Privacy policy

1. The Administrator of the personal data collected is a company under the name of Health Wellbeing Services sp. z o. o., whose headquarters is in Cracow (30-347), ul.Kapelanka nr 12 and has been entered into the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Cracow, XI Commercial Division of the National Court Register under the number KRS: 0000685578, NIP: 6762532649, REGON:367732240 (“Administrator”).
2. The Administrator act in accordance with Regulation from European Parliament and of the Council of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”), including in particular appropriately securing Users’ personal data against unlawful access to personal data by third parties, in particular encoding personal data, archiving personal data, evaluating safeguards for personal data, ensures confidentiality, integrity, availability and resilience of systems and services.
3. You may contact personal data Administrator:
   1. by writing to the address: ul. Kapelanka 12, 30-347 Kraków;
   2. by phoning: +48 660 545 457;
   3. by e-mailing: kontakt@wellbeingpolska.pl
4. Personal data administrators do not have to appoint a Data Protection Officer and no such Officer has been appointed.
5. The administrator will process the following categories of Users’ personal data:
   1. name and surname;
   2. e-mail address;
   3. phone number;
   4. IP address;
   5. basic health data;
   6. sport activity data;
   7. eating habits data.
6. Administrator is processing Users’ personal data:
   1. on the basis of voluntary User consent and voluntary given necessary personal data in order to perform services by Wellbeing Polska – art. 6 par.1 pt. a) GDPR;
   2. in order for Wellbeing Polska to offer products and services directly for Users (direct marketing), including fitting them for Users’ needs with help of profiling – only on the basis of User’s separate and explicit content – art. 6 par. 1 pt. a) GDPR;
   3. in order for Wellbeing Polska to perform the Services – art. 6 par. 1 pt. b) GDPR;
   4. in order to enable Users to participate in the Wellness Programs and for Programs for proper contact with Users and Specialists – art. 6 par. 1 pt. b) GDPR;
   5. in order to fulfil the necessary legal obligation incumbent on the Administrator on the basis of applicable law – art. 6 par. 1 pt c) GDPR
   6. for tax and accounting purposes – in a situation where the use of the Website or Services is for fee and processed data is required by applicable law – art. 6 par. 1 pt. c) GDPR;
   7. for the purpose of legitimate interests pursued by the Administrator or third party, i.e. administering the Service or External Service, identifying errors in structure of Website and Externat Website and to ensure their security, as well as statistical purposes – art. 6 par. 1 pt. f) GDPR;
   8. for the purpose of the Administor’s legitimate interest in defending against and being able to pursue claims – art. 6 par. 1 pt. f) GDPR;
   9. in order to provide Services the Administrator processes particular categories of personal data (basic health data, sport activity data, eating habit data), these particular categories of personal data are processed on the basis of explicit User consent – art. 9 par. 2 pt. a) GDPR expressed in the form of willingness and will to provide such particular personal data. Providing detailed data by User is always voluntary, but may be necessary to use a particular Service;
   10. Providing personal data by User is voluntary but at the same time necessary for Wellbeing Polska to perform Services and for User to participate in Program and Wellness Programs. Lack of basic personal data from User to identify User prevents Wellbeing Polska from contacting the User.

