Privacy Policy


The following Privacy Policy specifies the principles of storing and accessing data on the Devices of the Users using the Service for the purpose of provision of electronic services by the Administrator as well as the principles of collecting and processing of the Users’ personal data that were provided by them personally and voluntarily through the tools available in the Service.

The following Privacy Policy is an integral part of the Terms of Service, which sets out the rules, rights and obligations of Users using the Service. 

§1 ·Definitions


Service – the Internet service “<service name>” operating at the address www.kdebski.eu

External service – websites of partners, service providers or customers cooperating with the Administrator

Administrator of the Service / Data – the Administrator of the Service and the Administrator of the Data (hereinafter referred to as the Administrator) is the company “SIMI Krzesimir Dębski”, running its business under the address: Pilawa, 9 Karłowatej Sosny Street, 05-532 Baniocha, (NIP): 8511209396, e-mail address: info@kdebski.eu

User – natural person for whom the Administrator provides services through the Service.

Device – an electronic device with software through which the User accesses the Website

Cookies – text data collected in the form of files placed on the User’s Device 

RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

Personal data – means information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.

Processing – means an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Restriction of processing – means the marking of stored personal data in order to restrict their future processing

Profiling – means any form of automated processing of personal data which involves the use of personal data to evaluate certain personal factors relating to an individual, in particular to analyse or predict aspects relating to that individual’s work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movement 

Consent – consent of the data subject means a freely given, specific, informed and unambiguous indication of the data subject’s wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed

Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or unauthorized access to personal data transmitted, stored or otherwise processed 

Pseudonymisation – means the processing of personal data in such a way that they can no longer be attributed to a specific data subject, without using additional information, provided that such additional information is stored separately and is covered by technical and organisational measures which make it impossible to attribute it to an identified or identifiable natural person

Anonymization – Data anonymization is an irreversible process of data operations that destroys / overwrites “personal data” making it impossible to identify, or link, a record to a specific user or individual. 

§2 Types of Cookies

Internal cookies – files placed and read from the User’s Device by the Service’s teleinformatic system

External cookies – files placed and read from User’s Device by IT systems of external Services. The scripts of external Services that may place Cookies on the User’s Device have been deliberately placed on the Website through scripts and services made available and installed on the Website

Session cookies – files placed and read from the User Device by the Website during one session of a given Device. When the session ends, the files are deleted from the User’s Device.

Persistent cookies – files placed and read from the User’s Device by the Website until they are manually deleted. Cookies are not deleted automatically when a Device session ends unless the configuration of the User’s Device is set to delete cookies when the Device session ends. 

§3 Data storage security

Mechanisms of storing and reading of Cookies – Mechanisms of storing, reading and data exchange between Cookies stored on the User’s Device and the Website are implemented through built-in mechanisms of Internet browsers and do not allow to collect other data from the User’s Device or data of other websites visited by the User, including personal data or confidential information. It is also practically impossible to transfer viruses, Trojan horses and other worms to your Device.

Internal cookies – cookies used by the Administrator are safe for the User’s Device and do not contain scripts, content or information that may be a threat to the security of personal data or the security of the Device used by the User. 

External cookies – The Administrator makes all possible efforts to verify and select service partners in the context of User safety. The administrator selects well-known, large partners with global public trust for cooperation. However, it does not have full control over the content of cookies from external partners. To the extent permitted by law, the Administrator shall not be held liable for the security of the Cookie files, their content and their use by the Scripts installed in the service that come from external Websites in accordance with the license. A list of partners is provided later in this Privacy Policy.

Cookie control

The user can, at any time, independently change the settings for the storage, deletion and access to data stored cookies by each website 

Information on how to disable cookies in the most popular computer browsers is available at: how to disable cookies or from one of the designated providers:

Managing cookies in the FireFox browser
Managing cookies in Chrome browser
Managing cookies in the Opera browser
Managing cookies in your Edge browser
Managing cookies in the Safari browser

The User may, at any time, delete any Cookie files stored to date using the tools of the User Device through which the User accesses the services of the Website. 

Threats on the side of the User – The Administrator uses all possible technical measures to ensure the security of the data placed in cookies. It should be noted, however, that the security of this data depends on both parties including the User’s activity. The Administrator shall not be held liable for any interception of such data, for any impersonation of a User’s session or for any deletion of such data as a result of the User’s conscious or unconscious activity, or for any viruses, Trojan horses or other spyware that may infect or have infected the User’s device. In order to protect themselves from these threats, users should follow network usage guidelines. 

