Privacy Policy and Cookie Policy

Using the website at www.pelvismed.com and the online store at www.pelvismed.com/sklep signifies the acceptance of the following Privacy Policy and Cookie Policy terms. As a User, please familiarize yourself with their provisions. The table of contents below will assist you in this. In it, I inform you about how I care for Users’ data, how I process it, to whom I entrust it, and many other important matters related to personal data.

§1 GENERAL PROVISIONS

This Privacy Policy and Cookie Policy defines the rules for processing and protecting personal data provided by Users, as well as cookies and other technologies appearing on the website www.pelvismed.com and in the online store at www.pelvismed.com/sklep.
The administrator of the website and the personal data transmitted within it is Adrianna Grobelna-Krajcer, conducting business under the name PELVISMED Adrianna Grobelna-Krajcer, with an address in Gdańsk, ul. Prezydenta Lecha Kaczyńskiego, no. 34, lok. 10d, 80-364, NIP: 5842639863, in accordance with the document generated from the Central Register and Information on Economic Activity system.
I am committed to safeguarding the security of personal data and the privacy of the Website User. I am delighted that you have visited my Website. If you have any doubts about the provisions of this Privacy Policy and Cookie Policy, please contact the Administrator via email: kontakt@pelvismed.com.
The Administrator reserves the right to make changes to the privacy policy, and each Website User is bound by knowledge of the current privacy policy. The reasons for changes may include the development of internet technology, changes in applicable law, or the development of the Website through the use of new tools by the Administrator. The publication date of the current Privacy Policy can be found at the bottom of the page.

§2 DEFINITIONS

Administrator – Adrianna Grobelna-Krajcer conducting business under the name PELVISMED Adrianna Grobelna-Krajcer, with an address in Gdańsk, ul. Prezydenta Lecha Kaczyńskiego, no. 34, lok. 10d, 80-364, NIP: 5842639863.
User – any entity visiting the website and using it.
Website and/or Online Store – the website, blog, and online store located at www.pelvismed.com and www.pelvismed.com/sklep.
User Account or Account – a User’s account created on the online platform of the Online Store, enabling access to purchased courses and products in accordance with the Store’s Terms and Conditions, which the User is obligated to accept during the account registration.
Training Platform – a platform through which the Administrator provides the Customer with digital content, digital services, or offers services.
Form or Forms – areas on the Website that allow the User to enter personal data for specified purposes, such as sending a newsletter, placing an order, or contacting the User.
Terms and Conditions – the regulations available on the Store’s website that specify the rules related to subscribing to the Newsletter and providing the Newsletter Service.
Newsletter – means a free electronic service, a digital service, provided by the Administrator to the User by sending electronic messages through which the Administrator informs about events, services, products, and other relevant elements from the Administrator’s perspective and/or to achieve the Administrator’s legitimate purpose, which is direct marketing, including sending marketing and commercial content with the User’s consent. Detailed information regarding the sending of the Newsletter is available in further sections of this privacy policy and in the Newsletter Terms and Conditions.
GDPR – means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Personal Data Protection Act – the Act of 10 May 2018 on the protection of personal data (Journal of Laws of 2018, item 1000, as amended).
Electronic Services Act – the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2020, item 344, as amended).
Telecommunications Law – the Act of 16 July 2004 on telecommunications law (Journal of Laws of 2021, item 576, as amended).

§3 PERSONAL DATA AND RULES FOR THEIR PROCESSING

WHO IS THE ADMINISTRATOR OF THE USER’S PERSONAL DATA?

The Administrator of the User’s personal data is the Administrator – Adrianna Grobelna-Krajcer conducting business under the name PELVISMED Adrianna Grobelna-Krajcer, with an address in Gdańsk, ul. Prezydenta Lecha Kaczyńskiego, no. 34, lok. 10d, 80-364, NIP: 5842639863. The Administrator co-administers with social media platform providers, such as Facebook, TikTok, Instagram, etc., as indicated in this document, in relation to the data of individuals using social media and following the Administrator’s profile on a given social media platform, as well as interacting with the Administrator. The co-administration principles are specified below for each social media platform where the Administrator has a profile.

IS PROVIDING DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING THEM?

Providing data is voluntary, but not providing certain information, typically marked as mandatory on the Administrator’s pages, will result in the inability to perform a specific service, achieve a particular goal, or take certain actions. When a User provides non-mandatory data or an excess of data that the Administrator does not need to process, it is done based on the User’s decision, and processing is carried out under the premise outlined in Article 6(1)(a) of the GDPR (consent). The User consents to the processing of this data and the anonymization of data that the Administrator does not require or wish to process but was nonetheless provided by the User.

FOR WHAT PURPOSES AND ON WHAT LEGAL GROUNDS DO WE PROCESS THE USER’S PERSONAL DATA PROVIDED WHEN USING THE WEBSITE?

