PRIVACY WEBSITE
dems-solutions.com
Dear User
We care about your privacy and we want you to feel comfortable and safe when using our services, which is why we have prepared a document from which you will get detailed information about the processing of your personal data.
Contents:
1. Introduction
2. Definitions
3. General information
4. Recipients of personal data of the website
5. Acquisition, collection, purpose, scope and activities of personal data processing
6. Rights of data subjects
7. Cookie mechanism, operational data and analytics
8. Final provisions
§ 1 Introduction
1. This privacy policy sets out the rules for the processing and protection of personal data of Users using the website available at the Internet address: dems-solutions.com, hereinafter referred to as the website. The document describes primarily the basics, purposes, scope of personal data processing, indicates the entities to which the data is entrusted, and also contains information on cookies and analytical tools used as part of the website.
2. The administrator of personal data collected via the website, within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016 (Journal of Laws of the Republic of Poland). EU. L No. 119, p. 1), hereinafter referred to as the GDPR (here you can read the content of the regulation http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679), is DEMS & SOLUTIONS DAWID ERBST, entered in the Central Register and Information on Economic Activity, having the address of the main place of business: Jastrzębia 19A/2, 64-920 Piła, VAT No: 7642585595, REGON: 388322510, contact phone: +48 736 071 827/ +44(0) 7523617677, e-mail address: info@dems-solutions.com, hereinafter referred to as the Administrator and being also the Service Provider of the website.
3. Users’ personal data are processed in accordance with the provisions on the protection of personal data and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002 No. 144, item 1204, as amended).
4. The administrator of personal data declares that the privacy policy has an informative role, which means that it is not a source of obligations for website Users. Its purpose is to determine the actions taken by the Administrator and to describe the services, tools and functionalities related to the website that are used by website Users, e.g. in order to use the contact form or other activities undertaken as part of the website.
§ 2 Definitions
1. User – a person using the website; an entity to which, in accordance with the law, electronic services may be provided or with which a contract for the provision of electronic services may be concluded.
2. Administrator – DEMS & SOLUTIONS DAWID ERBST, JASTRZĘBIA 19A/2, 64-920 Piła, VAT No: 7642585595, REGON: 388322510.
3. Web page – otherwise, a website is one of the websites included in the same website, which is hosted under the domain: dems-solutions.com, which we can open using a web browser. The website managed by the Administrator consists of HTML, CSS, JavaScript and may contain, for example, content, graphics, videos or hyperlinks to other websites or files.
4. Electronic Service – service provided electronically by the Administrator to the User via the website.
5. Contact form – a form in which website Users: dems-solutions.com post the necessary information and data in order to perform the service / implement the submitted application to the Administrator.
6. Device – an electronic device through which the User accesses the website.
7. Consumer – a natural person concluding a contract with the Administrator within a party whose subject matter is not directly related to its business or professional activity.
§ 3 General information
1. The website administrator makes every effort to protect the privacy of website Users and all data and information that has been obtained from them. With due diligence, it selects and applies technical protection measures, both programming and organizational, thus ensuring complete protection against their disclosure, loss, destruction, unauthorized modification or processing in violation of applicable law.
2. The Administrator informs that the website uses a transmission protocol that ensures the security of data transmission over the Internet, namely it has the SSL (Secure Socket Layer) protocol installed This is a type of security consisting in encoding data before sending it from the User’s browser and decoding after safely reaching the website server. The information sent from the server to the User is also encrypted and decoded after reaching the goal.
3. Data collected by the Administrator are processed in accordance with the law, respecting the principles of reliability and transparency, are collected to the minimum extent necessary for the specified purposes and processed in accordance with them, not subjected to further processing incompatible with these purposes, adequate and factually correct in relation to the intended purpose and stored in a way that allows identification of data subjects. The period of data storage depends on the purpose of processing and is limited until the intended purpose is achieved.
4. The administrator of the website on the terms set out in the regulations and in the privacy policy has access to data, but may entrust Users’ personal data to external entities cooperating with the Administrator. Such entrustment is possible only on the basis of relevant personal data entrustment agreements concluded between the Administrator and the processor. The contracts contain a provision specifying the scope and conditions of processing personal data necessary for the provision of services. The Administrator declares that he cooperates only with entities that guarantee the security of personal data processing processes by implementing security measures corresponding to the requirements set out in the GDPR.
