Privacy

The following Privacy Policy sets out the rules for saving and accessing data on the Devices of Users using the Website for the purposes of providing electronic services by the Administrator and the rules for collecting and processing Users' personal data,which were provided by them personally and voluntarily through the tools available on the Website.

The following Privacy Policy is an integral part of the Website Regulations, which define the principles, rights and obligations of Users using the Website.

§1 Definitions

• Website – "inter-suw.pl" website operating at https://inter-suw.pl
• External website – websites of partners, service providers or service recipients cooperating with the Administrator
• Website / Data Administrator – The Administrator of the Website and the Data Administrator (hereinafter the Administrator) is the company "INTER-SUW Marcin Wloka", conducting business at the following address: os. Górali 22/7 31-961 Kraków, with a tax identification number (NIP): 9691416451, providing electronic services via the Website
• User – a natural person for whom the Administrator provides services electronically via the Website.
• Device – an electronic device with software through which the User gains access to the Website
• Cookies – text data collected in the form of files placed on the User's Device
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
• Personal data – means information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person
• Processing – means an operation or set of operations performed on personal data or on sets of personal data, having or without automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
• Restriction of processing – means the marking of stored personal data in order to limit their future processing
• Profiling – means any form of automated processing of personal data, which consists in the use of personal data to evaluate certain personal factors of a natural person, in particular to analyze or forecast aspects regarding the performance of the work of that natural person, his economic situation, health, personal preferences, interests, reliability, behavior, location or movement
• Consent – consent of the data subject means the freely given, specific, informed and unambiguous indication of the data subject's will, by which he or she, in the form of a statement or a clear affirmative action, consents to the processing of personal data concerning him or her
• Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed
• Pseudonymisation – means the processing of personal data in such a way that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and is subject to technical and organizational measures that prevent its attribution to an identified or identifiable natural person
• Anonymization – Data anonymization is an irreversible process of data operations that destroys/overwrites "personal data" by making it impossible to identify or associate a given record with a specific user or individual.

§2 Data Protection Officer

Pursuant to Article 4(2) of Regulation (EC) 37 GDPR, the Administrator has not appointed a Data Protection Officer.

In matters related to the processing of data, including personal data, please contact the Administrator directly.

§3 Types of Cookies

• Internal cookies – files placed and read from the User's Device by the Website's ICT system
• External cookies – files placed and read from the User's Device by ICT systems of External Services. Scripts of external services that may place cookies on the User's Devices have been knowingly placed on the Website through scripts and services made available and installed on the Website
• Session cookies – files placed and read from the User's Device by the Website during one session of a given Device. When the session ends, the files are deleted from your device.
• Persistent cookies – files placed and read from the User's Device by the Website until they are manually deleted. Files are not deleted automatically when the device session ends unless the user's device configuration is set to delete cookies mode after the device session ends.

