Privacy Policy

1. GENERAL PROVISIONS
1.1. In order to preserve the right to privacy of the Service Users managed by the Service Administrator and to meet the requirements resulting from the provisions of law, the Service Administrator provides the Service Users with this Privacy Policy, in which it explains and informs about the manner in which the personal data of the Users are processed and secured.
1.2. The Service Administrator processes personal data in accordance with the applicable provisions of law, including the GDPR and the Act of 18 July 2002 on the provision of services by electronic means.
1.3. Before starting to use the Service, the User should familiarize themselves with the content of the Privacy Policy.

2. DEFINITIONS
2.1. The expressions written in this Policy in capital letters have the following meaning:
• Privacy Policy – this Privacy Policy;
• Service Administrator – MTherapyRoom
• User – a natural person whose personal data is processed by the Service Administrator in connection with the use of the Service;
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
• Service – a website maintained by the Service Administrator available at: mtherapyroom.com
• Cookie – a file downloaded to the User’s computer when accessing certain websites;

3. COLLECTION AND PROCESSING OF DATA
3.1. The administrator of personal data provided by the User when using the Service is the Service Administrator.
3.2. As a result of using the Service, the Service Administrator may process in particular the following personal data: name and surname, e-mail address, telephone number.
3.3. In connection with the User’s use of the Service, the Service Administrator collects data to the extent necessary to provide the individual services offered, as well as information about the User’s activity on the Service. Below are described the detailed principles and purposes of processing personal data collected when the User uses the Service.

4. OBJECTIVES AND BASIS OF DATA PROCESSING
4.1 The Service Administrator processes the personal data of Service Users for the following purposes:
4.1.1 informing about its activities (based on art. 6 sec. 1 letter f of the GDPR – legitimate interest of the Service Administrator, i.e. contact with Users)
Personal data are processed to identify the sender and handle their inquiry sent via the contact form or to send the newsletter to Users subscribed to the newsletter).
4.1.2. marketing activities and improving services (based on art. 6 sec. 1 letter f of the GDPR – realization of the legitimate interest of the Service Administrator, i.e. improving its services, ensuring their best quality and matching marketing information to the interests of Users).

The Service Administrator processes personal data in order to measure and improve content and services, including matching content to the interests of Users.

4.1.3. fulfillment of the legal obligations of the Service Administrator (based on art. 6 sec. 1 letter c of the GDPR)
The Service Administrator processes data if it is necessary to fulfill the obligations resulting from the provisions of law.

4.1.4. ensuring the security and functionality of the Service (based on art. 6 sec. 1 letter f of the GDPR – realization of the legitimate interest of the Service Administrator, i.e. ensuring the operation of the Service and high quality of services).
The Service Administrator processes personal data if it is necessary to ensure the security of information processing and the management of IT systems.

4.1.5. pursuing or protecting against potential claims (based on art. 6 sec. 1 letter f of the GDPR – realization of the legitimate interest of the Service Administrator, i.e. protection against claims or pursuing claims).

In the event of potential claims against Users or the need to protect against claims, the Service Administrator may process User data obtained through the Service.

5. SHARING DATA
5.1. The Service Administrator may share Users’ personal data at the request of public authorities or other entities authorized to such access under the law, in particular when it is necessary to ensure the security of systems or the rights of other Users, as well as at the request of Users or when it is necessary to perform the services offered by the Service Administrator.
5.2. Access to User data may be obtained by entities whose services are used by the Service Administrator to provide services to Users (e.g. entities providing hosting for the Service). In such cases, the Service Administrator has concluded appropriate agreements with these entities, the subject of which is to protect User data against access by unauthorized persons.
5.3. Some of our service providers may store User data outside the territory of the European Economic Area. In such cases, User data may be stored in countries that provide an adequate level of personal data protection, or in countries that do not provide such a level. In the latter case, the Service Administrator protects User data by concluding agreements with service providers containing so-called Standard Contract Clauses approved by the European Commission, which guarantee adequate protection of Users’ data in third countries, or use other bases for transferring personal data.

6. USER RIGHTS
6.1. The User has the following rights in relation to his/her personal data processed by the Service Administrator within the Services:
• the right to access personal data
• the right to rectify personal data
• the right to withdraw consent
• the right to delete personal data
• the right to limit the processing of personal data
• the right to request the transfer of personal data
• the right to object to the processing of personal data
6.2. In order to exercise your rights, you can contact us electronically at: info@mtherapyroom.com
6.3. In the event that it is found that there has been a breach of the provisions on personal data protection, the User has the right to lodge a complaint with the President of the Personal Data Protection Office.

7. DATA STORAGE PERIOD
7.1. The Service Administrator stores Users’ personal data only for the time necessary to achieve the purposes for which the data was collected. After this time, the data is deleted or anonymized in such a way that it is not possible to determine the User’s identity.
7.2. Personal data may be stored longer if such an obligation results from legal regulations or it is necessary for the Service Administrator to defend or pursue claims against Users.
7.3. Data processed on the basis of consent will be processed until it is withdrawn.

8. COOKIES
8.1. The Service uses Cookies that contain:
• the name of the server from which the Cookie was sent;
• the period of the Cookie’s existence;
• the value of the Cookie (usually a randomly generated unique number).
8.2. The Service that sent the Cookie uses this number to recognize the User when they return to the website or browse from page to page. Only the Service that sent the Cookie can read and therefore use this Cookie.
8.3 The Service Administrator uses Cookies for the following purposes:
• creating statistics that help understand how Users use websites, which allows for improving their structure and content;
• maintaining the User’s session (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage.

9. TYPES AND DURATION OF COOKIES
9.1. The Service uses several types of Cookies, including:
9.1.1. Google Analytics Cookies
Cookies used to monitor traffic on the website, i.e. data analytics, including Google Analytics cookies (these are files used by Google to analyze how the Service is used by the User, to create statistics and reports on the functioning of the Service). Google does not use the collected data to identify the User and does not combine this information to enable identification. Detailed information on the scope and principles of data collection in connection with this service can be found at the link: https://www.google.com/intl/pl/policies/privacy/partners.
9.2 The User may authorize, refuse or disable Cookies by changing browser settings. If the User disables a Cookie already installed in the browser, this File will no longer be active, but it will not disappear from the browser until the end of its lifespan. Please note that blocking all Cookies may make part of the Service inaccessible to the User or have a negative impact on the performance, efficiency or customization of the Service.
9.3. Each browser is configured differently. Follow the instructions provided by the browser publisher.

10. CHANGES TO THE PRIVACY POLICY
10.1. The Service Administrator places the most up-to-date version of the Privacy Policy in the footer of the Service.