Book Now

privacy policy

PARODENT dental network
limited liability

company dear patient!

We respect your privacy and make every effort to comply with all obligations under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data and repealing Directive 95/46 / EC (hereinafter referred to as the “GDPR”).

This privacy Policy informs you about the ways in which personal data is processed and protected within the Internet service and in connection with the use of dental services provided by our office.

§1. Personal Data

Administrator The personal data administrator (hereinafter referred to as the administrator) is a PARODENT Dental network Limited Liability Company headquarters in Warsaw, Ostrobramska 101a lok. 301, 04-041 Warsaw, registered in the Register of Entrepreneurs of the National Judicial Register under the number KRS 0001153087, having an entry in the register of persons engaged in medical activities under the number PWDL 000000296065.

You can send any questions or concerns, in particular regarding the processing of personal data, by mail to the administrator’s office, or by e-mail to parodent.pl@gmail.com, by phone +48 22 257 12 81 or through the contact form available on the website.

The Administrator guarantees that the personal data entrusted to him is processed in compliance with the requirements of generally recognized legislation, in particular the GDPR and the law of May 10, 2018 On Personal Data Protection. The main goal of the administrator is to ensure that the privacy of patients and users of the website is protected at a level that at least meets the requirements of current legislation and, in particular, the GDPR rules.

Any person who uses the services of the administrator in any way or visits the website accepts all the rules set out in this Privacy Policy. The administrator reserves the right to make changes to the privacy policy if this is required by law or changes made to the functionality of the site or the services provided. The administrator notifies all users about the relevant changes and their effective date, in particular, by posting a corresponding message on the site and in the office.

§2. BASIC CONCEPTS

For the purposes of this Privacy Policy, the following definitions are introduced:

  • user -any individual whose personal data is processed by the administrator, including patients of the cabinet and visitors to the website.
  • Patient -an individual who receives medical benefits provided by the administrator.
  • Personal data – all information about an individual identified or identified by one or more specific factors that determine physical, physiological, genetic, mental, economic, cultural or social identity, as well as the device’s IP address, location data, internet identifier, and information collected through cookies and other similar technology.
  • GDPR Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 On the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
  • A service is a website that is accessible at a web address managed by an administrator and possibly at other Internet addresses, as well as in applications and other information tools, and includes a group of interacting computer programs, databases, and related components.
  • Processing of personal data – any operations performed with personal data, such as collection, storage, storage, development, modification, exchange and deletion, and especially those performed in information systems.
  • Violation of personal data protection is a security breach that results in accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise processed.
  • Medical records – documentation carried out in accordance with the law of 6 November 2008 on patient rights and the Ombudsman for Patient Rights, containing data on the patient’s health status and the medical services provided.

§3. Purposes, legal grounds, scope of data processing

The controller processes personal data only if at least one of the following conditions is met:

  • provision of dental services– for the maintenance of medical records, diagnosis and treatment in accordance with Article 9 (2). h GDPR in relation to the Patient Rights Act and the Patient Rights Ombudsman.
  • Registration of visits and contact with the patient – to organize a visit and organizational contact in accordance with Article 6 (1). B GDPR (contract execution).
  • Calculations and invoices -for issuing a VAT invoice or receipt and fulfilling tax obligations in accordance with Article 6 (1). C of the GDPR (legal obligation).
  • Processing of complaints and claims – for handling complaints, as well as for investigating or defending against claims in accordance with Article 6 (1). B GDPR (performance of contract) and article 6 (1). F GDPR (legitimate interest of the administrator).
  • Marketing of Merchant profile services – inform about news, promotions and remind about control visits in accordance with Article 6 (1). F of the GDPR (legitimate interest of the administrator to promote its own services).
  • Video surveillance – to ensure the safety of patients, staff and property protection in accordance with Article 6 (1). F GDPR (legitimate interest of the administrator).
  • Website and form support – to respond to requests and ensure the functionality of the site in accordance with Article 6 (1). F GDPR (legitimate interest) for the contact form and Article 6 (1). A GDPR (consent) for cookies.
  • Archival and statistical purposes -for compiling statistical reports and analyzing the quality of services in accordance with Article 6 (1). F of the GDPR (legitimate interest of the administrator).