Storage of personal data – The Administrator ensures that he makes every effort to ensure that processed personal data entered voluntarily by Users are secure, access to them is limited and carried out in accordance with their purpose and objectives of processing. The Administrator also ensures that he makes every effort to protect the data he holds against loss through the use of appropriate physical and organizational security measures.

§4 Purposes of using cookies


Improving and facilitating access to the Service
Personalization of the Service for Users
Enabling the login to the service
Marketing
Keeping statistics (users, number of visits, types of devices, link, etc. )
Serving multimedia services
Provision of community services 

§5 Purposes of personal data processing

Personal data voluntarily provided by Users are processed for one of the following purposes:

Implementation of electronic services:

Services of registration and maintenance of the User’s account in the Service and functionalities connected with it
Newsletter service (including sending advertising content with consent)
Commenting on / liking posts on the Website without the need to register
Services to share information about content posted on the Service with social media or other sites.
Communication of the Administrator with the Users on matters related to the Service and data protection
To ensure the legitimate interest of the Administrator 

Data about Users collected anonymously and automatically is processed for one of the following purposes:

Maintenance of statistics
To ensure the legitimate interest of the Administrator 

§6 Cookies of external services

On the Website the Administrator uses Javascript scripts and web components of partners who may place their own cookies on the User’s Device. Please note that you can decide in your browser settings what cookies are allowed for each website. Below is a list of partners or their services implemented on the Website that may place cookies:

Multimedia Services:
YouTube
Spotify 

Community / Combined Services:

(Registration, Login, content sharing, communication, etc. )

Facebook
Newsletter Services:

If there is one, enter
Ad serving services:

E. g. MyLead
Keeping statistics:

Google Analytics 

Services provided by third parties are beyond the control of the Administrator. These entities may change their terms of service, privacy policies, purpose of data processing, and uses of cookies at any time. 

§7 Types of data collected



The Service collects data about Users. Part of the data is collected automatically and anonymously, and part of the data is personal data provided voluntarily by Users when signing up for particular services offered by the Website.

Anonymous data collected automatically:

IP address
Browser type
Screen resolution
Approximate location
Openable subpages of the website
Time spent on the relevant subpage of the website
Type of operating system
Previous subpage address
Referring party address
Browser language
Internet connection speed
Internet service provider
Data collected during registration:

Name / surname / nickname
Login
E-mail address
IP address (collected automatically) 

Data collected during subscription to the Newsletter service

Name / surname / nickname
E-mail address
IP address (collected automatically)
Data collected when you post a comment

Name / nickname
E-mail address
Web address
IP address (collected automatically)
Some data (without identifying information) may be stored in cookies. Some data (without identifying information) may be transmitted to a statistical service provider. 

§8 Access to personal data by third parties


Data collected as part of the services provided are not transferred or resold to third parties.

Access to the data (most often on the basis of a Data Processing Entrustment Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary to run the service, i. e:

Hosting companies, providing hosting or related services to the Administrator

Companies, through which the Newsletter service is provided
Administrator in order to provide the Newsletter service, uses the services of a third party – service <service name>, . The data entered in the newsletter subscription form is transmitted, stored and processed in the external service of this service provider. 

§9 Method of processing personal data

Personal data entered e. g. in the newsletter service will not be transferred outside the European Union,

Personal data will not be used for automated decision-making (profiling).

Data collected automatically:

Data may be transferred outside the European Union.

Data will not be used for automated decision-making (profiling). 

The Service collects and processes User data on the basis of:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

article 6(1)(a)

the data subject has given consent to the processing of his/her personal data for one or more specified purposes

article 6(1)(f)

processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party 

§11 Period for processing personal data

Personal data provided voluntarily by Users:

As a rule, the indicated personal data are stored only for the period of providing the Service within the Service by the Administrator.

Anonymous data (no personal information) collected automatically:

Anonymous statistical data, which do not constitute personal data, are stored by the Administrator in order to keep service statistics for an indefinite period of time 

Right to request access to personal data

Users have the right to obtain access to their personal data, carried out upon request submitted to the Administrator

Right to request rectification of personal data

Users have the right to demand from the Administrator immediate rectification of personal data that are incorrect and/or to complete incomplete personal data, carried out upon request submitted to the Administrator

Right to request erasure of personal data 

In the case of the Newsletter service, the User has the possibility of deleting his/her personal data on his/her own using a link placed in each e-mail message sent.

