1. General information.
- The service’s Operator is: Vercom S.A. with its registered office in Poznań, 22 Franklina Roosevelta St., 60-829 Poznań, registered in National Court Register by Regional Court Poznań – Nowe Miasto i Wilda in Poznań, VIII Economic Department of National Court Register under the entry no. KRS: 0000535618, REGON 300061423, NIP [tax identification number] 7811765125, share capital of 318.800,00 zł fully paid up.
- The Operator is the Admin of personal data in relation to data willingly given by users during account registration, during service usage or while taking part in various marketing actions, which can be hosted by the Operator (e.g. contests, newsletters etc.).
- Data given by users, necessary for services use, are utilised in services’ launch and provision process. In mainly includes operations such as:
- technical launch of the services,
- e-mail or text messages send out realisation,
- processing and storage of financial documents based on specific regulations: fiscal, financial, accounting etc.,
- informing about planned technical maintenance,
- informing about important configurational changes,
- informing about changes in the terms & conditions of use,
- realisation of technical service, answers to users’ questions included,
- clarification in matters of settling accounts,
- direct business contact – when the users asks for it,
- transmission of marketing information via e-mail/SMS/phone/other channels – when user allows for such forms of contact (e.g. when registering),
- service, when signing up for a newsletter, ticking an applicable consent or in service management panel – detailed regulations, agreement range and appointment of applicable regulations are at the time located in the place of giving consent,
- The Operator is also a personal data processing entity – in reference to data which are originally administered by Clients and which were entrusted by signing an applicable agreement. Detailed policy is then determined by personal data processing agreement. This policy does not apply to utilisation of this type of data. In relations to them the Operator is not an Admin.
- This policy does not cover any information regarding the services, products or websites owned by other entities other than the Operator.
- The service is realising information collection functions about users and their behaviours it the following way:
- Through voluntary data entry in forms. The data is later introduced to the Operators systems.
- Through saving of cookies files on terminal equipment.
- Through saving of technical logs on www servers, e-mail and the Operator’s applications level.
2. Selected data protection methods.
- The Operator employs a few different personal data protection mechanisms, in particular:
- protection from an unauthorised access,
- protection from data loss,
- Users’ passwords are not saved in a public way, nor they are ciphered in a reversible way.
- Login and personal data entry locations are protected in transport layer (SSL certificate).
- The Operator employs data loss protection means (e.g. disk arrays, regular security copies).
- The Operator employs adequate data storage protection means in case of a fire (e.g. advanced firefighting systems).
- The Operator employs adequate processing systems protection means in case of unexpected blackout (e.g. dual power tracks, aggregates, UPS voltage support systems).
- The Operator employs physical access protection means to locations where data in being processed (e.g. access control, monitoring).
- The Operator employs proper server environmental conditions provision means as elements of data processing system (e.g. environmental conditions control, specialised air conditioning systems).
- The Operator employs organisational solutions to ensure the highest possible level of security and confidentiality (trainings, internal policies, password policies etc.).
- The Operator conscripted a Data Protection Officer.
3. Information regarding personal data protection (GDPR).
In compliance with regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (EU OJ L119/1), we inform that:
- Vercom S.A. with its registered office in Poznań, 22 Franklina Roosevelta St., 60-829 Poznań is your personal data Admin.
- Dariusz Sikorski is Admin’s Data Protection Officer. Contact details: 22 Franklina Roosevelta St., 60-829 Poznań, e-mail contact: firstname.lastname@example.org.
- Your personal data will be processed in compliance with GDPR to:
a) realise and execute the agreement concluded with you in compliance with art. 6 paragraph 1 point b) of GDPR,
b) execute legally obliged personal data Admin’s duties in compliance with art. 6 paragraph 1 point b) of GDPR in range provided by particular laws,
c) execute legally justified business matters realised by the Admin in compliance with
art. 6 paragraph 1 point f) of GDPR, i.e. in order to settle, protect or investigate potential claims, protect persons and Admin’s property; and in order to conduct Admin’s direct marketing of Admin’s products and services.
- In some situations Admin has a right to hand over your personal data to other receivers, when it will be essential to execute the agreement concluded with you or to realise Admin’s duties. In such cases data will be handed over to three groups of receivers:
- people authorised by us, our workers and associates, who must have an access to personal data in order to execute their duties,
- processing entities, that we authorise to process personal data,
- other data receivers e.g. telecommunication operators, intermediaries, curriers, banks, insurers, legal offices, vindicating entities and public authorities.
- Your personal data will be processed for the purpose indicated in:
a) point 3 a) they will be stored for the period of time of duration and execution of the agreement concluded with you,
b) point 3 b) they will be stored for the period of time anticipated in special regulations,
c) point 3 c) they will be stored for the period of time of duration and execution of the agreement concluded with you; for the period of time essential for provision of persons and Admin’s property protection or for the period of time essential for settling, protecting and investigating claims.
