Privacy Policy

Privacy Policy

The following Privacy Policy sets out the rules for storing and accessing data on the devices of users using the website for the purpose of providing services electronically by the administrator and the rules for collecting and processing personal data of users that were provided by them personally and voluntarily through the tools available on the website.


The following Privacy Policy is an integral part of the terms of Service, which sets out the principles, rights and obligations of users using the service.


§1 definitions

Service-website "Technomashbud" operating at https://technomaszbud.pl/


External service - websites of partners, service providers or service recipients cooperating with the administrator


Website / data Administrator - the website administrator and the data administrator (hereinafter referred to as the Administrator) is the company "TMS GROUP sp z o o", operating at the address: Matuszewska 20/110, 03-876, Warsaw, with tax identification number (NIP): 5213811386, with KRS number: 0000716686, providing services electronically through the website


User - a natural person for whom the Administrator provides services electronically via the website.


Device - an electronic device with software through which the user accesses the website


Cookies - text data collected in the form of files placed on the user's device


GDPR-regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)


Personal data means information about an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity. natural person


Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;


Restriction of processing-means marking of stored personal data in order to limit their future processing


Profiling means any form of automated processing of personal data which involves the use of personal data to evaluate certain personal factors relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


Consent-the consent of the data subject means a voluntary, specific, informed and unambiguous indication of the will by which the data subject, by a statement or by an explicit affirmative action, consents to the processing of personal data concerning him or her


Personal data breach-means a breach of security resulting in accidental or unlawful destruction, loss, modification, unauthorised disclosure or unauthorised access to personal data transmitted, stored or otherwise processed


Pseudonymisation means the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and is subject to technical and organisational measures that prevent it from being attributed to an identified or identifiable natural person


Anonymization-anonymization of data is an irreversible process of operations on data that destroys / overwrites "personal data" making it impossible to identify or associate a given record with a specific user or natural person.


§2 Data Protection Officer

Pursuant to Art. 37 GDPR, the controller has not appointed a Data Protection Officer.


In matters relating to the processing of data, including personal data, you should contact the controller directly.


§3 Types Of Cookies

Internal Cookies - files placed and read from the user's device by the IT system of the website


External Cookies - files placed and read from the user's device by IT systems of external services. Scripts of external services that may place Cookies on the user's devices have been deliberately placed on the website through scripts and services provided and installed on the website


Session Cookies - files placed and read from the user's device by the service during one session of the device. At the end of the session, the files are deleted from the user's device.


Persistent Cookies - files placed and read from the user's device by the service until they are manually deleted. Files are not automatically deleted after the end of the device session unless the user's device configuration is set to delete cookies after the end of the device session.


§4 security of data storage

Mechanisms for storing and reading cookies-mechanisms for storing, reading and exchanging data between Cookies stored on the user's device and the service are implemented through built-in mechanisms of internet browsers and do not allow downloading other data from the user's device or data from other websites visited by the user, including personal data or confidential information. Transferring viruses, trojans and other worms to the user's device is also virtually impossible.


Internal cookies-cookies used by the Administrator are safe for users ' devices and do not contain scripts, content or information that may compromise the security of personal data or the security of the device used by the user.


External cookies-the Administrator takes all possible measures to verify and select service partners in the context of user security. The Administrator selects well-known, large partners with global social trust for cooperation. However, it does not have full control over the content of cookies from external partners. The Administrator is not responsible for the security of cookies, their content and the licensed use of scripts installed on the website from external services to the extent permitted by law. The list of partners can be found in the following section of the Privacy Policy.


Cookie control


The user can at any time, independently change the settings for saving, deleting and accessing the data of saved Cookies by any website


Information on how to disable Cookies in the most popular computer browsers is available at: how to disable cookies or from one of the indicated providers:


Manage cookies in Chrome

Managing cookies in Opera

Manage cookies in FireFox

Managing cookies in Edge

Manage cookies in Safari

Manage cookies in Internet Explorer 11

The user may at any time delete any cookies stored so far using the tools of the user's device through which the user uses the services of the website.


Risks on the part of the user-the Administrator uses all possible technical measures to ensure the security of data placed in cookies. However, please note that ensuring the security of this data depends on both parties including the user's activities. The Administrator is not responsible for the interception of this data, impersonating the user's session or deleting it, as a result of the user's conscious or unconscious activity, viruses, trojans and other spyware with which the user's device may be or has been infected. In order to protect themselves from these threats, users should adhere to the principles of safe use of the internet.


Storage of personal data-the Administrator ensures that he makes every effort to ensure that the processed personal data entered voluntarily by users are safe, access to them is limited and implemented in accordance with their purpose and purposes of processing. The Administrator also ensures that he makes every effort to protect his data from loss by applying appropriate physical and organizational security.