5. The Administrator has the right and statutory obligation to provide information about the Website Users to public authorities e.g. in connection with conducting proceedings for possible violations of the law or to third parties who submit such a request on the basis of applicable provisions of Polish law.
6. The use of services and tools made available on the website, as well as the provision of personal data by the User is voluntary. However, their provision may be necessary to conclude and perform a contract for the provision of electronic services on the website, thus their absence will prevent the conclusion of such a contract. The scope of data necessary to conclude the contract is indicated on the website.
7. The User using the services and tools made available on the website confirms that he has read the provisions of this privacy policy, at the same time agreeing (if necessary) to the use of his personal data in accordance with these provisions by ticking the appropriate checkboxes posted on the website (the content of the checkboxes determines the purpose for which the personal data provided will be used).
§ 4 Recipients of personal data of the website
1. In order to ensure the proper operation of the website, the Administrator uses the services of external entities. The administrator transfers data only if it is necessary to achieve a given purpose of personal data processing and only to the extent necessary to achieve it.
2. Examples of recipients of personal data of Website Users are:
◦ entities operating the functionalities of the website.
3. Data recipients (external entities) process personal data on the basis of relevant entrustment agreements signed with the Website Administrator. These entities collect, process, store personal data in accordance with their regulations and privacy policies.
The Administrator entrusts the processing of personal data of Service Recipients and Users of the „dems-solutions.com” website to the following entities:
a) b.center Bartosz Kaczmarek, Promienna 12U, 64-920 Piła, VAT No: 7642435045, REGON: 301172998 – in order to operate the IT site.
§ 5 Acquisition, collection, purpose, scope and processing activities
1. The Administrator obtains information about Users m.in. by collecting server logs, IP addresses, software and hardware parameters, viewed pages, mobile device identification number and other data on devices and system usage. The collection of the above information will take place in connection with the use of the website. These data are not used by the Administrator to identify the User.
2. Navigation data may also be collected from Users, including information about links and references or other activities undertaken on the website, in order to facilitate the use of services provided electronically and to improve the functionality of these services.
3. The Administrator reserves the right to filter and block messages sent through the internal message system, in particular if they are spam, contain prohibited content or otherwise threaten the security of website Users.
4. As part of the website, the Administrator processes Users’ personal data for the following purposes:
• contacting Users in response to inquiries sent via the contact form, contacting Users via e-mail in response to inquiries sent,
• facilitate the use of the website and ensure the IT security of the website,
• performance of a contract for the provision of electronic services.
5. The Administrator informs that it collects, processes and stores the following user data: e-mail address and optionally name and surname.
6. Personal data that are collected for the purposes indicated in the privacy policy will be stored for the period of performance of services provided by the Administrator and for the period resulting from the limitation periods for claims, Consumer rights or other rights in this respect.
CONTACT WITH THE USER
7. The basis for data processing in connection with the User’s service, which includes contact with the User in order to respond to the inquiry sent via e-mail, the contact form is Article 6(1)(a) of the GDPR, i.e. consent to processing. If a contract is concluded after contact, the data will be processed on the basis of Art. 6 para. 1(b) GDPR. The legal basis for processing after the possible termination of contact will be the justified purpose of archiving correspondence for the purpose of demonstrating its course in the future (pursuant to Article 6 (1)(f) of the GDPR).
CONTACT FORM
8. As part of the functionality of the website, the Administrator provides the opportunity to contact him using an interactive form. Using the form requires providing personal data necessary to contact the User and answer the questions contained in the form. The user may also provide other data in order to facilitate contact or order a service. Providing data marked as mandatory is required in order to handle the inquiry, and failure to provide them may result in the inability to handle it. Providing other data is voluntary.
9. The basis for data processing in connection with the use of the contact form is Article 6(1)(a) of the GDPR, i.e. consent to the processing.
10. In order to identify the sender and handle his inquiry sent via the form provided – the legal basis for processing is the necessity of processing to perform the contract for the provision of services (Article 6 (1)(b) of the GDPR).
11. The legal basis for processing after the possible termination of contact will be the justified purpose of archiving correspondence for the purpose of demonstrating its course in the future (pursuant to Article 6(1)(f) of the GDPR).
FANPAGE
12. The Administrator makes available to Users via the Facebook platform his Fanpage, the administrator of which is himself or a person designated (authorized) to perform this function. Through the fanpage, the User can add comments, posts as a guest, use the „Like” or „Share” functions.
