This document is the implementation of the Administrator’s information policy towards users of the otimo.pro website (hereinafter referred to as the “Website”) and other persons who establish contact with the Administrator, including through the Website, in all aspects of personal data processing and protection. We attach great importance to the protection, collection, processing and use of your personal data in accordance with applicable regulations.
1. Information on the Administrator and the collection of personal data
1.1. The Administrator of the otimo.pro Website and the Administrator of your personal data within the meaning of Article 4 point 7 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the Regulation) is OTIMO LIMITED LIABILITY COMPANY with its registered office in Łódź, address: Ks. Biskupa Wincentego Tymienieckiego 22G, 90-349 Łódź, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Łódź, Commercial Court, XX Commercial Division of the National Court Register under the number KRS 0000866369, having NIP 7272845850, REGON 387368740, share capital PLN 30,000.00, email: email@example.com (hereinafter referred to as the Administrator).
1.2 The Administrator processes the personal data you provide for the purposes necessary for the proper functioning of the Website, contact through the Website or otherwise, communication, including in matters of sending commercial information, concluding and implementing an agreement, including agreements for electronically provided services, taking advantage of the opportunity to cooperate with the Administrator, the Administrator’s services, for marketing and analytical purposes, and, in case of entering into an agreement - also for the purposes of accounting, financial reporting, pursuing claims and defense against claims. For these purposes, the Administrator collects your personal data such as your name and surname, e-mail address, phone number, company name and other personal data provided in the course of contacting the Administrator or in the course of using the Website, including through the contact form, as well as personal data collected through cookies and the IP of the Website user’s computer. In the case of concluding an agreement, providing personal data is necessary to perform the agreement. If data processing is optional, the data will be processed on the basis of consent. The data may also be processed on the basis of the legitimate interest of the Administrator.
1.3 The Administrator processes the personal data provided by you in the contact form in order to provide the service provided electronically. For this purpose, the Administrator collects your personal data such as your name, e-mail address, phone number. Providing your e-mail address is necessary for responding to your inquiry submitted electronically through the contact form. In the case of your request for telephone contact, it is also necessary to provide a phone number. Processing is based on Article 6(1)(b) of the Regulation.
1.4 The Website performs the functions of obtaining information and personal data about users and their behaviours also by storing cookie files (so-called ‘cookies’) in the terminal devices.
1.5 Personal data is stored and processed for no longer than necessary (for the purposes for which it was collected and is used), especially until the performance of the agreement, including its settlement or the limitation of claims under the agreement, for the time necessary to comply with obligations under the law (e.g. tax or accounting regulations). In the case of consent - until its effective withdrawal (revocation).
1.6 Processing is based on:
a) Article 6(1)(b) of the Regulation - with regard to personal data necessary for the performance of the agreement, as well as with regard to personal data provided by you in order to take pre-contractual action at your request (e.g. for pre-contractual contact, answering questions, communication).
b) Article 6(1)(c) of the Regulation - with regard to personal data, the processing of which is necessary for the fulfilment of legal obligation to which the Administrator is obliged, e.g. for the purpose of issuing invoices, as well as for the purposes of accounting and financial reporting.
c) Article 6(1)(f) of the Regulation - with regard to personal data, the processing of which is necessary for the purposes of the legitimate interests pursued by the Administrator. I.e. for the purposes of: sending commercial information, direct marketing, detecting and preventing fraud, assessing payment credibility, statistical analysis as well as pursuing claims or defending against claims.
d) Article 6(1)(a) of the Regulation - in the case of consent if data processing is optional.
1.8 With regard to your personal data, the Administrator does not make automated decisions or decisions resulting from automated processing, including profiling within the meaning of the Regulation.
2. Rights of the data subject.
2.1 You have the right to obtain confirmation from the Administrator as to whether your personal data are processed. You also have the right to request access to such data, and the right to obtain information from the Administrator regarding the purposes of processing and the categories of personal data being processed, as well as information about the recipients or categories of recipients to whom the personal data are disclosed. You also have the right to know the length of the planned period for storing personal data, the data source (if it was collected not from the data subject), and the right to know whether the Administrator makes automated decisions with respect to the data subject, including the decisions based on profiling. You also have the right to obtain a copy of the data.
2.2 In addition, you have the right to request the rectification of personal data, the right to request the deletion of personal data, the right to request the restriction of data processing, the right to transfer data and the right to object to the processing. You can exercise these rights:
2.2.1 with regard to the request for data rectification: if your data is incorrect or incomplete;
2.2.2 with regard to the request for data deletion: if your data is no longer necessary for the purposes for which it was collected by the Administrator; you withdraw your consent to the processing of data; you object to the processing of your data; if your your data are processed unlawfully; if your data should be deleted in order to comply with the legal obligation or if the data has been collected in connection with the offering of information society services;
2.2.3 with regard to the request for the restriction of data processing: if your data is incorrect - you can request for the restriction of their processing for a period of time allowing the Administrator to check the correctness of such data; the processing of your data is unlawful, but you do not want it to be deleted; your data is no longer needed by the Administrator, but you need it to establish, pursue or defend claims; you objected to the processing of data - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for the objection;
2.2.4 with regard to the request for data transfer: if the processing of your data takes place on the basis of the your consent or on the basis of the agreement and the processing is carried out by automated means;
2.2.5 with regard to the right to object to the processing: if the processing of your personal data is based on a legitimate interest, and the objection is justified because of your particular situation, as well as if your personal data is processed for direct marketing purposes, including profiling.