Marketing activities

1. Execution of direct marketing by the Administrator using terminal equipment (in particular mobile and landline phones, tablets, computers) and automatic calling systems, to provided by User phone number and e-mail address, consisting in receiving marketing messages about Wellbeing Polska’s products and services and organised marketing actions and sending commercial information concerning goods or services offered by Wellbeing Polska to the e-mail address provided by User, within meaning of the Act 18 of 18 July 2002 on providing services by electronic means i.e. Journal of Laws of 2020, item 344) is subject to the separate consent of the User. Such consent may be withdrawn by the User at any time.
2. User has the right to:
   1. access to their data and to receive their data;
   2. receive a copy of their data,
   3. rectification (correction) of his/her data,
   4. deletion of data – if, in the opinion of the User, there are no grounds for the Administrator to process his/her data.
3. The User also can unsubscribe from Newsletter
   1. limitation of data processing – if, in the User’s opinion, the Administrator has incorrect data about him or her or processes them unfoundedly, or the User does not consent to the deletion of data due to the need to establish, assert or defend claims, or for the duration of the User’s objection to data processing;
   2. object to the processing of data for direct marketing, including profiling, and the right to object to the processing of data on the basis of legitimate interests for purposes other than direct marketing, and when the processing is necessary for the Administrator to perform a task carried out in the public interest or for the exercise of public authority entrusted to us;
   3. data transfer – User have the right to receive from the Administrator in a structured, commonly used machine-readable format personal data provided to the Administrator by the User on the basis of consent or agreement, User may also commission the Administrator sending this data directly to other entity;
   4. file a complaint to a supervisory authority – if the User thinks that the Administrator processes his or her data unlawfully, User can file a complaint to President of the Personal Data Protection Office or any other competent supervisory authority;
   5. withdrawal of consent to process personal data – at any time the User has the right to withdraw consent to process personal data, which the Administrator processes on the basis of the User’s consent; however this withdrawal does not pertain to the data that was processed before withdrawing consent.
4. Users’ personal data can be transferred to the following categories of entities:
   1. authorised employees and contributors of the Administrator;
   2. Specialists/Trainers;
   3. suppliers of technical and organisational services for the Administrator to enable the execution of the Agreement and management of the Administrator’s organisation (in particular courier and postal companies, entities providing diagnostic, transportation, nutrition or consultation services);
   4. entities providing IT services and marketing services;
   5. suppliers of of legal and consulting services and their authorised employees and associates;
   6. entitled performing data analytics for the purpose of personalising advertisement and being separate administrators in this regard, in particular Google Ireland Limited;
   7. entities administering/managing External Website or their owners; 
   8. entities performing audit/control activities for the Administrator;
   9. external entities processing data on behalf of and ordered by the Administrator and persons authorised by them.
5. Users’ personal data will be processed no longer than necessary, i.e. for the period of time needed to respond to the User’s question, duration of the agreement and the Service Contract, after response or termination of agreement or Service Contract until the expiration of the statute of limitations for any claims that the Administrator may raise and that may be raised against the Administrator in connection with the Agreement, or until the expiration of limitations for any claims that Wellbeing Polska may raise and that may be raised against Wellbeing Polska in connection with the Service Contract.
6. Personal data processed for the purposes covered by the consent will be processed for those purposes until the consent is withdrawn.
7. Users’ personal data may be processed by the Administrator automatically.
8. Users’ personal data may be profiling.
9. The Administrator will not transfer or authorise the transfer of personal data provided by User by outside the EEA unless it has been ensured that the transfer complies with the GDPR. This may include, in particular, the transfer of personal data to a recipient in a country that, in accordance with a decision of the European Commission, provides adequate protection of personal data, or to a recipient in the United States that has certified compliance with the EU-U.S. Privacy Shield program.
10. The Administrator may collect statistical data on the popularity and use of particular Services offered by the Website, sharing it with other entities. These data will be shared only anonymously and in groups, without the possibility of extracting Users’ personal data on their basis. The collected statistical data Administrator can also use for marketing, information, statistical purposes and publication in such media as the Internet, press, radio, television, mobile and landline telephones.
11. The Administrator may conduct surveys containing questions via e-mail or directly on the Website. Data collected from such polls will be used to analyse the collective image of Users used directly by the Administrator and provided to marketing partners.
12. The Administrator uses appropriate technical and organisational measures to make Users’ personal data secure, including securing personal data against unauthorised access, loss or destruction. The Administrator has implemented appropriate personal, organisational, technical (IT) and physical safeguards to ensure the security of Users’ personal data.