Storage of passwords-the Administrator declares that passwords are stored in encrypted form, using the latest standards and guidelines in this regard. Decryption of the passwords provided in the service to access the account is practically impossible.

§5 purposes for which Cookies are used

Improving and facilitating access to the service

Personalization of the website for users

Enabling you to log in to the service

Marketing, Remarketing on external websites

Advertising services

Affiliate services

Keeping statistics (users, number of visits, types of devices, link, etc.)

Serving multimedia services

Provision of social services

§6 purposes of personal data processing

Personal data voluntarily provided by users are processed for one of the following purposes:


Implementation of electronic services:

Services for registration and maintenance of the user account on the website and functionalities related to it

Newsletter services (including sending advertising content with consent)

Services of commenting / liking entries on the website without the need to register

Services to share information about content posted on the site on social networks or other sites.

Communication of the administrator with users in matters related to the service and data protection

Ensuring the legitimate interest of the administrator

User data collected anonymously and automatically is processed for one of the following purposes:


Keeping statistics

Remarketing

Serving ads tailored to user preferences

Affiliate programs

Ensuring the legitimate interest of the administrator

§7 Cookies of external services

The Administrator of the website uses javascript scripts and web components of partners who can place their own cookies on the user's device. Please note that in the settings of your browser you can decide for yourself about the allowed cookies that can be used by individual websites. Below is a list of partners or their services implemented on the site that can place cookies:


Multimedia services:

YouTube

Social / connected services:

(Registration, login, content sharing, communication, etc.)

Twitter

Facebook

Google+

Content sharing services:

WhatsApp

Instagram

Newsletter Services:

MailChimp

Advertising services and affiliate networks:

Google Adsense

Video target

MyLead

Keeping statistics:

Google Analytics

Serpstat

SE Ranking

SEMrush

Ahrefs

Other services:

The Internet Archive

Google Maps

Services provided by third parties are beyond the control of the controller. These entities may change their terms of Service, Privacy Policy, purpose of data processing and ways of using cookies at any time.


§8 types of data collected

The service collects data about users. Part of the data is collected automatically and anonymously, and part of the data is personal data provided voluntarily by users when signing up for individual services offered by the service.


Anonymous data collected automatically:


IP address

Browser type

Screen resolution

Approximate location

Open subpages of the website

Time spent on the appropriate subpage of the website

Type of operating system

Address of the previous subpage

Address of the referring party

Browser language

Internet connection speed

Internet service provider

Demographic data (age, gender)

Data collected during registration:


Name / surname / pseudonym

Login

E-mail address

Address of residence

Gender

Date of birth / age

Phone number

IP address (collected automatically)

NIP no

KRS number

REGON number

Other common data

Data collected when subscribing to the Newsletter service


Name / surname / pseudonym

E-mail address

IP address (collected automatically)

Data collected when adding a comment


Name and surname / pseudonym

E-mail address

Address www

IP address (collected automatically)

Some data (without identifying data)may be stored in cookies. Part of the data (without identifying data) may be transmitted to the statistical service provider.


§9 access to personal data by third parties

As a rule, the only recipient of personal data provided by users is the controller. The data collected as part of the services provided are not transferred or resold to third parties.


Access to data (most often on the basis of a data processing agreement) may be held by entities responsible for maintaining the infrastructure and services necessary to operate the website, i.e.:


Hosting companies providing hosting or related services to the administrator

Intermediary companies in on-line payments for goods or services offered on the website (in the case of making a purchase transaction on the website)

Entrusting the processing of personal data - Newsletter


In order to provide the Newsletter service, the Administrator uses the services of a third party - the MailChimp service . The data entered in the newsletter subscription form is transmitted, stored and processed on the external service of this service provider.


We inform you that the indicated partner may modify the indicated privacy policy without the consent of the administrator.



Entrusting the processing of personal data-hosting services, VPS or dedicated servers


The Administrator uses the services of an external hosting provider, VPS or dedicated servers - SVAI LLC. All data collected and processed on the website are stored and processed in the infrastructure of the service provider located outside the borders of the European Union. It is possible to access the data as a result of service work carried out by the service provider's staff. Access to this data is governed by a contract concluded between the administrator and the service provider.



Data processing for on-line payments


In the case of online payments, all payment data is transmitted directly by the user to the payment processor-PayU. The selected data necessary for the execution of the transaction are then transmitted by this entity to the administrator. The transfer of data is governed by a contract concluded between the controller and the service provider.



§10 method of processing personal data

Personal data voluntarily provided by users:


Personal data will not be transferred outside the European Union, unless it has been published as a result of an individual action of the user (e.g. entering a comment or entry), which will make the data available to each person visiting the website.

