2. This document is for information purposes only.
3. The Data Administrator of the personal data of the Customers/Users of the Website, within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Text with EEA relevance) (Official Journal of the EU. L No. 119, p. 1) (RODO), hereinafter referred to as GDPR, is Konrad Caban conducting business under the name of SITEIMPULSE, with its registered office in Warsaw, Poland (02-737), Niedźwiedzia 29B, registered in the Central Register and Information on Business Activity (CEIDG), VAT ID: 5212118341, Regon: 012887347, contact phone: +48222195800, e-mail: office AT siteimpulse DOT com.
4. The Data Administrator declares that the User's/Customer's personal data are processed in accordance with the Polish regulations on the protection of personal data and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws No. 144, item 1204, as amended).
5. The personal data of Customers/Users who use the services and tools made available on the Website will be processed on the basis of the consent given by the Customer/User, after reading and complying with the provisions of this document and the Terms and Conditions (for this purpose, the Customer/User shall tick the relevant boxes on the Website page, following the notices that appear on the Website page).
6. The Data Administrator must ensure that personal data is processed lawfully and that it is not transferred or sold to third parties.
7. The User/Customer has the right to ask the Data Administrator for full information on how their personal data is being used. We always endeavor to clearly inform you about the data we collect, how we use it, the purposes for which we use it, to whom we transfer it, how we protect it when it is transferred to other parties and who to contact in case of doubt.
8. The Data Administrator declares that all data collected will be protected from unauthorized access or use using appropriate technical and organizational measures and security procedures.
10. All words and expressions appearing in this document and beginning with a capital letter (e.g. Customer, User) shall be understood in accordance with the definitions contained in the Terms and Conditions available on the Website.
§2 Collection, Acquisition, Scope and Purpose of Personal Data Collection1. The personal data of the Customers of the Website is (or will be) collected using the following functionalities of the Website: Contact Form, Newsletter subscription, data provided in the Customer Account, data provided when adding comments in the "Blog" tab, login data and registration data.
2. The Data Administrator obtains information about Users by, among other things, collecting server logs via the hosting operator.
3. The Data Administrator processes the personal data of Customers/Users necessary for the proper implementation of the services available on the Website and is entitled to use the data collected and stored within the Website for the following purposes:
a) in order to provide services electronically in terms of providing Users with access to content collected on the Website - in which case the legal basis for the processing is the necessity of the processing for the performance of the contract (Article 6(1)(b) GDPR); such activities are, in particular:
i. placing an order on the Website,
ii. the conclusion and performance of a Sales Contract or an Agreement for the provision of an Electronic Service,
iii. solving technical problems and making relevant functions available;
b) for analytical and statistical purposes, in which case the legal basis for the processing is the legitimate interest of the Data Administrator (Article 6(1)(f) GDPR), consisting of conducting analyses of the Users' activities, as well as their preferences in order to improve the applied functionalities and provided services; such activities are in particular:
i. customizing the User's offer and experience, including advertising, on the Website properties,
ii. monitoring user activity,
iii. to carry out research and analysis in order to improve the performance of available services,
iv. to evaluate certain personal factors of the Customer/User;
c) for the purpose of possibly establishing and asserting or defending against claims - the legal basis for the processing is the legitimate interest of the Data Administrator (Article 6(1)(f) GDPR) to protect your rights; such actions are in particular:
i. to contact Users, in particular for the purposes of providing services and support to Users,
ii. to enforce compliance with the Terms and Conditions;
d) for the purpose of sending commercial information (e.g. Newsletters) - the legal basis for processing is the User's consent (Art. 6(1)(a) GDPR) expressed by ticking the relevant checkbox; the User has the right to withdraw consent with immediate effect, at any time of his/her choosing, by clicking the relevant button located in the footer of each Newsletter.
4. The Administrator shall only be entitled to store the data collected and tracked on the Website for the purposes specified above.
5. The Data Administrator collects, processes and stores the following personal data of Users according to the choice of the specific Service:
a) electronic mail address (e-mail address),
The collection of personal data in certain activities is specified in the Terms of Service.
6. The Data Administrator collects, processes and stores the following Customer data:
a) the electronic mail address (e-mail address),
b) legal name,
c) name of the company,
d) VAT ID,
e) business address (street, building number, apartment number, postal code, town, country),
f) telephone number.
7. The Service Provider declares that the provision of data by the Client/User to the extent indicated above is entirely voluntary and, at the same time, necessary for the Service Provider to be able to fully perform the services provided through the Website. The extent of the data required for the conclusion of a contract is indicated in advance on the Website and in the Terms and Conditions.
