About the company Payment and delivery Contacts Catalogue
Ask a question
About the company (translations.payment_delviery) Contacts Catalogue
Facebook
Home Privacy Policy
Privacy Policy


Order Confidentiality and Anonymous Delivery
We guarantee that all packages contain no information about their contents, have no external markings, and are accompanied only by the necessary shipping documents.
Your personal data, including order details, are protected in accordance with international standards and are not shared with third parties without your consent, except as required by law.

1. General Information
This Privacy Policy governs the processing of personal data of website users and delivery service clients. We operate in accordance with:
• General Data Protection Regulation (GDPR), Regulation (EU) 2016/679
• Legislation of countries involved in shipping and receiving
• When necessary — HIPAA requirements (in cases involving the processing of medical data classified as PHI — Protected Health Information)
The data controller is our legal entity registered in the European Union:
Address:
ul. Okólna 11,
Ostrów Wielkopolski, 63-400, Poland

2. What Data We Collect
We collect only the information necessary to process and fulfill your order:
• Full name
• Contact details (phone number, email)
• Delivery address
• Order details (items and quantities)
• In specific cases — documents confirming the right to import certain products (e.g., a doctor's prescription)
⚠️ We do not collect or process sensitive medical data unless required by law and only with your explicit consent.

3. Legal Grounds for Processing (GDPR)
We process your data based on the following grounds:
• Article 6(1)(b) GDPR – processing is necessary for the performance of a contract (order processing and delivery)
• Article 6(1)(c) – compliance with legal obligations (e.g., customs regulations)
• Article 6(1)(f) – legitimate interests of the company (e.g., fraud prevention)
• Article 6(1)(a) – processing based on consent (e.g., newsletter subscription)

4. Data Retention
• We retain data only as long as necessary to fulfill the contract and to comply with tax and legal obligations.
• After that, data is either deleted or anonymized.
• Data is not transferred outside the EU without appropriate safeguards (e.g., Standard Contractual Clauses — SCC).

5. Data Protection
• SSL encryption, server protection, restricted employee access
• All employees receive internal data protection training
• Regular information security audits are conducted

6. Your Rights (under GDPR)
You have the right to:
• Access your data
• Correct or delete your data
• Restrict processing
• Object to processing
• Transfer your data to another service (data portability)
• Withdraw your consent (where applicable)
• File a complaint with a data protection authority (e.g., in Poland — UODO)

7. Data Processing under HIPAA (if applicable)
If you provide documents containing Protected Health Information (PHI), we commit to:
• Process it solely to fulfill your request (e.g., verifying the legality of medication import)
• Not disclose data to third parties, except essential logistics partners
• Comply with the Health Insurance Portability and Accountability Act (HIPAA) when storing, transmitting, and securing this information

8. Contact Information
If you have questions, complaints, or requests related to your personal data, please contact us:
Email: control@medlab-online.com
Address: ul. Okólna 11, Ostrów Wielkopolski, 63-400, Poland




Medlab is your reliable partner in the delivery of ordered medicines

Medlab is a convenient online service that helps customers get their previously purchased medications delivered. We organize logistics so that you can receive your medications in a timely manner - wherever you are.

We use cookies to improve the website experience.
Accept all
Accept partially