The purpose of this policy is to explain how we process information about you, including personal data and Cookies.
I. General information
- This policy applies to the Website url: studio2.pl
- The service operator and personal data administrator is: STUDIO 2 Biuro Promocji A. Mateja, M. Marczyk-Muszyńska Pszczelna 3, Kraków 30-431
- Operator’s e-mail contact adress: firstname.lastname@example.org
- Operator is the Administrator of your personal data in relation to the data you voluntary provide on the Website.
- The Website holds your personal data for the following purposes:
- Managing newsletters
- Managing online chats
- Answering questions on online forms
- Executing acquired services
- Presenting offers or information
- The Website collects information about users and their behaviour in the following way:
- By voluntary provided data in the online forms, which will be entered into the Operator’s systems.
- By storing cookies on devices.
II. Selected personal data protection methods applied by the Operator
- The login and entry points for personal data are protected in the transmission layer (SSL certificate). As a result, personal and login data entered on the website are encrpted on the user’s computer and can be read only on the target server.
- Personal data stored in the database is encrypted in such a way that they can be read only by the Operator holding the key. Therefore, the data is protected in case of server hacking.
- User passwords are stored in a hash table. The hash function works in one direction – it is not possible to reverse its operation, which is a modern standard for storing user passwords.
- The Operator makes regular backups for data protection purposes.
- 5. An important element of data protection is regular updating of all software used by the Operator to process personal data, which in particular means regular updates of software components.
- 1. The Website is hosted (technically maintained) on the Operator’s servers:
IV. Your rights and additional information about how data is used
- In specific cases, if it is necessary to lift the contract established with you or to fulfill obligations incumbent on the Administrator, the Administrator has a right to transfer your personal data to other recipients. This applies to the following groups of recipients:
- the hosting company, on a trust basis
- postal operators
- online chat operators
- authorised employees and associates who use the data to fulfill the mission of the Website
- companies providing marketing services to the Administrator
- 2. Your personal data will be processed by the Administrator for no longer than it is necessary to perform the related activities specified in the separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
- 3. You have the right to request from the Administrator:
- access to your personal data,
- correction of the personal data,
- deletion of your personal data,
- processing restriction of your personal data,
- and portability of your personal data.
- You have the right to object to processing your personal data, indicated under 3.3c) to the processing of personal data for the purposes of carrying out the legitimate interests pursued by the Administrator including profiling whereby the right to object shall not be used where there are valid legitimate grounds for the processing which override our interests, rights and freedom, in particular the establishment, asserting or defending claims.
- 5. The Administrator’s actions may be contested through the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
- 6. Providing personal data is voluntary, but necessary to operate the Website.
- Activities involving automated decision-making, including profiling, may be undertaken in relation to you in order to provide services under an established agreement and for the purpose of direct marketing by the Administrator.
- 8. Personal data is not transferred to foreign countries within the restrictions of the data protection legislation. It means that we do not send them outside the European Union.
V. Information in forms
- The Website collects information voluntarily provided by the user, including personal data if provided.
- 2. The Website may save information about connection parameters (timestamps, IP addresses).
- 3. The Website, in some cases, may save information facilitating the linking of data in the form with the user’s e-mail address filling the form. In this case, the user’s e-mail address appears inside the url of the page containing the form.
- 4. The data provided in the form is processed for the purpose resulting from the function of a specific form, e. g. in order to process the service request or commercial contact, service registration, etc. Each time the context and description of the form clearly informs what is its purpose.
VI. Administrator logs
- Information about the behaviour of users on the website may be logged. This data is used to manage the Website.
VII. Important marketing techniques
- The operator uses remarketing techniques that allow the adjustment of advertising content to user behaviour on the website, which may give the illusion that the user’s personal data is used to track it. However, in practice no personal data is transferred by operators to advertising companies. This is only technologically possible thanks to enabling cookies.
VIII. Information about cookies
- Cookie files are IT data, in particular they are text files saved in end-user devices in order to facilitate the use of services available on the Website. Cookies usually contain the name of the website they come from, the time they are stored on the end-user device and their own unique number.
- The entity that places cookies on devices of our Website users and has access to them is the Website operator.
- Cookies are used for the following purposes:
- to maintain the end-user session (after logging in), thanks to which the user does not have to re-enter their login and password on every subpage of our website;
- to pursue goals described in the “Important marketing techniques” section above;
- The Website uses two basic types of cookies: “session” and “persistent” cookies. Session cookies are temporary files that are stored on the end-user device until logging out, leaving the website or turning off their browser software. Persistent cookies are stored on the end-user device for the time specified in the cookie file parameters or until they are deleted by the end user.
- Software for browsing websites (web browser) usually allows cookies to be stored on the User’s end-device by default. Website Users can change the settings in this regard. The web browser allows to delete cookies. It is also possible to automatically block cookies. Detailed information about this is available in the browser help or documentation.
- Cookies stored on end-user devices may also be used by entities cooperating with the Website operator in particular by: Google (Google Inc. with its registered office in USA), Facebook (Facebook Inc. with its registered office in USA), Twitter (Twitter Inc. with its registered office in USA).
IX. Managing cookie files – how to give and withdraw consent in practice?
If user do not want to accept cookies, he may change his browser settings accordingly. Please note that disabling cookies which are necessary for authentication processes, security or maintaining user preferences can make it difficult and sometimes prevent the use of the Website.
In order to manage your browser cookie settings, select a browser used by you and follow the instructions: