The policy applies to the website operating at the url address: Karta-pobytu.pl
The website operator and the personal data administrator is: Vakacja Tetiana Kostyra with the headquarters at Warsaw, Pulawska street 14.
Contact address of your electronic operator: email@example.com
The operator is the administrator of your personal data that you have provided to the service by your own free will.
The website uses personal data for the following purposes:
1. Providing newsletters
2. Running a comment system
3. Conducting online chats
4. Running a system of classified ads
5. Presentation of user profile to other users
6. Displaying user ads/announcements
7. Handling inquiries via the form
8. Realization of ordered services
9. Presentation of offers or information
10. Through information entered voluntarily in forms
11. By saving cookie data in devices.
12. By gathering/collecting web server logs by the hosting operator
The website obtains information about users and their behaviour in the following way:
Through data entered voluntarily in forms, which are entered into the Operator’s systems.
By saving cookie files in devices.
The personal data of website users are processed in accordance with the provisions of generally applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), hereinafter referred to as: GDPR/RODO.
In the event of any comments or doubts related to the processing of personal data in connection with the use of the website, the user may contact the personal data administrator via the e-mail address: firstname.lastname@example.org
The website processes users’ personal data using the following functions:
• Notification of willingness to receive an offer, which is necessary to perform the contract for the provision of electronic services. The registration form requires the provision of the following data: name, surname, telephone number, e-mail address. Optionally, it is also possible to provide additional data
• Subscription to the newsletter. The subscription form requires the following data: name, surname, e-mail address.
The legal basis for the processing of personal data of website users when using its functionality is:
• in the case of the willingness to receive offers – Art. 6 sec. 1 lit. (a) and (b) GDPR;
• in the case of marketing own products through the Newsletter service – Art. 6 sec. 1 lit. (f) GDPR.
Providing personal data is voluntary, but necessary for the implementation of the contract for the provision of electronic services, to which the website user is a part of.
Selected data protection methods used by the Operator
The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the appropriate server.
Personal data stored in the database are encrypted in such a way that only the operator holding the key can read it. Thanks to this, the data is protected in the event of the database being stolen from the server.
User passwords are stored in a hashed form. The hash function works in one direction – it is not possible to reverse its operation, which is now a modern standard in the field of storing user passwords.
The website uses two-factor authentication, which is an additional form of protection for logging into the website.
The operator periodically changes his administrative passwords.
In order to protect data, the operator regularly makes backup copies.
An important element of data protection is regular updating of all software used by the operator to process personal data, which means regular updates of programming components.
The website is hosted (technically maintained) in the operator’s server: https://www.lh.pl/
By subscribing to the emedia.pl newsletter you become a subscriber.
We manage the collected data using the MailerLite system
In the footer of each e-mail information, we provide an unsubscribe link. Clicking to unsubscribe is the same as deleting the user’s data from the database.
The personal data collected by the website will be processed in the event of the desire to receive the offer and the newsletter service – for the period necessary to perform the contract for the provision of electronic services to which the website user is a part of, until its termination or expiry or until a possible objection to the processing is reported or requesting the removal or withdrawal of consent to the processing.
After this period, the personal data of website users may be processed for archival and statistical purposes and until the claims related to the contract for the provision of services are secured.
Personal data of website users are protected against illegal disclosure to unauthorized persons, unauthorized access, removal, damage, modification or accidental destruction or loss.
The website user has the right to access data, rectify it, delete it, limit processing, the right to object to processing and the right to transfer data, as well as the right to lodge a complaint with the supervisory body, which from May 25, 2018 is the President of the Office of Protection Personal Data.
If the processing of personal data is based on his consent, he has the right to withdraw this consent at any time without affecting the lawfulness of the processing which was carried out on the basis of consent before its withdrawal.
Website content regulations
The content of the website is protected in accordance with the Act of February 4, 1994 on Copyright and Related Rights (Journal of Laws of February 23, 1994, No. 24, item 83, as amended). The materials on the website may not be reproduced, publicly shared or transmitted in any form or by any means without the written consent of the website owner
Such consent may be issued on condition that the source of information and copyright are clearly marked. All rights to the trade signs and trademarks used on the Website are held by the appropriate and authorized entities.
The website owner does not bear any responsibility for any errors or omissions in information and for any damages resulting therefrom.
