Privacy Policy - Kobyłecki Elektroinstalacje Sp. z o.o.

The following Privacy Policy specifies the principles of storing and accessing data on the Devices of the Users who use the Service for the purpose of providing electronic services by the Administrator, as well as the principles of collecting and processing of the Users personal data that were provided by them personally and voluntarily through the tools available in the Service.

§1 Definitions

Service - the Internet service 'kobylecki.pl' operating under the address https://www.kobylecki.pl.
External service - websites of partners, service providers or customers cooperating with the Administrator.
Administrator of the Service / Data - the Administrator of the Service and the Administrator of the Data (hereinafter referred to as the Administrator) is the company 'Kobyłecki Elektroinstalacje Sp. z o.o.', operating at the following address: Ul. Zacisze 2 32-800 Brzesko, with assigned tax identification number (NIP): 8691914332 and KRS number: 0000291861.
User - a natural person for whom the Administrator provides services electronically through the Service.
Device - an electronic device with software through which the User accesses the Website.
Cookies - text data collected in the form of files placed on the User's Device.
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
Personal data - means information about an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
Processing - means an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing - means the marking of stored personal data to restrict future processing.
Profiling - means any form of automated processing of personal data that involves the use of personal data to evaluate certain personal factors of an individual, in particular to analyze or predict aspects of that individual's performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movement.
Consent - Consent of the data subject means a freely given, specific, informed and unambiguous indication of intent by which the data subject, either by a statement or a clear affirmative action, gives his or her consent to the processing of personal data concerning him or her.
Personal Data Breach - means a breach of security leading to the accidental or unlawful destruction, loss, modification, unauthorized disclosure of or unauthorized access to personal data transmitted, stored or otherwise processed.
Anonymization - Data anonymization is an irreversible process of data operations that destroys / overwrites 'personal data' making it impossible to identify, or link, a record to a specific user or individual.

§2 Data Protection Officer

Based on Article 37 GDPR, the Administrator has not appointed a Data Protection Officer. In matters concerning data processing, including personal data, please contact the Controller directly.

§3 Types of Cookies

Internal cookies - files placed and read from the User's Device by the Service's ICT system.
External Cookies - files placed and read from the User's Device by IT systems of External Services. The scripts of External Services that may place Cookies on User Devices have been deliberately placed on the Website through scripts and services made available and installed on the Website.
Session cookies - files placed and read from the User Device by the Website during one session of a given Device. After the session is over the files are deleted from the User Device.
Persistent Cookies - files placed and read from the User Device by the Website until they are manually deleted. Cookies are not deleted automatically after the session of the Device ends unless the configuration of the User Device is set to delete cookies after the session of the Device ends.

§4 Data storage security

Internal cookies - the cookies used by the Administrator are safe for the User's Device and do not contain scripts, content or information that may compromise the security of personal data or the security of the User's Device.
External cookies - The Administrator makes all possible efforts to verify and select service partners in the context of User security. The Administrator selects well-known, large partners with global public trust. However, the Administrator does not have full control over the content of cookies from external partners. To the extent permitted by law, the Administrator shall not be held liable for the security of cookies, their content or their use by the scripts installed in the service that come from external services. The list of partners can be found later in this Privacy Policy.
The user can, at any time, independently change the settings for the storage, deletion and access to data stored cookies by each website.
Information on how to disable cookies in the most popular computer browsers is available from one of the designated providers:
The User may at any time delete any cookies previously stored using the tools of the User's Device through which the User accesses the services of the Website.
Threats on the side of the User - The Administrator uses all possible technical measures to ensure the security of data stored in cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the activity of the User. The Administrator is not responsible for interception of these data, impersonation of a User session or their deletion as a result of conscious or unconscious activity of the User, viruses, Trojan horses and other spyware which may be or was infected with the User's Device.
Storage of personal data - The Administrator ensures that he makes every effort to ensure that processed personal data entered voluntarily by the Users are secure, access to them is limited and carried out in accordance with their purpose and objectives of processing. The Administrator also ensures that he makes every effort to protect the data he holds against loss through the use of appropriate physical and organizational security measures.

§5 Purposes for which cookies are used

Improve and facilitate access to the Service
Ensuring proper operation of the Service
Personalization of the Service for Users

§6 Purposes of personal data processing

Personal data voluntarily provided by Users is processed for one of the following purposes:

Communication of the Administrator with the Users on matters related to the Service and data protection.
Communication of the Administrator with the Users in matters not related to the Service.
Recruitment process realization after sending the form by the User on one of the subpages of the /career tab.
To ensure the legitimate interest of the Administrator.

Data about Users collected anonymously and automatically is processed for one of the following purposes:

To ensure the legitimate interest of the Administrator.

§7 Cookies of External Services

The Administrator on the Website uses javascript scripts and web components of partners who may place their own cookies on the User's Device. Remember that in your browser settings you can decide on the allowed cookies that can be used by particular websites. Below is a list of partners or their services implemented on the Website that may place cookies:

Google Maps
Google reCAPTCHA

Services provided by third parties are beyond the control of the Administrator. These entities may change their terms of service, privacy policies, purpose of data processing, and use of cookies at any time.

§8 Types of collected data

The Website collects data on Users. Part of the data is collected automatically and anonymously, and part of the data is personal data provided voluntarily by Users when signing up for particular services offered by the Website.

Anonymous data collected automatically: IP address, browser type, screen resolution, previous page address, browser language.

Data collected while sending the contact form on the /contact subpage: name and surname, telephone number, e-mail address, content of the sent message.

Data collected while sending the recruitment form on one of the subpages of the /career tab: name and surname, telephone number, e-mail address, content of the sent message, attachment.

§9 Access to personal data by third parties

The only recipient of personal data provided by the Users is the Administrator. The data collected in the framework of the provided services are not transferred or resold to third parties. Personal and anonymous data will not be transferred outside the European Union. Personal and anonymous data will not be used for automated decision-making (profiling).

§10 Legal grounds for processing personal data

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Article 6(1)(a): the data subject has given consent for his or her personal data to be processed for one or more specified purposes.
- Article 6(1)(b): processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
- Article 6(1)(f): processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
Act of May 10, 2018 on the Protection of Personal Data (Journal of Laws 2018 item 1000)
Act of July 16, 2004. Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
Copyright and Related Rights Act of 4 February 1994 (Journal of Laws 1994 No. 24, item 83)

§11 Period of processing of personal data

As a rule, the indicated personal data are stored only for the period of providing the Service within the Service by the Administrator. They are deleted or anonymized within 30 days after termination of the service. An exception is a situation that requires securing legitimate purposes for further processing of such data by the Administrator. In such a situation the Administrator will store the data until the User demands their deletion, but no longer than for 3 years.

§12 User's rights related to the processing of personal data

Right of access to personal data upon request to the Administrator
Right to rectification of personal data upon request to the Administrator
The right to erasure of personal data upon request to the Administrator
The right to restrict the processing of personal data upon request to the Administrator
The right to object to the processing of personal data
The right to file a complaint with the data protection supervisory authority

§13 Contact to Administrator

Postal address - Kobyłecki Elektroinstalacje Sp. z o.o. Ul. Zacisze 2 32-800 Brzesko
E-mail address - sekretariat@kobylecki.pl
Phone call - +48 14 68 49 450
Contact form - available at: www.kobylecki.pl/kontakt

§14 Changes in Privacy Policy

The Administrator reserves the right to change this Privacy Policy at any time without notice to the Users. Introduced changes to the Privacy Policy will be published on this subpage of the Website. The introduced changes shall come into force upon their publication.