Formal information at the beginning – the website administrator is Eveo Sp. z o.o., ul. Walerego Sławka 3A, 30-633 Kraków, NIP: 676-23-63-773.
# 1: Who is the controller of your personal data?
The administrator of your personal data is Eveo Sp. z o.o., ul. Walerego Sławka 3A, 30-633 Kraków, NIP: 676-23-63-773.
# 2: Who can you contact regarding the processing of your personal data?
As part of the implementation of personal data protection in our organization, we decided not to appoint a personal data protection officer due to the fact that in our situation it is not mandatory. In matters related to the protection of personal data and broadly understood privacy, you can contact us at the e-mail address firstname.lastname@example.org.
# 3: What information do we have about you?
Depending on the purpose, we may process the following information about you:
- name and surname
- email address
- data contained in e-mail correspondence
- phone number
- IP address
What’s more, we use tools that collect a lot of information about you related to the use of our website. It is concerned, in particular, with the following information:
- information about your device, operating system and web browser
- user ID (user-ID)
- IP address subject to truncation and anonymization
- date of page visit
- subpages viewed
- time spent on the site
- transitions between individual subpages
- mouse clicks or screen touches
- clicks on individual links
- the source from which you go to the page
- the age range you are currently in
- Your gender
- Your approximate location limited to the town
- Your interests based on your online activity
# 4: Where did we get your personal data from?
In most cases, you pass them on to us yourself. This happens when:
- you contact us via e-mail
- you follow our profiles on social media or interact with the content we post on social media
In addition, some information about you may be automatically collected by the tools we use:
- the site engine collects your IP address
# 5: Is your data safe?
We care about the security of your personal data. We have analyzed the risks associated with individual data processing processes, and then we have implemented appropriate security and personal data protection measures. We monitor the condition of the technical infrastructure on an ongoing basis, train staff, review the procedures applied, and introduce necessary improvements. If you have any questions regarding your personal data, we are at your disposal at email@example.com
# 6: For what purposes do we process your personal data?
# 7: How long will we keep your personal data?
# 8: Who are the recipients of your personal data?
We risk saying that modern business is not able to do without services provided by third parties. We also use such services. Some of these services are related to the processing of your personal data. External service providers who are involved in the processing of your personal data are:
- the hosting provider that stores the data on the server
- cloud software providers where the data processing takes place
- a maintenance service provider that accesses data if the technical work carried out relates to areas where personal data is located
All entities listed above process your data on the basis of contracts for entrusting the processing of personal data concluded with us and guarantee an adequate level of personal data protection.
If necessary, your data may be made available to a legal advisor or attorney bound by professional secrecy. The need may arise from the need to use legal assistance that requires access to your personal data.
Moreover, when it comes to Anonymous Information, the providers of tools or plugins that collect Anonymous Information have access to it. The providers of these tools are independent administrators of the data collected in them and may share this data on the terms specified by them in their own regulations and privacy policies, over which I have no influence.
# 9: Do we transfer your data to third countries or international organizations?
No, we do not transfer your data to third countries or international organizations.
# 10: Do we use profiling? Do we make automated decisions based on your personal data?
We do not make decisions for you based solely on automated processing, including profiling, which would have legal effects on you or similarly significantly affect you.
Yes, we use tools that can take specific actions depending on the information collected as part of the tracking mechanisms, but we believe that these actions do not have a significant impact on you, because they do not differentiate your situation as a customer, they do not affect the terms of the contract, which you can to conclude with us, etc.
By using certain tools, we can, for example, direct personalized advertisements to you based on your previous actions taken on the website or suggest products that may be of interest to you. I am talking about the so-called behavioral advertising. We encourage you to learn more about behavioral advertising, in particular regarding privacy issues. Detailed information, along with the ability to manage your behavioral advertising settings, can be found here.
We emphasize that as part of the tools I use, I only have access to Anonymous Information. This information is stored on the servers of the suppliers of individual tools, and these servers can most often be located all over the world.
# 11: What rights do you have in relation to the processing of your personal data?
The GDPR grants you the following potential rights related to the processing of your personal data:
- the right to access your data and receive a copy of it,
- the right to rectify (correct) your data,
- the right to delete data (if in your opinion there are no grounds for us to process your data, you can request that we delete it),
- the right to limit data processing (you can request that we limit the processing of data only to their storage or performance of activities agreed with you, if, in your opinion, we have incorrect data or we process it unjustifiably),
- the right to object to the processing of data (you have the right to object to the processing of data on the basis of a legitimate interest; you should indicate a special situation that, in your opinion, justifies the termination of the processing covered by the objection; we will stop processing your data for these purposes, unless we will demonstrate that the grounds for data processing by us override your rights or that your data is necessary for us to establish, assert or defend claims),
- the right to transfer data (you have the right to receive from us, in a structured, commonly used, machine-readable format, personal data that you provided to us on the basis of a contract or your consent; you can commission us to send this data directly to another entity),
- the right to withdraw consent to the processing of personal data, if you have previously given such consent,
- the right to lodge a complaint with the supervisory body (if you find that we are processing data unlawfully, you can file a complaint with the President of the Personal Data Protection Office or another competent supervisory authority).
