Privacy Policy – jarock.pl
- General Information
- This policy concerns the website www (and its subdomains) located at the following URL: jarock.pl.
- The service operator and the administrator of personal data is: JaRock Limited Liability Company, ul. Marszałka Józefa Piłsudskiego 74/320, 50-020 Wrocław, Tax Identification Number (NIP): 8971893878, National Business Registry Number (REGON): 389504963.
- Operator’s email contact address: [email protected]
- The operator is the administrator of your personal data with regard to the data voluntarily provided in the Service.
- The Service uses personal data for the following purposes:
- Conducting newsletters
- Organizing contests or other promotional activities
- Presenting offers or information
- The Service collects information about users and their behavior in the following manner:
- Through voluntarily provided data entered into the Operator’s systems via forms.
- By storing cookie files (known as “cookies”) on end devices.
- Personal Data Protection
- The processing of personal data is carried out in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR), as well as the Act on the Protection of Personal Data of 10 May 2018 (Journal of Laws of 2018, item 1000).
- The personal data of users are jointly administered by: JAROCK SP.Z O.O., with its registered office in Wrocław, ul. Marszałka Józefa Piłsudskiego 47/320 (postal code 50-020), entered into the register of entrepreneurs kept by the VI Civil Department – District Court for Wrocław-Krzyki, under the KRS number 0000909653, having the Tax Identification Number (NIP): 897183878, REGON number: 38950496300000, with a share capital of PLN 5000, fully paid up.
- The administrator of personal data has appointed a data protection officer responsible for supervising the correctness of personal data processing, who can be contacted via email: [email protected].
- The processing of personal data includes their collection, recording, storage, processing, and deletion.
- The processed personal data includes the user’s first name, last name, and email address.
- Selected Data Protection Methods Used by the Operator
- The login and data entry areas are protected by a secure transmission layer (SSL certificate). This ensures that personal data and login information entered on the website are encrypted on the user’s computer and can only be read on the destination server.
- Personal data stored in the database is encrypted in such a way that only the Operator, who possesses the decryption key, can read it. This provides protection in the event of a database breach on the server.
- User passwords are stored in a hashed form. The hashing function operates in a one-way manner, making it impossible to reverse, which is the current standard for storing user passwords.
- The Operator periodically changes their administrative passwords.
- Regular updating of all software used by the Operator for processing personal data is an essential element of data protection. This includes regular updates of software components.
- Selected Data Protection Methods Used by the Operator
- HostingThe Service is hosted (technically maintained) on the operator’s server: https://www.digitalocean.com/
- Your Rights and Additional Information on Data Usage
- In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to fulfill the agreement with you or to fulfill the obligations of the Administrator. This applies to the following groups of recipients:
- Hosting company on the basis of data processing agreement
- Payment processors
- Marketing service providers on behalf of the Administrator
- Your personal data processed by the Administrator will not be retained longer than necessary for the activities specified by separate regulations (e.g., accounting). In relation to marketing data, the data will not be processed for more than 3 years.
- You have the right to request from the Administrator:
- Access to your personal data,
- Correction of your personal data,
- Erasure of your personal data,
- Restriction of data processing,
- Data portability.
- You have the right to object to the processing referred to in point 3.3 c) regarding the processing of personal data for the purposes of legitimate interests pursued by the Administrator, including profiling. However, the right to object cannot be exercised if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, especially in relation to establishing, pursuing, or defending legal claims.
- You have the right to lodge a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, regarding the actions of the Administrator.
- Providing personal data is voluntary but necessary for the provision of the Service.
- Automated decisions, including profiling, may be made concerning you in order to provide services under the concluded agreement and for direct marketing conducted by the Administrator.
- Personal data is not transferred to third countries as defined in the provisions on personal data protection. This means that they are not transferred outside the European Union.
- Information in Forms
- The Service collects information voluntarily provided by the user, including personal data, if provided.
- The Service may store information about connection parameters (timestamp, IP address).
- In some cases, the Service may store information that facilitates the correlation of data in the form with the email address of the user filling out the form. In such cases, the user’s email address appears within the URL of the page containing the form.
- The data provided in the form is processed for the purpose specified by the specific form, such as processing a service request or commercial contact, registering services, etc. Each time, the context and description of the form clearly inform what it is used for.
