- I. GENERAL INFORMATION
- II. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS
- III. INFORMATION PUT IN THE CONTACT FORM
- IV. RIGHT OF CONTROL, ACCESS TO DATA CONTENT AND CORRECTION, SECURITY, STORAGE PERIOD
- V. INFORMATION ABOUT COOKIES
- VI. SERVER LOGS
- VII. PROVISION AND ENROLLING DATA PROCESSING
- VIII. MANAGING COOKIES – HOW TO EXPRESS AND WITHDRAW CONSENT IN PRACTICE
- IX. FINAL MATTERS
Data administrator – entrepreneur Łukasz Brzyski conducting business activity under the name “Łukasz Brzyski Trustart”, permanent place of business 30-383 Kraków, ul. Wandejska 9, NIP 6782864550 REGON 386775495, E-mail address: email@example.com, who is also the Administrator of the “Lukasz Brzyski – Strategy consultant supporting your digital transformation” website.
GDPR – the Act on the Protection of Personal Data of August 30, 2019 (Polish Journal of Laws 2019, item 1781, as amended) and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of personal individuals in connection with the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation),
Website – a website located at https://lukaszbrzyski.com, through which the Administrator offers the provision of services to Customers under the name “Lukasz Brzyski – Strategy consultant supporting your digital transformation”.
Customer – any Customer using the Website (natural persons, legal persons and entities without legal personality, regardless of the form of business activity).
Service – a service provided electronically by the Administrator, without the simultaneous presence of the parties (remotely), through the transmission of data at the individual request of the Customer, sent and received using devices for electronic processing, including digital compression, and data storage, which is fully transmitted received or transmitted via a telecommunications network within the meaning of the Act of 16 July 2004 – Telecommunications Law and all other services (not remotely) provided by the Data Administrator as part of his business activity.
Newsletter – a free-of-charge electronic Distribution Service, provided by the Seller via e-mail, which enables all customers using it to automatically receive from the Administrator, cyclical content of subsequent editions of the Newsletter, containing in particular: information about products, training, news in the marketing industry and running a business, marketing, sales and business advice, invitations to events (hereinafter referred to as the “Newsletter”), provided on the terms described in the Regulations of the Newsletter service, available at https://lukaszbrzyski.com/newsletter-policy.
I. GENERAL INFORMATION
- The Administrator of the Website is the entrepreneur Łukasz Brzyski running a business under the name “Łukasz Brzyski Trustart”, permanent place of business 30-383 Kraków, ul. Wandejska 9, NIP 6782864550 REGON 386775495, E-mail address: firstname.lastname@example.org, which is also the Administrator of Customers’ personal data and the provider of the Newsletter service, hereinafter referred to as the “Administrator“.
- The Customer’s personal data is processed in accordance with the Personal Data Protection Act of August 30, 2019. (Polish Journal of Laws 2019, item 1781, as amended) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repeal of Directive 95/46/EC (General Data Protection Regulation), hereinafter collectively referred to as “GDPR” and the Act on the provision of electronic services of February 6, 2020 (Journal of Laws 2020, item 344).
- The administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are processed in accordance with the law; collected for specified, lawful purposes and not subjected to further processing inconsistent with these purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of the persons they concern, no longer than it is necessary to achieve the purpose of processing.
- Providing personal data by the Customer is voluntary, but necessary to use the services of the Website. Using the services of the Website cannot be anonymous.
- The Customer has the option of canceling the consents granted for the processing of data for the purpose specified on the Website, for this purpose it is sufficient to send a request to stop processing personal data by the Website to the Administrator’s e-mail address. The Customer’s request to stop processing will be immediately confirmed by the Administrator by sending an e-mail back to the Customer’s e-mail address.
- In order to use the Website, the Customer should have a computer or device with installed software that allows browsing websites and access to the Internet. Access to the Online Store may take place using the most popular web browsers.
