Privacy Policy

The privacy policy describes the rules for processing information about you, including personal data and cookies.

Privacy Policy – General Information 

This policy applies to the Website operating at the URL: wksgrybow.pl

The operator of the service and the Administrator of personal data is:
WKS Grybów Sp. z o.o., ul. Kościuszki 33, 33-330 Grybów, KRS no. 0000615118, REGON: 364343229, NIP: 9512412526

Contact email address of the operator: biuro@wksgrybow.pl

The Operator is the Administrator of your personal data with respect to data voluntarily provided in the Service.

The Service uses personal data for the following purposes:

• Operating a comment system
• Conducting online chat conversations
• Operating a classified ads system
• Presenting user profiles to other users
• Displaying user announcements
• Handling inquiries via form
• Fulfilling ordered services
• Presenting offers or information
• Through voluntarily entered information in forms
• Through storing cookie data on end devices (so-called “cookies”).
• Through collecting www server logs by the hosting operator

The Service obtains information about users and their behavior in the following ways:

Through voluntarily entered data in forms, which are entered into the Operator’s systems.

Through storing cookie files (so-called “cookies”) on end devices.

Personal data of website users are processed in accordance with generally applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as: GDPR.

In case of any comments or doubts related to the processing of personal data in connection with the use of the service, the user may contact the personal data administrator via the e-mail address: biuro@wksgrybow.pl

Privacy Policy – Processing of Personal Data

The Service processes users’ personal data through the following functions:

• Submitting a request to receive an offer, which is within the scope necessary for the performance of the contract for the provision of electronic services. The registration form requires the following data: first name, last name, phone number, e-mail address. Optionally, there is also the possibility of providing additional data
• Newsletter subscription. The subscription form requires the following data: first name, last name,  e-mail address.

The legal basis for processing personal data of service users while using its functionalities is:

• in the case of submitting a request to receive an offer – Art. 6 para. 1 lit. (a) and (b) GDPR;
• in the case of marketing of own products in the form of Newsletter service – Art. 6 para. 1 lit. (f) GDPR.

Providing personal data is voluntary, but necessary for the performance of the contract for the provision of electronic services, to which the service user is a party.

Selected Data Protection Methods Used by the Operator

Login areas and personal data entry are protected at the transmission level (SSL certificate). Thanks to this, personal data and login data entered on the site are encrypted on the user’s computer and can only be read on the target server.

Personal data stored in the database are encrypted in such a way that only the Operator holding the key can read them. This way, the data is protected in case the database is stolen from the server.

User passwords are stored in hashed form. The hashing function works one-way – it is not possible to reverse its operation, which is currently the modern standard for storing user passwords.

The service uses two-factor authentication, which is an additional form of protection for logging into the Service.

The Operator periodically changes its administrative passwords.

For data protection, the Operator regularly makes backups.

An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of software components.

Hosting

The Service is hosted (technically maintained) on the operator’s server: https://www.home.pl/

Privacy Policy – Personal Data Retention

Personal data collected by the website will be processed in the case of handling the wish to receive an offer and newsletter service – for the period necessary for the performance of the contract for the provision of electronic services, to which the service user is a party, until its termination or expiration or until the possible objection to their processing or request for their deletion or withdrawal of consent to their processing.

After this period, personal data of website users may be processed for archival and statistical purposes and until the security of claims related to the performance of the service contract.

Personal data of website users are protected against unlawful disclosure to unauthorized persons, unauthorized access, collection, damage, modification or accidental destruction or loss.

The website user has the right to access their data, rectification, deletion, restriction of processing, the right to object to processing and the right to data portability, as well as the right to lodge a complaint with the supervisory authority, which as of May 25, 2018 is the President of the Personal Data Protection Office.

If the processing of personal data is based on their consent, they have the right to withdraw this consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.

Regulations Regarding Website Content

The content of the website is protected in accordance with the Act of February 4, 1994 on Copyright and Related Rights (Journal of Laws of February 23, 1994, No. 24, item 83, as amended). Materials on the website may not be reproduced, publicly disclosed or transmitted in any form and by any means without the written consent of the website owner.

Such consent may be granted provided that a clear indication of the source of information and copyright is ensured. All rights to trademarks and trade names used on the Website belong to the appropriate, authorized entities. 

The website owner is not liable for any possible errors or omissions in the information and for any resulting damages.

The website owner reserves that all information contained on the website does not in any way constitute an offer within the meaning of the provisions of the Civil Code and cannot be perceived as such.