The User’s personal data on the Administrator’s Website may be processed for the following purposes and on the following legal grounds:

Lp.	Purpose of data processing	Legal basis for processing	Processing period
1	providing the service or fulfilling the concluded contract, sending an offer (e.g., promotional) at the User’s request	Article 6(1)(b) of the GDPR (necessity for the performance of a contract or the taking of steps at the request of the data subject)	The data is processed for the duration of the contract / the time necessary to send an offer and receive a response from the User, and then for the time until the expiration of claims, either 2 years or 6 years from the performance of the contract, depending on whether the User is a business entity.
2	issuing an invoice, bill, and fulfilling other obligations arising from tax laws in the case of orders placed in the online store or other products and services	Article 6(1)(c) of the GDPR (compliance with a legal obligation)	The data is processed for 5 years from the end of the tax year in which the tax event occurred
3	granting discounts or providing information about promotions and interesting offers from the Administrator or recommended entities, including sending newsletters	Article 6(1)(a) of the GDPR (consent)	The data is processed until the withdrawal of consent, followed by a period of 2 years for individuals who have withdrawn consent or after 6 months of recipient’s inactivity
4	storage of unpaid orders	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until it becomes obsolete, up to 14 days from the order placement.
5	processing of complaints or claims related to the contract	Article 6(1)(b) of the GDPR (necessity for the performance of a contract) and on the basis of Article 6(1)(c) of the GDPR (compliance with a legal obligation)	The data is processed for the duration of the procedure or claim, 1 year after the expiration of the claim’s completion period, or 5 years from the end of the tax year for data stored in accordance with tax laws.
6	establishment, pursuit, or defense against claims	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until the basis for processing ceases, either 2 years or 6 years from the performance of the contract, depending on whether the User is a business entity
7	telephone contact regarding service and contract fulfillment	Article 6(1)(b) of the GDPR (necessity for the performance of a contract)	The data is processed for the duration of the contract / the time necessary to send an offer and receive a response from the User, and then for the time until the expiration of claims, either 2 years or 6 years from the performance of the contract, depending on whether the User is a business entity
8	telephone contact for presenting offers and direct marketing	Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn
9	creating registers related to the GDPR and other regulations	Article 6(1)(c) of the GDPR (compliance with a legal obligation) and Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until the basis for processing ceases or becomes irrelevant for the data controller
10	archiving for the purpose of securing information that may be used to demonstrate facts	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until objection is raised or becomes irrelevant for the data controller, either 2 years or 6 years from the performance of the contract, depending on whether the User is a business entity
11	analytical purpose, including the analysis of data collected automatically when using the website, such as cookies, e.g., Google Analytics cookies or Meta Pixel cookies	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until the User deletes cookies from their browser
12	the use of cookies on the Website and its subpages	Article 6(1)(a) of the GDPR (consent)	The data is processed until the User deletes cookies from their browser
13	management of the Website and Administrator’s pages on other platforms	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until an objection is raised or until the data becomes irrelevant for the data controller
14	surveying satisfaction with the services offered	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until an objection is raised or until the data becomes irrelevant for the data controller
15	posting opinions about the services provided by the Administrator by the User	Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn or until it becomes irrelevant for the data controller, unless consent is withdrawn earlier
16	internal administrative purposes of the Administrator related to managing contact with the User	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until the basis for processing ceases, either 2 years or 6 years from the performance of the contract, depending on whether the User is a business entity
17	customizing the content displayed on the Administrator’s pages to individual needs and continuously improving the quality of the services offered	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until an objection is raised or until the data becomes irrelevant for the data controller
18	direct marketing directed at the User for products or services, or recommended third-party individuals	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller)	The data is processed until an objection is raised or until the data becomes irrelevant for the data controller
19	handling the Facebook fan page and interacting with users	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) and Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
20	managing a profile on the Instagram platform and interacting with users	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) and Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
21	managing a profile on the LinkedIn platform and interacting with users	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) and Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
22	managing a profile on the YouTube platform and interacting with users	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) and Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
23	managing a profile on the TikTok platform and interacting with users	Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) and Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
24	advertising on social media and websites, including ads created using the Facebook Ads Manager, and running remarketing campaigns	Article 6(1)(a) of the GDPR (consent) and based on Article 6(1)(f) of the GDPR (legitimate interests pursued by the data controller) for the purpose of promoting and advertising the Administrator’s services through remarketing targeted at people subscribed to the mailing list or visiting a specific website	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
25	contacting the Administrator through a chatbot	Article 6(1)(a) of the GDPR (consent) or Article 6(1)(b) of the GDPR (consent), the data is processed for the purpose of responding to user inquiries on the website	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
26	posting comments by the User	Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller
27	posting opinions by the User	Article 6(1)(a) of the GDPR (consent)	The data is processed until consent is withdrawn, an objection is raised, or until the data becomes irrelevant for the data controller

Providing data by the User that is not mandatory or an excess of data, which the Administrator does not need to process, is done based on the User’s own decision, and in such cases, the processing is carried out on the basis of the provision included in Article 6(1)(a) of the GDPR (consent). The User gives consent for the processing of such data and for the anonymization of data that the Administrator does not require or intend to process, but which the User has provided to the Administrator.

