Privacy and Cookie Policy

Who we are

This privacy notice provides you with details of how we collect and process your personal data through your use of our site: https://heartpro.de/

By providing us with your data, you warrant to us that you are over 13 years of age.

Dr. Krzysztof Pujdak is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

Contact Details:
Postal address: Dr. med. Krzysztof Pujdak
Specialist in Internal Medicine and Cardiology
ul. Sienna Grobla 6D/32
80-760 Gdańsk, Poland

Phone: +48 507 002 732
Email: info@heartpro.de

Definition of Personal Data

Personal data refers to any information that can identify an individual. It does not include data that has been anonymized.

Types of Personal Data We Process

Communication Data: This includes any interactions you have with us, whether through our website’s contact form, email, text messages, social media messaging or posting, or any other form of communication. We process this data to respond to your inquiries, maintain records, and establish, pursue, or defend legal claims. The lawful basis for processing this data is our legitimate interest in managing communications, keeping records, and handling legal matters.

Customer Data: This consists of information related to purchases, including your name, title, billing and delivery addresses, email, phone number, contact details, purchase history, and payment details. We process this information to fulfill your orders and maintain transaction records. The lawful basis for processing this data is the necessity of performing a contract with you or taking steps at your request before entering into a contract.

User Data: This covers information on how you interact with our website and online services, as well as any content you submit for publication. We process this data to manage our website, provide relevant content, ensure website security, maintain backups, and support our business operations. The lawful basis for processing this data is our legitimate interest in effectively managing our website and business.

Technical Data: This includes details about how you access and use our website and online services, such as your IP address, login information, browser details, time spent on different pages, navigation paths, visit frequency, time zone settings, and other technological details related to your device. This data is sourced from our analytics tracking system and helps us analyze user behavior, enhance website security, improve content delivery, and assess advertising effectiveness. The lawful basis for processing this data is our legitimate interest in website administration, business growth, and marketing strategy development.

Marketing Data: This consists of your preferences regarding marketing communications from us and third parties. We process this data to facilitate promotions, competitions, giveaways, and to tailor advertising and website content to your interests. Additionally, it helps us evaluate the effectiveness of our advertising efforts. The lawful basis for processing this data is our legitimate interest in understanding customer preferences, improving our offerings, expanding our business, and refining our marketing approach.

Sensitive Data: We do not collect any sensitive personal data. This includes details regarding race, ethnicity, religious or philosophical beliefs, sexual orientation, sex life, political views, trade union membership, health, genetic or biometric data, and criminal convictions or offenses.

Legal Obligations and Data Usage: If we are legally required to collect personal data or need it to fulfill a contract with you, failure to provide the requested information may prevent us from delivering goods or services. If this occurs, we will inform you of the consequences.

We only use your personal data for its original intended purpose or a closely related purpose when necessary. For further clarification, you can contact us at info@heartpro.de If we need to use your data for an unrelated reason, we will notify you and explain the legal basis for doing so.

In certain cases, we may process your personal data without your knowledge or consent if required or permitted by law.

We do not engage in automated decision-making or profiling of any kind.

We may gather information about you in different ways. You might provide it to us directly, such as by completing forms on our website or contacting us via email. Additionally, we may automatically collect certain data while you browse our website through cookies and similar tracking technologies.

We may also obtain data from third-party sources, including analytics services like Google (located outside the EU), advertising platforms such as Facebook (also based outside the EU), search engine providers like Google, and companies offering technical, payment, and delivery services, including data brokers or aggregators.

Furthermore, we may access publicly available information from sources within the EU, such as Companies House and the Electoral Register.

Marketing Communications

Our legal basis for processing your personal data for marketing communications is either your consent or our legitimate interest in growing our business.

In accordance with the Privacy and Electronic Communications Regulations, we may send you marketing messages if you have previously made a purchase, requested information about our products or services, or explicitly agreed to receive such communications—unless you have since opted out. If you represent a limited company, we may send marketing emails without prior consent, but you can opt out at any time.

We will always obtain your explicit consent before sharing your personal data with third parties for their own marketing purposes.

You can stop receiving marketing communications from us or third parties at any time by clicking the opt-out links in our marketing emails or by contacting us at info@heartpro.de.

Please note that opting out of marketing messages does not affect personal data collected through other transactions, such as purchases or warranty registrations.

Disclosures of your personal data

We may need to share your personal data with the following entities:

– Other companies within our group that support us with services.
– IT and system administration service providers.
– Professional advisors, including lawyers, bankers, auditors, and insurers.
– Government authorities that require us to disclose processing activities.
– Third parties involved in the sale, transfer, or merger of parts of our business or assets.

Any third party that receives your data is required to uphold its security and handle it in compliance with legal requirements. We only permit them to process your personal data for specific purposes and in accordance with our instructions.

International transfers

Countries outside the European Economic Area (EEA) may not provide the same level of protection for personal data as those within the EEA. As a result, European law restricts the transfer of personal data outside the EEA unless certain conditions are met.

Many of our third-party service providers are located outside the EEA, meaning that processing your personal data may involve international data transfers.

To ensure your data remains secure, we implement at least one of the following safeguards when transferring personal data outside the EEA:

– We only transfer data to countries that the European Commission has deemed to provide an adequate level of data protection.
– When working with certain service providers, we use contracts, codes of conduct, or certification mechanisms approved by the European Commission, ensuring the same level of protection as within Europe.
– If engaging with US-based providers that participate in the EU-US Privacy Shield framework, we may transfer data to them, as they adhere to equivalent security measures.

If none of these safeguards apply, we will seek your explicit consent before transferring your data, and you will have the right to withdraw your consent at any time.

