Privacy Policy

The Privacy Policy describes the principles of processing your information, including personal data and cookies.

1. General Information

  • This policy applies to the website operating under the URL: sanatoriumsomatyczne.org.
  • The operator of the service and the administrator of personal data is:
    Sanatorium Somatyczne Foundation, Wiktorska 12/21, 02-587 Warsaw,
    NIP: 5214055260, REGON: 527579408, KRS: 0001083153
  • The operator’s contact email address: info@sanatoriumsomatyczne.org
  • The operator is the administrator of your personal data in relation to data voluntarily provided on the website.
  • The website uses personal data for the following purposes:
    1. Newsletter management
    2. Comment system management
    3. Handling inquiries via the contact form
    4. Presentation of offers or information
      The website collects information about users and their behavior in the following ways:
    5. Through data voluntarily entered in forms, which is then stored in the operator’s systems.
    6. By storing cookies (so-called “cookies”) on the user’s device.

2. Selected Methods of Data Protection Used by the Operator

  • Login and personal data input areas are protected in the transmission layer (SSL certificate). This ensures that personal data and login information entered on the site are encrypted on the user’s computer and can only be read on the destination server.
  • The operator periodically changes its administrative passwords.
  • To protect data, the operator regularly creates backup copies.

  • A key element of data protection is the regular update of all software used by the operator to process personal data, which specifically means regular updates to software components.

3. Hosting

The website is hosted (technically maintained) on the servers of the operator: LH.pl Sp. z o.o., ks. Jakuba Wujka 7/26, 61-581 Poznań
The hosting company keeps server logs to ensure technical reliability. The logs may include:

  • Resources identified by the URL (addresses of requested resources – pages, files),
  • Time of request,
  • Time of response,
  • Client station name – identification through the HTTP protocol,
  • Information about errors that occurred during HTTP transactions,
  • URL of the previously visited page (referer link) – if the user arrived via a link,
  • Information about the user’s browser,
  • Information about the IP address,
  • Diagnostic information related to the process of self-ordering services through forms on the page,
  • Information related to the handling of email messages sent to the operator and sent by the operator.

4. Your Rights and Additional Information About Data Usage

In certain situations, the Administrator has the right to share your personal data with other recipients if necessary to perform the contract or fulfill legal obligations. These recipients may include:

  • Hosting company (on the basis of entrustment).
    Your personal data processed by the Administrator will not be kept longer than necessary to carry out the tasks defined by specific regulations (e.g., accounting). Regarding marketing data, the data will not be processed for more than 3 years.
    You have the right to request from the Administrator:
  • Access to your personal data,
  • Correction,
  • Deletion,
  • Restriction of processing,
  • Data portability.
    You have the right to object to the processing mentioned in point 3.2 regarding the processing of personal data for the purpose of legitimate interests pursued by the Administrator, including profiling, provided that the right to object cannot be exercised if there are valid legal grounds for processing that override your rights and freedoms, particularly for establishing, exercising, or defending legal claims.
    You can file a complaint about the Administrator’s actions to the President of the Personal Data Protection Office, Stawki 2, 00-193 Warsaw.
    Providing personal data is voluntary, but necessary for the operation of the website.
    Automated decision-making processes, including profiling, may be conducted regarding you for the provision of services under the concluded contract and for direct marketing purposes.
    Personal data is not transferred from third countries within the meaning of personal data protection laws. This means that it is not sent outside the European Union.

5. Information in Forms

The website collects information voluntarily provided by the user, including personal data, if provided.
The website may save connection parameters (timestamp, IP address).
In some cases, the website may save information that helps associate form data with the user’s email address. In such cases, the user’s email address appears within the URL of the page containing the form.
Data provided in the form is processed for the purpose defined by the specific form, e.g., to process a service request or commercial contact, service registration, etc. The context and description of the form clearly inform the user of its purpose.

6.Administrator Logs

  • Information about user behavior on the website may be logged. These data are used to manage the website.

7. Important Marketing Techniques

The operator uses statistical analysis of website traffic through Google Analytics (Google Inc., based in the USA). The operator does not provide personal data to this service provider, only anonymized information. This service relies on cookies placed on the user’s device. The user can view and edit the preferences related to the cookies using the following tool: https://www.google.com/ads/preferences/
The operator uses remarketing techniques to tailor advertising messages to user behavior on the website, which may give the illusion that personal data is being used to track the user, but in practice, no personal data is transferred from the operator to the advertising providers. The technological requirement for such activities is enabling cookie handling.
The operator uses the Facebook Pixel. This technology ensures that Facebook (Facebook Inc., based in the USA) knows that a registered person is using the website. This is based on data over which Facebook is the administrator, and the operator does not provide any additional personal data to Facebook. This service relies on cookies placed on the user’s device.

8. Information About Cookies

The website uses cookies.
Cookies are data, mainly text files, that are stored on the user’s device and are intended for using website pages. Cookies usually contain the website name, the time they are stored on the device, and a unique number.
The operator of the website places cookies on the user’s device and gains access to them.
Cookies are used for the following purposes:

  • Maintaining the user’s session (after logging in), so the user does not have to re-enter the login and password on each page,
  • Achieving the purposes outlined above in the “Important Marketing Techniques” section.
    The website uses two main types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the user’s device until they log out, leave the website, or close the browser. “Persistent” cookies are stored on the user’s device for a period specified in the cookie parameters or until they are deleted by the user.
    The browser typically allows the storage of cookies by default. Users of the website can change their settings in this regard. The browser allows the deletion of cookies. Automatic blocking of cookies is also possible. Detailed information is available in the browser’s help or documentation.
    Limiting the use of cookies may affect certain functionalities available on the website.

9. Managing Cookies – How to Express and Withdraw Consent

If the user does not want to receive cookies, they can change the browser settings. Please note that disabling cookies necessary for authentication, security, and maintaining user preferences may make it difficult, and in extreme cases, impossible to use the website.
To manage cookie settings, select your browser from the list below and follow the instructions:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera
    Mobile devices:
  • Android
  • Safari (iOS)
  • Windows Phone

10. Changes to the Privacy Policy

The operator reserves the right to introduce changes to the Privacy Policy if required by law or changes introduced on the website, as well as to improve the operation of the website.
The date below is the effective date of the last version of the Privacy Policy.
Last modified: January 5, 2025.