Date last modified: 24.03.2021
Date of previous version: n/a
Farmina sp. z o.o. (hereinafter also “the Company”) with its headquarters in Krakow, Poland attaches particular importance to the protection of its customers personal data. Accordingly, any correspondence directed to us, whether by letter or email, or by using the contact form at www.farmina.pl and others associated with our products or other brands (acnex.co.uk, mediderm.help, ultrasept.info, etc. – hereinafter referred to as the “Services”) is subject to our Privacy Policy and this Privacy Notice.
The purpose of this Privacy Policy is to explain the basis on which we process personal data and to discuss your basic rights in relation to our processing of your personal data.
1. What is personal information?
2. The administrator of your personal data
3. The scope of personal data covered by the Policy and the cookie policy
4. Use of the contact form
5. Obtaining personal information from other sources
6. Legal obligations and legal defenses
7. Sharing personal information
8. Safety
9. Your rights
10. Storage of your personal data
11. Changes to the Privacy Policy
12. Contact Information
1.What is personal information?
Personal information is information that directly or indirectly identifies you as an individual (“indirectly” means: in combination with other information) based on elements such as your name, postal address, email address, telephone number or unique device identifier.
2.The administrator of your personal data
The administrator of your personal data is Farmina sp. z o.o., with its registered office in Krakow, Lipska 44, 30-721 Krakow, entered in the Register of Entrepreneurs kept by the District Court for Krakow – Śródmieście in Krakow, Poland – 11th Commercial Division, under KRS number 0000166304, NIP 6760015559, REGON 00141930400000, also referred to as the “Company”.
3.Scope of personal data covered by the Policy and the cookie policy
Your personal data (name, surname, e-mail address, mailing address, telephone number) may be processed in order to respond to inquiries by phone, post or the contact form available on our website www.farmina.pl and websites dedicated to our products or umbrella brands. The legal basis in this case is the consent of the data subject to respond to the inquiry addressed (Art. 6 (1) lit. a. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation (GDPR) (Official Journal of the EU L 119, p. 1)).
When using the Services, on servers provided to us by Internet service providers, data may be automatically collected regarding the Internet visit itself, such as: the IP address assigned to the Customer’s computer or the external IP address of the Internet provider, the name of the domain from which the request originates, the type of browser, the access time, the type of operating system. Our Company does not use this data for website positioning, nor does it process it, for example, to obtain information about the behaviour of potential customers.
Cookies (“cookies”) are small text files that are automatically created by your web browser when you visit a website. Cookies typically contain the name of the originating website, the length of time they are stored on the end device, and a unique number. As we have indicated previously, ISPs for particular Services have tools that may require you to install files during your web visit. By accessing our websites you will be informed of this. If you do not agree to this, you can use the appropriate browser settings on your computer/mobile device.
4.Use of the contact form
Using the contact form available on the website administered by the Company requires you to provide us with personal information such as your name and e-mail address. Providing personal data to the Company is voluntary, in connection with the provision of services through the Website, with the reservation, however, that failure to provide the data specified in the forms makes it impossible to use the contact form.
5.Obtaining personal information from other sources
Generally, when we obtain your personal information from sources other than those listed above, we will make sure that the entity in question has already contacted you to notify you of the transfer, or we will provide this information to you ourselves as part of our initial contact, while also providing other information as required by law.
6. Legal obligations and legal defense
We may be required to use and archive personal information for legal and compliance purposes – for example, to prevent, detect, investigate, prevent data loss and fraud, and combat other misuse of our IT services and systems.
We also have the right to use your personal information to comply with internal and external auditing requirements, to ensure information security, to protect and exercise our rights, to safeguard our privacy, to ensure the safety of persons and property, or to protect the property of others.
For the purpose of establishing, investigating and enforcing claims, certain personal data provided by the Customer as part of the use of the functionalities of the Services may be processed, such as: name, surname, data on the use of services if the claims arise from the way the Customer uses the services, other data necessary to prove the existence of the claim, including the extent of the damage suffered.
The legal basis in this case is – the legitimate interest (Article 6(1)(f) RODO), consisting of the establishment, investigation and enforcement of claims and the defence against claims in proceedings before courts and other state authorities.
7. Sharing personal information
We disclose the personal information of those who contact us (email, telephone, postal mail, contact forms on the Services) for the purposes described below and only to the entities indicated below, unless there is – with your express consent – a transfer of personal information to third parties (other categories) listed elsewhere. We take all steps to ensure that your personal data is processed, protected and transferred in accordance with the law.
