Privacy policy

1. General information

1. This policy applies to the website operating at the following URL: https://ninanki.pl
2. The operator of the service and the Administrator of personal data is: GALEN – ORTOPEDIA SP. Z O.O., ul. Jerzego 6, 43-150 Bieruń
3. The operator’s contact email address: kontakt@galen.pl
4. The Operator is the Administrator of your personal data with respect to data voluntarily provided on the Service.
5. The Service uses personal data for the following purposes:
   • Handling inquiries submitted via forms
   • Preparation, packaging, and shipment of goods
   • Fulfilment of ordered services
   • Presentation of offers or information
6. The Service collects information about users and their behavior in the following ways:
   1. Through data voluntarily entered into forms, which are then entered into the Operator’s systems.
   2. By saving cookies on end-user devices.

2. Selected data protection methods used by the Operator

1. Places where personal data are logged in and entered are protected at the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the destination server.
2. Personal data stored in the database are encrypted in such a way that only the Operator holding the key can read them. This ensures data protection in the event of database theft from the server.
3. User passwords are stored in hashed form. The hashing function works in a one-way manner – it is not possible to reverse it, which is the current standard for storing user passwords.
4. The Operator periodically changes its administrative passwords.
5. To protect data, the Operator regularly performs backup copies.
6. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. Hosting

1. The Service is hosted (technically maintained) on the operator’s servers: OVH.NET

4. Your rights and additional information on how data are used

1. In order to fulfil obligations arising from personal data protection regulations and to ensure effective data protection, the Operator has appointed a Data Protection Officer.
2. The Data Protection Officer is: Galen – Ortopedia Sp. z o.o., address: ul. Jerzego 6, 43-150 Bieruń, electronic contact: kontakt@galen.pl
3. In certain situations, the Administrator has the right to transfer your personal data to other recipients if this is necessary to perform a contract concluded with you or to fulfil obligations imposed on the Administrator. This applies to the following categories of recipients:
   • authorized employees and associates who use the data in order to achieve the purpose of the website’s operation
   • companies providing marketing services to the Administrator
4. Your personal data are processed by the Administrator no longer than is necessary to perform activities related to them as specified by separate regulations (e.g. accounting regulations). With regard to marketing data, the data will not be processed for longer than 3 years.
5. You have the right to request from the Administrator:
   • access to your personal data,
   • rectification,
   • erasure,
   • restriction of processing,
   • and data portability.
6. You have the right to object to the processing of personal data for the purposes of legitimate interests pursued by the Administrator, including profiling.
7. You have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
8. Providing personal data is voluntary, but necessary for the operation of the Service.
9. Automated decision-making activities, including profiling, may be carried out with respect to you.
10. Personal data are not transferred to third countries within the meaning of personal data protection regulations.

5. Information in forms

1. The Service collects information voluntarily provided by the user, including personal data, if such data are provided.
2. The Service may record information about connection parameters (timestamp, IP address).
3. The Service may store information facilitating the association of form data with the user’s email address.
4. Data provided in forms are processed for the purpose resulting from the function of a specific form.

6. Administrator logs

1. Information about users’ behavior on the Service may be logged.

7. Important marketing techniques

1. The Operator uses statistical analysis of website traffic via Google Analytics.
2. The Operator uses the Facebook pixel.

8. Information about cookies

1. The Service uses cookies.
2. Cookies constitute IT data.
3. The entity placing cookies is the Service operator.

9. Managing cookies

1. If the user does not want to receive cookies, they may change their browser settings. We note that disabling cookies necessary for authentication processes, security, and maintaining user preferences may make it difficult or, in extreme cases, impossible to use websites.
2. In order to manage cookie settings, select the web browser you use from the list below and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera
   • Android
   • Safari (iOS)
   • Windows Phone