§ 1 GENERAL PROVISIONS
- The Website, in the course of its activities, collects and processes and uses the data of Website users (hereinafter: “Users”), including personal data.
- Personal data will be collected on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: ” GDPR “).
- For US residents, personal data will be collected on the basis of the California Consumer Privacy Act of 2018 (“CCPA”) requires certain notice(s) and may provide specific rights to California residents, which are detailed below.
- User data may be collected by the Website as a result of entering the Webstite and accepting cookies. The User’s IP address, type of User software or information on the source from which the User was redirected to the Website will be the only data collected.
- The data collected by the Website will be used for statistical purposes.
§ 2 PERSONAL DATA
- Your personal data is administered by Contentation Sp. z o.o. (hereinafter referred to as “Administrator”), with its registered office Szczecin, registered in the Register of Entrepreneurs of the Sąd Rejonowy Szczecin-Centrum w Szczecinie under number KRS 0000871922.
- The Administrator obtains personal data of Users, natural persons representing Users who are legal entities and other persons visiting the Website directly from the persons to whom the data pertains.
- Personal data is obtained by automated means. In the course of the Service’s activities, the processing of personal data will include:
- IP Adress;
- The processing of User data, will be carried out for:
- online traffic monitoring,
- carry out statistics and analyses.
- The legal basis for the processing of personal data by the Service is the necessitý of the data processing for the performance of the agreement concerning services provided electronically through the Service (art. 6 para. 1 lit. b GDPR), the performance of legal obligations (art. 6.1.c GDPR), and the necessitý for purposes arising from the legitimate interests pursued by the Administrator (art. 6.1 lit. f GDPR).
- The User’s personal data may be transferred, if necessary, to entities providing services to the Administrator in the field of hosting, legal services, marketing, cooperating entities.
§ 3 USERS’ RIGHTS
- The User shall have the following rights:
- the right to confirm the processing User’s personal data and to access his/her personal data,
- the right to object to the processing of User’s personal data,
- the right to request the restriction of the processing of User’s personal data,
- the right to rectification of personal data,
- the right to erasure of personal data,
- the right to obtain a copy of personal data,
- the right to data portability of personal data,
- the right to lodge a complaint with the supervisory authority.
- The User has the right to obtain a confirmation from the Administrator as to whether or not personal data concerning this User are being processed and, if this is the case, Users are entitled to access it and the following information:
- the purpose of the processing;
- information on the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- the categories of personal data concerned;
- information on the right to request from the Administrator the rectification, erasure or restriction of the processing of personal data concerning the data subject, and to object to such processing;
- where possible, the intended period of storage of the personal data and, where this is not possible, the criteria for determining this period;
- information on the right to lodge a complaint with a supervisory authority;
- information on automated decision-making, including profiling as referred to in Article 22(1) and (4) of the GDPR, and relevant information on the modalities of such decision-making, as well as on the significance and the envisaged consequences of such processing for the data subject – the Administrator does not currently undertake and does not plan to undertake this type of action.
- User has a right to object at any time to the processing of her/her personal data for the purposes of the Administrator’s direct marketing, including profiling, to the extent that the processing is related to such direct marketing.
- User whose data relates to, shall have the right to request the Administrator to restrict processing in the following cases:
- The User questions the correctness of the personal data – for a period allowing the Administrator to check the correctness of the data;
- the processing is unlawful and the User, objects to the erasure of the personal data, requesting instead the restriction of its use;
- the Administrator no longer needs the personal data for the purposes of the processing, but they are needed by the User to establish, assert or defend a claim;
- the User has raised an objection under Article 21(1) of the GDPR to the processing – until it is determined whether the legitimate grounds on the part of the Administrator override the grounds of the data subject’s objection.
- The User shall have the right to request the Administrator to rectify without delay personal data concerning him or her that is inaccurate. Taking into account the purposes of the processing, the data subject shall have the right to request the completion of incomplete personal data, including by providing an additional statement.
- The User has the right to request from the Administrator the immediate deletion of personal data concerning him/her, and the Administrator is obliged to delete personal data without undue delay if one of the following circumstances applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- the data subject has withdrawn the consent on which the processing is based pursuant to Article 6(1)(a) and there is no other legal basis for the processing;
- the data subject objects under Article 21(1) GDPR to the processing and there are no overriding legitimate grounds for the processing or the data subject objects under Article 21(2) GDPR to the processing;
- the personal data has been unlawfully processed;
- the personal data must be erased in order to comply with a legal obligation under European Union law or the law of a Member State to which the Administrator is subject;
- the personal data was collected in connection with the offering of information society services as referred to in Article 8(1) of the GDPR.
