Formal information to begin with – the page administrator is topfryzury.pl
The administrator of your personal data is topfryzury.pl
The purposes, legal basis and duration of processing of personal data are indicated separately for each purpose of data processing (see description of the individual purposes of the processing of personal data below).
Permissions. The GDPR grants you the following potential rights related to the processing of your personal data:
- the right to access and obtain copies of your data,
- the right to rectification (rectification) of its data,
- right to delete data (if you do not think there are grounds for us to process your data, you can request that we delete it),
- the right to restrict data processing (you may request that we limit the processing of data solely to their storage or to perform concerted activities with you if, in your opinion, we have incorrect data or process it unjustly) ,
- right to object to data processing (you have the right to object to the processing of data on the basis of a legitimate interest; you should indicate a particular situation which, in your opinion, justifies us from stopping the processing of processing subject to the opposition. We will stop processing your data for these purposes unless we demonstrate that the grounds for our processing of data are overridden by your rights or that your data is necessary for us to establish, assert or defend claims),
- the right to data portability (you have the right to receive from us in a structured, commonly used machine-readable format personal data that you have provided to us under a contract or your consent; you may have us to send this data directly to another entity),
- the right to lodge a complaint with the supervisory authority (if you find that we are processing the data unlawfully, you can lodge a complaint with the President of the Office for Personal Data Protection or any other competent supervisory authority).
The rules relating to the exercise of the abovementioned powers are described in detail in Article 10. 16 – 21 GDPR. We encourage you to familiarize yourself with these regulations. For our part, we consider it necessary to explain to you that the rights indicated above are not absolute and will not be entitled to you in relation to all the processing of your personal data.
We emphasize that one of the rights indicated above is always vested in you – if you consider that we have committed a breach of the data protection rules when processing your personal data, you have the opportunity to lodge a complaint with the (President of the Office for Personal Data Protection).
We ensure the confidentiality of any personal data provided to us. We ensure that we take appropriate security and protection measures required by the data protection laws. Personal data is collected with due care and adequately protected from access by unauthorized persons.
Your personal data may be processed by entities whose services we use and whose services are linked or may involve the processing of personal data. These include, in particular, the following entities:
1. hosting company – your personal data is stored on the server,
2. cloud software providers such as mailing, invoice, accounting, CRM – your personal data is processed within the software,
3. operator providing website maintenance services – that entity may access your data in connection with technical work on those areas where the data are processed,
4. marketing service provider – this entity may access your personal data to the extent necessary for the implementation of the marketing activities entrusted,
5. other subcontractors – we cooperate with various subcontractors who may have access to your personal data if they provide services to the extent associated with such access.
In addition, if necessary, your personal data may be made available to entities, bodies or institutions entitled to access data under legal provisions such as police, security services, courts, Public prosecutor 's office
Transfer of personal data to third countries
Transfer of personal data to third countries. We transfer your personal data to third countries in connection with the use of tools that store personal data on servers located in third countries, in particular the USA. The providers of these tools guarantee an adequate level of protection of personal data through the relevant compliance mechanisms provided for by the GDPR. The storage of personal data on servers located in third countries is carried out within the following tools:
• DigitalOcean, which is a supplier of DigitalOcean LLC, New York, NY 101 6th Ave, USA – for all the data provided in the form
Profiling and behavioural advertising
We do not make decisions against you based solely on automated processing, including profiling, which would have legal effects on you or similarly significantly affect you. Yes, we use tools that I can take certain actions depending on the information collected through tracking mechanisms, but we believe that these actions do not have a significant impact on you because they do not differentiate your situation as a customer , do not affect the terms of the contract you can enter into with us.
Using specific tools, for example, we can use the send you personalized ads based on past actions you have taken on our site, or suggest you products that may be of interest to you. We are talking about the so-called behavioural advertising. We encourage you to learn more about behavioral advertising, in particular on privacy issues. For details, along with the ability to manage behavioral advertising settings, see http://www.youronlinechoices.com.
We emphasize that within the tools we use, we do not have access to information that would allow you to be identified. The information we are talking about here is, in particular:
• information about the operating system and web browser you are using,
• pages viewed
• time spent on the site
• transitions between the various sub-parties,
• the source from which you go to our site,
• the age range you are in,
• Your gender,
• Your approximate location limited to the village
• Your interests based on online activity.
We do not compile the information indicated above with your personal data, which is located in our databases. This information is anonymous and does not allow us to identify you. This information is stored on the servers of individual tool providers, and these servers can most often be located around the world.
Purposes and activities of the processing of personal data
Newsletter. By subscribing to the newsletter, you provide us with your e-mail address.