- The Administrator declares that the Website is free from content that violates the rights of third parties or applicable law, in particular from content containing information that causes or poses a threat to the privacy or safety of any persons, containing information that promotes illegal activities or behavior that is offensive, are threatening, indecent, defamatory or defamatory, inciting racism, persecution on ethnic, cultural or religious grounds, promoting or conducive to criminal activities, violating the rights of third parties, including intellectual property rights, or constituting any other form of infringement of legally protected goods.
II. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS
- The collection and processing of personal data may take place in connection with and in order to present the offer of Services, establish cooperation, provide Services, as well as financial settlements and security in the network. Providing personal data is also necessary in order to use the contact form.
- The Administrator may process the following personal data of Customers using the Website, name and surname; e-mail address; contact telephone number, postal address for correspondence. In the case of Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Customer.
- In the case of a Customer who uses electronic payments or a payment card, the Administrator provides the Customer’s collected personal data to the selected entity servicing the above payments.
- Personal data will be processed for the purposes of:
- submission, acceptance and implementation of an inquiry or Service,
- statistics, pursuant to art. 6 section 1 lit. f) GDPR, i.e. legitimate interests pursued by the Administrator,
- marketing by sending commercial information by e-mail, pursuant to art. 6 sec. 1 lit. a) GDPR, in the event of consent to the processing of data,
- conducting direct marketing activities pursuant to art. 6 sec. 1 lit. f) GDPR, i.e. legitimate interests pursued by the Administrator,
- expressing an opinion by the Customer on the manner of providing the Services, pursuant to art. 6 sec. 1 lit. a) GDPR,
- consideration of possible complaints, as well as determination, investigation and defense against claims, pursuant to art. 6 section 1 lit. f) GDPR, i.e. legitimate interests pursued by the Administrator,
- fulfillment of legal obligations imposed on the Administrator, regarding, among others, accounting and bookkeeping, implementation of the rights of data subjects pursuant to art. 6 sec. 1 lit. c) GDPR, i.e. fulfilling the obligation imposed on the Administrator,
- website administration;
- personalizing the website for the Customer;
- sending goods purchased via the website;
- provision of services purchased via the website;
- sending statements, invoices and payment reminders to the Customer and receiving payments from the Customer;
- sending non-marketing commercial communications;
- sending notifications to the e-mail address requested by the Customer;
- sending the newsletter to the e-mail address, after obtaining the Customer’s consent (the Customer has the right to inform the Administrator at any time that he does not want to receive the Newsletter);
- sending marketing information regarding the activities of carefully selected third parties that, in the Administrator’s opinion, may be of interest to the Customer, after obtaining the Customer’s prior consent, by post (letter), electronic mail (e-mail) or similar technology (the Customer has the right to inform the Administrator at any time that he does not wants to receive marketing messages);
- providing third parties with statistical information about users of the Website (however, without the possibility of identifying the user on the basis of this information);
- ensuring the security of the website and the Website and preventing fraud;
- other uses, after obtaining the Customer’s consent.
- If the Customer provides the Administrator with personal data for publication on the Website, the Administrator may publish them and use them in a different way in accordance with the consent granted to him (license). The Customer’s privacy settings may be used to limit the publication of information provided by the Customer on the Website and may be adjusted using the privacy controls on the website. The Administrator will not, without the express consent of the Customer, transfer personal data to third parties, or any other third parties related to them, for direct marketing purposes.
- The website performs the functions of obtaining information about customers and their behavior in the following way:
- by voluntarily entering personal data in the forms – although failure to provide the personal data indicated on the Website necessary to contact the Customer or provide the Service will result in the inability to respond or provide the Service.
- by saving cookies in end devices (so-called “cookies”).
- by saving technical logs at the level of the www server, operated by the hosting operator cyber_Folks (https://cyberfolks.pl/).
III. INFORMATION PUT IN THE CONTACT FORM
- The Website collects information provided voluntarily by the Customer.
- The website may also save information about the connection parameters (time stamp, IP address).
- The data in the form are made available to third parties with the consent of the Customer, unless the disclosure of data to authorized state authorities, without prior consent, results from generally applicable law.
- The data provided in the contact form is processed in particular for the purposes of: answering the question asked, sending an offer of cooperation, providing marketing and sales advice, sending invitations to events and training offers in the following industries: marketing, sales and business.
