We inform about purposes of personal data processing always before collecting these data or at the time of their collection.
3. Basis and time of personal data processing
While pursuing the main goal, which is respect of privacy, we try to exercise due diligence. To meet this assumption, we apply standards and principles resulting from generally applicable law. These are in particular: GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)), the Act of 10 May 2018 on Personal Data Protection, the Act of 18 July 2002 on Provision of Services by Electronic Means, and the Act of 16 July 2014 - Telecommunication Law. In particular, we endeavour to make sure that personal data is:
- processed according to the law, reliably and transparently,
- collected for purposes compliant with the law, of which we inform during their collection,
- not subjected to further processing insofar as such processing is inconsistent with purposes specified in the information obligation,
- correct and updated, where necessary,
- factually correct and adequate in relation to the purposes of their processing,
- duly protected against unauthorised access, destruction, disclosure and unlawful use,
- stored in a form allowing people to which they relate to be identified, not longer than it is necessary to achieve the purpose of processing we inform about before collecting personal data or during this process.
The personal data administrator reserves that he may entrust personal data processing of the Users, whose data are administered by him, to other companies to ensure that these companies properly perform activities related to administration, maintenance and management of the Website, as well as for the purpose of pursuing claims and explaining circumstances of prohibited use of services provided by electronic means.
4. Basis and time of personal data processing
When collecting personal data, we always inform about the legal basis of their processing. When we inform about:
- Article 6 item 1 letter a) of GDPR – it means that we process personal data on the basis of the given consent,
- Article 6 item 1 letter b) of GDPR – it means that we process personal data because they are necessary for us to perform the agreement or to undertake activities prior to its signing, upon the request,
- Article 6 item 1 letter c) of GDPR – it means that we process personal data in order to fulfil a legal obligation,
- Article 6 item 1 letter f) of GDPR – it means that we process personal data in order to perform legally justified interests, of which we always inform in advance.
We may also process personal data on the basis of other detailed regulations, such as the Act on the Provision of Services by Electronic Means.
Time of personal data processing depends on the basis and the purpose of processing. We always inform about them before collecting personal data or during this process. Examples of personal data storage periods:
- Personal data processed in connection with marketing activities will be processed until an objection against their processing is received.
- Personal data processed on the basis of the permission to process this data will be processed until the time of its withdrawal.
- Personal data processed using cookies and similar technologies will be processed until these files are removed in settings of a web browser or device, and an objection against their processing is submitted.
- Personal data processed in connection with the execution of applicable legal regulations (e.g. in order to issue an invoice) will be processed within the time limit required by applicable accounting and tax regulations.
- Personal data associated with provision of services, including sales, will be stored until possible pursuit of claims by us or against us, i.e. in accordance with generally applicable limitation periods.
5. The User's rights
In connection with personal data processing, persons, whose personal data are processed has rights related to this processing. Possibility of exercising the following rights depends on the legal basis of personal data processing.
Right to access data
A person to whom data relate is entitled to obtain from us a confirmation of whether his/her personal data are processed by us. If so, he/she is entitled to access them and obtain additional information (i.e. purposes, categories, recipients, retention, rights, source).
Upon receipt of such a request, we are obliged to deliver a copy of personal data we process. Should such request be received by electronic means and should no other objection be obtained, information will be provided electronically as well.
Right to correct data
A person to whom data relates has the right to request from us immediate correction of his/her incorrect personal data. Insofar as purposes of processing are concerned, he/she has the right to request supplementation of incomplete personal data, also by presenting an additional statement.
Right to be forgotten
A person whom data relate to has the right to request us to immediately remove his/her personal data. We are then obliged to remove personal data without unnecessary delay, should one of the following circumstances occur:
- a permission for processing of personal data was withdrawn and there is no other basis for processing of data,
- submit an effective objection against processing of data,
- personal data was processed unlawfully,
- personal data must be removed in order to meet a legal obligation,
- data was collected in connection with offering of information society services.
Right to restrict processing
A person whom data relate to has the right to request us to restrict processing in the following cases:
- a person whom data relate to questions the correctness of personal data – for a period allowing us to the verify correctness of these data;
- processing is unlawful, and a person whom data relate to objects against removing personal data, instead demanding restriction of their use;
- we do not need personal data for processing, but they are required by a person whom they relate to, in order to determine, pursue or defend claims;
- a person whom data relate to submit, pursuant to Article 21, passage 1 of GDPR, an objection against processing – until determination of whether legally justified grounds on the side of the administrator prevail over grounds for the objection of a person whom data relates to.