Providing an e-mail address is voluntary, but necessary to subscribe to the newsletter.
The data provided to us when writing to the newsletter is used to send you a newsletter, and the legal basis for their processing is your consent (Art. Article 6 (1) 1 point. (a) expressed when you subscribe to the newsletter.
You can opt out of receiving the newsletter at any time by clicking on the dedicated link in each message sent as part of the newsletter or simply by contacting us. Despite opting out of the newsletter, your data will continue to be stored in our database in order to defend your claims relating to sending you a newsletter, in particular for the purpose of demonstrating your consent to receive newsletter and the time of its withdrawal, which is our legitimate interest as referred to in Article 10. Article 6 (1) 1 point. f GDPR.
You can correct your data stored in the newsletter database at any time. In a situation where you object to the processing of your personal data while demanding the deletion of your data from our database, we will be forced to inform you that due to our legitimate interest as referred to in the paragraph we will not delete your data from the database. Deleting such data would prevent us from demonstrating, if necessary, that you have given your consent in the past to receive the newsletter.
Our mailing system tracks your actions in connection with the messages we send you. Therefore, we have information that you opened messages where messages you clicked on links, etc.
Contact. By contacting us, you naturally provide us with your personal data contained in the content of the correspondence, in particular your email address and name. Providing data is voluntary, but necessary to establish contact.
Your data is processed in this case for contact with you, and the basis for processing is Art. Article 6 (1) 1 point. f GDPR, that is, our legitimate interest. The legal basis for post-contact processing is also our legitimate purpose in the form of archiving correspondence for internal purposes (Art. Article 6 (1) 1 point. F RODO).
The content of the correspondence may be archived and we are unable to clearly determine when it will be deleted. You have the right to request the presentation of the history of correspondence you have conducted with us (if it is archived) and to demand its removal, unless its archiving is justified by our overriding interests, e.g. defending potential claims on your part.
Cookies and other tracking technologies
Cookies are small text information stored on your end device (e.g. computer, tablet, smartphone) that can be read by our IT system (own cookies) or third-party IT system (third-party cookies).
Some of the cookies we use are deleted at the end of the session of your web browser, i.e. after its closure (the so-called session cookies). Other cookies are stored on your end device and allow us to recognize your browser the next time you access the website (persistent cookies).
If you want to know more about cookies as such, you can see e.g. with this material: https://pl.wikipedia.org/wiki/HTTP_cookie.
Below you will find detailed information about cookies operating within our website.
Consent to cookies.
With you can change your cookie settings from your browser or delete cookies at all. Browsers manage cookies in different ways. In the support menu of your web browser you will find explanations for changing the cookie settings.
Google Analytics. We use the Google Analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We carry out our activities in this regard, based on our legitimate interest in producing statistics and analyzing them in order to optimize our websites.
Google Analytics automatically collects information about your use of our website. The information collected in this way is most often transmitted to a Google server in the United States and stored there.
Due to the anonymization of the IP address activated by us, your IP address is shortened before forwarding. Only in exceptional cases is the full IP address transmitted to the Google server in the United States and shortened there. The anonymized IP address provided by your browser as part of Google Analytics is generally not linked to other Google data.
We emphasize that under Google Analytics, we do not collect any data that would allow you to identify you. Therefore, the data collected by Google Analytics is not personal data. The information we have access to through Google Analytics is, in particular:
• information about the operating system and web browser you are using,
• the subpages you browse on our website,
• time spent on our website and on its subpages
• transitions between individual subpages within our service,
• the source from which you go to our service.
In order to use Google Analytics, we have implemented a special code tracking Google Analytics in our website code. The tracking code uses Google LLC cookies for Google Analytics. You can also block google analytics tracking code at any time by installing a browser add-on provided by Google: https://tools.google.com/dlpage/gaoptout.
Google Analytics and Google Analytics 360 are certified by the ISO 27001 Independent Security Standard. ISO 27001 is one of the most recognized standards in the world and certifies that systems that support Google Analytics and Google Analytics 360 meet the requirements.
If you are interested in the details of data processing within Google Analytics, we encourage you to familiarize yourself with the explanations provided by Google: https://support.google.com/analytics/answer/6004245.
Using the site involves submitting queries to the server where the page is stored. Each query addressed to the server is saved in the server logs.
Logs include m.in. Your IP address, server date and time, web browser information and operating system you use. Logs are saved and stored on the server.
The data stored in the server logs is not associated with specific people using the site and is not used by us to identify you.
Server logs are only supporting material for administering a page, and their content is not disclosed to anyone other than those authorized to administer the server.