8. The Data Administrator reserves the right to block and filter messages sent through the internal messaging system. In particular, if the messages are of a spam nature, contain prohibited content or otherwise threaten the safety of the site users.
9. In addition, the Data Administrator is entitled to automatically obtain and record data transmitted to the Server by web browsers or Customers/Users' devices, such as IP address, software parameters, hardware parameters, pages viewed, mobile device identification number and other data relating to the devices and use of the system.
10. In addition, the Data Administrator is entitled to automatically obtain and record data transmitted by web browsers or Customers/Users' devices to the Server, such as IP address, software parameters, hardware parameters, pages viewed, mobile device identification number and other data relating to the devices and use of the System.
11. The Data Administrator informs Users that he entrusts the processing of personal data to the following entities:
Within the EEA:
As part of the Service, the User's data is processed by entities working with the Data Administrator, which are required to comply with high privacy standards analogous to those contained in the Policy, pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
a) IQ PL Sp. z o.o., 16 Geodetów St., 80-298 Gdańsk, KRS: 0000007725, NIP: 5832736211 - to store personal data on the server where the service is installed,
b) mElements S.A., ul. Prosta 18, 00-850 Warsaw, KRS: 00000590484, NIP: 5223047892 - to enable electronic payment for the ordered service,
c) Blue Media S.A., ul. Powstańców Warszawy 6, 81-718 Sopot, KRS: 0000320590, NIP: PL5851351185 - to enable electronic payment for the ordered service,
d) Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland - to enable you to make electronic payments for the service you have ordered,
e) PayPal Europe Sàrlet Cie, SCA, 22-24 Boulavard Royal, L-2449 Luxembourg - to enable electronic payment for the requested service,
f) IFIRMA S.A., ul. Grabiszyńska 241 B, 53-234 Wrocław, KRS: 0000281947, NIP: 8981647572 - for the purpose of providing electronic accounting services,
g) Hotjar Ltd. St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta - providing a solution to monitor User activity. The data collected prevents the identification of any specific individual and more information about the tool's privacy standards is available at the link https://www.hotjar.com/legal/policies/privacy/,
h) Reditus Europalaan 100 in Utrect, The Netherlands - to enable the Service Provider to perform additional Monitoring activities. More information on privacy standards is available at the following link: https://www.getreditus.com/privacy-policy/
Beyond the EEA:
As some of the entities working with the Data Administrator are based outside the European Union and are therefore considered so-called third countries under the provisions of the GDPR. The Data Administrator ensures that data is transferred to entities in the United States that apply standard contractual clauses.
a) Google Inc. (head office address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) - providing the Google Analytics and Google AdWords solution. More information about the privacy standards of the tools is available at the link https://policies.google.com/technologies/partner-sites?hl=en. Furthermore, using the following link: https://tools.google.com/dlpage/gaoptout it is possible to disable the activity measured by Google Analytics.
b) Facebook Inc. (Headquarters address: Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA) - which provides the Facebook Pixel solution for monitoring website traffic. - As a rule, the data collected prevents the identification of any specific person, and more information on the privacy standards of the tool is available at the link https://developers.facebook.com/docs/privacy/.
c) Mixpanel, Inc. (405 Howard St., 2nd Floor, San Francisco, CA 94105) - enables the capture of data about how the User interacts with the Service. Mixpanel, Inc is certified by EU-US Privacy Shield to provide an appropriate level of data protection. More information is available at the following link: https://mixpanel.com/legal/privacy-policy/.
d) tawk.to inc. (187 East Warm Springs Rd, SB298 Las Vegas, Nevada, USA 89119) - facilitates contact with Users for service purposes. More information on privacy standards is available at the following link: https://www.tawk.to/privacy-policy/.
e) OnboardFlow Ltd. (Kemp House, 160 City Road, London, EC1V 2NX, United Kingdom) - monitors the onboarding of registered users, in particular conversion rates to sales. More information on privacy standards is available at the following link: https://onboardflow.com/legal/terms/.
Thus, the above companies guarantee compliance with data protection standards analogous to the Ordinance, and the Administrator's use of their technology in processing personal data is lawful.
12. The duration of the data processing by the Data Administrator depends on the nature of the service provided and the purpose of the processing. As a general rule, the data will be processed for the duration of the provision of the Service or the execution of the order, until the withdrawal of the consent given or until an effective objection to the processing of the data is raised, in cases where the legal basis for the processing of the data is the legitimate interest of the Data Administrator.
