Privacy Policy

Privacy policy of the internet service


  1. Privacy Policy” – the document, issued for the User, providing information about the scope and method of data collection for the purposes of running the Internet Service, about storing, securing and using data, as well as on the opportunities for, and the extent to which, the User may use the data, information and materials presented on the Internet Service.
  2. Internet Service Owner – Laboratorium Kosmetyczne Dr Irena Eris Sp. z o.o. based in Piaseczno, ul. Armii Krajowej 12, 05-500 Piaseczno, registered with the District Court for the capital city of Warsaw in Warsaw, 14th Commercial Division of the National Court Register, under KRS No 0000370362, NIP (Tax ID No): 5272642206, with fully paid-up share capital of PLN 200.200.000.
  3. Controller” – Internet Service Owner.
  4. Internet Service” – the internet service owned by the Controller at the domain address of, including the range of all services offered by the Internet Service at the domain address of and at subdomain addresses.
  5. User” – any person using the Internet Service.


The Controller shall treat all data supplied by Internet Service Users with due respect, both actively and passively, and shall ensure proper protection of the data collected.

Data collection

The Controller shall not, as a rule, collect data in connection with the operation of the Internet Service, unless the circumstances described in subsequent sections of this document occur, and the User independently and voluntarily submits his or her personal data. All data stored on the Internet Service are collected with consent of the Internet Service User concerned. This applies in particular to the data obtained via the form available on the Internet Service. By using this form, the User may apply to be included on the mailing list referred to in the following section of the Privacy Policy. These data can also be voluntarily submitted by the User during medical consultation, which is available on the Internet Service. During online visits to the Internet Service, data relating to a particular User visit are collected (passively) automatically, including his or her IP address, domain name, type of browser and operating system, etc.

Data security

The Controller shall take due care to ensure security of shared data, in particular against unauthorised access. The Controller shall ensure that the rights of Users resulting from the Personal Data Protection Act of 29 August 1997 (Journal of Laws No 133, item 883), including in particular the right to inspect or request the update or deletion of their own data, and the right to object in the cases specified in that Act, are respected. The Controller shall ensure that administrative, technical and physical security procedures are in place to prevent unauthorised access to data and to protect these data against interception, destruction or unauthorised change.

Transmission of data

The Controller shall not sell any data collected to third parties. The Controller shall not provide the data collected to any third parties, except where such provision is required by law (at the request of competent state authorities), or where the third party is employed by the Controller to provide, on his or her behalf, a service in connection with the operation of the Internet Service, with the proviso that such third person is not authorised by the Controller to use the data received beyond what is strictly necessary to perform the service concerned. In no event shall the Controller provide the personal data and e-mail addresses of the Internet Service Users to any other economic entities for material gain.

Use of cookies

The Internet Service may use “cookies”, i.e. small text files that are sent to the User’s computer for user identification purposes with a view to simplify or cancel the transaction concerned. For example, cookies can be used to identify users who revisit the Internet Service. “Cookies” do not contain any personal data. In order to function properly, cookies must be approved by the browser and retained on the disk. Removal of cookies may cause difficulties with using the Internet Service.

In accordance with Article 173 of the Act: 

  1. Storage of information or access to information already stored in the subscriber’s or end user’s terminal telecommunications equipment shall be permitted under the following conditions:
    1. the subscriber or end user will be given prior notice, which is clear and understandable, informing him or her:
      1. why the information is stored and made accessible, 
      2. about the possibility to determine the terms on which the information is stored or shared by using the software installed on his or her terminal telecommunications equipment, or by means of configuring the service;
    2. upon receipt of the information referred to in section 1, the subscriber or end user shall give consent to that effect;
    3. storage of or obtaining access to information does not cause any changes to the configuration of the terminal telecommunications equipment of the subscriber or end user, or the software installed on that terminal.
  2. A subscriber or end user may express the consent referred to in paragraph 1(2) by using the software installed on his or her terminal telecommunications equipment accordingly, or by means of configuring the service.
  3. The terms set out in paragraph 1 shall not apply if the storage or access to the information referred to in paragraph 1 is necessary in order to:
    1. transmit a message via the public telecommunications network;
    2. provide telecommunications services or electronically supplied services at the request of a subscriber or end user.
  4. Entities providing telecommunications services or electronic services may install software on the terminal telecommunications equipment of a subscriber or end user, designed to provide these services, or use that software, provided that the subscriber or end user:
    1. is informed, in clear and understandable terms and prior to installing the software, about the purpose of installing the software and how it can be used by the service provider;
    2. is informed, in clear and understandable terms, how to remove the software from the telecommunications terminal equipment of the end user or subscriber;
    3. consents, prior to installing the software, to the installation and use of that software.

Changing User data

The Controller allows each Internet Service User to change the data submitted at any time, with the proviso that automatically collected data are not changed or removed. In order to change or update the data provided by the User, the User may contact the Controller as specified herein.


The Internet Service may contain links to other subpages, and the mere fact that these are linked does not mean that the Controller has any control over the content or operation of these linked services. On the contrary – such internet services operate independently of the Controller who is not able to exercise any control over such services as they are self-governed in terms of operating and data protection rules. The User should be aware that these internet services are separate from the Internet Service and should verify the policy terms of each website linked to the Service.

Rights to Internet Service

All rights to the Internet Service, including to graphical and text elements, are reserved for the benefit of the Controller or other natural or legal persons, unless expressly stated otherwise. By using the content of the Internet Service, Users shall not acquire any rights to works or any access to databases contained therein. The User is authorised to use these works or databases only to the extent permitted by the Act on copyright and related rights of 4 February 1994 (Journal of Laws of 2000 No 80, item 904, as amended). and the Act of 16 April 1993 on combating unfair competition (consolidated text: Journal of Laws of 2003 No 153, item 1503, as amended). In particular, without prior written consent of the Controller, the User shall not be allowed to copy, modify or transmit any part of the Service, in whole or in part, except as expressly permitted by the applicable laws. All product names, trade names and other designations that individualise the Internet Service content, constituting protected trademarks or deemed as such by the Controller, shall be subject to legal protection pursuant to the Industrial Property Law of 30 June 2000 (consolidated text: Journal of Laws of 2003 No 119, item 1117, as amended) and the Act of 16 April 1993 on combating unfair competition (consolidated text: Journal of Laws of 2003 No 153, item 1503, as amended).

Changes in Privacy Policy

The Controller may, at any time, change this Privacy Policy, in particular update it with any changes to the Controller’s practices on how to protect and use the data collected. Each time a new Privacy Policy is published, it shall supersede the existing policy and apply to all data collected in connection with the User’s activity on the Internet Service.


Any questions or concerns regarding the Privacy Policy and using the Internet Service should be sent to the Controller’s registered office address.

Date of publication: 11 September 2014