Terms and Conditions

GENERAL PROVISIONS

The administrator of personal data collected through the website is GeniCore, operating under the business name GeniCore Spółka z o.o., with the registered office at Wólczyńska 133 Street
building 5 room 23, 01-919 Warsaw, Poland,  NIP: 1231269116, listed in the Central Register and Information on Economic Activity, email address: , hereinafter referred to as the “Administrator,” who is also the Service Provider.

Personal data collected by the Administrator through the website is processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR,” and the Personal Data Protection Act of 10 May 2018.

TYPE OF PERSONAL DATA PROCESSED, PURPOSE, AND SCOPE OF DATA COLLECTION
PURPOSE OF PROCESSING AND LEGAL BASIS
The Administrator processes personal data through the website in the following cases:

When a user subscribes to the Newsletter to send commercial information by electronic means. Personal data is processed based on separate consent, pursuant to Article 6(1)(a) of the GDPR.
TYPES OF PERSONAL DATA PROCESSED
The Administrator processes the following categories of personal data of the user:

Email address
DATA RETENTION PERIOD
Users’ personal data is stored by the Administrator:

When the data processing basis is the performance of a contract, as long as it is necessary to perform the contract, and after that, for a period corresponding to the statute of limitations for claims. Unless otherwise provided by a specific law, the limitation period is six years, and for periodic performance claims and claims related to business activity – three years.
When the data processing basis is consent, until the consent is withdrawn, and after withdrawal, for a period corresponding to the statute of limitations for claims that the Administrator may assert or that may be asserted against them. Unless otherwise provided by a specific law, the limitation period is six years, and for periodic performance claims and claims related to business activity – three years.
While using the website, additional information may be collected, including: the IP address assigned to the user’s computer or external IP address of the Internet provider, domain name, browser type, access time, and operating system type.

Navigation data may also be collected from users, including information about links and references clicked on or other activities undertaken on the website. The legal basis for such activities is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR), consisting of facilitating the use of electronically provided services and improving their functionality.

Providing personal data by the user is voluntary.

Personal data will also be processed automatically in the form of profiling if the user consents based on Article 6(1)(a) of the GDPR. Profiling will result in assigning a profile to an individual to make decisions about them or analyze or predict their preferences, behaviors, and attitudes.

The Administrator takes special care to protect the interests of individuals whose data is processed, and in particular ensures that the data collected is:

Processed lawfully,
Collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes,
Factually correct and adequate concerning the purposes for which it is processed, and stored in a form that allows identification of the persons it concerns, no longer than necessary to achieve the purpose of processing.
SHARING PERSONAL DATA
Users’ personal data is transferred to service providers used by the Administrator to operate the website. Service providers to whom personal data is transferred, depending on contractual arrangements and circumstances, either follow the Administrator’s instructions regarding the purposes and methods of processing such data (processors) or independently determine the purposes and methods of processing (controllers).

Users’ personal data is stored exclusively within the European Economic Area (EEA).

RIGHTS OF CONTROL, ACCESS TO CONTENT, AND CORRECTION OF PERSONAL DATA
Individuals whose data is processed have the right to access their personal data and the right to correct, delete, limit processing, the right to data portability, the right to object, and the right to withdraw consent at any time without affecting the legality of the processing carried out based on consent before its withdrawal.

Legal grounds for the user’s requests:

Access to data – Article 15 of the GDPR
Data correction – Article 16 of the GDPR
Data deletion (the so-called right to be forgotten) – Article 17 of the GDPR
Limitation of processing – Article 18 of the GDPR
Data portability – Article 20 of the GDPR
Objection – Article 21 of the GDPR
Withdrawal of consent – Article 7(3) of the GDPR
To exercise the rights mentioned above, you can send an appropriate email to .

In the case of a user’s request arising from the above rights, the Administrator shall comply with the request or refuse to comply with it immediately, but no later than within one month after receiving the request. If, due to the complexity of the request or the number of requests, the Administrator cannot meet the request within a month, they will fulfill it within the next two months, informing the user within a month of receiving the request about the intended extension of the deadline and its reasons.

If the processing of personal data violates the GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.

COOKIES
The Administrator’s website uses “cookies.”

The installation of “cookies” is necessary for the proper provision of services on the website. “Cookies” contain information necessary for the proper functioning of the website, and they also enable the creation of general visit statistics for the website.

The website uses the following types of “cookies”: permanent
“Permanent” cookies are stored on the user’s end device for a specified period in the parameters of “cookies” or until deleted by the user.

The Administrator uses their own cookies to better understand how the user interacts with the website content. The files collect information about the user’s use of the website, the type of website from which the user was redirected, and the number of visits and time spent on the website. This information does not record specific personal data of the user but is used to compile statistics on the use of the website.

The user has the right to decide on the access of “cookies” to their computer by selecting them in advance in their browser window. Detailed information on the possibilities and ways of handling “cookies” is available in the software (web browser) settings.

FINAL PROVISIONS
The Administrator applies technical and organizational measures to ensure the protection of processed personal data appropriate to the risks and categories of data under protection, and in particular, secures the data against unauthorized disclosure, acquisition by an unauthorized person, processing in violation of applicable regulations, and alteration, loss, damage, or destruction.

The Administrator provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.

In matters not regulated by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.