Privacy policy

DEAR USER!

Out of concern for your privacy and sense of security, we have prepared this Privacy Policy, in which we set out our rules regarding the processing of personal data and the use of cookies and other technologies in connection with the use of our website. The information in this Privacy Policy has been drawn up in accordance with the guidelines of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the legal provisions governing the provision of electronic services.

1. DEFINITIONS.

1.1. Controller: Joanna Mucha, trading as Firma Produkcyjna J&J Joanna Mucha, Tax Identification Number (NIP): 9181026946, National Business Registry Number (REGON): 060389474, ul. Łąkowa 13, 23-400 Biłgoraj, tel.: 508 019 900, e-mail: info@jjspanie.pl

1.2.Website: the website operating at the address: www.jjspanie.pl

1.3. User: any internet user visiting the Website.

2. PERSONAL DATA.

2.1. Who is the controller of Users’ personal data?

a. The controller of the User’s personal data is the Controller.

2.2. How can I contact the Controller?

a. By email at: info@jjspanie.pl

2.3. How do we collect data about Users and their behaviour?

a. By storing cookies on end-user devices.

b. By storing logs at the web server level.

2.4. For what purposes and on what basis do we use the data?

a. For statistical purposes, i.e. to compile statistics that help us understand how Users use the Website. The legal basis for data processing is the necessity of processing to pursue the controller’s legitimate interest – improving the structure and content of the Website.

b. For marketing purposes, i.e. to display tailored content to the User on advertising networks, in particular the Google network. The legal basis for data processing is the necessity of processing to pursue the controller’s legitimate interest – presenting information about the Controller’s services, including the ability to present offers tailored to Users’ needs and interests, and increasing sales of the Controller’s services.

c. For technical purposes – data recorded in server logs. The legal basis for data processing is the necessity of processing to pursue the controller’s legitimate interest – ensuring the proper functioning of the Website.

2.5. For how long do we process personal data?

a. With regard to cookies, until they expire or until the User deletes them from their browser.

b. In the case of server logs, for 60 days.

2.6. What rights does the User have?

a. Right of access to personal data: The User has the right to request access to their personal data processed by the Controller.

b. Right to rectification: The User has the right to request that the Controller immediately rectify, supplement or update their personal data.

c. Right to erasure (“right to be forgotten”): The User has the right – provided the circumstances prescribed by law apply – to request that the Controller erase personal data concerning them. Depending on the situation: the Controller shall delete the data without undue delay or refuse to do so if there are legal grounds for further processing of the User’s data and these override the User’s interests.

d. Right to restriction of processing: The User has the right to restrict the processing of their data. Processing may be restricted to the fulfilment of specific purposes only.

e. Right to data portability: The User has the right to receive their personal data in a commonly used, machine-readable format and has the right to transmit this data to another entity.

f. Right to object: The User has the right to object to the processing of their personal data based on the Controller’s legitimate interests. In such a case, the Controller must cease processing the User’s personal data, unless it demonstrates compelling legitimate grounds for the processing which override the User’s interests, rights and freedoms, or grounds for the establishment, exercise or defence of legal claims.

g. Right to withdraw consent: A User whose data is processed by the Controller on the basis of consent given has the right to withdraw that consent at any time, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal.

h. Right to lodge a complaint with a supervisory authority: A User whose data is processed by the Controller has the right to lodge a complaint with a supervisory authority. In Poland, within the meaning of the GDPR, the supervisory authority is the President of the Office for Personal Data Protection.

2.7. Profiling.

a. The Controller hereby informs that it does not carry out profiling of Users on the Website on the basis of which decisions could be made that produce legal effects on Users or affect them in a similarly significant manner.

2.8. The Controller’s Partners.

a. The Controller informs that, in connection with the Website, it uses the services of entities supporting its operations, which include:

  • Hosting provider.

  • Providers of online tools used for marketing or analytical purposes, in particular Google.

2.9. Disclosure of data.

a. Data will not be disclosed to third parties, except where the Controller may be required to provide information collected by the Website to authorised authorities on the basis of lawful requests, to the extent specified in the request.

2.10. Confidentiality and security.

a. The Controller ensures the confidentiality and security of the personal data provided to it:

  • It collects personal data with due care and protects it from unauthorised access.

  • It implements appropriate technical and organisational measures to ensure the proper protection of personal data.

  • The Controller takes all necessary steps to ensure that entities supporting its operations also guarantee the use of appropriate security measures when processing data on the Controller’s behalf.