The owner of the website reserves that any information posted on the website does not constitute an offer within the meaning of the Civil Code and may not be perceived in this way.
Your rights and additional information on how the data is used
In some situations, the administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract signed with you or to fulfill the obligations imposed on the Administrator.
This applies to such groups of recipients:
- Hosting company on an entrustment basis
- postal operators
- mailing system operator (www.mailerlite.com)
- payment operators
- public authorities
- comment system operators
- operators of online chat solutions
- authorized employees and associates who use the data to achieve the aims of the website
- companies providing marketing services to the Administrator.
Your personal data will be processed by the Administrator for no longer than it is necessary to perform the related activities specified in separate regulations (e.g. for accounting). With regard to marketing data, the data will not be processed for more than 3 years.
You have the right to request from the Administrator:
- access to your personal data,
- the right to rectify it,
- processing restrictions,
- and data portability.
You have the right to object to the processing indicated in point 3.3 c) to the processing of personal data in order to perform the legitimate interests pursued by the Administrator, including profiling, while the right to object may not be exercised if there are valid legally justified grounds for processing of your interests, rights and freedoms, in particular establishing, investigating or defending claims. The Administrator’s actions may be appealed against to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw. Providing personal data is voluntary, but necessary to operate the Website.
In relation to you, actions may be taken consisting in automated decision making, including profiling in order to provide services under the contract and for the purpose of conducting direct marketing by the Administrator.
The personal data is not transferred to third world countries as it is based on the protection of personal data. This means that we do not send them outside the European Union.
Information on the behavior of users on the website may be subject to logging in. This data is used to administer the website.
Important Marketing Techniques
The operator uses remarketing techniques that allow for matching advertising messages to the user’s behavior on the website, which may seem that the user’s personal data is used to track him, but in practice no personal data is transferred from the operator to advertising operators. The technological condition for such activities is that cookies are accepted/enabled.
The operator uses a solution that studies user behavior by creating heat maps and recording behavior on the website. This information is anonymized before it is sent to the service operator so that it does not know the individual it relates to. In particular, passwords and other personal data is not recorded.
The operator uses an automatic solution to operate the website in relation to users, e.g. it can send an email to the user after visiting a specific subpage, provided that he has consented to receive commercial correspondence from the operator.
Cookies are small text information in the form of text files, sent by the server and saved on the device of the person visiting the website (e.g. on the hard drive of a computer, laptop or in the smartphone’s memory). Detailed information on cookies, as well as the history of their creation, can be found, among others here: http://pl.wikipedia.org/wiki/Ciasteczko.
The website uses the following types of cookies:
- “session” or “temporary” cookies, which are related to the session and are stored on the user’s device until the moment of leaving the website;
- “persistent” cookies that remain in the browser after the session ends (unless deleted by the user);
- “third party cookies” from advertising servers of entities cooperating with the website.
- The administrator may process the data contained in cookies when visitors use the emedia.pl website for the following purposes:
- remembering data from completed forms or surveys;
- on adjusting the content of the website to the individual preferences of the user (e.g. regarding colors, font size, page layout) and optimizing the use of the website;
- keeping anonymous statistics showing how to use the website pages.
- Most web browsers available on the market accept cookies by default. Everyone has the option to define the terms of using cookies using the settings of their own web browser. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the option of saving cookies – in the latter case, however, it may limit some of the website’s functionalities.
- Detailed information on changing cookie settings and their self-removal in the most popular web browsers are available in the help section of the web browser and on the following pages (just click on the link):
o in the Chrome browser
o in the Firefox browser
o in Internet Explorer
o in the Opera browser
o in the Safari browser
o in the Microsoft Edge browser
- The administrator also processes anonymized operational data related to the use of the website (IP address, domain) to generate statistics helpful in administering the website. This data is collective and anonymous, i.e. they do not contain features that identify visitors of the website. This data is not disclosed to third parties.
No identification or personal data is collected on behalf of a third party.
The data is made available to external entities only within the limits permitted by law.
The data enabling the identification of an individual is made available only with the consent of that person.
We recommend that you read the series of articles on the GDPR: how to prepare a website for the GDPR requirements, what is e-Privacy, what are the GDPR information clauses and what the data protection officer does.