Skip to content
Homepage » Privacy Policy

Privacy Policy

effective as of May 25, 2018 last updated: January 21, 2026

1. GENERAL PROVISIONS

This Website Privacy Policy is for the information purposes only, which means that it doesn’t create obligations for Website Users.

Privacy Policy

effective as of May 25, 2018 last updated: January 21, 2026

  1. GENERAL PROVISIONS

This Website Privacy Policy is for informational purposes only, which means that it does not impose any obligations on Website Users.

The privacy policy primarily contains rules regarding the processing of personal data by the Administrator on the Website, including the basis, purposes, and scope of personal data processing and the rights of data subjects, as well as information on the use of cookies and analytical tools on the Website.

Personal data on the Website is processed by the Administrator in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

2. DEFINITIONS

Data administrator – The administrator of your personal data collected via the genxone.eu website is genXone Spółka Akcyjna, under KRS number 0000743838, registered office:
Złotniki, ul. Kobaltowa 6 62-002 Suchy Las; NIP 7811918132, REGON 362943497,
email address: office(at)genxone.eu,
hereinafter referred to as the Administrator, being also the Service Provider.

Personal data – a set of information about a natural person who is or can be identified by at least one factor determining their identity: physical, physiological, genetic, mental, economic, cultural, or social; including location data, device IP address, and data collected through cookies or other similar technologies.

Policy – this Privacy Policy.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Website – a website maintained by the Administrator at genxone.eu

User – any person visiting the Website or using several services or functionalities described in the Policy.

3. CONTACT DETAILS

You can contact with the Administrator by:

  • e-mail address office@genxone.eu
  • correspondence address: ul. Kobaltowa 6, Złotniki, 62-002 Suchy Las

The Administrator has appointed a Data Protection Officer who can be contacted as follows:

  • e-mail address: rodo@genxone.eu
  • correspondence address: ul. Kobaltowa 6, Złotniki, 62-002 Suchy Las

4. PURPOSES, SCOPE AND LEGAL BASIS FOR PROCESSING DATA ON THE WEBSITE

In each case, the purpose, basis, and scope of personal data processed by the Administrator results from the activities taken by a given User.

Not every activity involves the obligation to collect all the types of data listed. For the purposes of the activities conducted by genXone S.A., in particular those related to the provision of medical services in the field of laboratory medical diagnostics, sequencing services, and the management of the provision of these services, including the performance of sales contracts conducted on the genxone.eu website, the following types of data may be processed: first and last name, mailing address, billing address, email address, phone number, tax identification number.

In the case of contact via the contact form, personal data will be processed for the purpose of handling the inquiry and providing a response (based on your consent resulting from the contact – Article 6(1)(a) of the GDPR and the legitimate interest of the controller – Article 6(1)(f) of the GDPR) and archiving correspondence for the purpose of defending rights and pursuing claims – Article 6(1)(f) of the GDPR.

Your activity on the Website is recorded in system logs. You can find out what and how we collect in this regard in the Cookies section.


The legal basis (in accordance with Article 6(1)(b) of the GDPR) is the necessity of processing for the performance of a service contract or sales contract, which means that certain data is necessary to achieve the purpose of visiting the Website (e.g., reviewing the offer or placing an order)

Data is also collected for analytical and statistical purposes. It helps us in our continuous development. Conclusions drawn from this data help us improve our offer. This is based on the legitimate interest of the Administrator as described in Article 6(1)(f) of the DPA.

In our case, “legitimate interest of the Administrator” means that we use the Data to:

  • protect and develop our business;
  • promote and market our products,
  • understand the behaviors and preferences and meet the needs of our customers, including the delivery of our products.

You can read about the scope of data collection for marketing purposes in Section: 5. MARKETING.

Your Data may also be processed for the purpose of establishing, investigating or defending against claims, conducting correspondence and accepting and processing complaints – the legal basis for processing is then the legitimate interest of the Administrator (Article 6(1)(f) RODO), as well as when the processing is necessary for the fulfillment of a legal obligation of the Administrator arising from regulations, e.g. tax or accounting (Article 6(1)(c) RODO).

Personal data may be processed for the purpose of providing medical services by genXone S.A. in the field of laboratory medical diagnostics, keeping medical records, and managing services in this area. The legal basis in this regard is Article 9(2)(a) of the GDPR and Article 9(2)(h) of the GDPR, the Act on Medical Activity of April 15, 2011, the Act on Patient Rights and the Patient Ombudsman of November 6, 2008, and the Act on Laboratory Medicine of September 15, 2022. The processing of medical data takes place only at the stage of providing medical services, and not at the time of placing an order in the online store. A detailed information clause is included in the medical documentation templates.

The Administrator takes special care to protect the interests of data subjects, and in particular shall ensure that the data it collects are:

  • processed in accordance with the law
  • collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes,
  • substantively correct and adequate in relation to the purposes for which they are processed and stored in a form that allowe identification of data subject for no longer than necessary to achieve the purpose of processing.

The use of the Website is voluntary and similarly the provision of personal data by the User is voluntary, subject to these exceptions:

(1) concluding agreements with the Administrator: failure to provide data in cases and to the extent required to conclude and perform an agreement with the Administrator will result in the inability to conclude such an agreement. In such a case, the provision of personal data is a contractual requirement and if the data subject wishes to conclude a given contract with the Administrator, they are obliged to provide the required data. Each time, the scope of data required to conclude a contract is indicated by the Administrator;

(2) the Administrator’s statutory obligations: the provision of personal data is a statutory requirement resulting from generally applicable laws imposing on the Administrator the obligation to process personal data (e.g., processing data for the purpose of keeping tax or accounting records), and failure to provide such data will prevent the Administrator from performing these obligations;

(3) responding to a query sent via the contact form – failure to provide data will result in the inability to send a response.