The administrator processes users ‘ personal data to the extent necessary for the purposes specified above, for the period necessary to achieve these goals, or until the user withdraws his consent. The lack of data provision in some situations may lead to the inability to achieve the goals for which data provision is necessary. The data specified in the forms are processed for the purposes that follow from the function of a particular form. In addition, they can also be used for archival and statistical purposes.

§4. DATA SECURITY

The Administrator constantly conducts risk analysis to identify risks associated with secure data processing, and takes appropriate technical and organizational measures to ensure the protection of the processed personal data.

Only authorized employees and employees who are required to keep professional secrets have access to personal data. The administrator keeps records of persons authorized to process personal data and applies technical means of protection, including encryption of confidential data.

Backup copies of medical records are regularly created, and the premises where documentation is stored are closed and protected from unauthorized access.

The administrator uses antivirus systems and a firewall, performs video surveillance in public areas, regularly trains staff in personal data protection and information security, and applies procedures in case of violation of personal data protection.

§5. DATA RECIPIENTS

Your personal data may only be shared with organizations that support us in providing medical services or to which we are required to provide data in accordance with the law.

Recipients of your data can be:

  • prosthetic laboratories to the extent necessary for performing prosthetic work,
  • accounting and tax settlement service providers,
  • law firms in the field of legal or consulting services, IT
  • and hosting service providers that maintain information systems,
  • insurers in case of filing a claim related to civil liability insurance,
  • persons providing postal and courier services to the extent necessary for the delivery of correspondence,
  • bodies authorized by law (social security, tax authorities, courts, prosecutor’s office, City president, professional self-government bodies) only on the basis of the provisions of the law.

A third party that has access to personal data processes them only under the contract of assignment of personal data processing and exclusively on behalf of the administrator.

Data is not transferred to third countries (outside the European Economic Area), except in the cases described in Section 11 of this Policy.

§6. Obtaining commercial information

the user of the website or the patient of the cabinet, in case of his consent, can receive commercial information using electronic means of communication.

Commercial information may relate to:

  • new dental services offered by the office,
  • promotions and discounts for individual services,
  • loyalty programs,
  • oral hygiene tips,
  • reminders of recommended follow-up visits.

You have the right to withdraw your consent at any time without giving any reason

  • by sending an email to parodent.pl@gmail.com with notification of revocation of consent,
  • phone message by phone number +48 22 257 12 81
  • By clicking on the “Unsubscribe” link found in each marketing message,
  • personal report in the merchant profile registration.

The withdrawal of consent does not affect the legality of the processing that was carried out on the basis of consent prior to its withdrawal.

§7. User rights

Each person whose data is processed has the following rights specified in the GDPR:

  • data access rights the
  • right to correct data by submitting a request for correction of inconsistencies or errors,
  • the right to delete datathat is no longer required to be processed (note: in connection with Article 17 (3). B) and c) of the GDPR, you do not have the right to request the deletion of personal data contained in medical records,due to the obligation to store them in accordance with the law),
  • the right to restrict processing,
  • the right to transfer data in a structured, widely used format,
  • the right to object with respect to data processing based on the legitimate interests of the administrator (the objection must contain a justification and must be evaluated by the administrator, if it does not relate to processing for marketing purposes-then it does not require justification),
  • the right to withdraw consent at any time (the withdrawal of consent does not affect the legality of processing performed before its withdrawal),
  • the right to file a complaint with Chairman of the Office for Personal Data Protection (2 Stavki str., 00-193 Warsaw, https://uodo.gov.pl, e-mail address:kancelaria@uodo.gov.pl , phone number: 22 531 03 00).

You can submit an application for exercising your rights:

You will receive a response to your request within one month of receiving it. If it is necessary to extend this period, the administrator informs the applicant about the reasons for such extension. The response will be sent to the email address from which the application was sent, and in the case of requests sent by letter, by registered mail to the address specified by the applicant.

§8. COOKIES AND SIMILAR TECHNOLOGIES

The administrator’s website uses cookies. Cookies (so-called “cookies”) are information data, in particular text files that are stored on the user’s end device (for example, computer, tablet, smartphone) and are intended for use by websites. Cookies usually contain the name of the website they are received from, the time they were stored on the destination device, and a unique number. Cookies are not harmful to users or their devices, do not affect their operation, and do not change the configuration of end devices or the software installed on these devices.