Public Administrations
We disclose your personal information to public administrative authorities when required by applicable law. For example, we respond to subpoenas from courts, law enforcement agencies, regulators, and other government agencies, including those outside your country of residence.
External service providers
As a general rule, the Client’s personal information is not passed on by us to the service providers used by the Company to operate the Services. Service providers to whom personal data are transferred despite the above principle are, depending on contractual arrangements and circumstances, subject to the Company’s instructions as to the purposes and means of processing such data (processors).
Data shared with third-party service providers is transferred only to the extent required to fulfil a specific purpose.
Third party service providers may not use the personal information they receive from us for any other purpose, particularly for their own benefit or the benefit of third parties. Third party service providers are contractually obligated to respect the confidentiality of your personal information.
Transfer of assets
In the event of a reorganisation, restructuring, merger or sale or other transfer of assets (collectively, an “asset transfer”), we may transfer information, including personal information, on an acceptable scale and as needed, provided that the receiving party agrees to treat your personal information in a manner consistent with applicable data protection laws. We agree to continue to protect the confidentiality of your personal information and to notify customers using our Services or otherwise contacting us if their personal information becomes subject to a different privacy policy.
Transfer of personal data outside the European Economic Area Your personal data will not be transferred outside the European Economic Area (EEA). Where your residence is outside the EEA, your personal data is used for the purpose of communicating with you and not for other purposes. The data protection regulations of the country in which you reside may then apply.
8. Safety
We take data security very seriously. We use appropriate security measures and implement appropriate physical, electronic and administrative procedures to protect the information we collect against accidental or unlawful destruction, loss, modification, unauthorized disclosure, or access to transferred, archived or processed personal data. Only employees, service providers and entities that have a legitimate business need to know this information or need it in connection with their duties may access your personal information.
In the event of a personal data breach, we apply the relevant breach notification provisions.
9. Your rights
Each personal data subject has certain rights related to the personal data collected. This applies to all data processing as described in this Privacy Policy. We respect the rights of individuals and address your concerns accordingly.
You have:
1.The right to withdraw the consent you have given us
2.The right to rectification
3.The right to restrict processing
4.The right of access to data
5.The right to transfer the data to another controller
6.The right to erasure
7.The right to object to the processing on grounds of a particular situation
8.The right to complain
Period: We will try to fulfil your request without undue delay. However, this period may be extended due to reasons related to specific law or the complexity of fulfilling your request.
Access restrictions: In some cases, we cannot provide you with access to all or part of your personal data due to statutory provisions. If access is denied, we will provide the reason.
Non-identifiability: If we are unable to identify you as a data subject, we cannot comply with your request to exercise your rights under the provisions of this section of the Policy – unless we receive additional information to enable such identification. We do not then take any action to determine further data, unless this is required to protect directly endangered human life.
Exercising your rights: To exercise your rights, please contact us in writing, such as by email or post. Contact information is located at the end of this Privacy Policy.
10. Storage of your personal data
We generally delete your personal information when it is no longer needed for the purposes for which it was collected. However, we may be required by law to retain your personal data for longer periods of time, such as adverse reaction reporting obligations.
The Client’s personal data is stored if the basis for the processing of personal data is consent – then the Client’s personal data is processed by the Company as long as the consent is not revoked, and after revocation of consent for a period corresponding to the period of limitation of claims that may be raised by the Company and that may be raised against it (see section 6 above).
In addition, we do not delete all of your personal information if you have asked us not to attempt to contact you again in the future.
For this purpose, we keep records of people who do not wish to be contacted by us in the future (e.g. via newsletters, e-mail). We will consider such requests as consent to hold your personal information only to protect against unwanted contact, unless otherwise instructed by you.
11. Changes to the Privacy Policy
We reserve the right, at our sole discretion,, to make changes to our privacy practices and to revise this Privacy Policy at any time. This Privacy Policy is current as of the date indicated as the “date last modified” listed above. We also provide the date of the previous version. We are committed to treating your personal information in a manner consistent with the Privacy Policy under which it was collected, unless we receive consent from you to treat it differently.
12. Contact Information
Please send any questions concerning data protection, as well as requests concerning the exercising of your rights, to the following e-mail address: info@farmina.pl or to our headquarters: Farmina sp. z o.o, ul. Lipska 44 , 30-721 Kraków, Poland.