5. MARKETING

In specific cases, your Personal Data will be processed for marketing purposes, which include, in particular, presenting offers and promotions tailored to your interests, as well as other information promoting our products and services. However, in order for us to generate a personalized offer, we will need your written confirmation that you wish to receive promotional offers (information about new products, our offers, discounts, and promotional campaigns). Your consent is voluntary, and we do not make your use of the Website or the purchase of products or services conditional on your consent.

If you have given your consent, you have the right to withdraw it at any time by sending an email to: rodo@genxone.eu or by post to: genXone S.A. ul. Kobaltowa 6, Złotniki 62-002 Suchy Las. Please note that withdrawing your consent does not affect the lawfulness of the processing that was carried out on the basis of your consent prior to its withdrawal.

A special form of processing of Personal Data is Data of Users visiting our profiles maintained on social media (Facebook, LinkedIn, X). This Data is processed solely in connection with the operation of the Profiles, including for the purpose of informing Users of genXone’s current activities and promoting healthy lifestyles, services and products. The legal basis for the processing of personal data for this purpose is genXone’s legitimate interest in promoting its own brand.

Data from social media sites is not combined with Data from the Website in an automated manner and is not subject to global processing.


6. COOKIES POLICY

Cookies are small text files that are stored on your device. They contain information such as your approximate location, IP number, browser type, language, operating system type, etc. Cookies help to provide important features and functionality of the Website and to improve the quality of its use. Access to the information contained in cookies is used for the following purposes:

  • improving the performance and functionality of the Website, e.g., cookies remember your preferences and shopping cart contents,
  • deliver relevant online advertising, including via social media – cookies may collect information about your online behavior, such as your IP address, the website from which you connected, and information about your purchase history or the contents of your shopping cart. We may use this information in contextual advertising campaigns,
  • measuring the effectiveness of our marketing communications, including online advertising – cookies may be used to measure the effectiveness of our marketing communications, e.g., information on how many people clicked on a banner advertising a promotion.

    The Website uses three types of cookies:
    • session – temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser)
    • permanent – they are stored on the User’s end device for the time specified in the cookie file parameters or until they are deleted by the User.
    • analytical – gather information about your using of the Website, about where the redirection took place, the number of visits and the duration of your visits. They are collected for statistical purposes and are not correlated with the personal data register.

On our Website, we also use the services and tools of external providers (Google, Facebook), which include, among others, tools for analytics and advertising activities (interest-based advertising, remarketing, measurement of advertising performance), including on social media.

You can accept or reject new cookies and delete existing cookies via your browser settings. You can also, thanks to dedicated settings, be notified whenever new “cookies” are placed on your device. Below is a list of browsers. Clicking on the name of the browser you use will take you to a page with instructions on how to manage your cookie settings.

Chrome || Safari || Firefox || Opera || Microsoft Edge

You can also delete cookies using the appropriate functions of your web browser or software designed for this purpose.
The decision to disable some or all “cookies” may limit your ability to use the Website.

7. SOURCES FROM WHICH WE OBTAIN PERSONAL DATA

We obtain your personal data directly from you when you use the website, in particular in the following situations:

– when you purchase a diagnostic test on genxone.eu;

– when you send an inquiry via the contact form;

– by collecting cookies while browsing the website.

We may obtain your personal data from third parties in the event that genXone is commissioned to perform diagnostic tests by another medical entity as part of the cooperation described in the Terms and Conditions. In such a case, we obtain the data necessary to perform the test – in particular, your first and last name, address, date of birth, PESEL number, gender, and type of order.

8. DATA RECIPIENTS

Your Personal Data may be transferred to entities processing Personal Data on behalf of the Administrator, including IT service providers, accounting entities, carriers, etc. – such entities process data on the basis of an agreement with the Administrator and exclusively in accordance with our instructions.

Your data may also be disclosed to entities authorized to obtain it under applicable law, e.g., law enforcement authorities. Your Personal Data will not be transferred to entities based outside the European Economic Area (EEA), i.e., to so-called third countries.

9. USER’S RIGHTS

Below we list the rights you have regarding your data management:
1. the right to access your personal data;
2. the right to rectify (correct) your data;
3. the right to delete data: you can request deleting your data at any time
4. the right to withdraw consent to the processing of personal data
5. the right to limit the processing of personal data: if you want to reduce the scope of processing and / or storage of your data, please inform us
6. the right to object to the processing of personal data: this applies to Data used for direct marketing. In specific situations, you may object to the processing of any Data.
7. the right to data portability: you have the right to receive your data from us in a structured, commonly used machine-readable form. You can also have us sent the data directly to another entity.
8. the right to lodge a complaint with a data protection supervisory authority;

In order to exercise the rights referred to in this section, you may contact the Administrator or Data Protection Officer by sending a relevant message in writing or by e-mail to the address indicated in section 3 of the Policy.


10. PERIOD OF PROCESSING OF PERSONAL DATA

If you use any feature of the Website, we will process your Personal Data for as long as cookies, user agents, and the tabs and information you view on the Website are stored on your device.

Your data will be processed until there is a basis for processing i.e.:

  • in the case of consent, until it is withdrawn, restricted, or other actions on your part limiting this consent,
  • in the case of the necessity of the data for the performance of the contract, for the duration of its performance and until the expiration of the statute of limitations for claims under this contract (3 years or 6 years), 
  • where the basis for processing is the legitimate interest of the Administrator, until you submit an effective objection,
  • for tax and accounting purposes to the extent and for the period in accordance with applicable regulations.


11. FINAL PROVISIONS

The protection of your Personal Data is a dynamic process of constant change. These changes are intended to protect your rights in the most effective possible way. That’s why we constantly verify and update our Policy. We’ll inform Users about any changes via the Website.