Privacy policy

In accordance with the requirements of (EU) REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, hereinafter referred to as the “Regulation”, and superseding Directive 95/46 / EC (General Regulation on data protection), we would like to inform you that:

  1. Personal data administrator

The administrator of personal data hereinafter referred to as “Administrator” is the company Exence S.A. with its headquarters in ul. Szwedzka 5, Bielany Wrocławskie, 55-040 Kobierzyce. Registration data:

KRS (National Court Register) 0000413027

NIP (Tax Identification Number): 899-273-40-56

REGON (National Business Registry Number): 021834967

Share capital: PLN 208,400.00 – fully paid up.

The personal data administrator is responsible for the use of personal data in a secure manner, consistent with the purposes for which they were collected and in accordance with applicable law.

  1. Contact with the Administrator

Tel: +48 71 782 06 00

Email: office@exence.com

Correspondence address: ul. Szwedzka 5, Bielany Wrocławskie, 50-040 Kobierzyce.

Contact details of the Data Protection Officer

Dawid Maciejewski

Tel: +48 501 583 913

– General provisions

We use the obtained personal data only for specific, legitimate purposes for which this data was collected. The scope of personal data, the purpose of their processing, the legal basis for such processing, the processing period and categories of data recipients result from the legal requirements incumbent on the Administrator and from the nature and scope of activities undertaken by the data subject.

  1. The purpose of data processing by the Administrator, the legal basis for processing and the period for which personal data will be stored:

Purpose of data processing: Taking action at the request of the data subject before agreeing the contract (e.g. preparation of an offer).

  • Legal basis for processing: Article 6 para. 1 point b) Regulations (“performance of the contract”).
  • Retention period: The data is stored for the period necessary to perform, terminate or expiry of the contract and for the period after which any claims expire.

Purpose of data processing: Conducting direct marketing (directing messages to carefully selected, individual clients, in individual contact, in order to obtain a direct response (reply)).

  • Legal basis for processing: Article 6 para. 1 point f) Regulations (“legitimate interests of the Administrator”).
  • Retention period: The data is stored for the duration of the legitimate interest pursued by the Administrator and for the period after which any claims expire. In the event of an legitimate objection regarding the use of his/her personal data by the data subject, the Administrator will no longer process this data for direct marketing.

Purpose of processing: Electronic transmission of information regarding advertising content regarding Exence S.A.

  • Legal basis for processing: Article 6 para. 1point a) Regulations (“consent of the data subject”)
  • Retention period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for marketing purposes. Consent may be withdrawn at any time by contacting the office at office@exence.com

Purpose of processing: Electronic transmission of information about Exence S.A. events

  • Legal basis for processing: Article 6 para. 1point a) Regulations (“consent of the data subject”)
  • Retention period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for marketing purposes. Consent may be withdrawn at any time by contacting the office at office@exence.com

Purpose of processing: Electronic transmission of information about new expert publications of Exence S.A.

  • Legal basis for processing: Article 6 para. 1 point a) Regulations (“consent of the data subject”)
  • Storage period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for marketing purposes. Consent may be withdrawn at any time by contacting the office at office@exence.com

Purpose of data processing: Electronic sending of expert publications by Exence S.A.

  • Legal basis for processing: Article 6 para. 1 point a) Regulations (“consent of the data subject”)
  • Retention period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for marketing purposes. Consent may be withdrawn at any time by contacting the office at office@exence.com

Purpose of data processing: Sending the Exence S.A. newsletter

  • Legal basis for processing: Article 6 para. 1 point a) Regulations (“consent of the data subject”).
  • Retention period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for marketing purposes. Consent may be withdrawn at any time by contacting the office at office@exence.com

Purpose of data processing: Expressing opinions by the Customer

  • Legal basis for processing: Article 6 para. 1 point a) Regulations (“consent of the data subject”)
  • Retention period: The data is stored until the data subject withdraws his/her consent for further processing of his/her data for this purpose.

 

  1. Data recipients

In order to perform the contract and to ensure the proper functioning of the Administrator’s websites, the services of external entities cooperating with him are used (for example: post office, couriers, entities handling payments). Personal data is transferred to external entities only if and to the extent that it is necessary to achieve the purpose of processing. Personal data provided may be used by external entities only to carry out the task ordered by the Administrator.

Personal data may be transferred to the following recipients cooperating with the Administrator:

  • entities conducting postal, courier and similar activities (e.g. courier brokers) – to the extent necessary to complete the delivery and correspondence,
  • entities providing technical support services provided to the Administrator and IT solution providers enabling the Administrator to operate (for example, a software provider, email provider and hosting) – the Administrator provides personal data to a trusted supplier acting on his behalf only in the case and to the extent necessary to achieve the specific purpose of processing,
  • solution providers for expressing / publishing customer opinions – to the extent necessary to express an opinion.

 

  1. Transfer of data outside the European Economic Area

Personal data may be transferred outside the European Economic Area (including the European Union, Iceland, Liechtenstein and Norway) to Google LLC based on appropriate legal safeguards, which are standard contractual clauses for the protection of personal data approved by the European Commission. See also section 8 Web analysis.

  1. Rights of the person whose data is processed by the Administrator

The processing of personal data does not require consent if, among others: the processing is necessary to perform the contract or take actions before the conclusion of the contract, results from the legal obligation incumbent on the Administrator, or is necessary for the implementation of the legitimate interest of the Administrator. If consent is necessary to be able to process personal data for a specific purpose (e.g. consent to the use of cookies), the Administrator asks for such consent. The consent given may be withdrawn at any time.

