
· Article 6(1)(c) GDPR the processing is necessary to fulfil the legal obligation imposed on the Controller
Data retention period: a maximum of 10 years for proceedings conducted as part of projects financed by EU funds or other public funds.
| ||
Conclusion and performance of contract | |||
Your personal data are necessary for the conclusion and performance of a contract (including making payments) to which you or the person on whose behalf you are acting is a party
Personal data may also be used in the performance and settlement of the contract concluded in the procurement procedure, including contracts carried out as part of projects financed by EU funds or other public funds. |
processing is necessary for the performance of the contract
Data retention period: until the expiry of the limitation period for potential claims.
· Article 6(1)(c) GDPR the processing is necessary to fulfil the legal obligation imposed on the Controller
| ||
Bookkeeping | |||
Invicta keeps accounting books and performs tax obligations, including keeping tax records |
Data retention period: 5 years calculated from the end of the calendar year in which the tax obligation arose. | ||
Pursuit of claims | |||
Your data may be processed in order to assert or defend claims in respect of the services we provide. |
processing is necessary to establish, assert or defend claims
Data retention period: until the expiry of the limitation period for potential claims.
| ||
Recording of conversations in the form of videoconferencing (ZOOM) | |||
Your data may be processed to archive conversations, training sessions, meetings. |
the data subject has given their explicit consent to the processing of this personal data
Data retention period: until you withdraw your consent. | ||
What rights do I have? |
| ||
To whom is my personal data transferred? | Your personal data may be transferred to:
The transfer of personal data to a third country will only be possible upon your explicit request. | ||
Is my data processed in any other way? | Your personal data will not be processed by automated means, including profiling. |