Right to restrict processing of personal data

The Users have the right to restrict the processing of their personal data in cases indicated in Article 18 RODO, among others, by questioning the correctness of their personal data, carried out upon request submitted to the Administrator

Right to the portability of personal data

Users have the right to data portability where data processing is based on user consent, e. g. newsletter

Right to object to the processing of personal data

Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the RODO, exercised upon request submitted to the Administrator

Right to lodge a complaint 

Users have the right to lodge a complaint with the supervisory authority dealing with personal data protection. 

§13 Contact to Administrator

The Administrator can be contacted in one of the following ways

  • Postal address: „SIMI Krzesimir Dębski”, Pilawa, 9 Karłowatej Sosny Street, 05-532 Baniocha, (NIP): 8511209396
  • E-mail address: info@kdebski.eu
  • Contact form – available at: kdebski.eu/en/contact

§14 Service Requirements


Restricting the storage of and access to cookies on the User’s Device may result in the malfunction of certain functions of the Website.

The Administrator shall not be held liable for malfunctions of the Website in the event that the User restricts the storage and reading of cookies in any way.


In the Service – articles, posts, entries or comments of Users there may be links to external websites, with which the Owner of the service does not cooperate. These links and the sites or files indicated under them may be dangerous to your Device or pose a security risk to your data. The Administrator shall not be held liable for the content located outside the Website. 

§16 Changes in Privacy Policy

The Administrator reserves the right to change this Privacy Policy in any way without informing the Users about the use and application of anonymous data or the use of cookies.

The Administrator reserves the right to change this Privacy Policy in any way, of which it shall inform the Users who have user accounts or are subscribed to the newsletter service via e-mail within 7 days of the change of the provisions. Your continued use of the services means that you have read and accepted the changes to the Privacy Policy. In the event that the User does not agree with the changes introduced, they are obliged to delete their account from the Site or unsubscribe from the Newsletter service.

Any changes to the Privacy Policy will be published on this subpage of the Website.

The amendments shall enter into force upon their publication. 

Information about data processing – contact form
Personal data administrator: “SIMI Krzesimir Dębski”, with business address: Pilawa, 9 Karłowatej Sosny Street, 05-532 Baniocha, (NIP): 8511209396
Purposes of processing Legal bases
Registering correspondence and replying to it Article 6(1)(f) RODO – consists in responding to letters, ensuring the quality of cooperation with contractors and other interested parties
Execution of claims and defending against claims article 6(1)(f) RODO – processing is necessary for the purposes of the legitimate interests pursued by the controller
Correspondence will be stored for the period of the possibility of claims, i. e. up to 6 years.
Recipients of the data: server and e-email hosting, Poczta Polska in case of replying by traditional mail 

Rights:
Right to request access to data
Right to request rectification
Right to request restriction of processing
Right to request erasure
Right to object to the processing
Right to lodge a complaint to the supervisory authority Urząd Ochrony Danych Osobowych ul. Stawki 2 00-193 Warszawa
The provision of data is voluntary, but necessary in order to register correspondence. If you do not provide the data, it will not be possible to handle the matter to which the correspondence relates.
For data protection issues please contact: <email address to be filled in> 

Information on data processing for contractors
Personal data administrator: “SIMI Krzesimir Dębski”, operating at the following address: Pilawa, 9 Karlowata Pine Street, 05-532 Baniocha, (NIP): 8511209396
Purposes of processing Legal bases
Conclusion and execution of the contract | processing is necessary for pre-contractual action and the performance of the contract in accordance with Article 6, paragraph 1, point b) RODO
Submission of complaints and applications processing is necessary for the purposes of legitimate interests (Article 6(1)(f) RODO) – consisting in ensuring the quality of supply;
Maintaining accounting and tax records | Taxation fulfilment of a legal obligation to the controller – Article 6(1)(c) of the RODO
Execution of claims and defending against claims article 6(1)(f) RODO – processing is necessary for the purposes of the legitimate interests pursued by the controller
Data will be stored for a period of 6 years. 

Recipients of data: entities with whom the administrator has concluded entrustment agreements, e. g. : e-email server hosting
Rights:
Right to request access to data
Right to request rectification
Right to request data portability
Right to request restriction of processing
Right to request erasure
Right to object to the processing
Right to lodge a complaint to the supervisory authority Urząd Ochrony Danych Osobowych ul. Stawki 2 00-193 Warszawa
Provision of data is necessary to take action before concluding a contract and to conclude and perform the contract. Failure to provide the data will result in inability to conclude the contract.
For data protection issues please contact: <email address to be filled in>