13. Via the fanpage, the User may be redirected to the Administrator’s website.
14. The basis for data processing as part of the functioning of the fan page, which is necessary to manage it and for statistical purposes, including the analysis of data collected automatically when using the website, including cookies, is the justified interest of the administrator pursuant to Article 6(1)(f) of the GDPR.
15. The basis for the processing of personal data in connection with posting comments is consent on the basis of Article 6(1)(a) of the GDPR.
16. As part of the fanpage, the User may stop following him at any time. The cessation of observation means that the content from the Administrator related to the fanpage will no longer be displayed.
17. The Administrator informs that he processes the following personal data: name, surname, general information, which have been posted by the User on his profile on the social network Facebook.
18. Personal data will be processed for the period of running the fanpage or until the consent is withdrawn.
19. The Administrator informs that personal data collected as part of the fan page may be transferred to the United States by saving them in a database located on an American server. Facebook, Inc. is an entity based in both a third country – in the United States and ireland, which has joined the Privacy Shield program and thus guarantees an adequate level of protection of personal data required by European regulations.
SOCIAL TOOLS (FACEBOOK)
20. On the website „dems-solutions.com” the plugin and other tools provided by the social network Facebook are used. By displaying the page of the website on which such a plug-in has been placed, the User’s browser establishes a direct connection with the Facebook Administrator’s server.
21. The content of the plug-in is transmitted by a given Service Provider directly to the User’s browser and integrated into the website. This integration allows the Service Provider to receive information that the User’s browser has displayed the info page, even if the User does not have a profile on the Facebook social network or is not logged in to him. If the User is logged in to the social network, the Service Provider will be able to directly assign the visit to the website to a given profile on the Facebook social network.
22. In a situation where the User of the website uses the „Like” or „Share” button, then the relevant information will also be sent directly to the server of the respective Service Provider and stored there. In addition, this information will be published on a social network and will appear, for example, on a Facebook wall. The purpose and scope of data collection and their further processing and use by the Service Providers, as well as the possibility of contact and the rights of Users in this respect and the possibility of making settings ensuring privacy protection are indicated in the privacy policy of each of the Service Providers.
§ 6 Rights of data subjects
1. The GDPR grants Users these rights, their list is provided below. They are granted without giving a reason, but they are not absolute and will not be entitled to all activities related to the processing of personal data. In a situation where the User wants to exercise any of his rights, he may at any time send a declaration of will to the e-mail address of the website or the address of the Administrator’s registered office.
I. Right of access to data exercised on the basis of Art. 15 GDPR.
The User may at any time report to the Administrator in order to confirm whether his data is processed, and if this is the case, the User has the right to:
• to access your personal data,
• to receive information about the purposes of processing, categories of personal data processed, recipients or categories of recipients of this data, the planned period of storage of the User’s data or the criteria for determining this period (when it is not possible to determine the planned period of data processing), about the rights that the User/Users are entitled to under the GDPR (when it is not possible to determine the planned period of data processing), about the rights of the User under the GDPR and about the right to lodge a complaint with the supervisory authority, about the source of this data, about automated decision-making, including profiling and about the safeguards applied in connection with the transfer of this data outside the European Union,
• to obtain a copy of your personal data.
II. Right to rectification pursuant to Article 16 of the GDPR.
The User has the right to request from the Administrator immediate rectification of his personal data that are incorrect. You also have the right to request the completion of your personal data. To rectify or supplement your personal data, please send information to the e-mail address of the website.
III. Right to erasure („right to be forgotten”) – exercised on the basis of Article 17 of the GDPR.
a) The User may request the Administrator to delete all or some of his data,
b) The user has the right to request the deletion of his personal data when:
• the personal data are no longer necessary for the purposes for which they were collected or processed,
• withdrew a specific consent, to the extent that personal data was processed based on the User’s consent,
• objected to the use of their data for marketing purposes,
• personal data has been processed unlawfully,
• the personal data must be erased in order to comply with a legal obligation provided for in Union or Member State law to which the Controller is subject,
• personal data has been collected in connection with the offer of information society services,
c) despite the User’s request to delete personal data in connection with the objection or withdrawal of consent, the Administrator may retain certain personal data to the extent that the processing is necessary to establish, exercise or defend claims, as well as to comply with a legal obligation requiring processing under Union law or the law of the Member State to which the Administrator is subject,
d) deletion of personal data or cessation of their processing by the Administrator may result in the inability to provide services provided via the website or limit the possibility of using the functionality of the website.