§4 Data storage security

• Mechanisms for storing and reading Cookies – Mechanisms for storing, reading and exchanging data between Cookies saved on the User's Device and the Website are implemented through built-in mechanisms of web browsers and do not allow to download other data from the User's Device or data of other websites that the User has visited, including personal data or confidential information. It is also virtually impossible to transfer viruses, Trojan horses, and other worms to your Device.
• Internal cookies – cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content or information that may threaten the security of personal data or the security of the Device used by the User.
• External cookies – the Administrator makes all possible actions to verify and select website partners in the context of Users' security. The administrator for cooperation selects well-known, large partners with global social trust. However, it does not have full control over the content of cookies from third-party partners. For the security of cookies, their content and licensed use by scripts installed on the website, originating from external Services, the Administrator is not responsible as far as the law allows. The list of partners can be found later in the Privacy Policy.
• Cookie Control
  • You can change the settings for saving, deleting and accessing the data of stored cookies by any website at any time
  • Information on how to disable cookies in the most popular computer browsers is available on the website: how to disable cookies or at one of the indicated providers:
    • Managing cookies in Chrome
    • Managing cookies in Opera
    • Managing cookies in FireFox
    • Managing cookies in the Edge browser
    • Managing cookies in Safari
    • Managing cookies in Internet Explorer 11
  • The User may at any time delete any cookies stored so far using the tools of the User's Device through which the User uses the Services of the Service.
• Threats on the part of the User – the Administrator uses all possible technical measures to ensure the security of data placed in Cookies. Please note, however, that ensuring the security of this data depends on both parties including your activities. The Administrator shall not be liable for the interception of this data, impersonation or deletion of the User's session, as a result of the user's conscious or unconscious activity, viruses, Trojan horses and other spyware, which may be or has been infected with the User's Device. Users should adhere to policies that increase their cybersecurityin order to protect themselves against these threats.
• Storage of personal data – the Administrator ensures that he makes every effort to ensure that the processed personal data entered voluntarily by the Users are safe, access to them is limited and carried out in accordance with their purpose and the purposes of processing. The administrator shall also ensure that he makes every effort to protect his/her data against loss by applying appropriate physical and organisational safeguards.

§5 Purposes for which cookies are used

• Improving and facilitating access to the Service
• Personalization of the Service for Users
• Enable Sign-in
• Marketing, Remarketing on third-party services
• Keeping statistics (users, number of visits, device types, link, etc.)
• Serving multimedia services
• Provision of social services

§6 Purposes of the processing of personal data

Personal data voluntarily provided by Users are processed for one of the following purposes:

• Implementation of electronic services:
  • Services for registration and maintenance of the User's account on the Website and functionalities related to it
  • Services for sharing information about content placed on the Website on social networks or other websites.
• Communication of the Administrator with Users in matters related to the Service and data protection
• Ensuring the legitimate interest of the Administrator

User data collected anonymously and automatically is processed for one of the following purposes:

• Keeping statistics
• Remarketing
• Ensuring the legitimate interest of the Administrator

§7 External Service Cookies

The Administrator on the Website uses javascript and web components of partners who can place their own cookies on the User's Device. Please note that in your browser settings you can decide for yourself what cookies can be used by individual websites. Below is a list of partners or their services implemented on the Website, which may place cookies:

• Social/Combined Services:
  (Registration, Login, content sharing, communication, etc.)
  • Facebook
  • Google+
• Keeping statistics:
  • Google Analytics
• Other services:
  • Google Maps

Services provided by third parties are beyond the control of the Administrator. These entities may change their terms of service, privacy policy, purpose of data processing and the use of cookies at any time.

§8 Types of data collected

The Service collects data about Users. Some data is collected automatically and anonymously, and some of the data is personal data provided voluntarily by Users when signing up for individual services offered by the Service.

Anonymous data collected automatically:

• IP address
• Browser type
• Screen resolution
• Approximate location
• Site pages to open
• Time spent on the appropriate subpage of the site
• Operating system type
• Address of the previous subpage
• Address of the referrer
• Browser language
• Internet speed
• Internet service provider

Data collected during registration:

• Name / Nickname
• Email address
• Address
• Phone number
• IP address (collected automatically)
• VAT number
• KRS number
• REGON number

Data collected when you sign up for the Newsletter service

• Email address

Some data (without identifying data) may be stored in cookies. Some data (without identifying data) can be transferred to the statistical service provider.

§9 Access to personal data by third parties

As a general rule, the only recipient of personal data provided by Users is the Administrator. The data collected as part of the services provided are not transferred or resold to third parties.

Access to data (usually under the Data Processing Agreement) may be held by entities responsible for maintaining the infrastructure and services necessary for the operation of the service, i.e.:

• Hosting companies providing hosting services or related services to the Administrator

Entrusting the processing of personal data – Hosting Services, VPS or Dedicated Servers

In order to run the website, the Administrator uses the services of an external hosting provider, VPS or Dedicated Servers – AttHost Sp. z o.o.