- The data provided in the contact form may be transferred to entities technically implementing certain services – in particular, it concerns the transfer of information about the registered domain holder to entities that are Internet domain operators (primarily Naukowa i Akademicka Sieć Komputerowa j.b.r – NASK), payment services or other entities with whom the Website cooperates in this regard.
IV. RIGHT OF CONTROL, ACCESS TO DATA CONTENT AND CORRECTION, SECURITY, STORAGE PERIOD
- The customer has the right to access their personal data and correct them.
- Each person has the right to control the processing of data concerning them contained in the Administrator’s data set, and in particular the right to: request supplementation, updating, rectification of personal data, temporary or permanent suspension of their processing or their removal, if they are incomplete, outdated, untrue or have been collected in violation of the Act or are no longer necessary to achieve the purpose for which they were collected.
- In the case of voluntary consent, the Administrator may perform direct marketing services for customers within the meaning of art. 172 section 1 of the Act of July 16, 2004 (i.e. Polish Journal of Laws of 2021, item 576) Telecommunications Law, using for this purpose the Customer’s e-mail address and/or contact phone number. If the Customer grants consent to the processing of data for marketing purposes, the consent may be revoked at any time.
- In order to exercise the rights referred to in points 2 and 3 above, you can contact the Administrator by sending an appropriate message in writing or by e-mail to the Administrator’s address email@example.com
- The administrator uses technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular, protects data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.
- The Administrator adheres to the following security rules for the processing of Customers’ personal data:
- records the collected personal data only on such information carriers and devices that are protected against access by third parties;
- keeps a register of data filing systems in accordance with legal requirements;
- supervises the security of data throughout the entire period of their possession, in a manner that ensures, in particular, protection against unauthorized access, damage, destruction or loss;
- transfers data to authorized entities only on the basis of applicable law, written authorization or an agreement on entrusting the processing of personal data;
- maintains the confidentiality of the personal data received.
- The time of processing the Customer’s personal data (data retention period) depends on the purpose and legal basis constituting the legal premise for the processing of such data, i.e.:
- until consent is withdrawn, if data processing is based on consent;
- after the termination of cooperation, for a period of 3 years, if personal data was provided in order to obtain an answer to a question asked by e-mail/phone/contact form;
- for the duration of negotiations, correspondence, orders or Services, until completion of the order or Services and the period required by law, due to securing any claims or defense against claims;
- in the event of failure to place an order or cancellation of the Service or after their performance, for the period necessary for the purposes of pursuing claims or defending against claims;
- until the completion of the obligation resulting from the law (e.g. in terms of storing documentation and limitation of claims);
- until the Administrator’s legal interest ceases to exist (e.g. the period of limitation of civil law claims) or until the data subject objects to further such processing, if the data is processed on the basis of the legitimate interest of the Data Administrator.
V. INFORMATION ABOUT COOKIES
- The website does not automatically collect any information, except for information contained in cookie files.
- Cookie files (so-called “cookies”) are IT data, in particular text files, which are stored in the Customer’s end device and are intended for using the Website. Files of this type usually contain the name of the website they come from, their storage time on the end device and a unique number.
- The entity placing cookies on the Customer’s end device and accessing them is the Administrator or entities cooperating with him.
- Cookies are used for the following purposes:
- creating statistics that help to understand how customers use websites, which allows improving their structure and content;
- maintaining the Customer’s session (after logging in), thanks to which the Customer does not have to re-enter the login and password on each subpage of the Website;
- remembering the password and login details in the web browser if the Customer agrees,
- defining the Customer’s profile in order to display tailored materials in advertising networks, in particular the Google network.
- As part of the Online Store, two basic types of cookies are used: “session” (session cookies) and “permanent” (persistent cookies). Session cookies are temporary files that are stored on the Customer’s end device until logging out, leaving the website or turning off the software (web browser). “Permanent” cookies are stored on the Customer’s end device for the time specified in the cookie file parameters or until they are deleted by the Customer.
