1. General information
- This policy applies to the website at the url: https://www.resider.pl
- The operator of the service and the Personal Data Administrator is: RESIDER Sp z o. o. with headquarters at: ul. Zwycięzców 40/80, 03-938 Warsaw
- The operator's email contact: [email protected]
- The Operator is the Administrator of your personal data in relation to data provided voluntarily on the Website.
- The Service uses personal data for the following purposes:
- Running a newsletter
- Handling inquiries through a form
- Execution of ordered services
- Presentation of offers or information
- The Service performs the function of collecting user information and their behavior in the following way:
- By voluntarily entering data in forms, which are then entered into the Operator's systems.
- By storing cookie files (so-called "cookies") on end devices.
2. Selected data protection methods used by the Operator
- Places of logging in and entering personal data are protected in the transmission layer (SSL certificate). Thanks to this, personal data and login data entered on the page are encrypted on the user's computer and can only be read on the target server.
- Personal data stored in the database are encrypted in such a way that only the Operator possessing the key can read them. This way, data is protected in case of a database breach from the server.
- User passwords are stored in a hashed form. The hashing function works in a one-way direction - it is not possible to reverse its operation, which is currently a modern standard in the field of storing user passwords.
- The Operator periodically changes its administrative passwords.
- An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.
3. Hosting
- The Service is hosted (technically maintained) on servers of the operators:
- Cloudflare (https://www.cloudflare.com)
- AWS (https://aws.amazon.com)
- Auth0 (https://auth0.com)
4. Your rights and additional information on how data is used
- In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This concerns such groups of recipients:
- payment operators
- online chat solution operators
- authorized employees and associates who use the data to achieve the purpose of the site's operation
- companies providing marketing services on behalf of the Administrator
- Your personal data processed by the Administrator will not be processed longer than necessary to carry out activities related to them specified by separate regulations (e.g. accounting regulations). In the case of marketing data, the data will not be processed for more than 3 years.
- You have the right to request from the Administrator:
- access to your personal data,
- their rectification,
- deletion,
- limitation of processing,
- and data transfer.
- You have the right to object to the processing referred to in point 3.3 c) regarding the processing of personal data for the purposes of legitimate interests pursued by the Administrator, including profiling, with the right to object not being able to be executed if there are valid legitimate grounds for processing, superior to your interests, rights and freedoms, in particular to establish, investigate or defend against claims.
- You have the right to lodge a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.
- Providing personal data is voluntary, but necessary to use the Service.
- Actions may be taken against you involving automated decision-making, including profiling in order to provide services under a concluded contract and for the purpose of direct marketing conducted by the Administrator.
- Personal data is not transferred to third countries within the meaning of personal data protection regulations. This means that we do not transfer them outside the European Union.
5. Information in forms
- The Service collects information voluntarily provided by the user, including personal data, if provided.
- The Service may store information about connection parameters (time stamp, IP address).
- In some cases, the Service may store information facilitating the connection of data in the form with the email address of the user filling out the form. In this case, the user's email address appears within the URL of the page containing the form.
- The data provided in the form is processed for the purpose resulting from the specific function of the form, e.g. to carry out the process of handling a service request or commercial contact, registration of services, etc. Each time the context and description of the form clearly informs what it is used for.
6. Administrator's logs
- Information about user behavior on the website may be subject to logging. This data is used to administer the service.
7. Important marketing techniques
- The Operator uses statistical analysis of traffic on the website through Google Analytics (Google Inc. with headquarters in the USA). The Operator does not transfer any personal data to the service operator, only anonymized information. The service is based on the use of cookies on the end device. Concerning information about user preferences collected by the Google advertising network, the user can view and edit the information derived from cookies using the tool: https://www.google.com/ads/preferences/
- The Operator uses remarketing techniques, which allow to match advertising messages to the user's behavior on the site, which can create the impression that the user's personal data is used for tracking, however, in practice, no personal data is transferred from the Operator to advertising operators. A technological condition for such activities is the enabled support for cookies.
- The Operator uses the Facebook pixel. This technology causes the Facebook service (Facebook Inc. with headquarters in the USA) to know that a particular person registered there uses the Service. In this case, it is based on data for which it is the administrator itself, the Operator does not transfer any additional personal data to the Facebook service. The service is based on the use of cookies on the user's end device.
- The Operator uses a solution that examines user behavior by creating heat maps and recording their behavior on the site. This information is anonymized before it is sent to the service operator so that they do not know which physical person it concerns. In particular, passwords and other personal data are not subject to recording.
- The Operator uses a solution to automate the operation of the Service concerning users, e.g. it can send an email to the user after visiting a specific subpage, provided that he has agreed to receive commercial correspondence from the Operator.
8. Information about cookies
- The Service uses cookies.
- Cookies are computer data, in particular text files, that are stored on the end device of the Service User and are intended for use on the Service's websites. Cookies usually include the name of the website from which they come, the time of storing them on the end device, and a unique number.
- The entity placing cookies on the end device of the Service User and obtaining access to them is the Operator of the Service.
- Cookies are used for the following purposes:
- maintaining the user session of the Service (after logging in) so that the user does not have to re-enter the login and password on every page of the Service;
- achieving the goals specified in the above part "Important marketing techniques";
- Two basic types of cookies are used within the Service: "session" (session cookies) and "permanent" (persistent cookies). "Session" cookies are temporary files that are stored on the Service User's end device until logging out, leaving the website, or closing the software (web browser). "Permanent" cookies are stored on the Service User's end device for the time specified in the cookie parameters or until they are deleted by the User.
- Software for browsing websites (web browser) usually allows storing cookies on the user's end device by default. Service users can change the settings in this area. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this topic is provided in the help or documentation of the web browser.
- Restrictions on the use of cookies may affect some functionalities available on the Service's websites.
- Cookies placed on the end device of the Service User may also be used by entities cooperating with the Service Operator, in particular it applies to: Google (Google Inc. with headquarters in the USA), Facebook (Facebook Inc. with headquarters in the USA), Twitter (Twitter Inc. with headquarters in the USA).
9. Managing cookies - how to express and withdraw consent in practice?
- If the user does not want to receive cookies, they can change the browser settings. Please note that disabling cookies necessary for the authentication, security, maintaining user preferences process may complicate the use of websites, and in extreme cases may prevent the use of www sites
- To manage cookie settings, select the web browser you are using from the list below and follow the instructions: