Each person using the service remains anonymous until he or she decides to disclose his or her identity. Processing of the provided personal data takes place solely on the basis and within the limits of the law, and in order to ensure the safety of the users’ data, the Administrator of the service selects technical measures to ensure the fullest protection of the data, including, above all, against unauthorized access and processing in violation of the law.
§1 Administrator of personal data
Contact with the Administrator can be made by mail to the above address or by e-mail to the address firstname.lastname@example.org
§2 Scope of data processing
The personal data controller collects and processes the following personal data:
- identification data: name, surname, date of birth;
- contact data: address, phone number, e-mail address.
In addition, the website also processes information about the device on which the user uses the website, which does not constitute personal data, in order to ensure the best and safest use of the website – i.e. the IP address of the computer, information contained in cookies or other similar technologies, session data, web browser data, data relating to information on the website, and if the user has given additional consent – also geolocation information.
§3 Purpose and legal basis of data processing
The user’s personal data are processed in accordance with the Act of 10 May 2018 on the protection of personal data, the Act of 18 July 2002 on the provision of electronic services, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: RODO), the Act of 16 July 2014. – Telecommunications Law and the Act of 23 April 1964 Civil Code. In the event that the regulations concerning the protection of personal data change, the Administrator undertakes to comply in this Policy with their new form.
User’s personal data shall be processed in order to answer or provide a service in relation to the content of an inquiry sent to the Administrator via a contact form, for marketing and statistical purposes, as well as for the purpose of targeting content or advertising.
§4 Method of data acquisition
Personal data is collected directly from the user as a result of their provision via the contact form. Other data, not constituting personal data as referred to in § 2, are sent automatically by the device used by the user in the course of using the service.
§5 Sharing of data
On the basis of a specific authorization or an agreement between the Administrator and the personal data processor, the Administrator can provide your data to
- employees and associates of the Administrator,
- Google Analytics platform operated by Google LLC with its registered office in Menlo Park, California, USA,
- Facebook, operated by Facebook Inc. with its registered office in Palo Alto, California, USA,
- LinkedIn by LinkedIn Ireland Unlimited Company with its registered office in Dublin, Ireland,
- GetResponse platform operated by GetResponse Sp. z o.o. based in Gdansk, Poland.
The transfer of the user’s personal data may take place only if necessary in connection with the handling of the user’s application or inquiry via the contact form.
Due to the fact that the entities referred to in letters b) and c) are registered in countries outside the European Economic Area, the Administrator informs at the same time that for statistical purposes, optimisation of advertising, and the possibility of operation of social plug-ins, he makes the data available to a very limited extent to two entities which meet the criteria of a Third Country as defined by the RODO. Both entities are based in the United States and both entities have joined the Privacy Shield program, and the data are transferred on the basis of contracts containing the clauses set out in the European Commission Decision 2010/87/EU, and therefore the transfer of data to them complies with the European Commission’s implementing decision of 12 July 2016, and the scope of the data transferred prevents the identification of a specific person.
§6 User rights
The person whose personal data is processed by the Personal Data Controller has the following rights:
- The right of access to one’s own personal data (Article 15 RODO), including the right to obtain a copy of the data subject to processing, also in electronic form, to obtain information regarding the purposes of processing, the categories of personal data, the categories of recipients to whom the data may be disclosed, the planned period of storage of personal data.
- The right to rectification (correction) (Article 16 RODO) of one’s own personal data if it is incorrect or incomplete.
- The right to request erasure of personal data (Article 17 RODO) when:
- they are no longer necessary for the purposes for which they were collected or otherwise processed;
- the data subject has withdrawn consent and there is no other legal basis for the processing;
- the data subject objects to the processing and there are no overriding legitimate grounds for processing;
- the personal data have been unlawfully processed;
- the personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State to which the controller is subject;
- the personal data were collected in connection with the offering of information society services;
- Right to request restriction of processing (Article 18 RODO) when:
- the data subject challenges the accuracy of the personal data – for a period allowing the Controller to verify the accuracy of the data;
- the processing is unlawful and the data subject objects to the erasure of the personal data, requesting instead that the processing be restricted;
- the controller no longer needs the personal data for the purposes of the processing, but the data are needed by the data subject to establish, assert or defend a claim;
- the data subject has objected to the processing – until such time as it is determined whether the legitimate grounds on the part of the Controller override the grounds of the data subject’s objection;
- The right to lodge a complaint to the President of the Office for Personal Data Protection (PUODO), Address: 2 Stawki Street, 00-193 Warsaw.
In order to exercise his/her rights, the user should contact the Administrator by mail or e-mail; the Administrator is obliged to inform about the actions taken in relation to the request within 1 month; in particularly complicated cases or in the case of a large number of applications, the deadline may be extended to 3 months.
§7 Data storage period
In accordance with the applicable legal basis, the Administrator shall store personal data for the period of the Administrator’s legitimate interest, but no longer than the period of the statute of limitations of the Administrator’s claims against the data subject.
§ 8 Data security
The Administrator shall apply appropriate technical and organizational measures to fully protect the user’s personal data – in particular by protecting it against unauthorized access, loss or destruction.
§ 9 Cookies
- Identifying your computer and the browser you use to view the website, e.g. by determining whether you have visited the website before;
- Adjusting the display of the site to your preferences through anonymous analysis of your online behavior;
- Remembering your expectations of the site, such as language, color and content layout;
- Enabling individual accounts on services;
- Disabling the obligation to log in tediously to each separate subpage of the site;
- “Memory” of the advertisements presented so that the user is not presented with repetitive and uninteresting content.
Cookies never change the way the devices operate and are not harmful to them in any way; they do not change the configuration of browsers and are not made available to other services, advertisers, etc. apart from the entities indicated above in § 5. On each page, the user has the option to accept or block them, which may, however, hinder or prevent access to many possibilities and functionalities of the service. Regardless of the choice made, each browser allows clearing all the cookies saved in it.