PRIVACY POLICY AND COOKIES POLICY ("PRIVACY POLICY")

This Privacy Policy reflects our commitment to the rights of visitors to the website and users of the services offered through it. It also fulfills the information obligation arising from Article 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L119 of 4 May 2016, p. 1) (hereinafter referred to as GDPR).

The website owner attaches particular importance to respecting the privacy of users. The data obtained through the website is particularly protected and secured against unauthorized access. The Privacy Policy is made available to all interested parties. The website is open in nature.

The website owner ensures that its primary goal is to provide individuals using the website with privacy protection at a level at least corresponding to the requirements set by applicable laws, especially GDPR and the Act of 18 July 2002 on the provision of electronic services.

The website owner may collect personal data as well as other types of data. The collection of this data takes place, depending on its nature, automatically or as a result of actions taken by visitors to the website.

Every person using the website in any way accepts all the principles contained in this Privacy Policy. The website owner reserves the right to make changes to this document.

  1. General information, cookies
    1. The owner and operator of the website is KLG KAMILA LECH-GAJDA NIP: 6151911659 Address: ul. Wrocławska 3, 59-900 Zgorzelec. According to GDPR, the website owner is also the Personal Data Administrator of the website users ("Administrator").
    2. As part of the activities performed, the Administrator uses cookies by monitoring and analyzing traffic on the website pages, as well as taking remarketing actions. However, within these activities, the Administrator does not process personal data within the meaning of GDPR.
    3. The website performs the functions of obtaining information about users and their behavior in the following ways:
      1. The website automatically collects information contained in cookies.
      2. Through voluntarily provided by users in forms available on the website.
      3. By automatically collecting server logs by the hosting operator.
    4. Cookies are computer data, in particular text files, stored on the end device of the website user and intended for use on the website. Cookies usually contain the name of the website from which they originate, the time of storing them on the end device, and a unique number.
    5. During a visit to the website, data about users may be automatically collected, including information about the user's visit to the website, such as IP address, type of web browser, domain name, number of views, operating system type, visits, screen resolution, number of screen colors, website addresses from which entry to the website occurred, and the time of using the website. This data is not personal data and does not allow the identification of the person using the website.
    6. The website may contain links to other websites. The website owner is not responsible for the privacy policies on those websites. At the same time, the website owner encourages users to familiarize themselves with the privacy policy established within those websites. This Privacy Policy does not apply to other websites.
    7. The entity placing cookies on the end device of the website user and accessing them is the website owner.
    8. Cookies are used for:
      1. Adapting the content of the website to the user's preferences and optimizing the use of the website; in particular, these files allow recognizing the user's device and displaying a website tailored to their individual needs,
      2. Creating statistics to understand how users use the website, enabling the improvement of its structure and content,
      3. Maintaining the user's website session (after logging in), so that the user does not have to re-enter their login and password on each subpage of the website.
    9. The website uses the following types of cookies:
      1. "Necessary" cookies, enabling the use of services available on the website, e.g., authentication cookies,
      2. Cookies for security purposes, e.g., used to detect abuses,
      3. "Performance" cookies, used to obtain information about how users use the website,
      4. "Advertising" cookies, enabling the delivery of advertising content more tailored to the user's interests,
      5. "Functional" cookies, enabling the "remembering" of selected user settings and adapting the website to the user, e.g., in terms of the selected language.
    10. Two basic types of cookies are used on the website: "session" (session cookies) and "persistent" (persistent cookies). "Session" cookies are temporary files stored on the user's end device until leaving the website, logging out, or turning off the software (web browser). "Persistent" cookies are stored on the user's end device by the website owner for the time specified in the cookie parameters or until they are deleted by the user.
    11. In most cases, the software used to browse websites allows cookies to be stored on the user's end device by default. Website users have the option to change their cookie settings at any time. These settings can be changed in the web browser options (software), for example, in a way that prevents automatic handling of cookies or informs the user of each placement of cookies on their device. Detailed information on the possibilities and methods of handling cookies is available in the web browser settings.
    12. Limiting the use of cookies may affect some functionalities available on the website.
    13. Cookies placed on the end device of the website user may also be used by the website owner's advertising partners and partners.
  2. Processing of personal data, information about forms
    1. Personal data of website users may be processed by the Administrator:
      1. If the website user gives consent in the forms placed on the website, to take actions related to these forms (Article 6(1)(a) of GDPR) or
      2. If processing is necessary for the performance of a contract to which the website user is a party (Article 6(1)(b) of GDPR), in the case where the website allows the conclusion of a contract between the Administrator and the website user.
    2. Within the website, personal data voluntarily provided by website users may be processed. The Administrator processes the personal data of website users only to the extent and for the purpose for which the website user has agreed. The user decides on the scope of data voluntarily provided in forms.
    3. Users' personal data may be processed for the purpose of sending commercial information (newsletter) by electronic means, provided that the user has given their consent.
    4. Personal data provided by website users in forms may be transferred to entities providing support services to the Administrator. These entities may be, among others, suppliers of IT and hosting services.
    5. Personal data provided by website users may be made available to entities authorized to receive it under applicable law, including competent judicial authorities.
    6. The website user has the right to access their personal data and the right to rectify, delete, limit processing, the right to data transfer, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
    7. The website user has the right to lodge a complaint with the supervisory authority (President of the Personal Data Protection Office) when it is found that the processing of personal data violates the provisions of GDPR.
    8. Providing personal data is voluntary, but necessary to use the website's functions, including those requiring the conclusion of contracts, sending commercial information, and receiving newsletters.
    9. The administrator processes personal data no longer than necessary for the purposes for which the data is processed.
  3. Technical measures, data security
    1. The website owner shall apply technical measures to ensure the protection of personal data processed appropriate to the threats and categories of data being protected, and in particular, it shall protect data against unauthorized access, takeover by an unauthorized person, processing with a violation of applicable laws, and change, loss, damage, or destruction.
    2. The website owner provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically.
    3. The website owner exercises constant control over the processing of personal data and takes care of ensuring that it is processed in accordance with the provisions of law and ensures the confidentiality and security of the personal data processed.
    4. The website owner uses special measures to protect personal data processed electronically, appropriate to the threat level, in particular, protects data against unauthorized access, unauthorized takeover, processing with a violation of applicable laws, and change, loss, damage, or destruction.
    5. The website owner provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically.
    6. The website owner exercises constant control over the processing of personal data and takes care of ensuring that it is processed in accordance with the provisions of law and ensures the confidentiality and security of the personal data processed.
    7. The website owner ensures that the following technical measures are applied to prevent the acquisition and modification by unauthorized persons of personal data:
      1. Securing the data set against unauthorized access,
      2. Securing the data set against unauthorized takeover,
      3. Securing the data set against processing with a violation of the law,
      4. Securing the data set against change,
      5. Securing the data set against loss,
      6. Securing the data set against damage, and
      7. Securing the data set against destruction.
  4. Final provisions
    1. The website owner reserves the right to change this Privacy Policy by publishing a new Privacy Policy on the website. Changes to the Privacy Policy come into effect from the date of publication, unless a different date is specified in the Privacy Policy.
    2. Users are notified of any changes to the Privacy Policy by publishing a relevant message on the website.
    3. Questions and reservations regarding this Privacy Policy should be sent to the following e-mail address: piwnica@staromiejska.zgorzelec.pl.