INTRODUCTION
This Privacy Policy has been developed in accordance with applicable laws, including:
Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, GDPR),
California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA),
California Online Privacy Protection Act (CalOPPA).
Our priority is to ensure full transparency regarding data processing and to respect your right to privacy.
Privacy Policy
This Privacy Policy sets out the rules for storing and accessing data on Users' Devices when using the Website for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing personal data voluntarily provided by Users through tools available on the Website.
This Privacy Policy is an integral part of the Website Terms of Service, which define the rules, rights, and obligations of Users utilizing the Website.
§1 Definitions
Website – the medicever.com website operating at https://www.medicever.com.
External Website – websites of partners, service providers, or contractors cooperating with the Administrator.
Website Administrator / Data Controller – the administrator of the Website and the Data Controller (hereinafter referred to as "Administrator") is the company MEDICEVER LLC, 131 Continental Drive, Suite 305, Newark, 19713 New Castle, USA, conducting its business under this address and providing electronic services via the Website.
User – a natural person for whom the Administrator provides electronic services via the Website.
Device – an electronic device with software through which the User accesses the Website.
Cookies – text data stored in files placed on the User’s Device.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Personal Data – information about an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Processing – any operation or set of operations performed on personal data or sets of personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Restriction of Processing – marking stored personal data with the aim of limiting its future processing.
Profiling – any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the person's work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Consent – a freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, through a statement or a clear affirmative action, signify agreement to the processing of personal data relating to them.
Personal Data Breach – a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
Pseudonymization – processing of personal data in such a manner that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Anonymization – an irreversible process where data is modified to prevent the identification of a particular user or individual.
§2 Data Protection Officer
Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.
For matters regarding data processing, including personal data, please contact the Administrator directly.
§3 Types of Cookies Used
Internal Cookies – files placed and read from the User’s Device by the Website’s IT system.
External Cookies – files placed and read from the User’s Device by IT systems of external websites cooperating with the Administrator.
Session Cookies – files placed and read from the User’s Device during one session. After the session ends, these files are deleted.
Persistent Cookies – files placed and read from the User’s Device until manually deleted. These files are not deleted automatically at the end of a session unless the User’s browser settings are configured to do so.
§4 Security of Data Storage
Cookies Storage and Access Mechanisms – cookies are stored, read, and exchanged between the Website and the User's Device via built-in browser mechanisms. It is not possible to extract any other data from the User’s Device or access data from other websites.
Internal Cookies – cookies used by the Administrator are secure for the User’s Device and do not contain any scripts, content, or data that could threaten the User's data security.
§5 Purpose of Processing Personal Data
Personal data voluntarily provided by Users are processed for the following purposes:
Electronic Services
Registration and maintenance of a User account.
Newsletter services (including advertising content with consent).
Commenting and liking content on the Website.
Communication with Users
Handling inquiries and service-related communications.
Statistical and Analytical Purposes
Website traffic analysis, advertising performance, and User behavior.
§6 Purpose of Data Processing
Personal data voluntarily provided by Users are processed for the following purposes:
Provision of electronic services:
User account registration and maintenance in the Website and related functionalities.
Newsletter services (including sending promotional content with the User's consent).
Commenting or liking posts in the Website without the need for account registration.
Sharing information about the content on the Website on social media platforms or other websites.
Communication between the Administrator and Users:
Handling matters related to the Website and data protection.
Ensuring the legitimate interest of the Administrator:
Supporting administrative and legal actions, including fraud prevention.
Anonymous and automatically collected data are processed for the following purposes:
Generating statistics.
Remarketing.
Serving advertisements tailored to User preferences.
Supporting affiliate programs.
Ensuring the Administrator’s legitimate interest.
§7 Cookies from External Services
The Administrator uses JavaScript scripts and web components from partners, who may place their own cookies on the User’s Device. Below is the list of partners or services integrated into the Website:
Multimedia services:
YouTube.
Social networking and sharing services:
Twitter.
Facebook.
Google+.
Newsletter services:
MailChimp.
Advertising services and affiliate networks:
MyLead.
Statistics services:
Google Analytics.
The services provided by third parties are beyond the Administrator’s control. These entities may change their terms of service, privacy policies, or purposes of data processing.
§8 Types of Data Collected
The Website collects data about Users. Some of the data is collected automatically and anonymously, while other data is personal information voluntarily provided by Users.
Automatically collected anonymous data:
IP address.
Browser type.
Screen resolution.
Approximate location.
Pages visited within the Website.
Time spent on each page.
Operating system type.
Referring page address.
Language settings.
Internet connection speed.
Internet service provider.
Data collected during registration:
Name / pseudonym.
Login.
Email address.
Address.
Date of birth / age.
Phone number.
IP address (collected automatically).
Data collected when subscribing to the Newsletter:
Name / pseudonym.
Email address.
IP address (collected automatically).
Data collected when adding a comment:
Name / pseudonym.
Email address.
Website address.
IP address (collected automatically).
§9 Access to Personal Data by Third Parties
By default, the only recipient of personal data provided by Users is the Administrator. Data collected during the services is not sold or shared with third parties, except in the following cases:
Hosting services:
The Administrator uses Google Cloud Platform (GCP) to host the Website. Data may be accessed for maintenance purposes by GCP personnel.Payment services:
In case of online payments, relevant transaction data is shared with the payment service provider.
§10 Data Processing Principles
Personal data voluntarily provided by Users:
Data may be transferred outside the European Union due to the use of services by entities located outside the EU.
Data will not be used for automated decision-making (profiling).
Data will not be sold to third parties.
Anonymous data collected automatically:
May be transferred outside the European Union.
Will not be used for automated decision-making.
Will not be sold to third parties.
§11 Legal Basis for Data Processing
The Website collects and processes data based on the following:
General Data Protection Regulation (GDPR):
Article 6(1)(a): Consent of the data subject.
Article 6(1)(b): Necessity for the performance of a contract.
Article 6(1)(f): Legitimate interests pursued by the Administrator.
Other applicable laws:
Act of May 10, 2018, on personal data protection (Poland).
Telecommunications Law of July 16, 2004.
Act of February 4, 1994, on copyright and related rights.
§12 Data Retention Period
Personal data voluntarily provided by Users:
Retained only for the duration of the services provided.
Data is deleted or anonymized within 30 days after the service is terminated.
Anonymous data collected automatically:
Retained indefinitely for statistical purposes.
§13 User Rights
Users have the following rights regarding their personal data:
Right to access data – Users can request access to their personal data.
Right to rectify data – Users can request correction of incorrect or incomplete personal data.
Right to delete data – Users can request deletion of their personal data.
Right to restrict processing – Users can request restrictions on data processing under specific conditions.
Right to data portability – Users can receive their personal data in a structured, commonly used format.
Right to object – Users can object to the processing of their personal data.
Right to file a complaint – Users can submit complaints to relevant data protection authorities.
§14 Contact Information
Postal Address: MEDICEVER LLC, 131 Continental Drive, Suite 305, Newark, 19713 New Castle, USA.
Email: support@medicever.com.
Contact Form: medicever.com/contact.
§15 Website Requirements
Restrictions on saving or accessing cookies on the User’s Device may result in improper functioning of certain Website features.
The Administrator is not responsible for improper functioning of the Website caused by the User's restrictions on cookies.
§16 External Links
Articles, posts, and comments in the Website may contain links to external websites. The Administrator is not responsible for the content of external websites.
§17 Changes to the Privacy Policy
The Administrator reserves the right to amend this Privacy Policy without prior notice. Updates will be posted on this page.