- This policy applies to the Website, functioning at the url address: www.odrago.pl.
- The operator of the Website and the Administrator of personal data is: OdraGo
- Operator’s e-mail contact address: firstname.lastname@example.org.
- The Operator is the Administrator of your personal data in relation to the data provided voluntarily in the Website.
- The Website uses personal data for the following purposes: newsletter management, commenting system, inquiry handling through the form, preparation, packing, shipment of goods, realization of ordered services, presentation of the offer or information.
- The Website performs functions of obtaining information about users and their behavior in the following way: through the data voluntarily entered in the forms which are entered into the operator’s systems, and through the storage of cookies (so-called “cookies”) in end devices.
Selected data protection methods used by the Operator
- The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). This ensures that the personal and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
- The Operator periodically changes their administrative passwords.
- In order to protect the data, the Operator regularly makes security copies.
- An important element of data protection is the regular updating of any software used by the Operator to process personal data, which in particular means regular updates of programming components.
- The Website is hosted (technically maintained) on the Operator’s server: cyberfolks.pl
- Registration data of the hosting company: H88 S.A. with the seat in Poznań, FranklinaRoosevelta 22, 60-829 Poznań Poland, entered into the National Court Register by the District Court Poznań – NoweMiasto and Wilda in Poznań, VIII Commercial Division of the National Court Register under the number KRS 0000612359, REGON 364261632, NIP 7822622168, share capital 210,000.00 PLN fully paid in.
- Hosting company: applies measures to protect against data loss (e.g. disk arrays, regular backup copies), applies adequate measures to protect processing sites in case of fire (e.g. special fire-fighting systems), applies adequate measures to protect processing systems in case of a sudden power failure (e.g. dual power supply lines, generators, UPS backup systems), applies measures to physically protect access to data processing sites (access control, monitoring), applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g. environmental conditions control, specialized air conditioning systems), applies organizational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.), appointed a Data Protection Inspector.
- In order to ensure technical reliability, the hosting company maintains logs at the server level. The following logs may be saved: resources specified by the URL identifier (addresses of requested resources – pages, files), time of inquiry, time of response, client station name – identification realized by the HTTP protocol, information about errors that occurred during the realization of HTTP transactions, URL of the page previously visited by the user (referer link) – if the access to the Website took place through a link, information about the user’s browser, information about the IP address, diagnostic information related to the process of self-ordering services through the site’s recorders, information related to the handling of e-mail sent to and from the Operator.
Your rights and additional information about the use of your data
- In some situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to such groups of recipients: couriers, postal operators, payment operators, commenting system operators, authorized employees and associates who use the data in order to achieve the purpose of the company’s website, providing marketing services to the Administrator.
- Your personal data is processed by the Administrator no longer than it is necessary to perform the related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
- You have the right to request from the Administrator: access, correction, deletion, restriction of processing, and transfer of personal data concerning you.
- You have the right to object to the processing of your personal data in order to pursue legitimate interests pursued by the Administrator, including profiling, but the right to object will not be exercised if there are valid legitimate grounds for processing, interests, rights and freedoms overriding your interests, in particular to establish, pursue or defend claims.
- The Administrator’s actions are subject to complaint to the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw Poland.
- Providing personal data is voluntary, but necessary to operate the Website.
- Automated decision making, including profiling, may be undertaken with respect to you in order to provide services under the concluded contract and to conduct direct marketing by the Administrator.
- Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.
Information in the forms
- The Website collects information voluntarily provided by the user, including personal data, if any.
- The Websitecan save information about the connection parameters (time stamp, IP address).
- The Website, in some cases, may save information that makes it easier to link the data in the form to the e-mail address of the user filling in the form. In this case, the user’s e-mail address appears inside the url of the page containing the form.
- The data provided in the form are processed for the purpose resulting from the function of a particular form, e.g. to handle a service request or business contact, register services, etc. Each time the context and description of the form clearly indicate what it is used for.
- Information about user behavior on the Website may be subject to login. This data are used to administer the Website.
Important marketing techniques
- The Operator uses remarketing techniques that allow to match the advertising messages to the user’s behavior on the site, which may give the illusion that the user’s personal data are used to track them, but in practice there is no transfer of any personal data from the Operator to the advertising operators. The technological condition for such actions is that cookies are enabled.
- The operator uses a solution that investigates user behavior by creating heat maps and recording the behavior on the site. This information is anonymized before it is sent to the service Operator so that they do not know which individual it concerns. In particular, passwords and other personal data are not recorded.
- The Operator uses a solution that automates the operation of the Website in relation to users, e.g. it can send an e-mail to the user after visiting a particular subpage, provided that the user has agreed to receive commercial correspondence from the Operator.
- The Operator may use profiling within the meaning of personal data protection regulations.
Information about cookies
- Cookie files (so-called “cookies”) are IT data, in particular text files, which are stored in the end device of the Website User and are designed to use the Website’s webpages. Cookies usually contain the name of the website from which they come from, the time they are stored on an end device and a unique number.
- The entity that places cookies on the end device of the Service User and obtaining access to them is the Operator of the Website.
- Cookies are used for the following purposes: maintenance of the Website’s user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on each subpage of the Website; realization of the objectives specified above in the section “Important marketing techniques”;
- The Website uses two basic types of cookies: “session” cookies andpersistent cookies. Session cookies are temporary files that are stored in the User’s end device until the User logs out, leaves the website or turns off the software (web browser). Persistent cookies are stored in the User’s end device for the time specified in the parameters of the cookies or until the User removes them.
- Software for web browsing (a web browser) usually allows cookies to be stored in the user’s end device by default. The website’s users can change their settings in this area. The Internet browser allows to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser.
- Cookie files placed in the end device of the Website User may also be used by entities cooperating with the Website Operator, in particular companies: Google (Google Inc. seated in the USA), Facebook (Facebook Inc. basseateded in the USA), Twitter (Twitter Inc. seatedin the USA).
Cookie management – how to give and withdraw consent in practice?
- If the user does not want to receive cookies, they can change their browser settings. We reserve that disabling the handling of cookies necessary for authentication processes, security, maintenance of user preferences may make it difficult, and in extreme cases may prevent the use of websites.
- To manage the cookie settings, follow the instructions provided by publishers of the web browser you are using. In the case of Google Chrome, you will find the instructions here.