IV. Consent to the processing of personal data and the right to withdraw consent carried out on the basis of Article 7(3) of the GDPR
a) By accepting the statements placed by the Administrator in interactive forms available on the website, the User agrees to the processing of their data for specific purposes,
b) The user has the possibility to consent to the processing of his data for additional purposes by accepting optional statements proposed in the forms available on the website,
c) The User has the right to withdraw any consent he gave to the Administrator, the withdrawal of consent will have effect from the moment of withdrawal of consent,
d) withdrawal of consent will not cause any negative consequences for the User, however, it may prevent further use of services or functionalities that, according to the law, the Administrator may provide only with consent,
e) withdrawal of consent does not affect the processing of personal data carried out by the Administrator in accordance with the law before its withdrawal.
V. Right to object to data processing pursuant to Article 21 GDPR
a) The User has the right to object at any time for reasons related to his or her particular situation to the processing of his personal data, including profiling, if the Administrator processes personal data based on a legitimate interest,
b) resignation from receiving marketing information regarding products and services sent by the User in the form of an e-mail means that the User objects to the processing of his data, including profiling for these purposes,
c) if the Administrator has no other legal basis allowing the processing of the User’s data and the objection is justified, the personal data against which the objection has been raised will be deleted.
VI. The right to request the restriction of the processing of personal data carried out on the basis of Article 18 GDPR
You have the right to request the restriction of your personal data when:
a) questions the correctness of his personal data – the administrator of personal data will limit the processing of personal data for a period allowing to check the correctness of these data,
b) the processing of the User’s personal data is unlawful, and instead of deleting the personal data, the User requests the restriction of the processing of his personal data,
c) the User’s personal data are no longer needed for the purposes of processing, but they are needed to establish, assert or defend the User’s claims,
d) when the User has objected to the processing of their personal data – then the processing is limited until it is determined whether the legitimate interests of the Personal Data Administrator override the grounds indicated in the User’s objection.
VII. Right to request the portability of personal data (Art. 20 GDPR)
The User has the right to receive their personal data from the Administrator in a structured, commonly used and machine-readable format and to send them to another Personal Data Administrator.
The User also has the right to request that the Personal Data Administrator send the User’s/User’s personal data directly to another Administrator (if technically possible).
VIII. The User also has the right to lodge a complaint with the President of the Office for Personal Data Protection in the scope of violation of his rights to the protection of personal data or other rights granted under the GDPR.
§ 7 Cookies policy, operational data and analytics
1. The website uses small files called cookies, they are saved and stored on the computer or other end device of the Website Users, if the web browser allows it. Cookies usually contain the name of the domain from which they originate, the time of their storage on the Device and the assigned value.
2. Cookies are used to optimize the process of using the website, to collect statistical data that allow to identify how Users use the website, which allows improving the structure of the website. They are also necessary to maintain the User’s session after he leaves the website.
3. The Administrator uses two types of cookies:
a) session cookies (temporary): they are stored on the User’s end device and remain there until the end of the browser session. The saved information is then permanently deleted from the device’s memory. The mechanism of session cookies does not allow to download any personal data or any confidential information from the User’s device,
b) persistent cookies: they are stored on the User’s device and remain there until they are deleted. Ending the session of a given browser or turning off the device does not remove them from the User’s device. The mechanism of persistent cookies does not allow to download any personal data or any confidential information from the User’s device.
4. The User at any time, using the web browser he uses, may change the settings for cookies, including the possibility of collecting cookies. Such action may hinder or prevent the use of the services and tools of the website, including the prevention of placing an order.
5. If the User decides that he does not agree to the use of cookies for the purposes described above, he may delete them manually at any time. Detailed instructions on how to proceed and information on cookies are contained in the help menu of the web browser currently used by the User. Examples of web browsers that support these cookies are: Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Safari, Microsoft Edge.
6. Some third parties operating within the website allow Users to withdraw their consent to the collection and use of data by them for the purposes of advertising based on the User’s activity. For example, more information on this subject and the possibility of making a choice can be found on the website: www.youronlinechoices.com.
§ 8 Final provisions
1. This privacy policy contains links to other websites, it is recommended to read the privacy policies and regulations of these websites.
2. The above privacy policy applies only to the Administrator’s website.
3. It is possible to expand the offer of the website, which thus creates the possibility of changing the content of the privacy policy, about which you will be informed by an appropriate message on the website.
4. If you have additional questions regarding the privacy policy of the website, please send a message to the e-mail address provided by the Administrator info@dems-solutions.com.