Right to transfer data
A person whom data relates to has the right to receive in an organised, commonly used and computer-readable format his/her personal data that he/she provided to us, and has the right to send this data to another administrator without obstructions on our side, should processing take place:
- based on a consent or agreement; and
- in an automated manner.
When exercising the right to transfer data, a person whom it relates to has the right to demand that personal data be sent by us directly to another administrator, if technically possible. This right may not unfavourably affect rights and freedom of others.
Right to object
A person whom data relates to has the right to submit an objection – for reasons related to his/her particular situation – against processing of his/her personal data based on Article 6, passage 1 letter f) (the justified interest of the administrator), also against profiling. Then we may not process this data, unless, we will demonstrate the existence of legally binding, reasonable grounds for data processing that prevail interests, rights and freedoms of a person whom data relates to, or bases for determination, pursuit or defence of claims.
Also, should a person to whom data relates object against processing for the purposes of direct marketing (including profiling for marketing purposes), his/her personal data may not be processed for such purposes.
Automated decisions, including profiling
A person whom data relate to has the right to not be subject to decisions that are based solely on automated processing, including profiling, and that may have legal effects on this person or may substantially affects him/her in a similar way.
This right is not applicable, should this decision:
- be necessary in order to enter into, or perform, an agreement between a person whom they relate to and us;
- is permitted by the EU law or the Polish law, which provides for relevant measures safeguarding rights, freedoms, legally justified interests of a person whom data relates to; or
- is based on a clear consent of a person whom data relates to.
The Users have the right to inspect processing of data related to them, included in data collections of the Service Provider. It is, especially, the right to access the contents of their data and amend it, as well as to demand its supplementation, update, correction, temporary or permanent suspension of its processing, or deletion, if it is incomplete, out-of-date, untrue or was collected with violation of the Act or is not necessary for the purpose, for which it was collected.
6. System logs
These are internal events logs of the Website server, automatically recording web requests sent when the Users use the Website. System logs contain a web request sent by the User, IP address, browser type, browser language, date and time of request and at least one cookie file, which may unambiguously identify the User's browser.
We use data collected in system logs solely for the purpose of administration of the Website. They are not transferred to third parties, excluding circumstances described in this document.
In connection with use of the Website by the Users, we may automatically collect and recorded in server logs technical details concerning the method of using services, requests sent by the User associated with electronic provision of services, IP address and technical data on the Website's activity in connection with the actions performed by the User. This is, in particular, information on start, end and a scope of each use of electronically provided service. We may also collect statistical information for the purpose of storing them locally on the User's device, using a cache mechanism.
When providing services to the Users, we may automatically use cache of a User's browser, application or device. This use consists in storage of data in cache of a browser installed on the User's device. In local storage we can store data between sessions, i.e. between the User's successive sessions. The purpose of using cache is to accelerate the use of the Website, by eliminating a situation, where the same data would be repeatedly downloaded from the Website, slowing the User's Internet connection.
We or any third parties, via cookies administered by them, may make use of a geographical location function, consisting in gathering and processing of information about the User's place of stay. For this purpose the following data may be processed: IP number, as well as data from GPS sensor, wireless access point or base transceiver station.
9. Pixel tag
We or any third parties, via cookies administered by them, may use pixel tags. These are elements published in digital contents that enable information to be recorded, e.g. information of the User's activity on a given website.
10. Cookies, profiling
When providing services for the Users, we use professional technologies to collect and record information such as cookie files. These are commonly used, small files containing a sequence of characters that are sent and saved on a device (e.g. computer, laptop, tablet , smartphone) used by the User during his/her visit on the Website. This information is sent to browser cache, which sends them back during next visits on a website. Cookies contain information necessary for proper use of the Website. They most often contain the name of a website they come from, time of their storage on a device and a unique number. Data from cookies may be accessed also by external entities listed in item 16 of the Privacy and Cookies Policy.