In the event of withdrawal of consent, the data will no longer be processed in the way that the prior consent allowed, but withdrawal of consent will not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.

Under the rules set out in the Regulation, the data subject also has the right to request access to personal data concerning him/her from the Administrator to rectify it, delete it (“being forgotten”) or limit its processing, the right to object to processing, as well as the right to transfer data.

If personal data is processed for the purposes of direct marketing, you can object to the processing of this data for the purposes of marketing, including profiling, at any time, to the part of this processing which is related to direct marketing.

In order to exercise the above rights, you must submit requests to the Administrator by e-mail, letter or by submitting an application in person at the Administrator’s headquarters, whose contact details are provided above. To ensure that the person submitting the request is entitled to submit it, the Administrator may ask for additional information confirming the applicant’s identity.

The provisions of the Regulation show to what extent each of these rights can be exercised. This will depend in particular on the legal basis and the purpose of processing personal data by the Administrator. The above rights may be exercised free of charge no more than once every 6 months. Pursuant to Article 12 of the Regulation, if the requests of the data subject are manifestly unjustified or excessive, in particular due to its continuous nature, the administrator may charge a fee.

The data subject has the right to lodge a complaint with the supervisory authority, i.e. to the President of the Office for Personal Data Protection.

  1. Use of data for advertising purposes

7.1 Newsletter

The newsletter and other marketing messages are sent only to those Users who have given their consent and provided their e-mail address. At any time, consent to receive the newsletter can be withdrawn by clicking on the unsubscribe link provided in each newsletter or by contacting the Administrator at the address given above.

7.2 Cookies

The Administrator’s websites use cookies, i.e. text files saved on the User’s device. These files enable the analysis of the way the website is used and identify the User’s web browser. By entering the appropriate browser settings you can block the installation of cookies – this may limit the functionality of the website.

The administrator may process the data contained in cookies for anonymous analysis of the activities of visitors, study their behaviour (e.g. opening specific pages) in order to provide them with advertisements tailored to their anticipated interests, also when they visit other websites that are partners in the company’s advertising network, Google Inc. and Facebook Ireland Ltd., and to improve the administration of the Administrator’s websites.

7.3 Onsite Targeting

The administrator uses cookies to conduct analysis of visitors’ activities (e.g. opening specific subpages) and may present the User with advertisements and / or special offers.

7.4 Retargeting, third-party cookies and data collection by third parties for advertising purposes

The Administrator’s websites use retargeting technology.

The administrator uses the services of third parties that use cookies on the Administrator’s website, these are:

Google Analytics, Universal Analytics and Google Remarketing provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). Detailed information on the operation of the above services is available at www.google.com/intl/pl/policies/privacy/partners see also https://policies.google.com/privacy/update?hl=en&gl=en

and from the service

Facebook Pixel provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland). Detailed information is available at https://www.facebook.com/about/privacy

7.5 How can you block the saving of cookies?

To block the saving of cookies, the User should turn on the settings in the web browser that allow the acceptance of saving cookies only if he agrees.

To accept the use of Administrator’s cookies, while blocking the use of third-party cookies, select “Block cookies from third party websites” in your browser settings.

  1. Internet analysis

The administrator uses the Google Analytics website analytics service provided by Google. Google Analytics analyzes user behaviour on the website through the use of cookies. The information generated by cookies regarding the use of the website by the user (including his/her IP address) is transmitted to Google and may be stored by it on servers in the United States. Google will use this information to analyze the use of the website by the user, create reports for websites using Google Analytics and provide other services. Google may also transfer this information to third parties, as required by law or where third parties process this information on behalf of Google.

By using the website, the User consents to the processing of data about him by Google in the manner and for the purposes set out above.

The website is analyzed by Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are processed only in abbreviated form, which makes it impossible to directly associate the address with a given User.

The user may opt out of cookies by entering the appropriate browser settings. This may limit the functionality of the website and you may not be able to use all of its functions.

Consent to the downloading and gathering of personal data can be withdrawn at any time with effect for the future, for example using the Google Analytics Opt-Out tool:

https://tools.google.com/dlpage/gaoptout

In order to prevent the transmission of data generated by the cookie related to the User’s use of the website (including the IP address) to Google and the processing of this data by Google, simply download and install the blocking plugins available in the browser available at the following address: https://tools.google.com/dlpage/gaoptout?hl=en

  1. Server log files

The web browser provides data on user activities on the Administrator’s websites, which are saved in server log files. Data records saved in this way contain the following data: date and time of download, name of the page opened, amount of data downloaded, as well as information about the product version of the web browser used, IP address, URL of the reference page (address of the page from which the user was redirected).

The server log file data records are analyzed to remove errors, manage server performance, protect against DDoS attacks, and customize offers.

  1. Automated decision making and profiling

Personal data will not be used for automated decision-making, including profiling, which produces legal effects with respect to the data subject.

  1. Final provisions

The Administrator’s websites may contain links to other websites. Such websites operate independently of the Administrator and are not supervised by the Administrator in any way. The Administrator recommends that after navigating to other pages, data subjects read the other websites’ privacy policies. The Administrator is not responsible for the rules of handling data on these pages.