Privacy Policy
Privacy Policy

Pursuant to Article 13(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter "GDPR"), we hereby inform you:

  1. The Data Protection Administrator is Genomed S.A., with its registered office in Warsaw at Ponczowa 12 (hereinafter "DPA").
  2. The DPA allows contact by email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it , by telephone: (+48) 22 644 60 19, or by post: ul. Ponczowa 12, 02-971 Warsaw, Poland.
  3. DPA has appointed a Personal Data Protection Officer (DPO), whom you can contact by email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it or by post at the address above.
  4. The following personal data will be processed: first name, last name, company name and registered office (residential address), email address, telephone number.
  5. Personal data will be processed by the DPA for the following purposes and based on the following legal bases:
    Purpose of data processing Legal basis for data processing
    Processing is necessary for the performance of a contract with an individual or a legal entity to which the data relate, or to take action at the request of the data subject before entering into a contract. Article 6(1)(b) of the GDPR
    Maintaining accounting books and tax documentation. Pursuing claims arising from business activity, which constitutes a legitimate interest in data processing by the DPA. Article 6(1)(c) of the GDPR in conjunction with Article 74(2) of the Polish Accounting Act
    Electronic transmission of marketing offers and commercial information by Genomed SA. Does not apply to the "Medical Diagnostics" website. Article 6(1)(f) of the GDPR
  6. Providing personal data is a statutory requirement (resulting from legal provisions) and is necessary for the performance of the contract: the provision of electronically supplied services, making purchases, and ordering services on the website www.genomed.pl .
  7. The above point does not apply to a voluntary consent to the use of data for marketing purposes.
  8. Your personal data will be disclosed to:
    1. DPA employees/associates authorized to process them at the DPA's request
    2. entities entrusted by DPA with personal data processing, including:
      • legal and advisory service providers in the event of DPA pursuing claims related to its business activities
      • entities with which DPA has concluded service agreements
      while maintaining all guarantees ensuring the security of the transferred data.
  9. The data will be stored by DPA for the following period:
    Purpose of data processing Data storage period
    Processing is necessary for the performance of a contract with an individual or a legal entity to which the data relate, or to take action at the request of the data subject before entering into a contract. The retention period for accounting and tax documentation, as required by law.
    The pursuit of claims arising from business activity. The limitation period for claims, as required by law.
    Maintaining accounting books and tax documentation. The retention period for accounting and tax documentation, as required by law.
    Electronic transmission of marketing offers and commercial information by Genomed SA. Does not apply to the " Medical Diagnostics " website. Until an effective objection is raised or consent is withdrawn.
  10. You have the right to access your data and the right to rectification of your inaccurate personal data;
  11. In cases specified by law, you have the right to request the deletion of your data, restrict data processing, the right to data portability, and the right to object to data processing. You can edit and delete by yourself the personal data you provided at https://www.genomed.pl/index.php/pl/nauka , in the "My Account" tab;
  12. No automated decisions (decisions without human involvement) will be made with respect to your personal data, and your data will not be subject to profiling;
  13. You have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office – if the DPA violates personal data protection rights when processing your personal data.

Security Policy

In accordance with Article 32 of the GDPR, Genomed S.A. ensures the security of personal data using appropriate technical and organisational measures designed to prevent unlawful processing and accidental loss, destruction, or damage.

We use the most secure data protection mechanisms currently available.

The transmission protocol we use, ensuring the security of data transmission over the internet, is the SSL (Secure Socket Layer) protocol. This type of security involves encrypting data before it is sent from the client's browser and decoding it after it safely reaches the store server. Information sent from the server to the client is also encrypted and decoded upon reaching its destination.

SSL encrypts, authenticates, and ensures message integrity. When a connection is established with a secure website (using the SSL protocol), encryption keys are established and then used to transmit data between the client's browser and the store server. Both the key agreement and the transmission itself are very difficult to crack. Upon connecting to a secure website, the user is notified of this.

You can check a website's certificate of authenticity in the following browsers:

Genomed S.A. does not store customer credit card data. This data is transferred directly to the bank via the DotPay (Przelewy24) Authorization Center.
For your own security, remember to log out of the website after ending your session. To do so, click the "Log out" link in the upper right corner.
Simply closing the browser window does not constitute logging out.

Download the GDPR (RODO) form.


Last update: 07/2025