ONLINE SHOP Business partner’s dashboard
UE logo
Search
en
plgbderoua
  • Company
    CATEGORIES
  • Professional products
    CATEGORIES
    INDUSTRIES
    Beauty
    Hospitals
    Offices, public institutions, education facilities
    Care facilities
    Cleaning companies
    Hospitality sector
    Industry and logistics
    Clinics and medical practices
    Dentistry
  • Consumer products
    CATEGORIES
    PRODUCTS
    MEDISEPT surface disinfectant spray Papaya, 500 ml
    MEDISEPT surface disinfectant spray Papaya, 500 ml
    MEDISEPT hand and surface disinfectant wipes, Cashmere fragrance
    MEDISEPT hand and surface disinfectant wipes, Cashmere fragrance
    MEDISEPT hand disinfectant spray 50 ml
    MEDISEPT hand disinfectant spray 50 ml
    MEDISEPT hand disinfectant spray 500 ml
    MEDISEPT hand disinfectant spray 500 ml
    MEDISEPT foot and shoe disinfectant spray 100 ml
    MEDISEPT foot and shoe disinfectant spray 100 ml
  • Research & Development
  • Export
  • CSR
  • Knowledge base
  • Downloads
  • Contact
    • Close
    Font
    A-
    A+
    Readable font
    Disable font size
    Contrast
    Disable contrast
    Links
    Underlined links
    Highlighted links
    reset
    1. Home
    2. Privacy Policy of MEDISEPT sp. z o.o.

    Privacy Policy of MEDISEPT sp. z o.o.

    Content

    for the website www.medisept.pl

    I. GENERAL PROVISIONS

    These provisions constitute the privacy policy (the “Privacy Policy”), which sets out the legal bases for the processing of personal data and provides information on the collection and use of personal data by MEDISEPT sp. z o.o., with its registered office in Lublin, ul. L. Spiessa 4, 20-270 Lublin, NIP (Tax Identification Number): 946 00 10 016, REGON (National Business Register Number): 430566102, KRS (National Court Register Number): 0000020407 (“MEDISEPT”).

    MEDISEPT encourages users of the website www.medisept.pl (the “Website”) to read this Privacy Policy.

    MEDISEPT uses personal data for the purposes indicated in this Privacy Policy and, where applicable, for other purposes that are each time clearly specified in the information clauses available on specific subpages within the Website.

    The Controller exercises particular care to protect the interests of data subjects. The Controller collects and processes personal data:

    • in accordance with generally applicable laws;
    • for strictly defined purposes indicated in this Privacy Policy and, where applicable, for other purposes that are each time clearly specified in the relevant Information Clauses;
    • to the extent adequate and relevant to the purposes pursued and obligations fulfilled;
    • in accordance with applicable retention periods, but no longer than necessary to perform specific processes, rights, and obligations, and in line with time limits set by law;
    • in accordance with applicable data processing security standards; in particular, the Controller protects data against unauthorised or unlawful processing and against loss, damage, destruction or alteration by implementing necessary technical, organisational and procedural measures.

    II. DEFINITIONS

    Controller – MEDISEPT sp. z o.o., with its registered office at ul. L. Spiessa 4, 20-270 Lublin.

    Personal Data – information relating to an identified or identifiable natural person (“data subject”), identifiable directly or indirectly, in particular by reference to a name and surname, online identifier, email address or telephone number.

    Information Clause – any information provided when data is collected by the Controller, as required under Articles 13 or 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

    Entrepreneur – a natural person of legal age with full legal capacity, a legal person or an organisational unit without legal personality but having legal capacity, who/which conducts business or professional activity in their own name and purchases from the Seller in connection with that business or professional activity.

    Consumer – a natural person of legal age with full legal capacity who purchases from the Seller for purposes not directly connected with their business or professional activity.

    Customer or User – both Consumers and Entrepreneurs.

    GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

    Processor – a natural or legal person, public authority or other entity that processes personal data on behalf of the Controller.

    Processing – any operation or set of operations performed on Personal Data, such as collection, recording, organising, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    Consent – any freely given, specific, informed and unambiguous indication of the data subject’s intent by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

    III. LEGAL BASES

    All personal data is processed in accordance with applicable Polish and EU law, in particular with the GDPR, the Polish Act of 10 May 2018 on the Protection of Personal Data (consolidated text: Journal of Laws 2019, item 1781), the Act of 18 July 2002 on the Provision of Services by Electronic Means (consolidated text: Journal of Laws 2024, item 1513), and the Electronic Communications Law of 12 July 2024 (Journal of Laws 2024, item 1221, as amended).