HOW ARE DATA COLLECTED?

Only data provided by the user is collected and processed (with the exception of certain situations, as mentioned below, where data is collected automatically through cookies and login data). During a visit to the website, data related to the visit is automatically collected, such as the user’s IP address, domain name, browser type, operating system type, etc. (login data). Data collected automatically may be used for analyzing user behavior on the website, gathering demographic data about users, or personalizing the website’s content for improvement purposes. However, this data is processed solely for website administration, ensuring efficient hosting service, directing marketing content, and is not associated with data of individual users. More about cookies can be found in the later part of this policy. Data can also be collected for the purpose of filling out forms on the website, as discussed in the subsequent section of the privacy policy.

Information society services

The Administrator does not collect data from children. A User should be at least 16 years old to independently give consent for the processing of personal data for the provision of information society services, including marketing purposes, or obtain the consent of a legal guardian (e.g., a parent) for this purpose. If the User is not yet 16 years old, they should not use the Website and the pelvismed.com service. The Administrator is entitled to make reasonable efforts to verify whether the User meets the age requirement mentioned above or whether the person exercising parental authority or guardianship over the User under the age of 16 has given consent or approved it.

WHAT ARE THE USER’S RIGHTS?

The user has the rights outlined in Articles 15-21 of the GDPR at all times, including the right to:

The right to access their data,
The right to data portability,
The right to rectification of data,
The right to correct data,
The right to erasure of data if there is no legal basis for processing them,
The right to restrict processing if it was done incorrectly or without a legal basis,
The right to object to the processing of data based on the legitimate interests of the controller,
The right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (in accordance with the provisions of the personal data protection law), if the user believes that the processing of their data is not in compliance with the currently applicable data protection laws.
The right to be forgotten, if further processing is not provided for by the currently applicable legal provisions.

The Administrator points out that these rights are not absolute and do not apply to all data processing activities of the User. This includes, for example, the right to obtain a copy of data. This right cannot adversely affect the rights and freedoms of other individuals, such as copyright or professional secrecy. For more information on the limitations of User rights, please refer to the GDPR.
However, the User always has the right to lodge a complaint with the supervisory authority. To exercise their rights, the User can contact the Administrator via the email address: kontakt@pelvismed.com, or by postal mail to the address of the Administrator’s place of business, if provided in this privacy policy, specifying the scope of their requests.
A response will be provided no later than 30 days from the date of receiving the request and its justification, unless an extension of this deadline is justified under the GDPR.

CAN THE USER WITHDRAW THEIR CONSENT?

If the User has given consent for a specific action, that consent can be withdrawn at any time, resulting in the removal of their email address from the Administrator’s mailing list and the cessation of the specified actions (in the case of consent-based subscriptions). The withdrawal of consent does not affect the processing of data that occurred before the withdrawal of consent.
In some cases, data may not be completely deleted and will be retained for the purpose of defending against potential claims for a period in accordance with the provisions of the Civil Code or to fulfill legal obligations imposed on the Administrator.
Each time, the Administrator will respond to the User’s request, appropriately justifying further actions arising from legal obligations.

DO WE TRANSFER USER DATA TO THIRD COUNTRIES?

User data may be transferred outside the European Union to third countries. As the Administrator employs external providers for various services, such as Meta Platforms Ireland Limited (Facebook and its subsidiaries, hereinafter referred to as Meta or Facebook), Google, Microsoft, and more, user data may be transferred to the United States of America (USA) due to its storage on U.S. servers (either entirely or partially). Google and Facebook adhere to compliance mechanisms provided by the GDPR (e.g., certificates) or standard contractual clauses for their services. They will be transferred exclusively to recipients who ensure the highest level of data protection and security, including through:

Cooperation with entities processing personal data in countries for which an appropriate decision has been issued by the European Commission,
The use of standard contractual clauses issued by the European Commission (as is the case, for example, with Google),
The use of binding corporate rules approved by the appropriate supervisory authority, or those for the transfer of personal data for which the User has given consent.

Detailed information is available in the privacy policy of each of these service providers, available on their websites. For example:
Google Ireland Limited : https://policies.google.com/privacy?hl=pl
Meta Platforms Ireland Limited .: https://www.facebook.com/privacy/explanation
UAB MailerLite: https://www.mailerlite.com/legal/privacy-policy
Currently, services offered by Google Ireland Limited and Meta Platforms Ireland Limited are mainly provided by entities located in the European Union. However, you should always familiarize yourself with the privacy policies of these providers in order to receive current information on personal data protection. MailerLite may store some data in the United States or use service providers from this country, but the data is mainly processed in the European Union.

