Privacy Policy & Cookie Policy

One-stop medical device development company Consonance

Privacy Policy

Consonance Privacy policyThe privacy of our website’s users is very important to us, which is why we have developed this Privacy Policy so that you can understand how we collect, process, disclose, and use your personal information.
Consonance Sp. z o.o. as the Data Controller of the service and personal data ensures that:
  1. Data shall always be collected for specified and clearly defined purposes and to the extent necessary to achieve those purposes.
  2. Personal data shall be kept for as long as necessary to achieve these purposes.
  3. Personal data shall be collected lawfully and fairly at all times, where appropriate, with the knowledge or consent of the data subject.
  4. Personal data is protected with reasonable safeguards against loss or theft, as well as against unauthorized access, disclosure, copying, use or modification.
  5. Its clients are provided with information about the rules and practices relating to personal data management.
Article 1. Privacy and Processing Information
  1. The Data Controller of personal data is Consonance Sp. z o.o. with its registered office in Kraków (31-339), Wojciecha Weissa 7 Street, entered into the register of entrepreneurs of the National Court Register kept by the District Court for Kraków Śródmieście, XI Commercial Department of the National Court Register, under KRS number: 0000778440, NIP: 6772442830, share capital of 5.600,00 PLN.
  2. Consonance Sp. z o.o. as a personal data Controller (hereinafter referred to as “Controller”) pays great attention to the protection of privacy and confidentiality of personal data of Users who make their data available in electronic form through forms available on the website in the domain (hereinafter referred to as “”), the rules of which are specified in the Terms of Use (hereinafter referred to as “Terms of Use”) or by registering to meetups and forums organized by Consonance.
  3. The Data Protection Officer of Consonance Sp. z o.o. is Paweł Zieliński who can be contacted via e-mail:
  4. The Controller shall, with due diligence, select and apply appropriate technical and organizational measures to protect personal data being processed. Full access to databases is granted only to persons authorized by the Controller.
  5. The Controller protects personal data against unauthorized access and processing in violation of applicable regulations. Visitors to can browse through subpages of the website without providing personal data.
Article 2. Grounds for processing personal data 
  • Personal data shall be processed by the Controller in accordance with the law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as ‘GDPR’).
  • Personal data are processed to:
  • answer questions addressed to the Controller through the contact forms available on website, including interactive windows available on subpages of the website (according to article 6.1.f of the GDPR);
  • dispatch of marketing content, including information about planned events and workshops, business information, joining event community, newsletter or dispatch of eBooks and other information on the basis of the consent (Article 6(1)(a) of the GDPR);
  • recruitment, including: to establish and maintain contact with the Candidate in relation to the application documents submitted, pursuant to Article 6(1)(b) of the GDPR, i.e. in relation to taking action at the request of the data subject before concluding a contract,
  • carrying out and resolving the recruitment process based on Article 6(1)(b) of the GDPR, i.e. taking the necessary actions at the request of the data subject before concluding the contract – in the scope of data indicated in Article 221 §1 of the Labor Code and on the basis of the Candidate’s consent, i.e. Article 6(1)(a) of the GDPR and in the scope of data beyond the catalog indicated in Article 221 §1 of the Labor Code, to take account of the Candidate’s application documents in future recruitment processes on the basis of his/her voluntary agreement (Article 6(1)(a) of the GDPR).
  • establishing contact in order to prepare, at the Customer’s request, an offer of the Controller’s services and/or products tailored to the Customer’s needs (Art. 6.1.b of the GDPR),
  • adapting and developing the website’s functionalities, including its structure and content to the needs of Internet users, creating aggregated statistics, and preserving the security and quality of services provided by the service – based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR);
  • investigation or safeguard against possible claims (according to Article 6(1)(f) of the GDPR);
  • conducting statistical analysis of information about participants of our events (according to Article 6 (1) (f) of the GDPR) where the legitimate purpose is to have information about the statistics which allows us to improve our activities.
Regardless of the purpose of the processing, providing the data is voluntary, however, failure to do so may prevent, depending on the specific case, the conclusion of a contract, use of selected services within the service and its functionality or receipt of marketing content. The User should not provide the Controller with personal data of third parties. In case of transfer of third parties’ data, the User is obliged to sign a declaration that s/he has the consent of third parties to transfer the data to the Controller. Article 3. Scope of processing of personal data
  1. The Controller processes personal data only to the extent necessary to achieve a strictly defined purpose, in accordance with the information indicated below:
