The following information is a short, clear and concise abbreviation of the information posted in the privacy policy regarding the data controller, the purpose and method of processing personal data, as well as your rights in connection with this processing, in the form necessary to fulfill the obligations to inform the GDPR. Detailed information about the processing method and the subjects involved in this process is provided in the specified policy.

Who is the data administrator?

The personal data administrator (hereinafter referred to as the administrator) is the company "ARTA Limited Liability Company", operating at the address: UL. HUTNICZA 8, 03-791 WARSZAWA, with the assigned tax identification number (TIN): 5242950558, with the assigned KRS number: 0000992470, providing services in electronic form through the service

How can I contact the data administrator?

You can contact the administrator using one of the following methods:

  • Mailing address - ARTA LIMITED LIABILITY COMPANY, HUTNICZA STR. 8, 03-791 WARSAW
  • Email address – contact@artapharma.pl
  • Phone call – +48 22 679 69 21
  • Contact Form - available at: / contact

Has the administrator appointed a personal data inspector?

In accordance with Article 37 of the GDPR, the administrator has not appointed a data protection inspector.

If you have any questions about data processing, including personal data, please contact the administrator directly.

Where do we collect personal data and what are their sources?

Data is obtained from the following sources:

  • from data subjects
  • in case of registration using social networks, with your informed consent of these persons, from these social networks

What is the scope of personal data we process?

The service processes regular personal dataprovided voluntarily by the persons to whom they relate
(For example, name, login, email address, phone number, IP address, etc.))

A detailed amount of processed data is available in privacy policy.

What are the purposes of data processing?

Personal data voluntarily provided by users is processed for one of the following purposes::

  • Implementation of electronic services:
  • Communication between the administrator and users on issues related to the service and data protection
  • Ensuring the legitimate interests of the administrator

What are the legal grounds for data processing?

The service collects and processes user data based on:

  • Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of Natural Persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation)
    • article 6 (1). a
      the data subject has consented to the processing of their personal data for one or more of the specified purposes
    • article 6 (1). b
      processing is necessary for the performance of a contract to which the data subject is a party, or for taking measures at the request of the data subject prior to the conclusion of the contract
    • article 6 (1). f
      processing is necessary for purposes that arise from legitimate interests pursued by the administrator or a third party
  • Law of May 10, 2018 About Personal Data Protection (DZ. U. 2018 poz. 1000)
  • Law of July 16, 2004 Law on Telecommunications (No. 171 item 1800 of 2004)
  • Law of February 4, 1994 on Copyright and Related Rights (No. 24 item 83 of 1994)

What are the legitimate interests pursued by the administrator?

  • For the possible establishment, investigation or defense of claims – the legal basis for processing is our legitimate interest (art. 6, p. 1, lit. F) GDPR) protection of our rights, including but not limited to;
  • To assess the risk of potential customers
  • To evaluate your planned marketing campaigns
  • For direct marketing purposes

How long do we process your personal data?

As a rule, the specified personal data is stored only during the period of service provision within the service managed by the administrator. They are deleted or anonymized between now and 30 days from the end of service (for example, deleting a registered user account, unsubscribing from mailing lists, etc.))

In exceptional cases, this period may be extended to ensure the legitimate interests of the administrator. In such a situation, the administrator will store the specified data from the moment of the user's request for their deletion for no more than 3 years in case of violation or suspicion of violation of these site rules by the data subject.

Who is the recipient of the data, including personal data?

As a rule, the only recipient of data is the administrator.

However, data processing may be assigned to other persons who provide services to the administrator for maintaining Serwisu's business.However, such entities may include, among other things:

Will your personal data be transferred outside the European Union?

Personal data they will not be transferred outside the European Unionif they were not published as a result of an individual user action (for example, making a comment or message), which will make the data available to each site user.

Will personal data be the basis for automated decision-making?

Personal data will not be used automated decision-making (profiling).

What rights do you have related to the processing of personal data?

  • Right of access to personal data
    Users have the right to access their personal data, executed upon request submitted to the administrator
  • Right to rectification of personal data
    Users have the right to request the administrator to immediately correct personal data that is incorrect or / and supplement incomplete personal data that was completed upon request submitted to the administrator
  • Right to delete personal data
    Users have the right to request from the administrator the immediate deletion of personal data executed upon the request submitted to the administrator.

    For user accounts, data deletion involves anonymizing data that can identify the user.

    In the case of the Newsletter Service, the user can delete their personal data independently by using the link provided in each email sent.
  • Right to restrict the processing of personal data
    Users have the right to restrict the processing of personal data in cases specified in Article 18 of the GDPR, m.in. contesting the correctness of personal data implemented at the request submitted to the administrator
  • Right to transfer personal data
    Users have the right to receive personal data about the user from the administrator in a structured, widely used machine-readable format, implemented upon request submitted to the administrator
  • Right to object to the processing of personal data
    Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the GDPR, upon request submitted to the administrator
  • Right to file a complaint
    Users have the right to file a complaint with the supervisory authority responsible for personal data protection.

Contact with us

Contact