Apartament Opole - polityka prywatności

The following Privacy Policy sets out the rules for storing and accessing data on Users' devices when using the Service for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing personal data of Users provided by them personally and voluntarily through tools available on the Service.

§1 Definitions

Service - the website "iapartmentopole.eu" operating at https://iapartmentopole.eu

External Service - external websites of partners, service providers, or recipients cooperating with the Administrator

Service Administrator / Data Administrator - The Administrator of the Service and Data (hereinafter referred to as the Administrator) is "Leasing Adviser Anna Kuśmierek-Rudy," a company operating at ul. Kolonia 5, with the assigned tax identification number (NIP): 6443114332, providing electronic services through the Service

User - an individual for whom the Administrator provides electronic services through the Service

Device - an electronic device with software through which the User accesses the Service

Cookies - text data collected in the form of files placed on the User's Device

GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Personal Data - means information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

Processing - means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction

Processing Restriction - means the marking of stored personal data with the aim of limiting their processing in the future

Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

Consent - consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her

Personal Data Breach - means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed

Pseudonymization - means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person

Anonymization - Anonymization of data is an irreversible process of manipulating data that destroys/overwrites "personal data" to prevent identification or association of a specific record with a particular user or individual.

§2 Data Protection Officer

Based on Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

Internal Cookies - files placed and read from the User's Device by the Service's teleinformation system.

External Cookies - files placed and read from the User's Device by teleinformation systems of external services. Scripts from external services that may place Cookies on the User's Device have been consciously placed in the Service through scripts and services provided and installed in the Service.

Session Cookies - files placed and read from the User's Device by the Service during a single session of that Device. After the session ends, the files are deleted from the User's Device.

Persistent Cookies - files placed and read from the User's Device by the Service until manually deleted. The files are not automatically deleted after the Device's session unless the User's Device configuration is set to delete Cookies after the Device's session ends.

§4 Data Storage Security

Mechanisms for storing and reading Cookies - Mechanisms for storing, reading, and exchanging data between Cookies stored on the User's Device and the Service are implemented through built-in mechanisms of web browsers and do not allow for the retrieval of other data from the User's Device or data from other websites visited by the User, including personal data or confidential information. It is also practically impossible to transfer viruses, trojans, or other worms to the User's Device.

Internal Cookies - The Cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content, or information that could threaten the security of personal data or the security of the User's Device.

External Cookies - The Administrator takes all possible actions to verify and select service partners in terms of User security. The Administrator chooses well-known, large partners with a global social trust. However, the Administrator does not have full control over the content of Cookies from external partners. The Administrator is not responsible, to the extent permitted by law, for the security of Cookies, their content, and the authorized use of scripts installed in the Service originating from external services. The list of partners is provided in the further part of the Privacy Policy.

Cookie Control

Users can, at any time, independently change the settings regarding the storage, deletion, and access to data stored in Cookies by each website.

Information on how to disable Cookies in the most popular computer browsers is available on the website: "how to disable cookies," or from one of the indicated providers: [provide links to relevant resources]

- - Managing Cookies in Your Web Browser Chrome
  - Managing Cookies in Your Web Browser Opera
  - Managing Cookies in Your Web Browser FireFox
  - Managing Cookies in Your Web Browser Edge
  - Managing Cookies in Your Web Browser Safari
  - Managing Cookies in Your Web Browser Internet Explorer 11
- The user can delete any stored cookies at any time using the tools of the user's device through which the user accesses the services of the website.
  
  User-related threats - The administrator takes all possible technical measures to ensure the security of the data stored in the cookies. However, it should be noted that ensuring the security of this data depends on both parties involved, including the user's activities. The administrator does not take responsibility for the interception of such data, session hijacking, or their deletion as a result of the user's intentional or unintentional actions, viruses, trojans, or other spyware that may have infected the user's device. To protect themselves against these threats, users should adhere to the principles of internet usage.
  
  Storage of personal data - The administrator ensures that all efforts are made to process voluntarily provided personal data by users in a secure manner, with limited access, and in accordance with their intended purposes and processing objectives. The administrator also ensures that all necessary measures are taken to protect the collected data from loss by implementing appropriate physical and organizational security measures.

