WLLNSS Privacy Policy

At WLLNSS we process your process personal data according to the provisions of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; hereinafter: GDPR).

1. Who is the Data Controller of your personal data?

Data Protection Officer (DPO)

We have appointed a Data Protection Officer to supervise compliance with data protection regulations. You may contact our DPO, Ivan Kuzmitski, at i.kuzmitski@wllnss.health.

The Data Controller of your personal data is WLLNSS spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, address: Aleja Solidarności 117-615, 00-140 Warsaw, entered into Registry of Entrepreneurs of National Court Registry held by the District Court for the Capital City of Warsaw in Warsaw, XIII Commercial Division of National Court Registry under KRS No.: 0001013538, NIP: 5273036904, VAT EU: PL5273036904, REGON: 524184997, REGON of a medical entity: 52418499700010, share capital: PLN 63.100,00.

2. How can you contact the Data Controller?

A contact with a Data Controller is possible via:

The legal basis for processing of your personal data varies, depending on occurrence of scenarios indicated below:

4. Who can we share your personal data with?

For purposes of ensuring proper provision of our services, we use the help of some third parties. For that reason, personal data provided by you can be shared with:

Due to the fact that your personal data can be processed by entities such as Google, Amazon, or Digital Ocean, your personal data can be subject to transfer outside of the European Economic Area. The legal basis of transferring your personal data to the USA is EU-U.S. Data Privacy Framework, accepted by the European Commission.
These transfers are carried out only when necessary and always with appropriate safeguards, including:

We have signed Data Processing Agreements (DPAs) and implemented SCCs with the following partners:

Standard Contractual Clauses (SCC) refer to the European Commission Implementing Decision (EU) 2021/914.

Where partners are located within the European Economic Area (EEA), SCCs are not required and processing is subject to GDPR directly.

These partners are contractually required to handle your data in accordance with the same high standards of security and compliance as we do, and only for the purposes defined in our agreement.

We do not share your personal data with advertisers or third-party marketing partners without your explicit, informed consent.

5. For how long do we store your personal data?

We do our best to store your personal data only for as long as it is actually necessary, and after that we delete it. The time for which we store your personal data depends on what is the type of our interaction:

6. What rights do you have when it comes to personal data processing?

Due to the fact that your personal data is processed, you have the following rights:

7. Additional information

WLLNSS does not carry out automated decision-making producing legal effects or similarly significant effects within the meaning of Article 22 GDPR.

However, certain features of the Service may involve limited profiling or personalization (for example, AI-based wellbeing recommendations). Such processing does not produce legal or similarly significant effects and is used solely for informational and user experience purposes.

Provision of personal data is voluntary, although in scenarios where we process your personal data in order to conclude or perform a concluded agreement, and especially to provide you with access to WLLNSS services connected with remote medical consultations, withholding from providing personal data might render provision of services impossible.

8. Data Security Measures

We implement appropriate technical and organizational measures to ensure the security of your data. These include:
- Encryption of data in transit and at rest,
- Pseudonymization,
- Access control and role-based permissions.

While we take security seriously, no method of transmission or storage is 100% secure. Therefore, we cannot guarantee absolute protection of your data, though we follow industry standards and legal requirements.

Cookie files are small files which enable or facilitate usage of certain functions of the Website. They can be saved on your device directly by us or by third parties with whom we cooperate. In connection with using cookies by us, we may process your personal data, such as your IP address, history of your use of the Website, or information about the device or software you use. The cookie files we use are connected with functioning of our Website, monitoring Website’s traffic, maintaining statistics on how the website is used by the users, undertaking marketing activities, preventing errors and technical malfunctions, ensuring security, as well as preventing frauds and violations of applicable law.

There are the following types of cookies files:
Session cookies: cookies that are stored on your device during the time you use the Website (they are deleted when you close your web browser). Session cookies enable the correct use of the Website. Blocking them may result in encountering errors or prevent you from using the Website.
Persistent cookies: they are stored on your device until they are deleted or until they expire.

Usage of cookie files is based on your consent, expressed in accordance with Article 173 §1 of the Telecommunications Act (ustawa Prawo Telekomunikacyjne). We would like to mention that lack of such consent or subsequent deletion of cookie files may render functionalities of the website unusable.

You have the option of limiting or disabling cookies on your device. Settings regarding the use of cookies can be found in the settings of your web browser. Web browsers allow you to disable all cookies or certain groups of cookies (e.g., from third parties). If you disable cookies just partly, cookies used within the Website may be saved on your device, enabling the Website to function properly. If you limit usage of cookie files, using specific services we provide can be limited, and even impossible in some scenarios.

9. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in legal requirements or in the way we process personal data. The latest version is always available at https://wllnss.health/privacy. If substantial changes are made, we will notify users via the application or by email.