Privacy policy

  1. The Administrator of the personal data collected by means of the Website, that is the entity deciding about how your personal data will be used, is Klinika Kolasiński – Hair Clinic Poznań with its registered office at ul. Staszica 20A, 62-020 Swarzędz (Administrator). Contact with the Administrator is possible via e-mail:
  2. The Administrator has appointed Mr. Adam Klimowski as a Data Protection Officer (DPO), with whom you can contact in matters regarding personal data processing and exercise of rights vested in users according to laws of the personal data protection via e-mail address:
  3. Personal data is processed in accordance with Regulation of the European Parliament and of the Council (EU) 2016/2017 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of directive 95/46/WE and other currently effective directives, that is for the entire period of the processing of specific data, laws of the personal data protection.
  4. On a case-by-case basis, the purpose and the scope of data processed by the Administrator result from the Website user’s consent or legal regulations and are further clarified as the result of actions undertaken by the Website user.
  5. The Administrator processes personal data for the purpose of:
    1. conclusion of the contract and its performance, inclusive of ensuring the proper quality of services (the legal basis – Art. 6 Par. 1 (b) GDPR) – “performance of the contract”,
    2. conclusion and performance of the contract on provision of electronic services, including registration and management of user’s account (the legal basis – Art. 6 Par. 1 (b) GDPR) – “performance of the contract”,
    3. performance of legal obligations incumbent on the Administrator, e.g. financial settlements and accounting reports, including issuing and storing of invoices (the legal basis – Art. 6 Par. 1 (c) GDPR) – “legal obligation”,
    4. pursuing claims arising from the contract (the legal basis – Art. 6 Par. 1 (f) GDPR) – “legitimate interest”,
    5. giving answers to questions asked via contact forms (or e-mail address and contact telephone) available on the Website (the legal basis – Art. 6 Par. 1 (f) GDPR) – “legitimate interest”,
    6. direct marketing during the term of the contract (the legal basis – Art. 6 Par. 1 (f) GDPR) – “legitimate interest”.
  6. The Administrator processes personal data of visitors to Administrator’s profiles managed in social media (e.g. Facebook, YouTube, Instagram, Pinterest). This data is processed solely in connection to management of Administrator’s profile, inclusive of the purpose of promotion of own brand (the legal basis – Art. 6 Par. 1 (f) GDPR) – “legitimate interest”,
  7. The scope of the processing of personal data, detailed purposes as well as rights and obligations of the social media user arise directly from regulations of a given website.
  8. Providing of personal data for the purpose indicated in Par. 5 (a) above is voluntary but necessary for conclusion and performance of the contract. A consequence of not providing of personal data shall be inability to conclude and perform the contract.9.
  9. Providing of personal data for the purpose indicated in Par. 5 (b) is voluntary, but necessary for use of functions, that is registration and management of the user’s account on the Website.
  10. The Administrator processes personal data in order to give answer to questions asked via contact forms (or e-mail address and contact telephone), in particular:
    1. name,
    2. name and surname,
    3. e-mail address,
    4. telephone number,
    5. other data provided by the user via contact form.
  11. Providing of data indicated in the contact form is voluntary, but necessary for giving an answer to asked question. A consequence of not providing required personal data is inability to send an answer to the user.
  12. The administrator is entitled to process personal data for the term necessary to handle an inquiry sent via form.
  13. The administrator processes personal data for the purpose of sending marketing information during the term of the contract, especially inclusive of providing information of new promotion offers, products, services and contests via electronic media, in particular:
    1. name and surname,
    2. e-mail address,
    3. telephone number.
  14. The Administrator is entitled to process personal data for the term necessary to execute objectives indicated in Par. 5 above. Depending on the legal basis it shall be accordingly:
    1. time necessary to perform the contract,
    2. time of fulfillment of legal obligations and time, for which laws require to store data, e.g. tax laws,
    3. time, after which claims ensuing from a contract are prescribed,
    4. time until point of raising an objection.
  15. Directory of recipients of personal data processed by the Administrator results above all from the scope of services used by the user, as well as from the user’s consent or provisions of law. Provided that all guarantees of data security are maintained, the Administrator may transfer a user’s personal data – in addition to persons authorized by the data administrator – to other entities, including:
    1. entities processing data on the Administrator’s behalf, e.g. technical service-providers and entities rendering advisory services;
    2. other administrators, to the extent necessary for fulfillment of services and legal requirements, based on concluded contracts.
  16. The Administrator shall not export a user’s personal data to states outside the European Economic Area (to countries other than EU countries and Island, Norway and Lichtenstein).
  17. With regard to the processing of personal data by the Administrator, the user shall be vested with:
    1. the right of access to personal data,
    2. the right to rectify personal data,
    3. the right to remove personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer personal data to other administrator,
    6. the right to withdraw consent in case when the Administrator processes a client’s personal data based on the consent, at any time and way, without affecting the lawfulness of processing, which has been effected based on the consent before its withdrawal,
    7. the right to raise an objection to data processing in the event when the basis for processing is the Administrator’s legitimate interest,
    8. the right to lodge a complaint to the President of the Office for Personal Data Protection when the client considers that the processing of personal data infringes provisions of Regulation.
  18. For the purpose of exercise of rights laid down in Par. 20 above, it is necessary to contact with the Administrator via e-mail address:
  19. The Administrator safeguards personal data processed by himself/herself in accordance with the generally applicable laws, regarding personal data protection and security of information.
  20. This privacy policy is informative and applies to the Website The website may contain links to other webpages. The Administrator suggests that each user after visiting other websites should familiarize with the privacy policy applicable therein.
  21. The Administrator reserves the right to amend the applicable privacy policy in the case of development of technologies, to amend the generally applicable laws, including the scope of personal data protection and in the case of the Website development.
    The Administrator shall notify users of relevant amendments by posting a notice on the Website.

