How to choose dietary supplements - a scientific and practical approach
+48 507 978 975

Information on the processing of personal data of clients

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the "GDPR"), we inform you that:

1.
The controller of your personal data is NutriLogic spółka z o.o. with its registered office in Łódź, ul. Piotrowska 148/150, 90-063 Łódź, entered in the National Court Register (KRS) under number 0001237862, NIP 7252366419, with share capital of PLN 5,000 (hereinafter the "Controller").
2.
You can contact the Controller by e-mail at: service@nutrilogic.io.
3.
Where this notice does not regulate a matter, the provisions of Terms of service (hereinafter the "Terms of Service") apply. Capitalised terms in this notice have the meaning given in the Terms of Service.
4.
When processing personal data, the Controller applies the following principles:
  • a)
    lawfulness - processing may take place only if at least one legal basis applies;
  • b)
    purpose limitation - there must be a specific, explicit and legitimate purpose;
  • c)
    data minimisation - the Controller collects only data necessary for the purpose;
  • d)
    accuracy - the Controller keeps data correct and updates them where needed;
  • e)
    storage limitation - data are not kept longer than necessary; the retention period depends on several factors;
  • f)
    integrity and confidentiality - data are protected by appropriate technical and organisational measures.
5.
Personal data will be processed for purposes related to operating the Service, in particular:
  • a)
    taking steps at the data subject's request prior to entering into a contract. Legal basis: Art. 6(1)(b) GDPR;
  • b)
    entering into a contract, creating an Account, performing the contract and providing the Services. Legal basis: Art. 6(1)(b) GDPR;
  • c)
    reporting irregularities, monitoring, control, audit, establishing, pursuing or defending claims. Legal basis: legitimate interest under Art. 6(1)(f) GDPR;
  • d)
    fulfilling tax obligations, including issuing tax certificates and keeping accounting and tax records. Legal basis: Art. 6(1)(c) GDPR.
  • e)
    sending information about the Controller's business and Services. Legal basis: Art. 6(1)(a) GDPR - consent.
6.
The Controller will process the following categories of personal data:
  • a)
    identification and contact data of persons asking questions through available channels;
  • b)
    identification and contact data and data necessary to enter into and perform the contract, provide the Services and settle accounts with Service Users;
  • c)
    identification and contact data collected for marketing purposes.
7.
The retention period depends on the purpose of processing:
  • a)
    where processing is necessary to enter into or perform the contract or provide the Services, data are processed until the expiry of any limitation periods for claims;
  • b)
    for reporting, control or defence and pursuit of claims, data are processed until such claims expire or become time-barred, with minimisation;
  • c)
    where processing is based on consent, data are processed until withdrawal of consent.
8.
Providing personal data is voluntary. Refusal may prevent entering into the contract or providing the Services.
9.
Processed data will not be sold. They may be disclosed to:
  • a)
    persons authorised by the Controller, including staff;
  • b)
    entities or authorities authorised by law;
  • c)
    processors where disclosure is necessary for a given activity (e.g. accounting, payments, IT support).
10.
All entities that may access personal data are required to protect them, keep them confidential and not disclose them to unauthorised persons.
11.
In principle, data subjects have the right to:
  • a)
    access their data and rectification,
  • b)
    erasure,
  • c)
    restriction of processing,
  • d)
    data portability or a copy,
  • e)
    withdraw consent at any time without affecting lawfulness of earlier processing,
  • f)
    object to processing.
12.
Detailed conditions for exercising these rights are set out in Articles 15-21 GDPR.
13.
To exercise these rights, contact: service@nutrilogic.io.
14.
Each request will be handled diligently and answered.
15.
These rights are not absolute; the Controller may be unable to erase data where processing remains required by law.
16.
You also have the right to lodge a complaint with a supervisory authority, in particular where processing infringes the GDPR.
17.
Your personal data are not subject to automated decision-making, including profiling.

Ready to hire a Genius to help?

Join leading specialists who already use NutriLogic. Choose professionalism.

Choose a plan Book a demo