13. The processing period may be extended if the processing is necessary for the establishment, assertion or defense of any claims, and thereafter only if and to the extent required by law. At the end of the processing period, the data will be irreversibly erased or made anonymous.
§3 Cookies Policy1. The Data Administrator automatically collects information contained in cookies in order to collect data relating to the use of the Website by the Customer or User. A cookie is a small piece of text that a website sends to the browser and that the browser sends back on subsequent visits to the website. They are mainly used to maintain a session, for example by generating and sending back a temporary identifier after logging in. The Data Administrator uses "session" (temporary) cookies, which are stored on the Client/User's terminal equipment until the Client logs out, closes the website or switches off the web browser, and "permanent" cookies, which are stored on the Client/User's terminal equipment for the time specified in the parameters of the cookies or until they are deleted by the Client/User. More information on cookies can be found at www.allaboutcookies.org.
2. The Data Administrator uses the following types of Cookies within the Website:
- "necessary", which enable the use of the services available on the Website,
- to ensure safety & security,
- "advertising", which enables the delivery of advertising content tailored to the User's interests,
- "performance", which are used to obtain information about how Users use the Website,
- "functional", which enable the Website to remember the User's preferred functionalities.
3. The Data Administrator uses external cookies to collect general and anonymous statistical data by means of analytical tools.
4. Cookies are used to adapt and optimize the Website and its services to the needs of the Client/User through activities such as compiling statistics on the number of visits to the Website and ensuring the security of the Website and its Users. Cookies are also necessary to maintain the Client/User's session after they leave the Site.
5. The customer can change the settings for cookies at any time via their web browser, including completely blocking or deleting the collection of cookies.
6. Blocking the ability to collect cookies or making other changes to the settings of the device may hinder or prevent the use of certain functionalities of the Website to which the Client/User is fully entitled, but in such a situation must be aware of the limitations of the functionalities available on the Website.
a) In case of Google Chrome, instructions can be found here - https://support.google.com/chrome/answer/95647?hl=en
b) In case of Mozilla Firefox, instructions can be found here - https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
c) In case of Safari, instructions can be found here - https://support.apple.com/kb/ph21411?locale=en_EN
d) In case of Microsoft Edge, instructions can be found here - https://docs.microsoft.com/en-us/microsoft-edge/devtools-guide/debugger/cookies
e) In case of Opera, instructions can be found here - https://help.opera.com/pl/latest/security-and-privacy/ 8. The Data Administrator may allow third parties, such as advertisers or analytics providers, to collect information using the above technologies directly on the Website. Data collected in this way will be subject to the provisions of the privacy policies developed by these entities.
9. Some external companies operating on the Site may allow users to opt out of the collection and use of their data for the purposes of advertising based on the customer's activity. For more information, see for example: https://www.youronlinechoices.com/.
§4 Rights and Obligations1. The Data Administrator has the right, as well as the legal obligation, to provide selected or all information concerning the Customers/Users of the Website to public authorities or third parties who request such information on the basis of the applicable provisions of Polish law.
2. The Customer has the right to access his/her personal data collected by the Data Administrator at any time. This right includes the possibility to:
a) access to the content of the data and to request the rectification of the data,
b) deletion of data,
c) limitation of processing,
d) the right to data portability,
e) the right to object to the processing,
f) the right to lodge a complaint to the supervisory authority - the President of the Office for Personal Data Protection ul. Stawki 2, 00-193 Warsaw, Poland.
3. In order to exercise his/her rights, the Customer may, at any time, send an appropriate declaration to the registered address of the Data Administrator or by e-mail.
4. The cancellation of personal data or the cessation of their processing by the Data Administrator may result in the total impossibility of providing the services offered through the Website, or in their being severely limited.
5 The Customer consents to the processing of personal data for the purposes of providing the Service by accepting the statements contained in the interactive forms available on the website proposed by the Data Administrator, including the contact form, the registration form or the newsletter subscription form.
6. The Customer may also consent to additional purposes for the processing of his/her personal data by accepting the optional statements proposed in the forms available on the Website.
7. Consent voluntarily given by the Customer to receive commercial information may be withdrawn at any time at the Customer's request by e-mail. The Data Administrator will remove the Customer's details from the contact database used to send commercial information electronically within 48 hours of receiving the declaration of withdrawal of consent.
8. The Data Administrator undertakes to act in accordance with the laws in force and the generally accepted rules of social coexistence.
Warsaw, March 15th, 2023.