2.3 You also have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data violates the provisions of the Regulation. In Poland, the supervisory authority is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warszawa).
2.4 The implemented security procedures mean that we may ask for confirmation of your identity before exercising your rights.
3. Consent to the processing of personal data.
3.1 If the data processing is optional (e.g. if the Administrator processes personal data that are not necessary for the performance of a service or an agreement), you always provide this data voluntarily, after your consent to the processing of the data provided.
3.3 You may withdraw your consent at any time, in the same manner as your consent was given.
3.5 Consent withdrawal does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
4. Information on recipients / categories of recipients of personal data.
4.1 The Administrator may also partially use third-party service providers who process personal data on behalf of the Administrator (e.g. hosting providers, email service providers or entities that technically perform certain services - e.g. payment processing services, server maintenance or other entities, with whom the Administrator cooperates in this regard). In particular, this applies to the Administrator’s personnel and subcontractors as well as entities providing services to the Administrator. However, the transfer of data may only be used to perform their service. The Administrator uses only the services of such entities that provide sufficient guarantees to protect the rights of data subjects. If the entities concerned are not independent administrators, nor do they operate under authorizations within the Administrator’s structure, the processing of personal data by these entities is carried out on the basis of written agreements concluded with the Administrator. These entities follow the Administrator’s guidelines and are subject to audits conducted by the Administrator.
4.2 The recipients of the data may also be authorized authorities, including state authorities (upon their request).
4.3 Your data will not be transferred outside the EEA.
5. Security of personal data.
5.1 The Administrator processes your personal data in accordance with the provisions of the Regulation, including the use of appropriate technical and organizational measures to ensure the security and appropriate confidentiality and integrity of personal data (including protection against unauthorized access, unauthorized modification, disclosure or destruction of such data).
6. Cookies Policy.
6.2 Cookie files (so-called ‘cookies’) are IT data, in particular text files, which are stored on the Website User’s terminal device and are intended for use on the Website’s pages. Cookies usually contain the name of the website they come from, the time they are stored on the terminal device and a unique number.
6.3 The entity that places cookies on the Website User’s terminal device and obtains access to them is the Administrator.
6.4 Cookies are used to create statistics that help to understand how Website Users use websites, which allows improving its structure and content.
6.5 The Website uses two main types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the user’s terminal device until the user leaves the website or turns off the software (web browser) or, e.g. logs out if the website provides for logging in. Persistent cookies are stored on the user’s terminal device for the time specified in the cookie file parameters or until they are deleted by the user. There are also “analytical” cookies that collect information about the use of a given website, such as pages visited by a given user and error messages. They do not collect information that allows the identification of the user, and the collected data is aggregated in such a way that it becomes anonymous. Analytical cookies are used to improve the functionality of the website. There are also “functional” cookie files. Functional cookies allow the website to remember all choices made on the pages (e.g. changing the font size, adjusting the website) and enable actions such as adding comments to someone’s blog.
6.6 Web browsing software (web browser) usually allows cookies to be stored on the user’s terminal device by default. Users of the Website can change the settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.
6.8 The Administrator also uses Google Analytics for analytical purposes, in particular to track where the traffic on the website comes from. In accordance with the specific functionalities of Google Analytics used by the Administrator, cookies and the data they contain may be used for marketing and analytical purposes, as well as for profiling. The operator of Google Analytics service is Google Inc.1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, based in the USA. The user may not consent to the collection of the data related to the use of information collected by Google Analytics and the processing of such data by Google. The user may also prevent such activities. To do so, download a browser add-on available here: tools.google.com/dlpage/gaoptout, and then install it.
6.9 If the user does not want to receive cookies, he/she can change the browser settings. We stipulate that disabling cookies necessary for authentication processes, security and maintenance of user preferences may make it difficult, and in extreme cases may even make it impossible to use the websites. You can change your cookies settings in your browser settings.
6.11 Detailed information on how to change the settings regarding cookies and how to delete them yourself is available in the help section in the most popular web browsers, e.g.:
– in Chrome,
– in Firefox,
– in Microsoft Edge,
– in Opera,
– in Safari.
7. Contact details. Final provisions.
7.4 All requests, demands and inquiries related to the processing of your personal data may be sent by email to: firstname.lastname@example.org or in writing to the address: OTIMO LIMITED LIABILITY COMPANY with its registered office in Łódź, address: Ks. Biskupa Wincentego Tymienieckiego 22G, 90-349 Łódź.
Status of 18.05.2022.