Personal data will not be used for automated decision-making (profiling).

Personal data will not be sold to third parties.

Anonymous data (without personal data) collected automatically:


Anonymous data (without personal data) will be transferred outside the European Union.

Anonymous data (without personal data) can be used for automated decision-making (profiling).

Profiling anonymous data (without personal data) does not produce legal effects or similarly does not significantly affect the person whose data is subject to automatic decision-making.

Anonymous data (without personal data) will not be sold to third parties.

§11 legal basis for the processing of personal data

The service collects and processes user data on the basis of:


Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

article 6 (1) (b) a

the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes.

article 6 (1) (b) b

the processing is necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject prior to the conclusion of the contract.

article 6 (1) (b) f

processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party

Act of 10 May 2018 on the protection of personal data (Journal of laws 2018 item 1000)

Act of 16 July 2004 Telecommunications Law (Journal of laws 2004 No. 171 item 1800)

Act of 4 February 1994 on copyright and related rights (Journal of laws 1994 No. 24 item 83)

§12 period of personal data processing

Personal data voluntarily provided by users:


As a rule, the indicated personal data are stored only for the period of providing the service within the service by the administrator. They are deleted or anonymized within a period of up to 30 days from the end of the provision of the services (e.g. deletion of the Registered User Account, unsubscribing from the Newsletter list, etc.)


An exception is the situation that requires securing the legally justified purposes of further processing of these data by the administrator. In such a situation, the Administrator will store the indicated data, from the time of the request for their removal by the user, no longer than for a period of 3 years in case of violation or suspected violation of the provisions of the terms of service by the user


Anonymous data (without personal data) collected automatically:


Anonymous statistical data, which do not constitute personal data, are stored by the administrator in order to maintain statistics of the website for an indefinite period of time


§13 Rights of users related to the processing of personal data

The service collects and processes user data on the basis of:


Right of access to personal data

Users have the right to access their personal data, implemented at the request of the administrator


Right to rectification of personal data

Users have the right to request from the administrator the immediate rectification of personal data that are incorrect or / and completion of incomplete personal data, implemented on request submitted to the administrator


Right to data portability

Users have the right to request from the administrator the immediate deletion of personal data, implemented on request submitted to the administrator in the case of user accounts, the deletion of data involves the anonymization of data enabling the identification of the user. The Administrator reserves the right to suspend the execution of the request for deletion of data in order to protect the legitimate interest of the administrator (e.g. if the user has committed a violation of the regulations or the data were obtained as a result of correspondence).

In the case of the Newsletter service, the user has the possibility to delete his / her personal data independently using the link provided in each sent e-mail.


Right to restriction of processing

Users have the right to restrict the processing of personal data in cases specified in Article 18 of the GDPR, m.in. questioning the accuracy of personal data, carried out at the request of the administrator


Right to data portability

Users have the right to obtain from the controller personal data concerning the user in a structured, commonly used and machine-readable format, implemented upon request to the controller


Right to object to the processing of personal data

Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the GDPR, implemented at the request of the administrator


Right to lodge a complaint

Users have the right to lodge a complaint with a supervisory authority dealing with the protection of personal data.


§14 contact to the administrator

You can contact the administrator in one of the following ways


Postal address-TMS GROUP sp z o o, Ul Matuszewska 20/110, 03-876, Warszawa


E-mail address - biuro@technomaszbud.pl


Telephone call- +48 732 081 742


Contact form-available at: / index.php?route=information / contact


§15 Service Requirements

Limiting the storage and access to cookies on the user's device may cause some functions of the website to malfunction.


The Administrator does not bear any responsibility for malfunctioning functions of the website if the user restricts in any way the ability to save and read Cookies.


§16 External links

The service - articles, posts, posts or comments of users may contain links to external sites with which the owner of the service does not cooperate. These links and the pages or files underneath them may be dangerous to your device or pose a security risk to your data. The Administrator is not responsible for content outside the service.


§17 changes to the Privacy Policy

The Administrator reserves the right to make any changes to this Privacy Policy without informing users about the use and use of anonymous data or the use of cookies.


The Administrator reserves the right to make any changes to this Privacy Policy regarding the processing of personal data, which will inform users who have user accounts or subscribed to the newsletter service, via e-mail within 7 days of changing the records. Your continued use of the services means that you have read and accepted the changes to the Privacy Policy. In the event that the user does not agree with the changes made, he / she is obliged to delete his / her account from the website or unsubscribe from the Newsletter service.


The changes made to the Privacy Policy will be published on this subpage of the website.


The amendments shall enter into force upon their publication.