The service uses two main types of cookies:

  • “session” cookies are temporary files that are stored on the user’s end device until the user leaves the website or turns off the software(web browser).
  • “persistent” cookies are stored on the user’s end device for the time specified by the user. in the cookie settings, or until the user deletes them.

Cookies are used for the following purposes:

  • necessary cookies – allow you to use the services available within the site, including maintaining the user’s session (after logging in), ensuring the correct functioning of contact forms and remembering the choice regarding cookies.
  • Functional Cookies -allow you to remember the settings selected by the user and personalize the interface (for example, language, font size), as well as remember the information entered in the forms.
  • Analytical and performance cookies – they are used to create statistics that help you understand how users use websites, analyze website traffic, optimize page content and functionality, and study newsletter subscriptions.
  • Advertising and marketing cookies -used to determine the user’s profile to display relevant content in advertising networks, control how often the selected content is shown to users, and remarketing (repeated access with ads to people who visited the site).

Web browsing software (a web browser) usually allows cookies to be stored on the user’s end device by default. By using the administrator’s website, you consent to the use of cookies in accordance with this Policy. You can change your cookie settings at any time. The user can manage cookies by changing the settings of their web browser. The browser allows you to delete cookies, block cookies automatically, and receive notifications before saving a cookie. Detailed information is available in the browser’s Help section or on the websites of browser manufacturers. Please note that some cookies are necessary for the operation of the website, and deleting or disabling them may reduce the functionality of the website.

The Administrator uses third-party services that may use cookies. To collect statistics, the administrator uses the Google Analytics product. In this case, Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, United States, receives data about the service user. You can block Google Analytics ‘ access to your data by installing the plugin located at https://tools.google.com/dlpage/gaoptout/. The administrator invites you to read the detailed explanations related to data processing in the framework of Google Analytics, available at https://policies.google.com/privacy?hl=pl.

The administrator can use marketing tools available on the social network Facebook, owned by Meta Platforms Ireland Limited. These tools can target ads on social networks such as Facebook and Instagram. Actions in this area are carried out on the basis of the administrator’s legitimate interests in the form of marketing their own services (Article 6, paragraph 1, lit. f RODO).

To target ads that are personalized to the behavior of users visiting a website, Pixel Meta can be implemented on it, which automatically collects information about website usage. The information collected in this way may be transmitted to a Facebook server in the United States and stored there. The information collected in Pixel Meta is anonymous, i.e. it does not allow identifying the user. The administrator only informs you about what actions the user has taken within the site. However, the Meta Platform may combine this information with other user information collected as part of its use of the Facebook social network and use it for its own purposes, including marketing. Information about Facebook’s privacy policy is available at https://www.facebook.com/privacy/explanation. from their Facebook account, the user can also manage their privacy settings.

§9. SOCIAL MEDIA

The administrator can maintain profiles in social networks (for example, Facebook, Instagram, LinkedIn, YouTube) to inform users about their activities, the provision of services, and communication with users. The administrator processes personal data of users who visit the administrator’s profiles posted on social networks. This data is processed to inform users about the activity of the administrator, the provision of services, as well as to communicate with users using the tools available in social networks. The legal basis for processing personal data for this purpose is the legitimate interest of the administrator (art. F GDPR), which is to promote your own brand and the services offered, as well as to create and maintain a community associated with the brand.

The service contains links to the administrator’s social media profiles. When viewing a web page that contains such a link or plugin (for example, a “Like” or “Share” button), the user’s browser will establish a direct connection to the servers of social network administrators. The content of the plugin is transmitted by the service provider directly to the user’s browser and integrated with the site. Thanks to this integration, service providers receive information that the user’s browser has viewed the administrator page, even if they do not have a profile with this service provider or are not logged in. This information (along with the user’s IP address) is transmitted directly through the user’s browser to the server of the relevant service provider (some servers are located in the USA) and stored there. If the user is logged in to one of the social networks, this service provider can directly assign a visit to the administrator’s site to the user’s profile in this social network.