HOW LONG DO WE KEEP USER DATA?

The User’s data will be stored by the Administrator for the duration of the provision of individual services/achievement of the objectives, which have been indicated in the table above, and:

for the duration of the service and cooperation, as well as for the period of limitation of claims in accordance with the law – in relation to data transferred by contractors and customers or Users,
for the duration of the talks and negotiations preceding the conclusion of the contract or performance of the service – in relation to data provided in the request for quotation,
for the period required by law, including tax law – in relation to personal data related to the fulfillment of obligations arising from applicable regulations,
until an effective objection is lodged under Art. 21 of the GDPR – in relation to personal data processed on the basis of the legitimate interest of the administrator, including for direct marketing purposes,
until the withdrawal of consent or the achievement of the processing objective, business objective – in relation to personal data processed on the basis of consent. After withdrawing consent, data may still be processed for the purpose of defending against potential claims in accordance with the limitation period for these claims or the period (shorter) indicated to the User,
until they become outdated or lose their usefulness – in relation to personal data processed mainly for analytical, statistical purposes, the use of cookies and the administration of the Administrator’s Websites,
For a period of up to 3 years in the case of people who have unsubscribed from the newsletter in order to defend against potential claims (e.g. information about the date of subscription and the date of unsubscribing from the newsletter, about the number of newsletters received, actions taken and activity related to the received messages), or after a period of 1 year of no activity by a given subscriber, e.g. not opening any messages from the Administrator.

The data storage periods indicated in years are counted at the end of each year in which data processing began. This is intended to streamline the data processing and management process. Detailed periods of personal data processing, related to individual processing activities, are located in the Administrator’s processing activities register.

REFERRING LINKS TO OTHER SITES

Links to other websites may appear on the Site. They will open in a new browser window or in the same window. The Administrator is not responsible for the content transmitted by these sites. The User is obliged to familiarize themselves with the privacy policy or regulations of these sites.

ACTIVITY IN SOCIAL MEDIA – FACEBOOK

The User’s data is administered by the Administrator via a group on Facebook called Pelvismed – Urogynecological Physiotherapy on the Facebook service (hereinafter referred to as Fanpage). The User’s personal data provided on the Fanpage will be processed for the purpose of administering and managing the Fanpage, communicating with the User, interacting, directing marketing content to the User, and creating a Fanpage community. The basis for their processing is the User’s consent and the legitimate interest of the administrator in interacting with Users and Observers of the Fanpage. The User voluntarily decides to like/follow the Fanpage. The rules prevailing on the Fanpage are set by the Administrator, however, the rules of staying on the Facebook social network result from Facebook’s regulations. At any time, the User can stop following the Fanpage. However, the Administrator will then not display any content from the Administrator related to the Fanpage to the User. The Administrator sees the User’s personal data, such as name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by the Facebook social network and under the conditions contained in its regulations. The User’s personal data will be processed for the period of operation/existence of the Fanpage based on consent expressed by liking/clicking “Follow” Fanpage or entering into interactions e.g. leaving a comment, sending a message and for the purpose of implementing legitimate interests of the Administrator, i.e. marketing own products or services or defense against claims. The User’s personal data may be made available to other data recipients, such as Facebook portal, cooperating advertising agencies or other subcontractors servicing the Administrator’s Fanpage, IT service, virtual assistant if there is contact outside Facebook portal. Other rights of the User are described in this Privacy Policy. The User’s data may be transferred to third countries in accordance with Facebook’s regulations. These data may also be profiled, which helps to better personalize the advertising offer directed to the User. However, they will not be processed in an automated manner within the meaning of GDPR (having a negative impact on User’s rights and freedoms). Facebook Privacy Policy: https://www.facebook.com/privacy/explanation

DATA SECURITY

The User’s personal data are stored and protected with due diligence, in accordance with the internal procedures implemented by the Administrator. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular regulations on personal data protection. These measures are primarily intended to protect the personal data of Users against access by unauthorized persons. In particular, only authorized persons have access to the personal data of Users, who are obliged to keep this data confidential or entities to whom the processing of personal data has been entrusted on the basis of a separate data entrustment agreement. The User should at the same time exercise due diligence in securing their personal data transmitted over the Internet, in particular not disclose their login data to third parties, use antivirus protections and update software.

WHO CAN BE THE RECIPIENTS OF PERSONAL DATA?

