We are committed to protecting the privacy of the users of https://www.grupa-icea.pl/ . Below you will find information on the type of data we collect and the rules of its processing and use. We limit the use and collection of user information to the minimum required to provide the highest level of service in accordance with s. 18 of the Act on Provision of Services by Electronic Means.
§ 1 General Provisions
- Within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ EU.L.2016.119.1 “General Data Protection Regulation”), and the Act of 10 May 2018 on Personal Data Protection (consolidated version in Journal of Laws Dz.U. 2018 item 1000, “Personal Data Protection Act”), the Controller of the personal data of users of a website at https://www.grupa-icea.pl/is iCEA S.A. Group with registered office in Poznań, ul. Dąbrowskiego 267 (hereinafter: the „DATA CONTROLLER”).
- You can contact the Data Controller: (i) by e-mail: email@example.com (ii) by a contact form available at https://www.grupa-icea.pl/kontakt/ (iii) by mail sent to the Data Controller’s address: ul. Dąbrowskiego 267, 60-406 Poznań.
- The purpose of this Policy is to inform what actions are taken with regard to personal data collected via the Data Controller’s website and related services and tools used by the website users.
- The provisions of this Policy may be modified, if need be.
§ 2 Acquiring, collecting and storing personal data
- Personal data of the users are processed in accordance with the General Data Protection Regulation, the Act on Personal Data Protection and the Act of 18 July 2002 on Provision of Services by Electronic Means (Dz. U. of 2017, item 1219 as amended).
- Users are not obliged to provide their personal data in order to use the website. However, personal data specifically and voluntarily provided by users may be collected through the website. Should that be the case, the user’s consent to the processing of his or her personal data will be obtained in accordance with the applicable data protection regulations by the Data Controller who will inform the user about the collection and processing of his or her personal data before it is collected and processed.
- The processing of users’ personal data is based on Article 6(1)(a) of the General Data Protection Regulation, whereunder the processing is lawful if the data subject has consented to the processing of his/her personal data for one or more specified purposes.
- Consent to the processing of users’ personal data is expressed by ticking a checkbox on the website.
- The user may cancel their consent at any time and this will not affect the lawfulness of the processing done prior to the cancellation.
- If personal data is processed on the basis of contact forms sent by the user at https://www.grupa-icea.pl/, such processing is carried out pursuant to Article 6(1)(b) of the General Data Protection Regulation, whereunder the processing of data is necessary to take action at the request of the data subject.
- Upon separate consent of the user, the Data Controller may also process the user’s personal data for marketing purposes, including sending commercial information electronically to the e-mail address indicated by the user. If the user gives his/her voluntary consent, his/her personal data will also be processed for marketing purposes by entities cooperating with the Data Controller.
- The website does not collect and process special categories of personal data (sensitive data).
- The Data Controller takes special care to protect the interests of data subjects, in particular ensures that the obtained data is processed lawfully; is collected for specified, legitimate purposes and not further processed in any way incompatible with those purposes; is substantially accurate and adequate in relation to the purposes for which it is processed and kept in a form which permits identification of data subjects.
- Users’ personal data will not be kept longer than necessary for the purpose of the processing.
§ 3 Purposes of processing the personal data collected
- The Data Controller is entitled to use the collected and stored data for the following purposes:
- providing service to users,
- concluding contracts and implementing services provided by electronic means,
- adjusting the offer to the users’ interests, including advertising and commercial information,
- contacting users, including for purposes related to the provision of services, user service, permitted marketing activities, through available communication channels, in particular e-mail and telephone,
- conducting research and analysis to improve the performance of available services.
- The Data Controller may store the collected data only to the extent of achieving the above specified purposes for a period no longer than is necessary in connection with the use of the website and to achieve the purpose of processing.
§ 4 Data sharing
- The Data Controller ensures that all collected personal data is used to fulfill the obligations towards the users (e.g. delivering subscribed messages or customer panel service). This data will not be shared with third parties unless:
- with the prior express consent of the persons concerned, or
- if the obligation to share this data results or will result from the applicable law.
- The Data Controller may contractually outsource the processing of the collected data to other entities subject to Article 28 of the GDPR.
- Under the adopted Policy, the Data Controller undertakes not to lend or sell users’ personal data. In the event of the restructuring or sale of the business or a part of it and the transfer of all or a significant part of the assets to a new owner, users’ personal data may be transferred to the buyer in order to ensure the continuation of the service.
- The Data Controller may share anonymised data (i.e. data that does not identify specific Users) with external service providers, trusted partners or research agencies in order to better identify the attractiveness of advertisements and services for Users, to improve the overall quality and effectiveness of the services provided or to participate in scientific research of broadly understood social benefit.
§ 5 User supervision
- The user whose personal data is being processed has the right to inspect his/her data, complete, update, rectify, it temporarily or permanently restrict its processing, demand its removal or transfer. In order to view, complete, update, rectify, restrict the processing, delete or transfer the data the user shall send a relevant request to the e-mail address: firstname.lastname@example.org.
- The request must contain the user’s name and surname.
- The user ensures that the data provided or published by him/her on the website is correct.
§ 6 Right to complain
We make every effort to ensure that your personal data is processed in compliance with the applicable law. However, if you believe that we have committed a breach, you have the right to file a complaint with the supervisory authority (the President of the Data Protection Authority).
§ 7 Security
All collected data is protected by appropriate technical and organizational measures and security procedures against accidental destruction, loss, unauthorized access or use.
- Cookies mean IT data, in particular text files, stored on users’ terminal equipment (usually on the computer’s hard drive or mobile device) for the purpose of saving certain settings and data by the user’s browser in order to use the websites. These files allow to recognize the user’s device and display the website accordingly, ensuring maximum comfort during use. Storage of “cookies” therefore allows for appropriate development of the website and the offer according to the user’s preferences – the server recognizes the user and remembers his/her preferences such as: visits, clicks, previous actions.
- Cookies contain in particular the domain name of the website from which they originate, the time they are stored on a terminal device and a unique number used to identify the browser from which the website is connected.
- Cookies are used for the following purposes:
- adjusting the content of websites to the user’s preferences and optimizing the use of the websites,
- maintaining the website user’s session (after logging in), which makes it possible to avoid having to log in again to each subpage of the website,
- creating anonymous statistics that help to improve the structure and content of websites by helping to determine how the user uses them,
- provide website users with advertising content tailored to their interests.
Cookies are not used to identify the user and the user identity is not established on the basis of cookies.
- Basically cookies are divided into:
- Persistent cookies which are stored on the user’s device for a period of time specified in the parameters of cookies or until they are manually deleted by the user.
- Session cookies which are temporary files that are automatically deleted when the user logs out of the website or closes the browser window.
- The detailed division of cookies includes:
- Cookies distinguished for their necessity to provide the service (including files that are absolutely necessary for the proper functioning of the website or its functions and functional files – without them the website still works properly, but it will be impossible to adjust it to the user’s preferences)
- Cookies distinguished by their origin (including first-party cookies – placed directly by the owner of the site that has been visited, and third-party cookies – cookies placed by external entities whose site components have been linked by the site owner).
- Cookies distinguished by their purpose (including those used for the configuration, security and reliability of the service, authentication, advertising or adjusting the information displayed to the user’s location).
- Detailed information on how to manage cookies on a mobile phone or other mobile device should be included in the manual of the mobile device. The client can also delete his/her data from the Google Analytics database at any time.