  2. Sending a message through the contact form, among others: e-mail address and telephone number and all other information that the User will provide of his/her own free will in the addressed message;
  3. Sending newsletters, commercial and business information and e-books: name and surname, e-mail address, telephone number, among others;
  4. Recruitment: the e-mail address from which the message was sent and the information contained in the application form;
  5. Preparation of offers: name and surname, e-mail address, telephone number, and other information contained in the message sent through the contact form;
  6. Customization and development of website functionality: IP addresses collected during Internet connections for technical purposes related to server administration.
The Controller does not make automated decisions on the basis of data collected about Users. Article 4. Data retention period
  1. Personal data shall be kept only for the time necessary to achieve the specific purpose for which it was transmitted or to ensure compliance, as set out below:
  2. Personal data collected for the purpose of answering questions asked via the contact form will be processed no longer than 12 months after the last contact;
  3. Data collected for the purpose of sending marketing content, newsletters, commercial and business information and e-books will be processed until the withdrawal of consent by the User;
  4. Personal data collected for the purposes of recruitment will be processed for the duration of the recruitment process, and if the Candidate agrees to leave the data for the purposes of future recruitments, they will be stored until the withdrawal of the consent, but not longer than 24 months from the date of its granting;
  5. Personal data collected for the purposes of preparing a personalized offer for products and/or services will be processed for the duration of the offer negotiation, and after its completion for 12 months counted from the date of the last contact, or they will feed the Controller’s customer database in order to execute the concluded agreement.
Article 5. Recipients of personal data
  1. Users’ data may be made available to entities authorized to receive data in accordance with applicable laws, including relevant judicial authorities.
  2. Personal data may be transferred to entities cooperating with the Controller on the basis of appropriate agreements, including selected marketing agencies and partners providing technical services (development and maintenance of IT systems and websites).
Article 6. Rights of persons
  1. The user is obliged to provide complete, current and up-to-date data.
  2. Every user whose personal data is processed by the Controller is entitled to: access the data, correct the data, deletion of the data, restrict the processing of data, transfer the data, object to the processing of data which takes place on the basis of the Conotroller’s legitimate interest, withdraw consent (where processing is based on consent) at any time without affecting the lawfulness of processing carried out on the basis of consent before withdrawal. You can exercise the rights set out in the above section by sending an appropriate request, providing your user name and e-mail address to
  3. The user has the right to appeal to the supervisory authority if he considers that the processing of personal data violates the rules of the GDPR.
  4. In order to unsubscribe from the communication, please select “Unsubscribe” button on the bottom of the e-mail you received from us, update email preferences in the second step by unchecking the types of email you do not want to receive and accept the settings. You can also contact us via e-mail.

About cookie policy

This Cookie Policy explains what cookies are and how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used, and how to control the cookie preferences. For further information on how we use, store, and keep your personal data secure, see our Privacy Policy.You can at any time change or withdraw your consent from the Cookie Declaration on our website Learn more about who we are, how you can contact us, and how we process personal data in our Privacy Policy. Your consent applies to the following domains:

What are cookies ?

Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.

How do we use cookies ?

As most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.

What types of cookies do we use ?

Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to your basket, and checkout securely.Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit, etc. These data help us understand and analyze how well the website performs and where it needs improvement. Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing content of the website on social media platforms. Preferences: These cookies help us store your settings and browsing preferences like language preferences so that you have a better and efficient experience on future visits to the website.

The below list details the cookies used in our website.

cookielawinfo-checkbox-analyticsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functionalThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-othersThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performanceThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policyThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How can I control the cookie preferences ?

Should you decide to change your preferences later through your browsing session, you can click on the “Privacy & Cookie Policy” tab on your screen. This will display the consent notice again enabling you to change your preferences or withdraw your consent entirely.In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more about how to manage and delete cookies, visit,