- Marketing
- The Administrator processes Users’ personal data for the purpose of conducting marketing activities, which may include:
- Displaying non-personalized marketing content to the User (contextual advertising).
- Displaying marketing content tailored to the User’s interests (behavioral advertising).
- Sending email notifications about interesting offers or content, which may contain commercial information (newsletter service).
- Conducting other types of direct marketing activities for goods and services (sending electronic commercial information and telemarketing activities).
- In order to conduct marketing activities, the Administrator may use profiling in some cases. This means that through automated data processing, the Administrator assesses selected factors regarding Users to analyze their behavior or create future forecasts. This allows for better customization of displayed content based on the User’s individual preferences and interests.
- The Administrator processes Users’ personal data for marketing purposes related to sending contextual advertising (i.e., advertising that is not tailored to the User’s preferences). The processing of personal data is carried out in connection with the legitimate interests pursued by the Administrator (Art. 6(1)(f) of the GDPR).
- The Administrator provides a newsletter service to individuals who have provided their email address for this purpose, in accordance with the terms specified in the regulations. Providing data is necessary for the provision of the newsletter service, and failure to provide such data will result in the inability to send it. This form of communication with the User may involve profiling.
- Administrator’s Logs
- Information about user behavior on the website may be subject to logging. This data is used for the administration of the service.
- Relevant Marketing Techniques
- The operator utilizes statistical analysis of website traffic through Google Analytics (Google Inc., based in the USA). The operator does not provide personal data to Google Analytics, only anonymized information. This service relies on the use of cookies on the user’s device. Regarding user preference information collected by the Google advertising network, users can view and edit cookie-related information using the following tool: https://www.google.com/ads/preferences/
- The operator employs remarketing techniques, which allow for tailored advertising messages based on user behavior on the website. This may create an impression that the user’s personal data is being tracked, but in practice, no personal data is transferred from the operator to advertising operators. The use of cookies is a technological requirement for such activities.
- The operator utilizes Facebook pixel technology. This technology enables Facebook (Facebook Inc., based in the USA) to identify if a registered user is using the website. In this case, Facebook relies on data for which the operator is the administrator, and the operator does not provide any additional personal data to Facebook. This service relies on the use of cookies on the user’s device.
- Please note that I have provided a translation to the best of my ability, but it may be necessary to review and adjust the translation for accuracy and consistency with the original text.
- Cookie Information
- The website uses cookies.
- Cookies are computer data, particularly text files, that are stored on the end device of the website user and are intended for use with the website. Cookies typically contain the name of the website they come from, the duration of their storage on the end device, and a unique number.
- The operator of the website is the entity that places cookies on the end device of the website user and has access to them.
- Cookies are used for the following purposes:
- Maintaining the user’s session on the website (after logging in), so that the user does not have to re-enter their login and password on each page of the website.
- Achieving the goals specified in the “Relevant Marketing Techniques” section above.
- Two main types of cookies are used within the website: “session cookies” and “persistent cookies.” Session cookies are temporary files stored on the user’s end device until the user logs out, leaves the website, or closes the web browser. Persistent cookies are stored on the user’s end device for a specified period of time or until they are deleted by the user.
- Web browsing software (web browser) usually allows cookies to be stored on the user’s end device by default. Website users can change these settings. The web browser enables users to delete cookies, as well as automatically block cookies. More detailed information on this topic can be found in the help section or documentation of the web browser.
- Restrictions on the use of cookies may affect certain functionalities available on the website.
- The cookies placed on the end device of the website user may also be used by entities cooperating with the operator of the website, particularly by companies such as Google (Google Inc., based in the USA), Facebook (Facebook Inc., based in the USA), and Twitter (Twitter Inc., based in the USA).
- Managing Cookies – How to Give and Withdraw Consent in Practice?
- If the user does not want to receive cookies, they can change the settings of their browser. However, please note that disabling the necessary cookies for authentication, security, and user preference maintenance may make it difficult or, in extreme cases, impossible to use websites.
- To manage cookie settings, please select your web browser from the list below and follow the instructions:
- Entrusting the processing of personal data
- Your personal data may be processed by third parties to whom we entrust specific tasks related to ensuring the proper functioning of the website. The entities to whom we entrust the processing of personal data guarantee the application of appropriate measures to protect and secure personal data as required by law.