The rules related to the implementation of the above-mentioned rights are described in detail in Art. 16 – 21 GDPR. We encourage you to familiarize yourself with these regulations. For our part, we consider it necessary to explain to you that the above-mentioned rights are not absolute and you will not be entitled to all activities related to the processing of your personal data.
We emphasize that you always have one of the rights indicated above – if you believe that we have violated the provisions on the protection of personal data while processing your personal data, you have the option to lodge a complaint with the supervisory body (the President of the Office for Personal Data Protection).
Cookies are small text information stored on your end device (e.g. computer, tablet, smartphone) that can be read by our ICT system (own cookies) or ICT systems of third parties (third party cookies). In cookies, specific information can be saved and stored, to which ICT systems can then access for specific purposes.
Some of the cookies we use are deleted after the end of the web browser session, i.e. after closing it (so-called session cookies). Other cookies are stored on your end device and allow us to recognize your browser the next time you visit the website (persistent cookies). If you want to learn more about cookies as such, you can see this material, for example: https://en.wikipedia.org/ wiki / HTTP_cookie .
# 14: Can you disable cookies?
Yes, you can manage cookie settings within your web browser. You can block all or selected cookies. You can also block cookies from specific websites. You can also delete previously saved cookies and other website and plug-in data at any time.
Web browsers also offer the option of using incognito mode. You can use it if you do not want information about visited pages and downloaded files to be saved in your browsing and download history. Cookies created in Incognito mode are deleted when all Incognito windows are closed.
There are also browser plug-ins to control cookies, such as Ghostery ( https://www.ghostery.com ). The option to control cookies may also be provided by additional software, in particular anti-virus packages, etc.
In addition, there are tools available on the Internet that allow you to control certain types of cookies, in particular for collective management of behavioral advertising settings (e.g. www.youronlinechoices.com/ , www.networkadvertising.org/choices ).
# 16: What third party cookies are used?
Knowing the requirements created by the Court of Justice of the European Union, we have refrained from indicating the lifetime of cookies used by individual tools. In order to reliably determine the lifetime of each cookie file, we would have to overwhelm you with an excess of information that would not in any way comply with the principle of transparency and readability of the information addressed to you. In addition, the lifetime of cookies may be subject to such active changes on the part of the tool providers that we are not able to exercise reliable control over it. Departing from determining the lifetime of cookies, we would like to remind you that the only option for real control of the storage time of information in cookies is to manage cookies directly by you. You can delete cookies stored on your device at any time from your web browser.
Moreover, while in the case of statistical and marketing tools, we can view various types of reports generated on the basis of Anonymous Information, in relation to other tools, we do not even gain any access to information collected in cookies, being only interested in whether the functions of a given tool, for which the tool was installed, work properly on our site.
# 17: Do we track your behavior on our website?
# 18: Are we targeting you with targeted advertising?
§ 19: How can you manage your privacy?
- cookie settings within the web browser
- browser plugins supporting cookie management, eg Ghostery
- additional cookie management software,
- incognito mode in the web browser
- behavioral advertising settings such as youronlinechoices.com
# 20: What are server logs?
Using the website involves sending queries to the server on which the website is stored. Each query directed to the server is saved in the server logs.
Logs include Your IP address, server date and time, information about the web browser and operating system you use. Logs are saved and stored on the server.
The data stored in the server logs are not associated with specific people using the website and are not used by us to identify you.
The server logs are only auxiliary material used to administer the website, and their content is not disclosed to anyone except those authorized to administer the server.
# 21: Is there anything else you should know about?
Annex 1 – purposes of personal data processing
|Purpose of processing||Legal basis for processing||Categories of processed data||Data storage period||Source of data acquisition|
|Correspondence handling||Art. 6 sec. 1 lit. f GDPR – the legitimate interest pursued by the administrator consisting in the exchange of correspondence with the user and its possible archiving.||Identification data. Contact details. Correspondence details.||Impossible to unequivocally determine. Some correspondence may be deleted on an ongoing basis, and some archived, if we believe that there is a need to store it, in particular to ensure the possibility of its recovery in the future.||Contact form. Incoming message.|
|Social media support||Art. 6 sec. 1 lit. f GDPR – legitimate interest pursued by the administrator consisting in handling profiles in social media.||Data visible publicly in the user’s profile on the social network. Details of user interactions on social media profiles.||Until the user deletes the data from the social network.||Social media profiles. User posted content on social media.|
Annex 2 – list of external tools
|Tool||Provider / th>||Purpose of use||Provider explanations||Provider settings|
|Google Analytics||Google LLC||Analysis and statistics related to the behavior of website visitors.||View||View|
|Google Ads||Google LLC||Ad measurement and targeting.||See||View|
|Hotjar||Hotjar Limited||Analysis and statistics related to the behavior of website visitors.||View||View|
|Microsoft Clarity||Microsoft Corporation||Analysis and statistics related to the behavior of website visitors.||View||View|