As part of the "business" cookies, we may use cookie files that allows us to learn about preferences of people using the Website. For example, we may analyse the frequency of their visits. As a result, we may better adjust to their expectations, e.g. showing advertisements adapted to the needs and preferences of specific recipients or buyers who visited our Website before. Lack of consent to use these cookies may result in disabling of such advertisements.
11. Basis for processing of cookies
A permission to process cookies may be given:
- using a button containing a statement on expressing a permission to process cookies or a confirmation of reading its conditions,
- using settings of software installed on a telecommunication device used by the User,
- by configuring a service used by the User.
The consent may be revoked at any time, without additional fees, as described in a part concerning of management of cookies.
12. What cookies are used for?
Cookies can be divided according to three methods.
In terms of purposes of their use, we can distinguish three categories:
- necessary files – files that ensure correct operation of the Website and functions which the User wants to use, e.g. authenticating cookies. The use of the Website is impossible if they are not saved on the User's device,
- functional files – files for saving settings selected by the User and adjust them to their needs and preferences, e.g. selected language, size of font, appearance of a website. They allow the Service Provider to improve the functionality and efficiency of the Website. The possibility of some functions of the Website may be limited if they are not saved on the User's device,
- business files – this category includes, e.g. advertising cookies. They allow advertisements on the Website or beyond it to be adjusted to the User's preferences. The possibility of use of some functions of the Website may be limited if they are not saved on the User's device.
In respect of the time of validity, we can distinguish two categories of cookies:
- session files – existing until the end of a given session of the User,
- persistent files – existing after the User completes a given session.
In respect of an entity administering cookies, we can distinguish:
- cookies of the Service Provider,
- cookies of third entities.
13. Cookies of the Service Provider
Cookies of the Service Provider identify a User's device and display the Website adapted to his/her individual expectations, therefore, using its functions becomes easier and more pleasant. With these files saved on the User's device, it is possible to, e.g. save login data, save a given session after logging out, save selected goods or services or adjust the User's preferences, e.g. content placement, language or theme.
14. Cookies of third entities
- Google Adwords - they allow to conduct and assess the quality of advertising campaigns implemented using Google Adwords service,
- Google Analytics – they allow to assess the quality of advertising campaigns implemented using Google Adwords service, as well as to study behaviours and traffic of the Users and prepare traffic statistics,
- Google Maps – they allow to store information on the User that enable the use of map functions available as part of Google Maps service. Google Inc. may track the User's location.
15. Management of cookies and other information
Most often browser's settings, by default, accept cookie files to be saved on a device. If the User does not agree for these files to be saved, web browser settings should be changed. It is possible to disable cookies for all connections from a given browser or for specific website, as well as to remove them. Method of management of cookies depends on a used software, therefore the User should find detailed information on possibilities and methods of their management in settings of his/her web browser used to connect to the Website.
Consent to process cookies is voluntary. However, it should be remembered that restrictions in their application may hinder or prevent the use of services offered by the Website.
16. Data collection
Data collected in system logs is used by the Service Provider solely for the purpose of administration of the Website. They are not transferred to third parties, excluding circumstances described in this document.
In connection with use of the Website by the Users, we may collect and record in server logs technical details concerning the method of use of services, the User's web requests associated with electronic provision of services, IP address and technical data on the Website's operation in connection with the actions performed by the User, in particular information on start, end and a scope of each use of a service provided electronically. We may also collect statistical information for the purpose of storing them locally on the User's device, using a cache mechanism.
Data collected on the Website are stored on external, safe, professional servers, on the basis of contracts concluded by the Service Provider. The Service Provider takes all preventive measures for the purpose of protecting personal data of the Users against unauthorised access, destruction, disclosure and unlawful use. Data of the Website's Users may be processed only by the Users themselves, the Service Provider and third parties indicated in this document.
17. Changes to the Privacy and Cookies Policy
We reserve the right to change this Privacy Cookies and Policy. In such case, we will publish its updated version here.
18. Contact and notifications
We do everything to process personal data of the Users and cookies with the observance of the highest standards. For this reason, we implemented a system for immediate reaction in case of threatened infringement of these standards. In the case of their infringement or violation, please contact us at:
We would be grateful for all feedback. For this reason, in the case of any questions, requests or doubts related to personal data processing or cookies, do not hesitate to contact us .