Data Security

We have implemented security measures to safeguard your personal data from accidental loss, unauthorized access, misuse, alteration, or disclosure. Access to your personal data is restricted to employees and partners who require it for business purposes. They are permitted to process your data only in accordance with our instructions and are obligated to maintain its confidentiality.

Additionally, we have established protocols to address any suspected data breaches. If a breach occurs, we will notify you and the relevant regulatory authorities when legally required to do so.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including meeting legal, accounting, and reporting obligations.

To determine the appropriate retention period, we consider several factors, including the volume, nature, and sensitivity of the data, the potential risk of harm from unauthorized access or disclosure, the purpose of processing, whether the purpose can be achieved through alternative means, and any applicable legal requirements.

For tax compliance, the law mandates that we retain essential customer information (such as Contact, Identity, Financial, and Transaction Data) for six years after the customer relationship ends.

In certain cases, we may anonymize personal data for research or statistical analysis, allowing us to use the information indefinitely without further notification.

Your Legal Right

Under data protection laws, you have several rights regarding your personal data. These include the right to request access, correction, deletion, restriction, transfer, objection to processing, data portability, and, where processing is based on consent, the right to withdraw that consent.

If you wish to exercise any of these rights, please contact us at info@heartpro.de.

To protect your data, we may ask for specific information to verify your identity before granting access or processing your request. This security measure ensures that personal data is not disclosed to unauthorized individuals. Additionally, we may reach out for further details to expedite our response.

We aim to address all valid requests within one month. However, if your request is particularly complex or if you have submitted multiple requests, it may take longer. In such cases, we will inform you of any delays.

Third-Party Links

Our website may contain links to third-party sites, plug-ins, and applications. By clicking on these links or enabling such connections, third parties may collect or share information about you. We do not have control over these external websites and are not responsible for their privacy policies. When navigating away from our site, we recommend reviewing the privacy policies of any website you visit.

Legal Basis for Data Processing on This Website

We process personal data based on various legal grounds, depending on the circumstances:

  • If you have given consent for data processing, it is carried out in accordance with Article 6(1)(a) GDPR or, in the case of special categories of data as defined in Article 9(1) GDPR, under Article 9(2)(a) GDPR.
  • If you have explicitly consented to the transfer of personal data to third countries, processing is conducted under Article 49(1)(a) GDPR.
  • When you consent to the storage of cookies or allow access to device information (e.g., through device fingerprinting), processing is based on Section 25(1) TDDDG. You may withdraw your consent at any time.
  • If data processing is necessary to fulfill a contract or take pre-contractual steps at your request, it is based on Article 6(1)(b) GDPR.
  • If processing is required to comply with a legal obligation, it is carried out under Article 6(1)(c) GDPR.
  • Data processing may also be conducted under Article 6(1)(f) GDPR if it is necessary to protect our legitimate interests.
    The specific legal basis for data processing in each case is detailed in the following sections of this privacy policy.

Data collected on this website

Use of Cookies
Our website utilizes cookies, which are small data files that do not harm your device. These cookies can be temporary (session cookies) or persistent (permanent cookies). Session cookies are automatically deleted once you leave the website, whereas permanent cookies remain on your device until you delete them manually or your browser removes them automatically.

Cookies may be either first-party cookies, set by our website, or third-party cookies, placed by external companies to enable additional services, such as payment processing.

Purpose of Cookies
Cookies serve various functions. Some are essential for the website to operate correctly (e.g., enabling the shopping cart or video playback). Others are used for analyzing user behavior or advertising purposes.

Cookies necessary for electronic communication, requested website functions, or website optimization (e.g., audience measurement) are stored based on Art. 6 (1) (f) GDPR, unless another legal basis applies. The website operator has a legitimate interest in storing these cookies to ensure smooth and efficient service. If consent for storing cookies or similar tracking technologies is requested, processing will be based solely on this consent (Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG), which you can revoke at any time.

Managing Cookies
You can configure your browser settings to:

  • Receive notifications when cookies are being set
  • Allow cookies only in specific cases
  • Block cookies entirely or for certain conditions
  • Enable automatic deletion of cookies when closing your browser.

Disabling cookies may limit the website’s functionality. For details on the specific cookies and services used on this website, please refer to this Privacy and Cookie Policy.

How we use cookies

We utilize cookies to monitor how you interact with our website. This allows us to analyze usage patterns, helping us refine and enhance our website, products, and services to better meet your needs.

Cookies are classified as follows:

  • Session Cookies: These are temporary cookies stored on your device only while your browsing session is active. They are deleted automatically when you close your browser. These cookies typically store an anonymous session ID, enabling seamless navigation without requiring repeated logins, but they do not collect personal data.
  • Persistent Cookies: Unlike session cookies, these remain on your device even after closing your browser. They can be accessed by the website upon your return. For example, we use persistent cookies for Google Analytics to analyze website traffic.

Categories of Cookies

  • Strictly Necessary Cookies – Essential for website functionality, such as enabling purchases or other core services. These cannot be disabled, as they are crucial for website operations. They do not store personal data or track online behavior for marketing purposes.
  • Performance Cookies – Used to measure and enhance website performance. These cookies help track visitor numbers, traffic sources, and the most frequently visited pages, enabling us to optimize the user experience.
  • Functionality Cookies – These cookies allow the website to remember your preferences and provide enhanced features, such as personalized updates or enabling interactions like video playback and blog comments. The data collected is typically anonymized.

By using our website, you agree to the use of cookies as described. You can manage your cookie preferences through your browser settings.

Your consent applies to the following domains: https://heartpro.de/