top of page

PRIVACY POLICY

of Healino.pl Service


I. Definitions:
For the purposes of this Privacy Policy, the following terms are defined as follows:
1.    Service Provider - Personal Data Administrator, i.e., HEALINO Limited Liability Company based in Warsaw, entered into the National Court Register by the District Court for the capital city of Warsaw in Warsaw, XIII Economic Department of the National Court Register under the KRS number: 0000679373, having NIP: 1132942828 and REGON: 367337494, operating address and address for deliveries: Plac Bankowy 2, 00-095 Warsaw
2.    Service Recipient - a natural person using services through the website www.healino.pl.
3.    GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L No 119, p. 1).
4.    Data processing - activities related to personal data: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction - in accordance with Article 4(2) of the GDPR.
5.    Data processor - any entity whose services the Administrator uses to provide services through www.healino.pl,
6.    Healino.pl Service - the website www.healino.pl, including all subpages that are an integral part of it, used to provide services electronically.


II. General Provisions:
1.    This Privacy Policy defines the method of obtaining, processing, and securing personal data.
2.    The basis of this Privacy Policy and, therefore, the basis for processing personal data governed by this Privacy Policy are: 
2.1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L No 119, p. 1) (hereinafter referred to as "GDPR"). 
2.2. the Act of 10 May 2018 on the protection of personal data (i.e., Journal of Laws of 2019, item 1781),
2.3. the Act of 18 July 2002 on the provision of electronic services (i.e., Journal of Laws of 2020, item 344);
3.    The Administrator of personal data collected through the website at www.healino.pl is HEALINO Limited Liability Company based in Warsaw, entered into the National Court Register by the District Court for the capital city of Warsaw in Warsaw, XIII Economic Department of the National Court Register under the KRS number: 0000679373, having NIP: 1132942828 and REGON: 367337494, operating address and address for deliveries: Plac Bankowy 2, 00-095 Warsaw, hereinafter referred to as the "Administrator" and also acting as the Service Provider,
4.    In all matters concerning personal data, please contact the Administrator at the email address: info@healino.com
5.    The processing of personal data by the Administrator for the purpose of implementing the assumptions of the www.healino.pl website is carried out in accordance with the principles of legality, reliability, and transparency, in a manner ensuring the security of this data, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage, using appropriate technical and organizational measures in accordance with the principles of integrity and confidentiality (Article 5(1)(f) of the GDPR)


III. Scope of data processed by the Administrator:
1.    In connection with the operation of the service, the Administrator processes the following data of Service Recipients: 
a) information provided by the Service Recipient when using the services of the Healino.pl Service: name and surname, e-mail address, gender, waist size, hip size, neck size, weight, height, age, level of physical activity, dietary preferences, health status including: cholesterol level, diabetes, smoking status, mental health, any other data that the Service Recipient sends to the Administrator, 
b) information about the computer, including IP address, geographical location, type and version of the browser, and operating system, 
c) information about the visits of the Service Provider and the use of the Healino.pl Service, including referral source, visit length, page views, and navigation paths on the website, 
d) information generated during the Service Provider's use of the www.healino.pl website, including when, how often, and under what circumstances it is used, 
e) information contained in any correspondence sent to us by email or through our website, including communication content and metadata, f) any other data that the Service Recipient sends to the Administrator.
2.    The data indicated in point 3 are adequate, relevant, and necessary for using the service, in accordance with the principle of data minimization indicated in Article 5(1)(c) of the GDPR.


IV. Purposes of processing:
1.    Personal data is processed by the Service Provider for the following purposes: 
a)    providing services through the www.healino.pl website in the form of 
• enabling the taking of a test, the result of which determines the general health status based on a percentage indicator and the possibility of improving health based on a percentage indicator, biological mental age, body mass index, daily caloric needs, percentage of body fat, body fat level, percentage of muscle mass in the body, risk of cardiovascular diseases, waist-to-hip ratio. 
• creating and providing an individual diet plan based on: 1) test results, 2) the goal chosen by the Service Recipient, 3) the type of diet chosen by the Service Recipient, taking into account the dietary preferences indicated by the Service Recipient
b)     handling complaints procedures 
c)    handling payment for the service provided,
d)    pursuing and defending against mutual claims, 
e)    administering the www.healino.pl website
f)    sending payment-related documents to service recipients, 
g)    sending email messages in response to requests/requests from Service Recipients 
h)    ensuring the security of the website and preventing fraud


