1. Processing of personal data of users of the Site and its components
1.1. Personal data is any information relating to an identified or identifiable natural person. All personal data is collected, stored and processed on the Site in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as “the GDPR”).
1.2. The provision of personal data is voluntary or obligatory, depending on the type of service
1.3. The transferred data is protected against access by third parties and is used by the Company exclusively for contacts with users, which are necessary for the performance of a given service.
2. Administrator of personal data
2.1. The administrator of personal data of users of the Site is Lentewenc Spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, ul. Skwer Ks. Kard. St. Wyszyńskiego 5/37, 01-015 Warsaw, e-mail [email protected] ((hereinafter also referred to as the ‘Administrator’)
2.2. The recipient of the data is directly the Administrator.
The Administrator has not found any obligation to appoint a Data Protection Officer.
3. Purposes of processing of personal data
3.1. Personal data shall be collected, stored and used by the Party with the consent of the data subjects, in accordance with the law and in accordance with due process and in a way that ensures their security. The Administrator may use the personal data only for the purpose of providing proper service to the Website users and in communication with the users who consented to it. A detailed purpose and a set of necessary information required by the applicable law is given for each service in which the processing of personal data of a user of the Site takes place.
3.2. The Administrator declares that he does not use profiling for the purposes of direct marketing.
4. Right of access to, correction and deletion of personal data
4.1. The User has the right to access and correct his/her personal data provided to the Administrator.
4.2. Any person who has given consent to the processing of his/her personal data may apply directly to the Administrator for permission to access, correct or delete them by sending a message to the following e-mail addresses.
5. Protection of the processed personal data
5.1. The collection of personal data is treated as a database with a high level of security, stored on a server that is protected against both remote (IT) and physical access. Moreover, all persons processing personal data of users for the use of the Site, also on the basis of an agreement of entrustment for the processing of personal data, have appropriate authorizations issued by the Administrator.
5.2. The Administrator does not transfer personal data of the users of the Site outside the European Economic Area.
6. Disclosure of personal data
6.1. The Administrator does not transfer (sell or lend in any way) the collected personal data of the users of the Site to third parties and commercial entities.
7. Processing of other user data of the Site
7.1. The Site and its components also collect information contained in system logs (e.g. IP address). They are used for technical purposes related to server administration. IP addresses are also used to collect general statistical information about visitors to the Site.
8. Transmission protection
8.1. Data of special importance – in particular passwords of all kinds – are sent via SSL encrypted protocol.
9.1. The Site does not automatically collect any information other than that contained in cookies. Cookies are information technology files, in particular text files, which are stored in the end device of the Site’s user (e.g. computer, mobile device) and are intended for the use of the Site’s websites and allow the information contained therein to be read only by the server that created them. Cookies include the name of the website from which they come, the length of time they are stored on the end device and a unique number.
9.2. The Administrator is the entity that places cookies on the end user’s device and accesses them. The Administrator is not responsible for the content of cookies sent by other websites to which links may be placed on the Site.
- adapt the content of the Site’s websites to the user’s preferences and optimize the use of the websites; in particular, these files shall enable the Site’s user to be identified and the website, adapted to his individual needs, to be displayed accordingly;
- the generation of statistics which shall help to understand how the users of the Site use the websites, thereby enabling the structure and content of the websites to be improved;
- maintaining the session of the Site user (after logging in), thanks to which the user does not have to re-enter his/her login and password on every subpage of the Site;
- to remember the interactions undertaken.
The User may consent to the storage of cookies originating from the Site on his/her terminal device by means of software settings installed on his/her telecommunications terminal device.
The Administrator provides the newsletter service to the users who have provided their e-mail address for this purpose. The newsletter service consists in periodic sending of messages about announcements and news (marketing content). Providing the data is required in order to provide the service of the newsletter, and their failure to provide it results in the impossibility of sending the newsletter.
Personal data shall be processed:
- in order to provide the service of sending the newsletter – the legal basis for the processing is the necessity of the processing for the performance of the contract (Article 6, paragraph 1, point b) of the GDPR Act);
- in the case of sending marketing content to the User within the framework of the newsletter – the legal basis for processing is the legitimate interest of the Administrator (Article 6, paragraph 1, point f) of the GDPR Act), in connection with the consent given for receiving the newsletter;
- for analytical and statistical purposes – the legal basis for the processing is the legitimate interest of the Administrator (Article 6 paragraph 1 letter f) of the GDPR Act) consisting in conducting analyses of the Users’ activity on the Site, in order to improve the functionalities used;
- in order to determine, assert or defend against claims, if any – the legal basis for the processing is the legitimate interest of the Administrator (Article 6 paragraph 1 letter f) of the GDPR Act).
12. User rights
12.1. The User has the right to: access the content of the data and demand its rectification, deletion, restriction of the processing, the right to transfer the data and the right to object to the processing of the data, as well as the right to lodge a complaint with the supervisory authority responsible for the protection of personal data – https://uodo.gov.pl/.
12.2. To the extent that the basis for processing the User’s data is the consent, the data will be processed until the consent is withdrawn. Consent may be withdrawn at any time. The withdrawal of consent shall not affect the lawfulness of any processing carried out prior to its withdrawal. In order to withdraw the consent, the User may also send an e-mail to the following address [email protected]
13. History of the revision
Policy as of 25 May 2018.