Privacy Policy

By continuing to use the website (scrolling, closing this message, clicking on elements on the page other than the message) and using the Facebook fan page without changing your browser’s privacy settings, you consent to the storage of cookies and other similar technologies on your end device and to the processing of personal data for the purpose of tailoring the website content to your preferences, and for advertising and statistical purposes. If you do not agree to the use of cookies and other similar technologies, you may change the settings in your internet browser or leave the site. Complete information on the storage of cookies and other similar technologies, as well as the current policy on the processing of personal data, can be found below.

  1. The operator of the website (hereinafter referred to as the Service) and the Personal Data Administrator is Tomasz Bobek, conducting business under the name IMPLANTIS Tomasz Bobek, al. Daszyńskiego 12/u5, 31-534 Kraków, NIP 6771903967, REGON 121098488, phone number 511 511 315, email biuro@implantis.krakow.p (hereinafter referred to as the Administrator);
  2. The Service acquires information about users and their behavior in the following ways:
    • through information entered into forms voluntarily for the purpose of sending inquiries to the Administrator;
    • by storing cookie files (so-called “cookies”) on users’ end devices.
  3. The personal data collected by the Administrator is processed in accordance with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR), the Act of 18 July 2002 on providing services by electronic means (Journal of Laws of 2017, item 1219 as amended) and the Act of 16 July 2004 – Telecommunications Law (Journal of Laws of 2017, item 1907 as amended).
  4. The Personal Data Administrator ensures that all possible efforts are made to process the personal data it processes with the utmost respect for the privacy of the individuals whose data is processed and with the highest care for the security of the personal data processed, and in particular ensures that all legally prescribed measures to protect personal data sets have been taken.
  5. The Administrator carefully selects and applies appropriate technical measures, including programming and organizational measures, to ensure protection of the processed data appropriate to the threats and category of data under protection, in particular, secures the data against being shared with unauthorized persons, disclosure, loss and destruction, unauthorized modification, as well as against processing in violation of applicable law.
  6. The Service may contain hyperlinks to other websites. The Administrator is not responsible for the privacy practices of these websites. At the same time, the Administrator commits to exercising due diligence to ensure that users are aware that they are using a website not belonging to the Administrator after using a hyperlink.

Scope of Processed Personal Data, Objectives, and Legal Bases

  1. The Service collects information provided voluntarily by the user in forms related to sending inquiries to the Administrator. The Service may also save information about connection parameters such as IP address, proxy server, session name, user’s operating system and browser, location, and the names of internet or mobile service providers for technical purposes related to server administration, to perform the contract to which the data subject is party (based on Article 6(1)(b) of the GDPR), and to generate aggregate and statistical information (e.g., about the region from which the connection is made) that cannot identify the user, as well as for security purposes.
  2. Personal data of Service users who have not filled out any form on the Service are not shared with other recipients unless the user consents to it or if the obligation to share the collected information arises from applicable law. Personal data of Service users who have filled out one of the forms on the Service may be shared with the following categories of recipients:
    • IT systems and IT service providers for the Administrator;
    • marketing agencies and other entities providing services to the Administrator necessary for maintaining the website, current contact with customers, etc.;
    • public authorities, institutions, or third parties authorized to demand access or receive personal data based on absolutely applicable law.
  3. The processing of users’ data occurs within the scope of:
    • preparing and providing a response to the user’s inquiry sent via the contact form (data scope: first name, last name, email address) – due to the fact that processing is necessary to take action at the request of the person concerned before entering into a contract (Article 6(1)(b) of the GDPR);
    • conducting direct marketing (data scope: first name, last name, email address, and data related to the user’s activity recorded and stored through cookies) – based on Article 6(1)(f) of the GDPR, i.e., because the processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party;
    • fulfilling legal obligations incumbent on the Administrator in connection with conducting business activity (data scope: first name, last name, email address, address, and any other data obtained from the user) – based on Article 6(1)(c) of the GDPR, i.e., because the processing is necessary to fulfill a legal obligation to which the Administrator is subject;
    • sending commercial information electronically in accordance with Article 10(2) of the Act of 18 July 2002 on providing services by electronic means (data scope: first name, last name, email address) – based on separately granted consent;
    • using telecommunications terminal equipment and automatic calling systems for direct marketing purposes in accordance with Article 172 of the Act of 16 July 2004 Telecommunications Law (data scope: first name, last name, email address) – based on granted consent.
  4. In the process of sending data through inquiry submission forms, the user receives information as referred to in Articles 13(1) and (2) of the GDPR and may consent to the collection and processing of personal data by the Administrator in the manner and for the purposes described in the relevant consent clauses and this document. Providing personal data by the user is voluntary but required to prepare and provide a response to the user’s inquiry sent via the contact form, while failure to provide data will result in the Administrator’s inability to handle the inquiry.
  5. The user is responsible for providing false personal data. The Administrator does not process personal data of users using tools for automated decision-making, including profiling.
  6. Personal data will be processed:
    • for the duration of correspondence initiated by an inquiry sent by the user via the contact form – until the expiration of 3 months from the date of its conclusion;
    • until the withdrawal of consent or objection to data processing – in cases of processing personal data of the user based on separate consent or based on the provisions referred to in Article 6(1)(e) or (f) of the GDPR, including for direct marketing purposes;
    • for a period corresponding to the life cycle of cookies stored on the user’s device – in the case of processing personal data of the user browsing the content of the Service;
  7. The Administrator also stores personal data of users when it is necessary to fulfill legal obligations, resolve disputes, enforce user obligations resulting from concluded contracts, maintain security, and prevent fraud and abuse – until the statute of limitations expires for claims against the user.