3. COOKIE POLICY.

3.1. What are cookies?

a. Cookies are IT data, in particular small text files, which are stored on the User’s end device (e.g. computer, tablet, smartphone).

b. Cookies usually contain the name of the website they come from, the duration of their storage on the end device, and a unique number.

3.2. Access to cookies.

a. Cookies may be read by the Administrator’s Website (first-party cookies) or third-party websites.

b. Some cookies used by the Website are deleted at the end of the web browser session, i.e. when the browser is closed (session cookies); other cookies are stored on the User’s device and enable the User’s browser to be recognised the next time they visit the Website (persistent cookies).

3.3. For what purposes do we access the information contained in cookies?

a. Analytical and statistical purposes, i.e. to compile statistics showing how Users interact with the Website, which in turn enables the Controller to improve the structure and content of the Website.

b. Remarketing purposes, i.e. to display tailored content to the User on advertising networks, in particular the Google network.

3.4. How can you manage cookies?

a. Upon first visiting the Website, a widget automatically appears, allowing you to manage your cookie settings.

b. By configuring the settings, the User decides for themselves whether and to what extent the Website may store cookies in the User’s local browser.

c. The User selects their settings by clicking one of the buttons on the widget:

  • Accept all (cookies: analytical, marketing, functional, unclassified).

  • Reject all. 

  • Show details.

3.5. Consequences of failing to select settings.

a. Failure to select settings will result in the inability to view the Website’s content.

b. Restricting the use of or disabling cookies may affect certain features available on the Website.

3.6. Configuring settings.

a. Detailed information on the cookies used by the Controller (name, provider, storage period and description) is available in the aforementioned “Show details” section.

b. Types of cookies used by the Administrator:

  • Analytical (performance) cookies: collect information on how Users use the website. Thanks to these, the Controller receives, among other things, information such as: subpages viewed, time spent on the Website, the type of devices and browsers from which Users visit the site, IP address, domain name, and geographical and demographic data (age, gender, interests). This data is aggregated and anonymous, i.e. it does not contain any features that identify visitors to the Website. Users can block Google Analytics tools by installing a browser add-on provided by Google at: https://tools.google.com/dlpage/gaoptout?hl=p

  • Marketing cookies: these are used to identify Users across different websites, e.g. content partners and advertising networks. Marketing cookies may be used by companies to create profiles of Users’ interests or to display relevant advertisements on other websites. For example, they may be used by advertising networks (in particular the Google network) to display advertisements tailored to the way in which the User uses the Website. To this end, they may, amongst other things, store information about the User’s navigation path or the time spent on a given page. More information on how Google uses information made available on websites (including this Website) can be found at: https://policies.google.com/technologies/partner-sites

  • Functional cookies: used to save the settings of Users visiting the website, e.g. language, time zone, content layout.

  • Unclassified cookies: these are cookies that do not belong to any other category or are in the process of being classified. These include session cookies – cookies necessary for browsing the Website’s content, which are deleted once the web browser session ends, i.e. when the browser is closed.

4. SERVER LOGS.

4.1. Server logs.

a. Regardless of cookies, the Website automatically saves information transmitted by web browsers – known as server logs – on its server each time a User visits.

b. Scope of information in server logs:

  • The User’s IP address.

  • Information about the web browser and operating system used by the User.

  • The URL of the webpage previously visited by the User – where access to the Website was via a link.

  • Amount of data transferred.

  • Date and time of access.

c. Characteristics of the information in server logs:

  • Aggregate and anonymous in nature, i.e. not associated with specific individuals browsing the Website’s resources and not used to identify Users.

  • Recorded and stored on the server.

  • Used solely for the purpose of server management, i.e. diagnosing any issues related to server operation and generating statistics useful for the effective administration of the Website.

5. FINAL PROVISIONS.

5.1. Links to other websites.

a. The Website may contain links to other websites.

b. The Administrator hereby states that it is not responsible for the privacy policies of these websites and recommends that, upon visiting other websites, you familiarise yourself with their applicable privacy policies.

5.2. Changes and comments regarding the privacy policy:

a. The Administrator reserves the right to amend this privacy policy. Amendments may be justified, for example, by the development of the Website’s functionality, technological progress or changes to relevant legislation.

b. If you have any questions or comments regarding the Administrator’s Privacy Policy, please send them to the following email address: info@jjspanie.pl