Privacy Policy - rules for gathering and processing Personal Data by the Administrator on account of the provided Service
I. Definitions:
- Administrator - VALLOR S.A. in Toruń, Poland, 87-100 Toruń, ul. Ceglana 8, entered into KRS (National Court Register) - District Court in Toruń, 7th Commercial Division of the National Court Register, KRS: 0000687916, NIP: 8792693631, REGON: 367844050.
- Personal Data - information allowing the identification of Users, through one or several distinctive factors describing physical, physiological, genetic, psychological, economic, cultural or social identity of a natural person, including profession/job position, home address, work address, IP number of the device, localization data, Internet identifier and information gathered through cookie files or a different, similar technology.
- Administrator’s Service (hereinafter: Service) – Website provided by the Administrator located under the address www.vallor.com and under addresses of redirections from this address as well as every other address that supplements or continues it and every address that replaces it. Service also means e-mail correspondence between the User and Administrator and their personnel.
- User – Every natural person that uses the Service.
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Policy – The following Privacy Policy.
II. Administrator of Users’ personal data - who gathers and processes User’s Personal Data:
The Administrator of the personal data of Users using the Service Project (called hereinafter “Administrator”) is:
VALLOR S.A. in Toruń, 87-100 Toruń, ul. Ceglana 8, entered into KRS (National Court Register) - District Court in Toruń, 7th Commercial Division of the National Court Register, KRS: 0000687916, NIP: 8792693631, REGON: 367844050.
Administrator pays special attention to protecting data shared by Service Users. Data shared by Users are protected and secured by the Administrator against the access by unauthorized persons.
Service is widely available for all interested parties.
III. Using the Service and Users’ Personal Data gathered and process by Administrator - what Users’ personal data is gathered and process and for what purpose?
Administrator gathers and processes your Personal Data.
Data should be understood as the IP address or other User identifiers provided voluntarily by User or on Administrator’s demand on account of using the Service, particularly: name and last name, home address, other contact data, profession/job position/place of work and information gathered through cookie files or other similar technologies.
Your activity in the Service, including your Personal Data are also registered in system logs.
We would like to emphasize that the Administrator gathers and uses other Personal Data provided by Users.
The gathered information is processed mainly in order to provide services, listed as follows:
- providing contact with the User and dealing with current affairs, including concluding agreements, performing contracts, for the purposes of financial settlements,
- analytical and statistical - to constantly improve the quality of services provided by the Administrator and to adjust the functionality of the Service to your needs,
- detecting misuse, identifying and counteracting dangers to stability and correct operation of the Service and providing safety for its Users,
- receiving, reviewing and finalizing all User complaints and questions,
- Administrator’s marketing activities, presenting information about current offer of new services to Users in particular, provided that there is such an option while using the Service and the User chooses to use this option.
Users can review their data in any moment and are entitled to update their data free of charge.
The gathered data set is protected, which means it is treated as a separate database and is kept in a logically separated security zone, providing proper security to the database.
IV. Sharing Personal Date of Event Participants and Service Users - who and when is entitled to having access to this data?
Personal data are shared to outside entities cooperating with the Administrator only within the limits permitted by law, meaning only when sharing the data is necessary to provide service by the Administrator or to provide marketing services by the Administrator. Only the necessary data is shared.
It is important to highlight that the Administrator may be required to share gathered information to authorized bodies based on requests permitted by law concerning the extent arising from the request.
Users’ Data are processed in a way compliant to the range of given permission and legal requirement, particularly GDPR.
The Administrator will not share personal data outside the European Union.
V. What are cookie files (cookies)?
The Service uses cookie files, i.e. IT data, text files in particular, stored in a terminal device of the Service User and dedicated to use Service’s websites. Cookies usually contain the name of the website they originate from, the time of storage on the terminal device and a unique number. The entity placing cookie files on the Service User’s terminal device and accessing them is the Service’s operator, they are used for following purposes: creating statistics allowing to understand the way the Service Users use the websites, allowing to improve the websites’ structure and contents; maintaining the Service User’s session (after logging in), thanks to which the User does not have to type in their login and password on each subpage; defining a User profile in order to adjust materials shown in advertising networks, Google network in particular. Cookie files placed in Service User’s terminal device may be also used by partners and advertisers cooperating with the Service operator.
Software used to view websites (web browser) usually allows storing cookie files in the User’s terminal device by default. Service Users may change settings in this regard. Web browsers allow deleting cookie files. It is also possible to automatically block cookie files. More information on this topic can be found in web browser’s help section or documentation.
Cookie files may be used by advertising networks, Google in particular, to show advertisements adjusted to the way the User uses the Service. In order to do that they may save the information about the User's navigation path or time spent on a particular website.
Information about User’s preferences gathered by Google’s advertisement network the User may view and edit information resulting from cookie files using the tool: https://www.google.com/ads/preferences/.
Turning off the usage of cookie files is possible, it may however impede and in extreme cases make using the websites impossible.
VI. What information about User’s activity in the Event is stored in logs on a server that operates the Event?
Information about Users’ behavior are logged automatically in the server layer of the IT system used by the Service. This data is used only to administer the Service and to provide the most efficient service of the provided hosting services.
Viewed assets are identified through URL addresses. Furthermore, other instances may also be saved: time of inquiry, time of response, name of the client’s station - identification carried out by HTTP protocol, information about errors occurring during the performance of HTTP transaction, URL address of the previously viewed website (referrer link) - while accessing the Service using the link, information about User’s web browser and the IP address.
Data is not associated with specific people viewing the websites, they are used only to administer the server.
VII. User’s rights
The User has following rights:
- access to contents of data and demanding its correction,
- to delete the data,
- restriction of data processing,
- right to move the data,
- right to object to data processing as well as
- right to lodge a complaint to supervisory authority managing personal data protection.
When you choose a potential option “I would like to take advantage of the opportunity to receive commercial information (newsletter)” while using the Service, it means giving a separate consent to process Personal Data for marketing purposes.
Using the Service in other way means giving consent to gather and process Personal Data according to the Terms of Use.
Each consent may be fully or partially withdrawn at any time by sending an e-mail to rodo@vallor.com. A request to withdraw Personal Data during negotiations without obligation of parties results in inability of dealing with affairs expected by the User, without circumstances aggravating the Administrator.
VIII. Duration of personal data processing.
Users’ Personal Data will be processed while using the Service and after using the Service:
- to examine User’s complaint or to examine claims, not longer than the period when complaints or claims can be raised or not longer than until the contentious matters are resolved, complaints are settled or claims are alleviated,
- for direct online marketing purposes or until the User withdraws the consent to process User’s Personal Data.
If you withdraw your consent to process your Personal Data, Personal Data processing will be terminated.
In this case the data will be either deleted or subject to anonymization, some data, however, (name, last name, e-mail address, Profile’s history and information about given consents) will be stored for three more years in order to validate potential claims/complaints from both the User and Administrator.
If the User uses the Service without corresponding with the Administrator, the Administrator will process the User’s Personal Data for as long as the User’s terminal device stores cookie files, user agent files and viewed bookmarks and information in the Service.
IX. Contact with Administrator. Changes in Privacy Policy.
If you have any questions or doubt, pleas to not hesitate to contact us using our e-mail address: rodo@vallor.com.
In order to update or delete User’s personal data please contact us using our e-mail address rodo@vallor.com.
The above Privacy Policy enters into force on the day of publication in Service’s Events and remains in effect until further notice or change.