The administrator has no control over the data that plugin providers collect or how this data is processed.

The purpose and scope of data collection, as well as their further processing and use by service providers, as well as the possibility of contact and user rights in this regard are described in the privacy policy of individual service providers. The administrator offers to read their contents.

If the user does not want social media sites to assign data collected during a visit to the administrator’s site directly to the user’s profile on this site, then you must log out of this site before visiting the site.

The user can also completely prohibit the loading of plugins on the page by using the appropriate extensions for their browser, such as blocking scripts.

§10. Server logs

using a website involves sending requests to the server where it is stored.

Each request to the server is recorded in the server logs.

Logs include, but are not limited to, the user’s IP address, server date and time, information about the web browser and operating system, the address of the page from which the redirect occurred, and the page that the user visited.

Logs are saved and stored on the server for a maximum of 12 months.

The data stored in the server logs is not associated with specific persons using the site, is not used by the administrator to identify the user, is only auxiliary material for managing the website, and its contents are not disclosed to anyone other than those authorized to administer the server.

§11. TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

The Administrator may transfer Users ‘ personal data to third countries, i.e. countries outside the European Economic Area, only to a limited extent. In connection with the use of third-party services (for example, Google Analytics, Meta Platforms), your data may be transferred to the United States of America in connection with their storage on US servers.

Personal data may only be transferred to third countries or organizations for which

  • the European Commission has decided on the appropriate level of data protection (Article 45 GDPR),
  • appropriate safeguards were applied in the form of standard contractual provisions adopted by the European Commission (Article 46 GDPR),
  • and the User’s explicit consent to such transfer was obtained after informing him of the risk (Article 49 GDPR).

A list of countries for which the European Commission has taken a decision confirming that a third country provides an adequate degree of protection can be found at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

In the absence of a decision of the European Commission or appropriate security measures, the administrator asks you to give explicit consent to such transfer, informing you in advance of the risks associated with such transfer.

§12. Information about automatic decision-making and profiling

within the website, the administrator can automatically adapt certain content to the user’s needs, i.e. perform profiling using data collected through cookies.

Profiling consists of automatically evaluating which services might be of interest to you, analyzing past actions taken online, and displaying ads for dental services profiled in this way.

Profiling performed by the administrator does not lead to decisions that lead to negative legal consequences for the user or otherwise significantly affect him.

The User has the right to object to profiling at any time by changing the cookie settings in their browser or by contacting the Administrator.

§13. Changes to the Privacy Policy

The administrator reserves the right to make changes to this Privacy Policy if:

  • changes in legislation on personal data protection,
  • changes in the way data is processed or the introduction of new services,
  • changes in the functionality of the site or services provided,
  • improvements in data security or privacy protection procedures.

The administrator notifies all users about the relevant changes and their effective date, in particular, by posting a corresponding message on the website, posting information when registering the cabinet, and sending it by e-mail (in case of significant changes).

The current version of the Privacy Policy is always available on the administrator’s website and in the dashboard registration.

§14. Questions and Contacts

If you have questions or concerns about our processing of your personal data, or if you would like to exercise your rights, please contact us.

Administrative center: 101A Ostrobramska str. Loc. 301, 04-041 Warsaw

office: ul. Progress 7A, room U03, 02-676 Warsaw

phone: +48 22 257 12 81

E-mail:parodent.pl@gmail.com

Opening hours: Monday-Friday 9: 00-21: 00, Saturday 9: 00-18: 00

we will be happy to answer all your questions and clarify any problems related to the protection of your personal information.

§15. Final provisions

on matters not covered by this Privacy Policy apply in accordance with the provisions

  • of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR),
  • law of May 10, 2018 On the Protection of Personal Data,
  • Law of November 6, 2008 On the Rights of the Patient and the Ombudsman,
  • the Law of April 15, 2011 on medical activities,
  • the Law of July 18, 2002. On the provision of services in electronic form,
  • other applicable laws.

This Privacy Policy is effective from January 7, 2026.

Wybierz wygodny
sposób kontaktu
Telegram
WhatsApp
Viber
Zadzwoń
lub znajdź nas
W mediach społecznościowych
Sprawdź numer telefonu

Upewnij się, że numer jest poprawny

+48 000 000 000