We have introduced this Privacy Policy based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) – L 119/1, as well as the Act of 16 July 2004. The Controller is obliged to protect personal data.

Basic definitions related to personal data:
a) Personal data – means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data set – means any structured set of personal data accessible according to specific criteria, regardless of whether it is centralized, decentralized, or functionally or geographically distributed.
c) Data processing – means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Consent (of the data subject) – means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her, presented in a way clearly distinguishable from other matters, in an understandable and easily accessible form, using clear and plain language.

The Controller actively applies the principle of data minimization in the processing of personal data.
The Controller always exercises due diligence to protect the data entrusted for processing – including personal data. This principle applies to IT solutions used, implemented procedures, and organizational measures.

Personal data are processed solely with the voluntary and explicit consent of the data subject. Providing any personal data for processing is done knowingly and prior to entering into any agreement or action by the Controller.

Processing of Users’ personal (identifying) data for the purpose of providing the Service is mandatory to deliver and settle the ordered services.

The Controller secures the data entrusted for processing with appropriately chosen methods, protecting them from being accessed by unauthorized persons, from unlawful processing – including processing of personal data – inconsistent with applicable Polish and EU law, and exercises due diligence to ensure that data security and control are maintained continuously. The Controller does not transfer personal data to third parties without a legal basis, e.g., to a payment system provider for the settlement of paid services.

A User who has provided the Controller with personal data has the following rights:

• the right to request access to their personal data,

• the right to rectification, erasure, or restriction of processing,

• the right to object to processing,

• the right to data portability,

• the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal,

• the right to lodge a complaint with a supervisory authority (the President of the Personal Data Protection Office),

• the right not to be subject to profiling.

The User acknowledges that information about personal data processed by the Controller will be provided on the basis of a written or electronic request.

The Controller reserves the right to contact Users by posting notices on the Service.

The Service’s IT system uses cookies (a cookie is a small text file consisting of alphanumeric characters that is placed on the target device, e.g., computer, tablet, smartphone, when the internet browser opens a website using cookies. They are used by the browser to navigate the website and to fully use its features, e.g., logging in, setting options or language versions, layout, and similar. Cookies are used by the browser to operate a given website and are never used for unauthorized collection of information or data) for the following purposes:

• As part of Google Analytics and Search Console, i.e., analysis of website traffic provided by Google LLC. Google Analytics Privacy Policy: https://policies.google.com/privacy?hl=en.
  Google Analytics uses cookies to analyze traffic sources and how visitors use the website. Google collects data from cookies placed on devices and uses this information to create reports and provide other services related to internet traffic and usage. Google may also transfer this information to third parties if required to do so by law or where such third parties process the information on Google’s behalf. These data are never combined with personal data and serve solely as material for statistical analysis and system error correction mechanisms.

If the User does not agree to cookies being placed on their device, they may block this by configuring their web browser accordingly. Instructions can be found in the help files of the User’s browser. Unfortunately, if cookies are blocked, the Controller cannot guarantee the proper functioning of the Service. If the User agrees to cookies being placed on their device by Google but wishes to delete them after visiting the website, they can do so safely by following the instructions in their browser’s help files.

Saving cookies can be disabled by adjusting the browser settings. Cookies can also be deleted using the relevant option in the browser.

The Service’s IT system does not use cookies to track User activity.

The Service contains links allowing Users to visit other websites, e.g., the Facebook social network, operated by Facebook Inc. If such a link is used to leave the Service, the User must acknowledge that the Owner has no control over the content of external websites. Therefore, the Owner cannot and is not responsible for the protection of privacy and personal data when visiting external sites. These sites have their own privacy policies, which the User should review, e.g., Facebook: https://pl-pl.facebook.com/about/privacy/

The Controller reserves the right to modify the provisions regarding privacy protection at any time and to any extent, provided that such changes will never apply retroactively. If changes are introduced, they will be announced on the Service, so that Users can review and respond to them at least fourteen days before they take effect.

If a data subject notices that any data are inaccurate or incomplete, this should be reported electronically; if the inaccuracy is confirmed, it will be corrected immediately.

We use technologies such as cookies and local storage to collect and process personal data and operational data for the purpose of remembering and analyzing visits. Standard browser settings allow them to be stored on the User’s end device. Continuing to browse without changing the settings is considered consent to the use of cookies and similar technologies.

Direct electronic contact with the Controller: info@wasylowadvies.nl