INFORMATION CLAUSE ON THE PROTECTION OF PERSONAL DATA

  1. The joint controllers of your personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR) are Anna Skrzypczyk-Sielańczyk, running a business under the name of “Gabinet Psychoterapeutyczny Anna Skrzypczyk-Sielańczyk) “, NIP 7542655600, Agnieszka Staroszczyk running a business under the name” Gabinet Psychoterapii Agnieszka Staroszczyk “, NIP 8133292342 and Jacek Pietras running a business under the name” Jacek Pietras “, NIP 7341420439, partners of a civil partnership operating under the name” Anna Skrzypczyk-Sielańczyk, Agnieszka Staroszczyk, Jacek Pietras ”civil partnership, address: ul. Olszanicka 8a / 2, 30-241 Kraków, NIP 6772478791, REGON 522249971 (“ Co-administrators “).

  2. The co-administrators have not appointed the Personal Data Protection Inspector (IODO) and perform the duties related to the processing of personal data on the basis of the concluded co-administration agreement. In all matters related to the processing of personal data, you can contact the Co-administrators electronically by sending an e-mail to kontakt@gabinetyselfcare.pl

  3. The joint controllers process personal data for the following purposes:

    1. in order to conclude and perform the contract regarding the services provided, pursuant to art. 6 sec. 1 lit. b) GDPR and art. 6 sec. 1 lit. a) GDPR (consent to the processing of special categories of data),

    2. for marketing purposes, pursuant to art. 6 sec. 1 lit. a) GDPR (consent to disseminate the image),

    3. in order to make settlements, including keeping accounting books and fulfilling tax obligations, pursuant to art. 6 sec. 1 lit. c) GDPR,

    4. for purposes resulting from the legitimate interests of the administrator, in particular for statistical and archiving purposes, quality and satisfaction research, direct marketing, pursuant to art. 6 sec. 1 lit. f) GDPR,

    5. in order to pursue claims and defend against claims, pursuant to art. 6 sec. 1 lit. f) GDPR.

  1. Providing data is voluntary, but failure to do so may prevent the provision of services.

  2. Data of special categories are processed on the basis of rt. 9 sec. 2 lit. h) GDPR) (processing is necessary for the provision of healthcare or treatment) or on the basis of consent.

  3. The period of storage of personal data depends on the legal basis for their processing:

    1. if the data is processed in order to fulfill obligations resulting from legal provisions, including tax law, they will be processed for the period necessary to fulfill these obligations and for the period required by law;

    2. if the data is processed in order to perform the contract, they will be processed until the completion of all factual and legal activities necessary to perform the contract or to secure any claims;

    3. if the data is processed on the basis of the legitimate interest of the Administrator, they will be processed until the interests underlying this processing exist or until you object to such processing;

    4. if the data is processed on the basis of consent, they will be processed until you withdraw your consent.

  1. Regardless of the legal basis for the processing of personal data, you have the right to access the content of your personal data and the right to rectify it. In the cases indicated in the GDPR, you also have the right to request the deletion of personal data and the right to request the restriction of their processing.

  2. In the event that the data is processed on the basis of art. 6 sec. 1 lit. f) GDPR, you also have the right to object to the processing, and when the data is processed on the basis of art. 6 sec. 1 lit. a) or b) GDPR, you additionally have the right to data portability. You can withdraw your consent to the processing of personal data at any time (without affecting the activities performed before the consent was withdrawn).

  3. You also have the right to lodge a complaint with the supervisory body – the President of the Personal Data Protection Office, if it is found that the data is not processed in accordance with the law.

  4. Personal data may be transferred to persons authorized by the Co-administrators, entities processing data on their behalf (accounting office, entities providing consulting and marketing services, etc.) and entities authorized by law.

  5. Personal data may be transferred outside the European Union. In this case, the transfer of data will take place on the basis of an appropriate agreement containing standard data protection clauses adopted by the European Commission or on the basis of an appropriate decision of the European Commission.

  6. Personal data will not be included in the process of automated decision making or profiling referred to in art. 22 sec. 1 and 4 GDPR.