V. Legal basis for processing personal data:
1.    Using the www.healino.pl service and concluding a contract for the provision of electronic services, and thus providing necessary personal data is voluntary. The Service Recipient, whose personal data is concerned, freely decides whether to use the www.healino.pl website.
2.    Processing of personal data of Service Recipients using the www.healino.pl website is based on consent to such processing, including the processing of data referred to in point 4, expressed by confirming that the Service Recipient has read this Privacy Policy and agrees to the processing of his personal data in accordance with this Policy (Article 6(1)(a) of the GDPR),
3.    The Service Recipient's consent to the processing of his personal data is necessary to perform the contract for the purpose of providing services by the Service Provider through the www.healino.pl website (Article 6(1)(b) of the GDPR). If consent to the processing of personal data is not given, the service through the www.healino.pl website cannot be provided.
4.    The Service Recipient's consent to the processing of his personal data is also consent to the processing of special categories of personal data provided by the Service Recipient himself, concerning his health status, understood as physical and mental health. The Service Recipient provides this data himself, and they are the result of a test that is the subject of the services of the www.healino.pl website. (Article 9(2)(a) of the GDPR).


VI. Duration of personal data processing:
Personal data is processed for the duration of the service provided to the Service Recipient, but not shorter than until the expiry of mutual claims.
VII. Rights of the Service Recipient in connection with the processing of personal data:
1.    The Service Recipient, whose data is processed by the Service Provider, may withdraw consent to the processing of personal data at any time.
2.    If the withdrawal of consent concerns personal data processed to the extent necessary to perform the contract for the provision of services through the www.healino.pl website, which is in force, the withdrawal of such consent is possible after the expiry or termination of such contract.
3.    Withdrawal of consent to the processing of personal data is possible by submitting a statement to this effect electronically to the Administrator's address.
4.    The Service Recipient has the right to request from the Administrator the immediate erasure of his personal data that is incorrect, as well as to request the completion of incomplete personal data (Article 16 of the GDPR).
5.    The Service Recipient has the right to request from the Administrator the immediate erasure of his personal data if the personal data is no longer necessary for the provision of services through the www.healino.pl website or if the Service Recipient has withdrawn the consent on which the processing of personal data is based (subject to point 1) (Article 17 of the GDPR).
6.    The Service Recipient has the right to request from the Administrator the limitation of the processing of personal data if: 
i) he disputes the accuracy of personal data - for a period allowing the Administrator to check the accuracy of this data,
ii) the processing is unlawful, and the Service Recipient opposes the erasure of personal data, requesting instead a restriction;
iii) the Administrator no longer needs the personal data for the purposes of processing, but they are needed by the Service Recipient for the establishment, exercise, or defense of legal claims. Before lifting the restriction, the Administrator informs the Service Recipient about it.
7.    The Service Recipient has the right to receive from the Administrator data concerning him in a structured, commonly used, machine-readable format, including the right to request that the personal data be transmitted by the Administrator directly to another administrator. The Administrator (Service Provider) cannot obstruct the Service Recipient from sending the received personal data to another administrator (Article 20 of the GDPR).
8.    Actions of the Administrator are subject to a complaint to the President of the Office for the Protection of Personal Data, ul. Stawki 2, 00-193 Warsaw.


VIII. Entrusting personal data to a data processor:
1.    In order to provide the service through the www.healino.pl website, the Administrator uses the services of entities processing personal data, which provide sufficient guarantees for the implementation of appropriate technical and organizational measures (Article 28(1) of the GDPR).
2.    The transfer of personal data to the data processor takes place only to the extent necessary to provide the service through the www.healino.pl website and is based on a written agreement in accordance with Article 28(3)(a)-(h) of the GDPR.
3.    Apart from the purposes indicated in this policy, personal data of Service Recipients will not be in any way disclosed to third parties or transferred to other entities for the purpose of sending marketing materials by these third parties.
4.    Personal data of Service Recipients is not transferred outside the European Union.


IX. Change of Privacy Policy:
The Administrator reserves the right to change this Privacy Policy. The Administrator will notify of the change in the Privacy Policy by posting information on the www.healino.pl website at least 7 days before the changes come into effect.

bottom of page