COOKIES

1. The Website automatically collects only the information contained in the cookies referred to below.
2. Cookies include computer data, in particular text files, which are stored on the User’s terminal equipment and are intended for use in the use of the Service’s websites. Cookies usually contain the name of the website from which they originate, the time of their storage on the terminal device and a unique number. Cookies are harmless to the computer as well as to the user and User’s data.
3. The Website uses two main types of cookies:
   1. session cookies – temporary files that are stored in User’s terminal equipment until logout, leaving the Server or switching off the Website (proper web browser);
   2. persistent cookies – files stored in the User’s terminal equipment for the time specified in the parameters of cookies or until they are removed by the Website User.

In addition, the Website uses the following types of cookies:

1. “necessary” cookies, enabling the use of services available on the Website, e.g. authentication cookies used for services requiring authentication on the Website; 
2. cookies used to ensure security, e.g. those used to detect misuse of authentication within the Website;
3. “functional” cookies, enabling “remembering” the User’s selected settings and personalising the User’s interface, e.g. with User’s selected language or region of origin, font size, web page layout, etc;
4. “advertising” cookies, allowing to provide Users with advertising content adjusted to their interests;
5. “productivity” cookies, enabling the collection of information about the use of the Website’s pages.

1. Cookies are used for the following purposes: adapting the content of the Website pages to the User’s preferences and optimising the use of the websites (in particular, these files allow the recognition of Use’s device and properly display the website adjusted for User’s individual needs); creation of statistics that help to understand how the Users use the websites, which makes it possible to improve their structure and content; maintaining a session of the Website User (in the case of logging into a User Account), thanks to which a User does not have to re-enter e-mail address, which is a login, and password on each sub-page of the Website; providing Users with advertising content that is more adapted to their interests.
2. The Administrator of the Website is the entity placing on the Website User’s terminal equipment and accessing cookies files.
3. Cookies are placed on the terminal device of a User of the Website and may also be used by advertisers cooperating with Wellbeing Polska. Cookies may also be used, in particular, by the Google network for the purpose of displaying advertisements adjusted to the manner in which a User uses the Website. For this purpose, they may retain information about the User’s navigation path or time spent on a given page. With regard to the information on User preferences collected by the Google advertising network, the User can view and edit the information resulting from cookies using the tool: https://adssettings.google.com/authenticated? hl=en. The Administrator of the Website additionally recommends that Users read the Google Analytics Privacy Policy to learn about the use of cookies used in statistics: Google Analytics Privacy Policy: https:// www.google.com/analytics/learn/privacy.html?hl=pl.
4. Users of the Website may change their settings relevant to cookies at any time. These settings can be changed, in particular, in such a way as to block the automatic handling of cookies in the settings of your web browser or inform on their placement in the device of the User of the Website each time. Detailed information about the possibility and methods of handling cookies is available in the settings of your software (web browser).
5. Information on how to manage cookies in individual browsers can be found on the pages dedicated to each browser:
   1. Firefox: http://support.mozilla.org/pl/kb/ciasteczka;
   2. Internet Explorer: http://support.microsoft.com/kb/196955/pl;
   3. Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647;
   4. Opera: http://help.opera.com/Linux/12.10/pl/cookies.html;
   5. Safari: https://www.apple.com/pl/legal/privacy/pl/.
6. The Administrator of the Website conditions that restricting the use of cookies may affect some of the functionalities available on the Website, and in extreme cases may make it impossible to use the Website.

Change of privacy policy

1. Health Wellbeing Services sp. z o.o. may for important reasons (change of address, changes beneficial for the Users, change of coverage of the newsletter of www.bewellworkwell.pl, changes in laws regulations relevant to the Services provided, introduction of new wellbeing functionalities), make changes in the Privacy Policy at any time.
2. The User will be notified about the change in the Privacy Policy, before the changes enter into force, by facilitating content of the new Privacy Policy on the website www.bewellworkwell.pl and at the offices of Health Wellbeing Services sp. z o.o..
3. The applicable law for the Privacy Policy is Polish law.