The Administrator informs that it uses the services of external entities. Entities to which it entrusts the processing of personal data (such as courier companies, companies intermediating in electronic payments, companies offering accounting services, companies enabling the sending of newsletters) guarantee the application of appropriate measures for the protection and security of personal data required by law, in particular by GDPR.
The Administrator informs the User that it entrusts the processing of personal data to, among others, the following entities:

MailerLite Limited, an Irish registered company at Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, – for the purpose of sending newsletters and using the mailing system.
SEOHOST.pl – PERSKIMEDIA Szymon Perski, ul. Janiny Omańkowskiej 58 60-465 Poznań NIP: 7632085454 – for the purpose of storing personal data on the server, domain and mail server management.
FAKTUROWNIA SP Z O O (KRS: 0000572426, NIP: 5213704420) – for the purpose of issuing accounting documents,
Tpay.com – Krajowy Integrator Płatności S.A. NIP 7773061579 – for the purpose of managing the payment system and electronic transactions,
Google LLC – for the purpose of using Google services, including email,
to other contractors or subcontractors engaged for technical support, administrative services, or to provide legal assistance on behalf of the Administrator and his clients, e.g. accounting, IT, graphic, copywriting assistance, debt collection companies, lawyers, etc.

Personal data may also be made available to other recipients, including offices such as the tax office – for the purpose of fulfilling legal and tax obligations related to settlements and accounting. Entities that process personal data, like the Administrator, ensure compliance with European standards in the field of personal data protection, including standards set by legal acts and decisions of the European Commission, and apply compliance mechanisms also when transferring data outside the EEA, including in the form of standard contractual clauses adopted by the European Commission Decision 2021/915 of June 4, 2021 on standard contractual clauses between controllers and processors under Article 28(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council and Article 29(7) of Regulation (EU) 2018/1725 of the European Parliament and of the Council
https://eur-lex.europa.eu/legal-content/PL/TXT/PDF/ uri=CELEX:32021D0915&from=PL.

DID WE APPOINT A DATA PROTECTION OFFICER?

The Personal Data Administrator hereby informs that he has not appointed a Personal Data Protection Inspector (IODO) and performs the duties related to the processing of personal data independently. The user acknowledges that his personal data may be transferred to authorized state bodies in connection with the proceedings conducted by them, at their request and after fulfilling the prerequisites confirming the necessity of obtaining these data from the Administrator.

DO WE PROFILE THE USER’S DATA?

The User’s personal data will not be used for automated decision-making that affects the User’s rights and obligations or freedoms under the GDPR. Within the website and tracking technologies, the User’s data may be profiled, which helps to better personalize the company’s offer that the Administrator directs to the User (mainly through so-called behavioral advertising). However, this should not have any impact on the User’s legal situation, in particular on the terms of the contracts concluded by him or contracts he intends to conclude. It can only help in better matching content and targeted ads to the User’s interests. The information used is anonymous and is not associated with personal data provided by the User, for example in the purchase process. They result from statistical data such as gender, age, interests, approximate location, behavior on the Site. Every User has the right to object to profiling if it would have a negative impact on the User’s rights and obligations.

