Privacy Policy

1. Data Controller
 
The data controller responsible for personal data processing is:
 
BioCells Medical
Warsaw, Poland

Email: info@biocellsmedical.com
 
BioCells Medical operates as a medical provider specializing in regenerative and cellular medicine, including advanced laboratory-based medical procedures.
 
2. Scope of This Privacy Policy
 
This Privacy Policy applies to:

• Website visitors

• Patients and their legal representatives

• Individuals submitting medical inquiries or consultation requests

• Participants in medical evaluations and treatment qualification processes

• Individuals contacting us via email, phone, messaging platforms, or online forms
   

This Policy does not apply to third-party websites or platforms linked from our website.
 
3. Categories of Personal Data We Collect
 
Depending on your interaction with BioCells Medical, we may process the following categories of personal data:
 
3.1 Identification & Contact Data

• Full name

• Date of birth

• Country of residence

• Email address

• Telephone number

3.2 Medical and Health Data (Special Category Data)

• Medical history and diagnoses

• Clinical reports, laboratory results, imaging studies

• Treatment-related information

• Information provided during medical consultations or evaluations

3.3 Technical & Usage Data

• IP address

• Browser type and device information

• Website interaction data (cookies, analytics)
   

4. Legal Bases for Processing

We process personal data exclusively on lawful bases under Article 6 and Article 9 of GDPR, including:

• Explicit consent (medical data, consultation requests)

• Provision of healthcare services and medical evaluation

• Compliance with legal and regulatory obligations

• Legitimate interests, such as service improvement and patient communication

Medical and health data are processed only with explicit consent or when necessary for medical diagnosis, treatment planning, or healthcare management.
 
5. Purpose of Data Processing

Your personal data is processed strictly for legitimate medical and operational purposes, including:

• Medical case evaluation and qualification

• Preparation of personalized treatment protocols

• Communication with patients and families

• Organization of medical consultations and physician reviews

• Compliance with medical, legal, and regulatory requirements

• Internal quality control and clinical documentation

BioCells Medical does not use personal data for automated decision-making or profiling.
 
6. Medical Confidentiality & Data Minimization

We adhere to strict medical confidentiality principles:

• Only data necessary for medical evaluation or care is collected

• Access to medical data is restricted to authorized medical professionals

• All internal medical data processing follows professional healthcare standards
   

7. Data Storage & Retention

Personal data is stored only for the period necessary to fulfill its purpose, including:

• Medical documentation retention as required by applicable healthcare laws

• Legal and regulatory compliance

• Ongoing patient care or follow-up communication

Once no longer required, data is securely deleted or anonymized.
 
8. Data Security Measures

We implement technical and organizational security measures, including:

• Encrypted data storage and transmission

• Controlled access to medical records

• Secure internal IT systems

• Confidentiality obligations for staff and medical professionals

Despite our safeguards, no data transmission system can be guaranteed 100% secure.
 
9. Data Sharing & Disclosure

We may share personal data only when necessary and exclusively with:

• Licensed physicians and medical specialists involved in patient care

• Certified medical laboratories and healthcare partners

• Regulatory or legal authorities when required by law

We do not sell, rent, or commercialize personal data.
 
10. International Data Transfers

Due to the international nature of our medical services, personal data may be transferred outside the European Economic Area (EEA) only when necessary and with appropriate safeguards in place, including:

• Standard Contractual Clauses (SCCs)

• GDPR-compliant data protection mechanisms
   

11. Patient and Data Subject Rights

Under GDPR, you have the right to:

• Access your personal data

• Rectify inaccurate or incomplete data

• Request data erasure (“right to be forgotten”)

• Restrict processing

• Object to processing

• Data portability

• Withdraw consent at any time

To exercise your rights, contact: info@biocellsmedical.com
 
12. Children’s Data
For minors, personal and medical data is processed only with consent of a parent or legal guardian and strictly for medical evaluation and care purposes.
 
13. Cookies & Website Analytics

Our website may use cookies and analytics tools to improve functionality and user experience.
Detailed information is provided in our Cookie Policy.
 
14. Policy Updates

We reserve the right to update this Privacy Policy to reflect legal, medical, or operational changes.
The latest version will always be published on our website.
 
15. Contact Information

For privacy-related inquiries or data protection requests:
📧 info@biocellsmedical.com

Compliance Statement

BioCells Medical processes personal data in accordance with GDPR, ethical medical standards, and applicable healthcare regulations, ensuring confidentiality, integrity, and patient trust at all times.