- The Administrator reserves the right to refuse to delete personal data if their retention is necessary for the purpose of settling claims or if required by applicable law.
- The data subject has the right to receive the personal data concerning him or her which he or she has provided to the Administrator, and has the right to send this personal data to another administrator without hindrance from the Administrator, if:
- the processing is carried out on the basis of consent pursuant to Article 6(1)(a) of the GDPR or on the basis of a contract pursuant to Article 6(1)(b) of the GDPR; and
- the processing is carried out by automated means.
- The User has the right to request the transfer of personal data to another controller, if technically possible.
- The User has the right to lodge a complaint to the supervisory authority
- In order to exercise any of the rights referred to above, the User may address a request to the Administrator in writing to Contentation Sp. z o.o, Puławska 228/22, 02-670 Warszawa or by e-mail to [email protected]
- Where processing is based on consent, the User also has the right to withdraw consent to the processing of personal data at any time. Withdrawal of consent, does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal.
§ 4 COOKIES
- Cookies are IT data, in particular text files, which are stored on the User’s terminal equipment and are intended for the use of websites. cookies usually contain the name of the website from which they come, the time of their storage on the terminal equipment, the content (e.g. action identifiers) and a unique number.
- adapting the content of the Website to the User’s preferences and optimising the use of the Website. In particular, these files allow for recognition of the User’s device and appropriate display of the Website, adjusting it to the User’s needs and preferences;
- compile statistics and analyses regarding the use of the Website.
- The Website uses two main types of cookies, i.e.
- “session cookies” (session storage) – i.e. temporary files, which are stored in the User’s terminal equipment until the session expires (e.g. leaving the Website, deletion by the User, or switching off the software).
- “permanent” (persistent cookies, local storage) – i.e. ” cookies which are stored on the User’s terminal equipment for the time specified in the parameters of the cookies or until they are deleted by the User.
- The User’s consent to the storage of information or access to information already stored in the telecommunications end device of the User may also be expressed by the User through the settings of the software installed in the end device used by the User. Therefore, in the event that the User does not wish to give such consent, he/she should change the settings of his/her Internet browser.
- Detailed information on how to change the browser settings regarding cookies and how to delete them can be obtained from the official website of the specific browser.
§ 5 STORAGE OF PERSONAL DATA
The User’s personal data will be processed for the period of 2 years the revocation of the User’s consent to their processing (if processing is carried out solely on the basis of consent).
§ 6 SOFTWARE
- In addition, the Administrator may use other services of online advertisements, hosting, users’ behavior monitoring or analysing website statistics. The privacy policies of these entities will be made available to the Users when such tools are used.
§ 7 CALIFORNIA LAW
1. California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits consumers who are California residents, to request and obtain from us once a year, free of charge, information about the categories of personal information (as defined in the Shine the Light law), if any, that we disclosed in the preceding calendar year to third parties for those third parties’ direct marketing purposes.
2. Our disclosure requirements apply only if we share our consumers’ personal information with third parties for them to directly market their own products to those consumers, instead of assisting us with our own business.
3. California residents may have certain rights under the CCPA, many of which are subject to limitations or exceptions under applicable law:
a) Right to Know about Personal Information Collected or “Sold”,
b) Right to Request Deletion of Personal Information,
4. To exercise the rights described above, please submit a verifiable consumer request. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. This means that in making a request you may be required to: provide your email and phone number, customer information, and/or account sign-up authentication or other information needed to verify your identity depending on the sensitivity of the Personal Information that is the subject of the request.
§ 8 DISCLAIMER
- Any announcements, advertisements or other similar content placed in the Service by its Users are of solely informative nature, do not constitute an offer within the meaning of the Civil Code and cannot constitute the basis for any claims against the Administrator.
- The Administrator makes every effort to protect the privacy of Users. The Administrator takes all precautions required by law to ensure that all data, including personal data provided by the Users, is protected against loss, destruction, disclosure, access by unauthorised persons, and improper use. Also, the Users by appropriate actions may contribute to increasing the security of their data, including personal data on the Internet (e.g. by frequent change of access passwords, use of letter and number combinations).