§4 FORMS

The Administrator uses the following types of forms on the Site:
The newsletter subscription form – requires entering your name and email address in the appropriate place. These fields are mandatory. Then, in order to add his email address to the Administrator’s subscriber database, the User must confirm the desire to subscribe. The data obtained in this way are added to the mailing list for sending the newsletter.
Subscription/sign-up means that the User agrees with this Privacy Policy and consents to receiving marketing and commercial information via electronic means of communication e.g. email, in accordance with the Act of July 18, 2002 on providing services by electronic means (Journal of Laws No. 144, item 1204 as amended).
By subscribing to the newsletter, the User also consents to the use by the Administrator of the User’s end telecommunications devices (e.g. phone, tablet, computer) for direct marketing of the Administrator’s products and services and presenting commercial information to the User in accordance with Art. 172 para.1 of the Telecommunications Law Act (Journal of Laws of 2014, item 243 as amended). The above consents are voluntary, but necessary for sending the newsletter, including informing about services, new blog entries, products, promotions and discounts offered by the Administrator or products of third parties recommended by him. Consents can be withdrawn at any time, which will result in stopping sending the newsletter in accordance with the rules contained in this privacy policy.
The newsletter is sent for an indefinite period of time, from activation until consent is withdrawn. After withdrawing consent, the User’s data may be stored in the newsletter database for a period of up to 3 years, in order to demonstrate the fact that the User has consented to communication through the newsletter, User actions (opening emails) and the moment of its withdrawal, as well as any related claims, which constitutes a legitimate interest of the Administrator (Art. 6 para. 1 lit. f GDPR).
The sending of newsletters may be discontinued if the User does not show activity for a minimum of 6 months from the start of providing the newsletter service or from reading the last email message (sent newsletter). In such a case, the Administrator will delete the User’s data from the newsletter sending system (provider). The User will not be entitled to receive any messages from the Administrator unless he decides to re-subscribe in the Newsletter subscription form or contacts the Administrator in another way chosen for this purpose.
The mailing system used to send newsletters records all activity and actions taken by the User related to emails sent to them (date and time of opening messages, clicks on links, moment of unsubscribing, etc.).
The Administrator may also conduct remarketing based on Art. 6 para. 1 lit. f GDPR (legitimate interest of the administrator, consisting in promotion and advertising services directed to persons subscribed to the newsletter), in such a way that provided email addresses of subscribers are uploaded into marketing tool offered by Meta Platforms Ireland Limited, so-called ad manager, and then advertisement created by the Administrator or authorized persons is directed towards them through Administrator’s advertising account provided that subscribers are simultaneously users of Facebook platform (they have an account there). Each time these data are deleted after completion of advertising campaign. In case of implementation another advertising campaign updated subscriber base is uploaded into tool). Detailed information about so-called custom audience groups, data hashing rules and processing these data can be found in Facebook privacy policy under this link https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com/legal/terms/dataprocessing, and the Administrator recommends that every User and subscriber familiarize themselves with these rules.
The contact form – allows you to send a message to the Administrator and contact him electronically. Personal data in the form of name, surname, email address, and data provided in the content of the message, are processed by the Administrator in accordance with this Privacy Policy for the purpose of contacting the User.
After the contact with you is finished, the data may be archived, which is a legitimate interest of the Administrator. The Administrator is not able to determine the exact period of archiving, and therefore the deletion of messages. However, the maximum period will not be longer than the limitation periods for claims arising from legal provisions.
The comment system form – All data in the comment form is provided voluntarily by the User if they want to leave a comment. By posting a comment, they consent to the processing of this data. These are: name, surname, email, website name, IP number. Some data marked as mandatory must be entered.
Providing an email address is mandatory and is used solely to exclude spam and/or display the User’s avatar. It is not shared with third parties.
The Administrator recommends familiarizing yourself with the privacy policy of the service provided by Disqus Inc., 301 Howard Street, Suite 300, San Francisco, CA94105, USA. You can find the Disqus Privacy Policy here. It provides information on how Disqus collects, uses, sells, discloses and protects data relating to you in connection with their Service. They also ensure that whenever your personal data is processed outside of the EEA, it is protected using specific contracts approved by the European Commission.
The Administrator is not responsible for the content of comments posted by readers of the Site and blog. The Administrator reserves the right not to post comments that are spam, offensive, contain vulgar or offensive expressions, content that is illegal, or contain any links to other sites posted without his consent.
Order form in the Store – When placing an order in the Administrator’s online store, you must provide specific data in accordance with the rules contained in the sales regulations in order to fulfill the order, fulfill legal obligations imposed on the Administrator, settlements, consideration of claims, for statistical and archival purposes, as well as for direct marketing towards customers, which is a legitimate interest of the Administrator.
These are mainly: first name, last name, company name, tax identification number, residential address or company headquarters, possibly delivery address, email address. If you already have a user account in the store, then all you need to do is provide your username (or email address) and password and log into your account, and then take further steps related to the order.
The Administrator stores the data for the duration of the order or service, and after its completion for the period necessary to protect against claims. In addition, for the period specified by law, e.g. tax law (including the period of storing invoices).
Complaint and withdrawal form in the online store. When using the services or products of the Administrator, you can file a complaint or withdraw from the contract. For this purpose, the Administrator allows you to fill out a complaint form and a contract withdrawal form attached to the sales regulations. You can also perform these actions without filling out the form, but providing the necessary data.
The required data in this case are: name, surname or possibly username, residential address or company headquarters address (if the order was made on behalf of the company), e-mail address, telephone number (optional), bank account number (if a refund will be necessary).
Providing data is voluntary, but necessary to consider the complaint in accordance with the law and sales regulations. The data will be stored for the purpose of implementing the complaint procedure / withdrawal from the contract and for archival purposes and defense against claims.
User account registration form in the online store – The user has the opportunity to create an account in the online store and for this purpose should make the appropriate registration and provide data: name, surname, e-mail address, residential address, company headquarters address, NIP (tax identification number), and then a password.
Creating an account is based on the principles set out in the sales regulations and is a service provided electronically. The rules for maintaining an account and its possible deletion are included in the regulations.
Data marked as mandatory are required and without providing them, it will not be possible to create a user account. Providing other data is voluntary.
The Administrator may entrust the processing of personal data to third parties without the separate consent of the User (based on a data entrustment agreement). Data obtained from forms cannot be transferred to third parties. If the User uses services of external providers such as Google or Disqus, they should familiarize themselves with their privacy policy, available from these service providers, on their websites.