    The Controller collects and processes personal data where:

    • the data subject has given consent to the processing for a specific purpose (e.g. receiving a newsletter) — Article 6(1)(a) GDPR;
    • processing is necessary for the performance of an agreement concluded with MEDISEPT (in particular a sales agreement, commercial agreement or an agreement for the provision of electronic services) or to take steps at the request of the data subject prior to entering into or terminating an agreement, and to perform its terms or related actions — Article 6(1)(b) GDPR;
    • processing is necessary for compliance with a legal obligation to which the Controller is subject — Article 6(1)(c) GDPR;
    • processing is necessary for the purposes of the legitimate interests pursued by MEDISEPT (e.g. direct marketing of the Controller’s goods and services) — Article 6(1)(f) GDPR.

    The Controller processes Personal Data only where the above legal bases apply.

    IV. CONTACT WITH THE DATA CONTROLLER

    To contact the Data Controller in order to exercise your data protection rights or obtain other information related to processing by MEDISEPT, please submit requests: in writing to: MEDISEPT sp. z o.o., ul. L. Spiessa 4, 20-270 Lublin, with the note “concerning GDPR”, or by email to: rodo@medisept.pl

    V. DISPLAYING THE WEBSITE WWW.MEDISEPT.PL

    Please be informed that when the Website is displayed in available web browsers, information is exchanged between your mobile device, computer or other device and MEDISEPT’s servers. Any information obtained in connection with displaying the website is used to ensure the efficient operation of IT processes on MEDISEPT’s website or other processes occurring in your browser. While you are viewing www.medisept.pl, your browser may transmit the following information: your IP address, time of entry and exit, the name and URL of the file displayed and the website or application from which you accessed the site. This data is transmitted to ensure security and stability and to enable comfortable, uninterrupted use of the Website. The above data is processed pursuant to Article 6(1)(f) GDPR for the aforementioned purposes.

    Such data is stored only for the duration of your visit to www.medisept.pl and is automatically deleted when you close the website.

    VI. PURPOSES OF DATA PROCESSING AND RETENTION

    Your Personal Data is processed each time for a specifically defined purpose on a concrete legal basis. Below is a description of selected processes involving the processing of Personal Data:

    Purpose of processingLegal basis of processing and data retention periodScope of processing
    Conclusion, performance and servicing of agreements (e.g. sales agreements, commercial agreements, agreements for the provision of electronic services) or taking steps at the data subject’s request prior to entering into a given agreement.Article 6(1)(b) GDPR (performance of an agreement). Data is stored for the period necessary to perform, terminate or otherwise expire the agreement.
    Invoice-related data for settlements is processed until the expiry of the tax obligation and until the limitation period for potential claims or the end of the warranty period.    		Maximum scope: given name and surname; email address; contact telephone number; delivery address (street, house number, unit number, postal code, city/town, country); residence/business/registered office address (if different from delivery address). For non-consumer entrepreneurs, the Controller may additionally process the company name and Tax Identification Number (NIP).
    Direct marketing of the Controller’s goods and services — contact formArticle 6(1)(f) GDPR (Controller’s legitimate interests).
    Data will be stored for as long as the Controller’s legitimate interest persists, but no longer than the limitation period for claims against the data subject.    		Maximum scope: given name and surname; email address; contact telephone number. Additionally, where applicable: delivery/residential address (street, house number, unit number, postal code, city/town, country). For non-consumer Customers, the Controller may additionally process the Customer’s company name and Tax Identification Number (NIP).
    NewsletterArticle 6(1)(a) GDPR (consent).
    Data is stored until consent is withdrawn by the data subject.    		Name, email address
    Maintenance of tax/accounting booksArticle 6(1)(c) GDPR. Data is stored for the period required by laws obliging the Controller to retain accounting books (for MEDISEPT sp. z o.o., this period is 10 years [activity conducted in a Special Economic Zone], counted from the beginning of the year following the financial year to which the data relates).Given name and surname; residence/business/registered office address (if different from delivery address); Customer’s company name and Tax Identification Number (NIP).
    Other purposes: Any other data may be processed by the Controller in connection with other legal actions and other specifically indicated, legitimate purposes; such purposes will each time be presented to the data subject via the relevant information clauses.

    VII. DATA RECIPIENTS

    Data recipients include our employees, contractors, and other authorised entities (public authorities and entities cooperating with the Company under separate agreements). Details are provided in the Information Clauses available on the respective subpages within the Website.

