1.1. Administrator – each of the companies:
– ECO IN, , Przybylski i wspólnicy sp.k., ul. Powsińska 18, 02-920 Warsaw, KRS No. 0000307204, NIP: 5261019461,
– ECO IN sp. z o.o., ul. Powsińska 18, 02-920 Warsaw, KRS No. 0000080227, NIP 5261036235
1.2. Personal data – information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, online identifier and information collected via cookies and other similar technology.
1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
1.5. Website – a website run by the Administrator at https://ecosealants.eu/ and https://ecoin.pl/
1.6. User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.
2. Purposes and legal grounds for data processing on the Website
USE OF THE SERVICE
2.1. Personal data of Users visiting the Website (including IP address or other identifiers and information collected via cookies or other similar technologies) are processed by the Administrator:
2.1.1. in order to provide electronic services in the scope of making the content collected on the Website available to Users – the legal basis for processing is the necessity of processing to perform the contract (Article 6(1)(b) of the GDPR);
2.1.2. for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in conducting analyzes of Users’ activity, as well as their preferences in order to improve the functionalities and services provided;
2.1.3. in order to possibly establish and pursue claims or defend against claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in the protection of its rights;
2.2. The User’s activity on the Website, including his Personal Data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and activities that relate to the IT system used to provide services by the Administrator). The information collected in the logs is processed primarily for purposes related to the provision of services. The Administrator also processes them for technical and administrative purposes, to ensure the security of the IT system and to manage this system, as well as for analytical and statistical purposes – in this respect, the legal basis for processing is the Administrator’s legitimate interest (Article 6 section 1 lett. F of the GDPR).
3. Social networks
3.1. The Administrator processes the Personal Data of Users visiting the Administrator’s profiles in social media (Facebook, YouTube, Instagram). These data are processed only in connection with maintaining the profile, including in order to inform Users about the Administrator’s activity and to promote various types of events, services and products. The legal basis for the processing of Personal Data by the Administrator for this purpose is its legitimate interest (Article 6(1)(f) of the GDPR), consisting in promoting its own brand.
4. Cookies and similar technology
4.1. Cookies are small text files installed on the device of the User browsing the Website. Cookies collect information that facilitates the use of the website – e.g. by remembering the User’s visits to the Website and the activities performed by him.
4.2.1. cookies with data entered by the User (session ID) for the duration of the session (user input cookies);
4.2.2. authentication cookies used for services requiring authentication for the duration of the session (authentication cookies);
4.2.3. cookies used to ensure security, e.g. used to detect abuses in the field of authentication (user centric security cookies);
4.2.4. session cookies of multimedia players (e.g. flash player cookies), for the duration of the session (multimedia player session cookies);
4.2.5. persistent cookies used to personalize the User’s interface for the duration of the session or slightly longer (user interface customization cookies).
5. Analytical tools
5.1. The administrator uses Google Analytics analytical tools that collect information on website visits by Users (e.g. displayed subpages, time spent on the website, transitions between individual subpages). For this purpose, Google LLC cookies for the Google Analytics service are used. Google Analytics cookies are files used by Google to analyze how the User uses the Website, to create statistics and reports on the functioning of the Website. Google does not use the collected data to identify the User, nor does it combine this information to enable identification. The legal basis for data processing in this regard is art. 6 sec. 1 lit. f) GDPR. Detailed information on the scope and principles of data collection in connection with this service can be found at the following link: https://www.google.com/intl/pl/policies/privacy/partners.
6. Managing cookie settings
6.2. Permission is not required only in the case of cookies, the use of which is necessary to provide telecommunications services (data transmission to display content).
6.3.1. Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
6.3.2. Mozilla Firefox: http://support.mozilla.org/en/kb/ciasteczka
6.3.3. Google Chrome: http://support.google.com/chrome/bin/answer.py-hl=en&answer=95647
6.3.4. Opera: http://help.opera.com/Windows/12.10/pl/cookies.html
6.3.5. Safari: https://support.apple.com/kb/PH5042-locale=en-GB
7. Period of processing Personal Data
7.1. The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service, until the consent is withdrawn or an effective objection to data processing is submitted in cases where the legal basis for data processing is the legitimate interest of the Administrator.
7.2. The period of data processing may be extended if the processing is necessary to establish and pursue any claims or defend against claims, and after that time only if and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.
8. User’s rights
8.1. The User has the right to access the content of the data and demand their rectification, deletion, processing restrictions, the right to transfer data and the right to object to data processing, as well as the right to lodge a complaint to the supervisory body dealing with the protection of Personal Data.
8.2. To the extent that the User’s data is processed on the basis of consent, this consent can be withdrawn at any time by contacting the Administrator or using the functionalities provided on the Website.
8.3. The User has the right to object to data processing – for reasons related to the User’s particular situation – in cases where the legal basis for data processing is the legitimate interest of the Administrator (e.g. in connection with the implementation of analytical and statistical purposes).
9. Data recipients
9.1. In connection with the provision of services, Personal Data will be disclosed to external entities, including in particular IT service providers, in particular hosting services, suppliers responsible for the operation of IT systems, analytical service providers.
9.2. The Administrator reserves the right to disclose selected information about the User to competent authorities or third parties who submit a request for such information, based on the appropriate legal basis and in accordance with the provisions of applicable law.
10. Security of Personal Data
10.1. The Administrator conducts risk analysis on an ongoing basis to ensure that Personal Data is processed by him in a safe manner – ensuring, above all, that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks performed by them . The Administrator makes sure that all operations on Personal Data are registered and performed only by authorized employees and associates.
10.2. The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities also guarantee the application of appropriate security measures whenever they process Personal Data at the request of the Administrator.
11. Contact details
11.1. Contact with the Administrator is possible via the e-mail address: firstname.lastname@example.org or the Administrator’s correspondence address.
12.1. The policy is reviewed on an ongoing basis and updated if necessary.
12.2. The current version of the Policy has been adopted and has been in force since June 1, 2019.