Cookies Policy

  1. While browsing the Service, cookies are used, which are information data, in particular text files stored in the Service user’s end device and intended for the use of the Service’s websites. Cookies usually contain the name of the website they come from, the storage time on the end device, and a unique number.
  2. The cookies used by the Administrator are safe for the user’s device. The Administrator uses the following types of cookies:
    • session cookies – are temporary files stored on the user’s end device until the end of the web browser session, and the information stored is then permanently deleted from the device’s memory;
    • permanent cookies – are stored on the user’s end device for the time specified in the cookies’ parameters or until they are deleted by the user. Ending the web browser session or turning off the end device does not delete them from the user’s device.
  3. The Administrator uses cookies for the following purposes:
    • to adjust the content of the Service’s web pages to the user’s preferences and to optimize the use of web pages; in particular, these files allow recognizing the Service user’s device and appropriately displaying the web page, tailored to his individual needs;
    • to create statistics that help understand how Service users use web pages, which allows improving their structure and content;
    • to enable the collection of information on how to use the Service’s web pages;
    • to enable remembering settings chosen by the user and personalization of the user interface, e.g., in terms of the selected language or region from which the user comes, font size, website appearance, etc.;
    • to enable delivering content to the user more tailored to his interests.
  4. The Administrator informs that in many cases, software used for browsing web pages (web browser) by default allows storing cookies on the user’s end device. Service users can change cookie settings at any time. These settings can be changed in particular to block the automatic handling of cookies in the web browser settings or to inform about their placement on the Service user’s device each time. Detailed information on the possibility and methods of handling cookies is available in the user’s software settings (in the “Help” section in the web browser menu, e.g., Internet Explorer, Edge, Chrome, Firefox, Opera).
  5. The Service operator informs that restrictions on the use of cookies may affect some functionalities available on the Service’s web pages. Therefore, it is recommended to use software with enabled cookie handling functionality. Failure to disable the option of storing cookies in the browser settings means the user consents to their storage and retention on their end device.

User Rights

  1. The Administrator ensures the realization of the rights indicated below for every user. Users can exercise their rights by sending a request to the Administrator via email: biuro@implantis.krakow.p. The user has the right to:
    • access the content of their data – according to Article 15 of the GDPR;
    • rectification/update of data – according to Article 16 of the GDPR;
    • deletion of data – according to Article 17 of the GDPR;
    • restriction of data processing – according to Article 18 of the GDPR;
    • data portability – according to Article 20 of the GDPR;
    • object to data processing – according to Article 21 of the GDPR;
    • withdraw the given consent at any time, although the withdrawal of consent does not affect the legality of processing carried out on the basis of consent before its withdrawal – according to Article 7(3) of the GDPR;
    • lodge a complaint with the supervisory authority, i.e., the President
  2. The Administrator considers the reported request without undue delay, no later than one month from its receipt. However, if due to the complex nature of the request or the number of requests, the Administrator cannot consider the request within the mentioned period, it will consider it within the next two months, informing the user in advance about the intended extension of the deadline.
  3. The Administrator informs about the rectification or deletion of personal data or restriction of processing carried out in accordance with the user’s request to each recipient to whom the personal data have been disclosed unless this proves impossible or involves a disproportionate effort.

Changes to the Privacy Policy

  1. The Administrator has the right to change this document, about which the user will be notified in a manner enabling them to become acquainted with the changes before they enter into force, e.g., by posting relevant information on the main page of the Service, and in the case of significant changes, also by sending a notification to the email address provided by the user.
  2. If the user objects to the introduced changes, they may request the deletion of their personal data by the Administrator and cease using the Service. Continued use of the Service after the publication or sending of a notification of changes to this document is considered as consent to the collection, use, and sharing of the user’s personal data according to the updated content of the document.
  3. The Privacy Policy does not limit any rights of the user under generally applicable laws.