- You are entitled to request form the Admin:
- access to personal data concerning you,
- their rectification,
- their removal,
- restrain of data processing,
- and data transfer.
- You are entitles to submit and objection in matters of processing indicated in point 3 c) considering personal data processing in order to execute legally justified business matters realised by the Admin, profiling included, wherein the right of objection will not be possible to be executed in case where important legally justified bases for processing exist, which are superior towards your business matters, rights and freedom, especially the settling, investigation or protection of claims.
- A complaint to the chairman of Data Protection Office, 2 Stawki St. 00-193, Warsaw, for Admins actions is inhered.
- Giving personal data, which are mentioned in point 3) is voluntary but is essential to realisation of the agreement concluded with you, or is agreement concluded with your employer. Not giving the data will make it impossible to realise the concluded agreement.
- Actions can be undertaken towards you, which rely on automated decision making, including profiling needed to provide services as part of the concluded agreement and to conduct Admin’s direct marketing.
4. Information about forms.
- The service collects information voluntarily given by users, including personal data, if provided.
- The service can save information about connection parameters (time indication, IP address).
- The service, in some cases, can save information facilitating linking data form a form with e-mail address of a user who fills in the form. In such case the user’s e-mail address appears in URL address of a website containing the form.
- Data given in a form are processed for a purpose consequent with specific form’s function, e.g. for the purpose of handling clients’ customer service submissions, business contact, registration in the service etc. Every form’s context and description clearly informs about its purpose.
- Information on some user behaviours are a subject to logging in. These data are used for the purpose of service administration and provision of the most efficient customer service.
- The following data can be saved:
- resources determined by URL ID (addresses of requested resources – websites, files),
- arrival time of query to the customer service,
- send out time of an answer,
- Client terminal’s name – identification realised by http protocol,
- information about errors that occurred during realisation of HTTP transaction,
- URL address of a website, that was previously visited by a user (referrer link) – in case when transition to the service ensued via a link,
- information on user’s internet browser,
- information on IP address,
- diagnostic information linked with the process of self-contained service commission with forms found on a website.
6. Information on cookies files.
- Cookies files make up IT data, especially text files, which are stored in service user’s terminal equipment and are dedicated to the use of service’s websites. Cookies usually contain name of a website, from which they derive, their time of storage on the terminal equipment and a unique number.
- The entity placing cookies flies on service user’s terminal equipment and receiving access to then is the service Operator.
- Cookies files are used for the following purposes:
- statistics creation, which help understand the manner in which service users use websites, which enables improvement of their structures and contents;
- upkeep of service user’s session (after log in), thanks to which the user does not have to enter his login and password on every subpage of the service;
- upkeep of information about services commands for commands programme;
- evaluation of user’s profile for the purpose of adjusted marketing material display, especially on Googles network.
- Within the service there are two fundamental types of cookies files: “sessional” (session cookies) and “persistent” (persistent cookies). “Sessional” cookies are temporary files, which are stored on user’s terminal equipment until the time of logging out, quitting the website or software shut down (internet browser). “Persistent” cookies are stored on user’s terminal equipment for a time defined cookies files parameters or until they are deleted by a user.
- Internet browser software usually by default allows for storage of cookies files on user’s terminal equipment. Service users can make changes to these settings. Internet browser allows for cookies files removal. Automatic blocking of cookies files is also possible. Detailed information regarding this can be found in internet browser’s documentation.
- Restricting cookies files use can have influence on some features available on service’s websites.
- Cookies files placed on the service user’s terminal equipment can be also used by entities cooperating with service’s Operator, it especially applies to the following companies: Google (Google Inc. with its registered office in USA), Facebook (Facebook Inc. with its registered office in USA), Twitter (Twitter Inc. with its registered office in USA).
- The Operator uses Google Analytics service for the purpose of website’s traffic analysis.
- The Operator uses remarketing, in other words actions, thanks to which advertising networks can display advertising adjusted to user’s behaviours in the service. Cookies files support is a technical requirement for these actions.
- In matters of information about user’s preferences gathered by Google advertising network a user can look over and edit information emerging from cookies files with use of a special tool: https://www.google.com/ads/preferences/
Cookies files management – how to give and withdraw a consent in practice?
- If the user does not want to receive cookies files, it is possible to change browser’s settings. Warning, turning off support of essential cookies files for authentication, security, uphold of user’s preferences processes can hinder a use of websites, and in extreme cases even make it impossible.
- In order to manage cookies setting pick your internet browser from the list below and follow the instructions: