PytajOLek
Privacy Policy

At PytajOLek, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and how we protect it.

Data controller

The controller of your personal data is the entity indicated below. For matters regarding data processing and the exercise of your rights, contact the controller.

BLOCKSISM MICHAŁ MIROŃCZUK

ul. Wioślarzy 6, 86-032 Niemcz

NIP: 5542996895

kontakt@pytajolek.pl

Purposes and Legal Basis for Processing

Your data is processed for the following purposes:

  • Providing electronic services: enabling access to the drug database, interaction analysis, and polypharmacy report generation.
  • Professional credential verification: confirming medical professional status (e.g., via license number) to grant access to specialized system features.
  • AI algorithm improvement: analysis of anonymized clinical queries to improve the accuracy of responses generated from SmPC data.

Scope of Collected Data

  • Account data: email address, name, professional license number.
  • Analytical data: drug search history, clinical parameters entered into calculators (e.g., age, sex, body weight, GFR value).
  • Technical data: IP address, browser type, system logs.

Facebook Login

Our application uses Facebook Login for user authentication. This allows you to quickly and securely log in to our application using your Facebook account.

We use Facebook Login solely for authentication purposes and do not have access to your passwords or other sensitive data from your Facebook account.

Data Collection

When logging in through Facebook Login, we collect the following basic information from your Facebook profile:

  • First Name
  • Last Name
  • Email Address
  • Profile Picture

Data Usage

We use the collected data solely for the following purposes: user identification within the application, personalization of user experience, and communication with users regarding application-related matters. We do not use your data for marketing purposes without your explicit consent.

Data Sharing

We do not sell, rent, or share your personal data with third parties. Your data is secure and used only for the purposes described in this Privacy Policy.

AI Data Processing (OpenAI)

PytajOLek uses advanced language models (GPT-4o) for medical content analysis.

  • Anonymization: only clinical parameters and drug names are sent to external AI models. We never transmit data that would allow direct identification of a specific patient.
  • Sub-processor: OpenAI is our trusted sub-processor, processing data exclusively for generating responses within the PytajOLek system.

Data Security and Patient Reports

  • Encryption: all data transmitted between your browser and our backend is encrypted using TLS protocol.
  • QR code reports: generated patient reports contain only information about interactions and medication safety.
  • Storage: data is hosted on secured servers with regular backups.

Legal basis for processing (GDPR)

We process your data on the basis of: (1) Art. 6(1)(b) GDPR – performance of a contract (provision of services, account and payment handling); (2) Art. 6(1)(a) GDPR – your consent (e.g. marketing, optional cookies); (3) Art. 6(1)(f) GDPR – legitimate interest (e.g. security, pursuing claims).

Data retention

Account data and query history are retained until account deletion or withdrawal of consent. Data required for accounting and claims – for the period required by law (e.g. 5 years). Technical logs – for a few months. After the retention period, data is deleted or anonymised.

Your rights (GDPR)

You have the right to:

  • Access your data (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object (Art. 21 GDPR)
  • Lodge a complaint with a supervisory authority (e.g. in Poland: President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw).

Cookies and Analytics Tools

The service uses cookies for:

  • Maintaining logged-in user sessions.
  • Remembering display preferences (e.g., dark/light mode).
  • Monitoring system stability using diagnostic tools.

Contact

If you have any questions about this Privacy Policy or wish to exercise your rights regarding personal data protection, please contact the controller:

Email: kontakt@pytajolek.pl

Last updated: February 2026