- Software for browsing websites (web browser) usually allows cookies to be stored on the Customer’s end device by default. The customer can change the settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.
- Cookie files placed on the Customer’s end device may also be used by advertisers and partners cooperating with the Website operator, as well as payment operators.
- On the Website, we use Google Analytics and Adwords to recognize a computer when a user visits a website, registers or makes a purchase. In addition, the tools are used to improve usability, analyze the use and administer the Website. Thanks to these tools, the Administrator can prevent fraud and improve the security of the website, and personalize the website for each user and target advertisements that may be of particular interest to specific users;
- Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the manner in which the Customer uses the Website. For this purpose, they may keep information about the Customer’s navigation path or the time spent on a given page.
- In terms of information about the Customer’s preferences collected by the Google advertising network, the Customer may view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
VI. SERVER LOGS
- Information about some of the Customer’s behavior is logged in the server layer. These data are used only to administer the Internet Service and to ensure the most efficient handling of the hosting services provided.
- Browsed resources are identified by URL addresses. In addition, the following may be recorded:
- request arrival time,
- response time,
- name of the Client’s station – identification carried out by the HTTP protocol,
- information about errors that occurred during the execution of the HTTP transaction,
- URL address of the page previously visited by the Customer (referrer link) – if the transition to the Online Store was made via a link,
- information about the client’s browser,
- IP address information.
- The above data is not associated with specific people browsing the pages.
- The above data is used only for the purpose of administering the server.
VII. PROVISION AND ENROLLING DATA PROCESSING
- The data is made available to external entities only within the limits permitted by law, based on written authorizations or agreements on entrusting the processing of personal data based on the provisions of the GDPR.
- Data enabling the identification of a natural person are made available only with the consent of that person.
- The Operator may be required to provide information collected by the Website to authorized bodies, based on lawful requests and only to the extent resulting from the request.
- Customers’ personal data may be transferred to the following recipients or categories of recipients:
- opinion system provider – in the case of a Customer who has agreed to express an opinion on the services of the Website, the Administrator provides the Customer’s collected personal data to the selected entity providing the opinion system at the request of the Administrator to the extent necessary for the Customer to express an opinion using the opinion system,
- couriers / postal service providers – in the case of a Customer who uses the method of delivery of the ordered goods or Services to home / business or by post, the Administrator provides the Customer’s collected personal data to the selected courier, forwarder or intermediary performing the delivery at the request of the Administrator – to the extent necessary to its implementation,
- entities handling electronic payments or by payment card – in the case of a Customer who uses the Online Store with the method of electronic payments or by payment card, the Administrator provides the Customer’s collected personal data to the selected entity servicing the above payments on the Website at the request of the Administrator – to the extent necessary to handle payments made by customer
- The administrator generally does not transfer personal data outside the European Economic Area. However, the administrator may outsource specific services or IT tasks to service providers based outside the European Economic Area, e.g. data processed via the website or sent via e-mail, in the case of locating servers of operators managing these services outside the EEA, may be processed outside the EEA. In this case, the data is transferred to a third country in relation to which an adequate level of data protection was found based on the decision of the European Commission or using typical contractual clauses approved by the European Commission. You can request further information about the security measures used and a copy of the data.
VIII. MANAGING COOKIES – HOW TO EXPRESS AND WITHDRAW CONSENT IN PRACTICE
- If the customer does not want to receive cookies, he can change the browser settings. We reserve that disabling cookies necessary for authentication processes, security, maintaining customer preferences may make it difficult, and in extreme cases may prevent the use of the Website.
- By default, the software used for browsing websites allows the placement of “cookies” on the end device by default. These settings can be changed in such a way as to block the automatic handling of “cookies” in the web browser settings or to inform about each time they are sent to the Customer’s device. Detailed information on the possibilities and ways of handling “cookies” are available in the software (web browser) settings. Restricting the use of “cookies” may affect some of the functionalities available on the Website.
IX. FINAL MATTERS
- The Administrator will inform the Customer about the content of the changes by placing a message on the Website. The Customer may also be informed about the change additionally via e-mail to the e-mail address indicated by him.