Your Rights and Additional Information on How Data is Used

In some situations, the Administrator has the right to transfer your personal data to other recipients, if this is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to the following groups of recipients:

• hosting company on the basis of entrustment
• postal operators
• mailing system operator (www.mailerlite.com)
• banks
• payment operators
• public bodies
• comment system operators
• online chat solution operators
• authorized employees and associates who use the data to achieve the website’s purpose
• companies providing marketing services to the Administrator

Your personal data processed by the Administrator no longer than necessary for the performance of related activities specified by separate regulations (e.g., on keeping accounting). With respect to marketing data, data will not be processed for more than 3 years.

You have the right to request from the Administrator:

• access to personal data concerning you,
• their rectification,
• deletion,
• restriction of processing,
• and data portability.

You have the right to object to the processing indicated in point 3.3 c) against the processing of personal data for the purpose of performing legally justified interests pursued by the Administrator, including profiling, although the right of objection will not be exercisable if there are important legally justified grounds for processing, overriding your interests, rights and freedoms, in particular establishing, pursuing or defending claims.

You have the right to lodge a complaint against the Administrator’s actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.

Providing personal data is voluntary, but necessary to use the Service.

Automated decision-making actions may be taken with respect to you, including profiling for the purpose of providing services under the concluded contract and for the purpose of direct marketing by the Administrator.

Personal data is not transferred from third countries within the meaning of personal data protection regulations. This means that we do not send it outside the European Union.

Administrator Logs

Information about user behavior in the service may be subject to logging. This data is used for the purpose of administering the service.

Important Marketing Techniques

The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc. based in the USA). The Operator does not transfer personal data to this service operator, but only anonymized information. The service is based on the use of cookies on the user’s end device. For information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/

The Operator uses remarketing techniques that allow matching advertising messages to the user’s behavior on the site, which may give the impression that the user’s personal data is being used to track them, but in practice no personal data is transferred from the Operator to advertising operators. The technological condition for such activities is enabled cookie support.

The Operator uses the Facebook pixel. This technology means that the Facebook service (Facebook Inc. based in the USA) knows that a person registered therein uses the Service. It is based in this case on data for which it is itself the administrator; the Operator does not transfer any additional personal data to the Facebook service. The service is based on the use of cookies on the user’s end device.

The Operator uses a solution that examines user behavior by creating heat maps and recording behavior on the site. This information is anonymized before being sent to the service operator so that they do not know which natural person it concerns. In particular, passwords entered and other personal data are not recorded.

The Operator uses a solution that automates the Service’s operations with respect to users, e.g., which may send an email to the user after visiting a specific subpage, provided they have consented to receiving commercial correspondence from the Operator.

Cookie Policy

Cookies are small textual information in the form of text files, sent by the server and stored on the device of the person visiting the Service (e.g., on the hard drive of a computer, laptop, or in the memory of a smartphone). Detailed information about Cookies, as well as the history of their creation, can be found, among others, here: http://pl.wikipedia.org/wiki/Ciasteczko. The Service uses the following types of cookies:

• “session” or “temporary” cookies, which are associated with a session and are stored on the user’s device until they leave the website;
• “permanent” cookies, which remain in the browser after the session ends (unless deleted by the user);
• third-party cookies, originating from advertising servers of entities cooperating with the Service.
• The Administrator may process data contained in Cookies when visitors use the wksgrybow.pl website for the following purposes:
  • remembering data from filled-in forms or surveys;
  • adjusting the content of the Service’s website to individual user preferences (e.g., regarding colors, font size, page layout) and optimizing the use of the Service;
  • conducting anonymous statistics showing the manner of using the pages of the Service.
• By default, most internet browsers available on the market accept the saving of Cookies. Everyone has the option to set the conditions for using Cookies through their own internet browser settings. This means that you can, for example, partially restrict (e.g., temporarily) or completely disable the possibility of saving Cookies – in the latter case, however, this may affect the limitation of some functionalities of the Service.
• Internet browser settings regarding Cookies are important from the point of view of consent to the use of Cookies by the Service – according to regulations, such consent may also be expressed through internet browser settings. If such consent is not expressed, internet browser settings regarding Cookies should be changed accordingly.
• Detailed information on changing Cookie settings and removing them on your own in the most popular internet browsers is available in the internet browser’s help section and on the following pages (just click on the link):
  • in Chrome browser
  • in Firefox browser
  • in Internet Explorer browser
  • in Opera browser
  • in Safari browser
  • in Microsoft Edge browser
• The Administrator also processes anonymized operational data related to the use of the Service (IP address, domain) to generate statistics useful in administering the Service. This data is collective and anonymous, i.e., it does not contain features identifying persons visiting the Service website. This data is not disclosed to third parties.

Final Provisions

No identification data or personal data is collected on behalf of a third party.

Data is made available to external entities only within legally permitted limits.

Data enabling identification of a natural person is made available exclusively with the consent of that person.

Changes to this privacy policy will be introduced by making changes to its content and posting the updated content on this website.