Cookies policy


    1. The Administrator, in accordance with the provisions of the Art. 173-174 of the Act of 16 July 2004 on Telecommunications Law informs that the website use cookie files.
    2. In addition, the Administrator also notifies of the fact of use of other Internet Technologies, such as IndexedDB and Web Storage. These technologies operate on same terms as cookie files do.
    3. By means of cookie files and other technologies, only anonymous statistical data on users are collected. Information obtained thanks to indicated technologies are not attributed to a specified individual and do not enable his/her identification.
    4. Placing and use of cookie files as well as other technologies is not harmful to a user’s appliance (e.g. computer, smartphone, tablet), does not lead to any modifications to configuration of his/her appliance and to installed software and applications.
    5. The purpose of use of the above-mentioned technologies by the Website is:
      1. preparation of analyses, reports and statistics regarding the mode of use of sites of the Website by users;
      2. matching the Website content to the user’s preference, optimization of the Website use, e.g. enabling to play videos sourced from the website;
      3. presentation of advertisements.



    1. At the time of using the Website, small text files are placed on the user’s appliance. As a standard, the following information is contained in these files:
      1. the name of the Website, from which a cookie file has been sent;
      2. a uniquely generated number;
      3. storage time of the file.
    2. These files may be broken down by type of the source and time of their storage on the user’s appliance. Both types of file are used on the Website.
    3. With respect to source, the following cookie files can be distinguished:
      1. so-called first-party cookies – sourced from the Website, the name indicating a domain, which belongs to the Administrator is saved in the file;
      2. so-called third-party cookies – placed through the Website by external companies, the services of which the Administrator uses;
    4. With respect to time, during which cookie files will be placed on the user’s appliance we can distinguish:
      1. session cookies, which are created on each occasion of visit to the website and removed at the closure of the browse window;
      2. files stored much longer, automatically removed by the browser after a definite time or manually by the user.
    5. External companies’ files are placed on the user’s appliance in particular:
      1. for the purpose of viewing matched materials in advertising networks;
      2. for monitoring of anonymous users’ activity, based on which statistics that help to learn ways of the Website use, are generated;
      3. for the purpose of enabling the use of external companies’ technologies placed on the Website, e.g. display of videos sourced from the website



    1. Besides cookie files, the Administrator also makes use of the option of the Internet browsers, which can store information in their memory, e.g. about content of the shopping cart. The following technologies enabling data storage may be distinguished:
      1. IndexedDB- data stored in the form of objects, the access to which is limited solely for respective data sources – domains or sub-domains, from which they have been saved;
      2. Session Storage – data storage being an equivalent to cookie files, but with much larger data capacity. Data collected in the Session Storage are removed once a browse window is closed;
      3. Local Storage – store of data, where information, which is stored permanently in the user’s browser of WWW websites till the time of its removal, is saved.



    1. The Administrator uses in particular, but not only the services of the following external companies:
      1. Google LLC;
      2. Facebook Ireland Ltd.
      3. Twitter Inc.
    2. These entities own their privacy policies and practices concerning the usage of the Internet technologies, thus for the purpose of better comprehension of these rules, we request that you familiarize with the privacy policy and cookies policy of each party.
    3. Additionally, embedded buttons, tools or contents referring to services of other companies, i.e. social media plug-ins (e.g. Facebook, YouTube, Twitter), maps (Google Maps), links to the external Internet websites, can be found on the Website. Use of these application may result in sending information to aforesaid external entities by means of the Internet technologies.



  1. The User may at any time adjust settings in his/her browser or deactivate the management of cookie files and other technologies, it can, however cause an incorrect operations of the Website.
  2. Adjustments made in cookie file settings in the Internet browser also refer to the method for use of other Internet technologies.
  3. If the user does not change default settings of the Internet browser within the scope concerning cookie files, files collecting data shall be placed on the terminal equipment and shall be used according to rules defined by the Internet browser supplier.
  4. Information on management of cookie files in respective browsers – especially including guidelines on blocking of the receipt of cookie files – may be found on websites dedicated for particular browsers:
    1. Chrome:
    2. Firefox:
    3. Internet Explorer:
    4. Microsoft Edge:
    5. Opera:
    6. Safari:
  5. Users, having acquainted themselves with information available on the Website, who do not wish cookie files, IndexedDB oand Web Storage remained in store in the Internet browser, ought to remove them from their browser upon ending a visit to the Website.