§5 DISCLAIMER AND COPYRIGHT

The content presented on the Site does not constitute advice or specialist tips (e.g., educational) and does not refer to a specific factual state. If the User wants to get help in a specific matter, they should contact a person authorized to give such advice or the Administrator at the given contact details. The Administrator is not responsible for the use of the content contained on the Site or actions or omissions taken based on them.
All content posted on the Site is subject to copyright by specified individuals and/or the Administrator (e.g., photos, texts, other materials, etc.). The Administrator does not consent to copying these contents in whole or in part without his explicit, prior consent.
The Administrator hereby informs the User that any dissemination of content provided by the Administrator constitutes a violation of the law and may result in civil or criminal liability. The Administrator may also demand appropriate compensation for material or non-material losses incurred in accordance with applicable regulations.
The Administrator is not responsible for the use of materials available on the site in a manner inconsistent with the law.
The content posted on the Site is current as of the day of posting, unless otherwise indicated.

§6 TECHNOLOGIES

In order to use the Administrator’s website, it is necessary to have:

A device with Internet access,
An active email inbox that receives email messages,
An internet browser that allows displaying websites,
Software that allows reading content in presented formats such as pdf, video, mp3, mp4.

§7 COOKIE POLICY

Like most websites, the Administrator’s Site uses so-called tracking technologies, or cookies, which allows improving the Site according to the needs of the users who visit it.
The website does not automatically collect any information, except for information contained in cookies.
Cookies (so-called “cookies”) are computer data, small text files, which are stored on the end device, e.g., a computer, tablet, smartphone, when you use the Site.
These can be own cookies (coming directly from the website) and third-party cookies (coming from other websites than the Site).
Cookies allow the content of my website to be tailored to the individual needs of the User and the needs of other users visiting it. They also allow the creation of statistics that show how users of the Site use it and how they navigate it. Thanks to this, I can improve my website, its content, structure, and appearance.
The Administrator uses the following third-party cookies on the Site:
Facebook Conversion Pixel and ads created through Facebook Ads (Facebook Custom Audiences) – for managing ads on Facebook and conducting remarketing activities, which is the legitimate interest of the Administrator.
The Administrator may also direct advertising content to the User through the Facebook portal as part of contact ads.
The Facebook Pixel tool is provided by Meta Platforms Ireland Limited. and its affiliated companies. This is an analytical tool that helps measure the effectiveness of ads, shows what actions Site Users take, and helps reach a specific group of people (Facebook Ads, Facebook Insights). The Administrator may also direct advertising content to the User through the Facebook portal as part of contact ads.
The administrator may also conduct remarketing based on art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services directed to people who have agreed to receive offers (or people similar to them or to users who have liked the Fanpage) in such a way that the given e-mail addresses are uploaded to the marketing tool offered by Meta Platforms Ireland Limited, i.e., the ad manager, and then an advertisement created by the Administrator or authorized persons is directed to them through the Administrator’s advertising account, provided that these people are simultaneously users of the Facebook platform (they have an account there). Each time, this data is deleted after the end of the advertising campaign. In case of implementing another advertising campaign, an updated contact database is uploaded to the tool). Detailed information about so-called custom audience groups, data hashing rules and processing with this data can be found in Facebook’s privacy policy at this link https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com legal/terms/dataprocessing, and the Administrator recommends that every User familiarize themselves with these rules.
The information collected through the use of the Facebook Pixel is anonymous and does not allow the identification of the User. They show general data about users: location, age, gender, interests. The Facebook portal provider may combine this information with the information that the User provides to him as part of the account held on the Facebook portal, and then use it in accordance with his own assumptions and purposes.
The administrator recommends familiarizing yourself with the details related to the use of the Meta (Facebook) Pixel tool and possibly asking questions to the provider of this tool, as well as managing your privacy settings on the Facebook portal. More information can be found at the following links: https://www.facebook.com/privacy/explanation and https://www.facebook.com/business/help 742478679120153?id=1205376682832142&_ga=2.140230195.1899084027.1676390445-251481724.1675757116. At any time, you can opt out of cookies responsible for displaying remarketing ads, for example at https://www.facebook.com/help/1075880512458213/.
Użytkownik korzystając ze strony wyraża zgodę na instalację wskazanego cookie na swoim urządzeniu końcowym.
TikTok Pixel – for managing ads on TikTok and conducting remarketing activities, which is the legitimate interest of the Administrator.
You can find more about the TikTok analytical tool and the rules for data processing within it here: https://ads.tiktok.com/help/article/tiktok-pixel redirected=1&_ga=2.99858206.1899084027.1676390445-251481724.1675757116.
This tool helps to reach new audiences by directing ads to them, especially those who have already visited the Site. If the User uses the TikTok platform, this data may be associated with the data collected by TikTok as part of the TikTok social platform. However, they are anonymous within the Site and are only used to collect statistical and analytical data, as well as to direct advertising to generally defined recipients.