    VIII. CONTACT FORM

    The Controller provides technical solutions enabling contact via an electronic form. Personal data of individuals using the contact form (including: given name, surname, telephone number, email address) will be processed by the Controller for the purposes of identification and for sending and handling the enquiry submitted by the user through the form – the legal basis is the Controller’s legitimate interests.

    Providing data marked as mandatory is required by the Controller to accept and handle the user’s enquiry. Failure to provide such data makes it impossible to process the enquiry. Providing other types of data is voluntary; however, the user may provide them to facilitate contact with the Controller or handling of their enquiry.

    IX. NEWSLETTER

    The Controller processes users’ personal data in order to provide the newsletter service. This may involve sending emails with offers or content that, in some cases, may contain commercial information. The newsletter service is provided to persons who have provided their email address for this purpose.

    The legal basis for processing is consent given by the user by ticking the appropriate checkbox to receive newsletters.

    Providing the above data is required by the Controller in order to provide the newsletter service. Failure to provide such data prevents us from providing the service.

    X. MEDISEPT ONLINE STORE

    To provide you with up-to-date information about new products and promotions, MEDISEPT sp. z o.o. enables access from the Website to its online store at www.dezynfekcja.pl.

    XI. CATEGORIES OF EXTERNAL DATA RECIPIENTS

    Personal data may be transferred, among others, to the following recipients or categories of recipients:

    • entities providing legal advice; entities participating in court, mediation, enforcement and other proceedings on behalf of and for the benefit of the Controller; notary offices and tax advisors;
    • entities servicing information systems (IT systems);
    • authorities authorised by law, in particular: public offices (e.g. the Tax Office in the case of tax inspections), the Police, courts, and others where provided by the law.

    XII. TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

    We inform you that data processed by MEDISEPT is not transferred outside the European Economic Area (EEA).

    XIII. OVERVIEW OF YOUR RIGHTS AS A DATA SUBJECT

    Each Customer has the following rights:

    • Right of access – you have the right to obtain information on which data we process (Article 15 GDPR);
    • Right to rectification – you have the right to update data provided to MEDISEPT (Article 16 GDPR);
    • Right to erasure (right to be forgotten) – you have the right to have data deleted where it has been processed unlawfully or is no longer necessary for the purposes for which it was collected (Article 17 GDPR);
    • Right to restriction of processing – you have the right to restrict processing where the Controller no longer needs the data for the purposes for which it was processed, where the data is inaccurate, or where it is processed unlawfully (Article 18 GDPR);
    • Right to data portability – you have the right to transmit the data to another controller and to receive your data in a structured, commonly used, machine-readable format (Article 20 GDPR);
    • Right to withdraw consent – you have the right to withdraw any consent given at any time; however, this does not affect the lawfulness of processing based on consent prior to such withdrawal (Article 7(3) GDPR);
    • Right to object to data processing – you have the right to object to data processing where such processing is carried out for the purposes of the Controller’s or a third party’s legitimate interests, including in particular processing for marketing purposes (Article 21 GDPR);
    • Right to lodge a complaint with a supervisory authority – a data subject whose data is processed by the Controller has the right to lodge a complaint with the supervisory authority in the manner and according to the procedure set out in the GDPR and Polish law, in particular the Act on the Protection of Personal Data. The supervisory authority in Poland is the President of the Personal Data Protection Office (UODO).

    To exercise the above rights, please contact the Controller by sending a relevant request in writing or by email to the address indicated in Section IV of this Privacy Policy.

    The Controller does not use automated decision-making, including profiling, as referred to in Article 22(1) and (4) GDPR.

    XIV. VOLUNTARY PROVISION OF DATA

    Providing your data is voluntary in each case. Where you have given Consent to the processing of your data, you may withdraw it at any time using the contact details provided in Section IV of the Privacy Policy; however, this does not affect the lawfulness of processing carried out prior to such withdrawal.

    XV. COOKIES

     

    XVI. AMENDMENTS TO THE PRIVACY POLICY

    To ensure the security of your personal data and to keep MEDISEPT sp. z o.o.’s procedures and policies current and transparent, this document will be regularly reviewed and amended in connection with changes in generally applicable laws and with any actions taken to ensure the proper protection of your Personal Data.

    This Privacy Policy has been in force since 9 July 2025.

    en
    plgbderoua
    ONLINE SHOP Business partner’s dashboard
    European funds
    Confirm professional status
    In line with applicable legislation, this website and its content are intended solely for professionals working in the field of medical devices (specifically healthcare practitioners, those involved in the trade of medical devices, and their employees or associates) as it contains promotional material relating to products designed for professional use.