You can read more about privacy protection rules on the TikTok portal here: https://www.tiktok.com/legal/page/eea/new-privacy-policy/pl-PL _ga=2.98704798.1899084027.1676390445-251481724.1675757116.
The embedded Google Analytics code is used for the purpose of analyzing the statistics of the Site. Google Analytics uses its own cookies to analyze the actions and behaviors of Site users. These files are used to store information, for example, from which page the User arrived at the current web page. They help improve the Site.
This tool is used under an agreement with Google Ireland Limited, but is provided by Google LLC. The actions taken when using the Google Analytics code are based on the legitimate interest of the Administrator, which consists in creating and using statistics, which then allows for improving the Administrator’s services and optimizing the Site. When using the Google Analytics tool, the Administrator does not process any User data that would allow his identification.
The Administrator recommends familiarizing yourself with the details related to the use of the Google Analytics tool, the possibility of disabling the tracking code, and possibly asking questions to the provider of this tool at the following link: https://support.google.com/analytics#topic=3544906. You can also familiarize yourself with the privacy rules at this link: https://policies.google.com/privacy hl=pl&_ga=2.64139695.1899084027.1676390445-251481724.1675757116.
Web push notifications, from the browser level – in order to better communicate with the User and faster deliver valuable content or offers, the Administrator allows the User to agree to receive web push notifications from the User’s browser level.
To agree to receive web push notifications, the User should select the “display notifications” option or another synonymous one (each browser may name this option differently) in the message sent by their web browser.
Consent to receive the aforementioned notifications can be withdrawn at any time by changing the settings of the User’s web browser. The Administrator does not process any personal data of Users using web push notifications. Users are identified solely on the basis of information that is stored by their web browsers, to which the Administrator does not have access.
Social media plugins, such as Facebook, Instagram, TikTok, LinkedIn, are used. When the User clicks on the icon of a given plugin, they are redirected to the page of an external provider, in this case, the owner of a given social networking site, e.g., Facebook. Then they have the option to click “Like” or “Share” and like the Administrator’s fan page located on the Facebook portal or directly share its content (post, article, video, etc.).
The Administrator recommends familiarizing yourself with Facebook’s privacy policy before setting up an account on this portal. The Administrator has no influence on the data processed by the Facebook portal. From the moment the User clicks on the plugin button referring to social media, personal data is processed by the social networking site, e.g., Facebook, which becomes their administrator and decides on the purposes and scope of their processing. Cookies left by the Facebook plugin (or other third parties) may also be applied to the User’s device after entering the Site and then associated with data collected in the Facebook portal. The User, by using the Site, accepts this fact. The Administrator has no influence on data processing by third parties in this way.
Tools for evaluating the effectiveness of Google Ads advertising campaigns are used for conducting advertising and remarketing campaigns, which is the legitimate interest of the Administrator.
The Administrator does not collect any data that would allow the identification of the User’s personal data. The Administrator recommends familiarizing yourself with Google’s privacy policy in order to learn the details of these functions and their possible disabling from the User’s browser level.
Cookies used to recover abandoned carts and user activity on the online store page are used to direct advertising communication related to an unfinished order to the User, which is the legitimate interest of the Administrator.
Content from portals and websites of external providers, the Administrator may embed on the Site content from portals, services, blogs, and other external websites. In particular, these may be videos from services like YouTube or Vimeo. These third parties may record certain data about the content playback performed by the User. If you do not want this to happen, log out of the given portal (if you have an account there and are logged in) before you visit my Site or do not play the content on the Site. You can also change your browser settings and block the display of certain content from specific portals.
YouTube service is operated by Google Ireland Limited and allows for the playback of recordings located on the Administrator’s pages. YouTube may store cookies about playback recordings on the User’s device and assign them to the User’s YouTube account if they are logged in. By using the recordings posted on YouTube, the User uses services provided electronically by Google Ireland Limited. Details on the processing of personal data by YouTube are contained in the privacy policy and terms of this portal: https://policies.google.com/privacy and https://www.youtube.com/t/terms.

§8 CONSENT TO COOKIES

Upon your first visit to the Site, you must consent to cookies or take other possible actions indicated in the message in order to continue using the Site’s content. Using the Site means giving consent. If you do not want to give such consent – leave the Site. You can always change your browser settings, disable or delete cookies. The necessary information can be found in the “help” tab in the User’s browser.

§9 SERVER LOGS

Using the Site involves sending queries to the server where the Site is stored.
Every query directed to the server is recorded in the server logs. Logs include, among others, the User’s IP address, server date and time, information about the internet browser and operating system used by the User.
Logs are recorded and stored on the server.
The server logs are used to administer the Site, and their content is not disclosed to anyone except the persons and entities authorized to administer the server.
The administrator does not use server logs in any way to identify the User.