§5 Purposes for which cookies are used

Improving and facilitating access to the website.
Personalizing the website for users.
Marketing and remarketing on external websites.
Ad serving services.
Affiliate services.
Conducting statistics (users, number of visits, types of devices, connection, etc.).
Serving multimedia services.
Providing social services.

§6 Purposes of personal data processing

Personal data voluntarily provided by users is processed for one of the following purposes:

Provision of electronic services:
- Services providing information about the content of the website on social media platforms or other websites.
- Communication between the administrator and users regarding the website and data protection.
Ensuring the legally justified interest of the administrator.
- User data collected anonymously and automatically are processed for the following purposes:
  - Conducting statistics.
  - Remarketing.
  - Serving ads tailored to user preferences.
  - Handling affiliate programs.
  - Ensuring the legally justified interest of the administrator.

§7 Cookies from external websites

The administrator uses JavaScript scripts and web components from partners on the website, who may place their own cookies on the user's device. Please note that you can control the allowed cookies in your browser settings for individual websites. Below is a list of partners or their services implemented on the website that may place cookies:

Social services/connections (registration, login, content sharing, communication, etc.):

Facebook

Statistics:

Google Analytics

Services provided by third parties are beyond the control of the administrator. These entities may change their terms of service, privacy policies, purposes of data processing, and methods of using cookies at any time.

§8 Types of collected data

The website collects data about users. Some data is collected automatically and anonymously, while other data consists of personal information voluntarily provided by users when registering for specific services offered by the website.

Automatically collected anonymous data:

IP address
Browser type
Screen resolution
Approximate location
Visited subpages of the website
Time spent on specific subpages of the website
Operating system type
Previous page address
Referring page address
Browser language
Internet connection speed
Internet service provider

Data collected during registration:

Email address

Data collected during newsletter subscription:

Email address

Some data (without identifying information) may be stored in cookies. Some data (without identifying information) may be transferred to a statistical service provider.

§9 Access to personal data by third parties

As a general rule, the administrator is the sole recipient of the personal data provided by users. The data collected as part of the services provided is not disclosed or sold to third parties.

Entities responsible for maintaining the infrastructure and necessary services for operating the website may have access to data (usually based on a data processing agreement). These entities include:

Hosting companies providing hosting or related services for the administrator.
Companies through which the newsletter service is provided.

Data processing outsourcing - Hosting Services, VPS, or Dedicated Servers

The administrator uses the services of an external hosting provider, VPS, or dedicated servers - WebWave - to operate the website. All data collected and processed on the website is stored and processed within the infrastructure of the service provider located in Poland. Access to this data may be granted as a result of service-related work carried out by the service provider's staff. Access to this data is governed by the agreement concluded between the administrator and the service provider.

§10 Method of personal data processing

Personal data voluntarily provided by users:

Personal data will not be transferred outside the European Union unless it has been published due to individual user actions (e.g., commenting or posting), making the data accessible to any visitor to the website.
Personal data will not be used for automated decision-making (profiling).
Personal data will not be sold to third parties.

Automatically collected anonymous data (without personal data):

Anonymous data (without personal data) may be transferred outside the European Union.
Anonymous data (without personal data) will not be used for automated decision-making (profiling).
Anonymous data (without personal data) will not be sold to third parties.

§11 Legal basis for personal data processing

The website collects and processes user data based on:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Article 6(1)(a): The data subject has given consent to the processing of their personal data for one or more specific purposes.
- Article 6(1)(b): Processing is necessary for the performance of a contract to which the data subject is a party or for taking pre-contractual steps at the data subject's request.
- Article 6(1)(f): Processing is necessary for the purposes of the legitimate interests pursued by the data controller or a third party.
Act of 10 May 2018 on the Protection of Personal Data.
Telecommunications Law of 16 July 2004.

§12 Data Processing Period

Personal data voluntarily provided by Users:

As a general rule, the indicated personal data is stored exclusively for the duration of the Service provision within the framework of the Website by the Administrator. They are deleted or anonymized within 30 days from the end of the service provision (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.).

An exception applies to situations that require the Administrator to secure legally justified purposes for further processing of such data. In such a situation, the Administrator will retain the specified data, from the moment of the User's request for their deletion, for no longer than a period of 3 years in the event of a violation or suspected violation of the provisions of the website's regulations by the User.

Anonymous data (without personal data) collected automatically:

Anonymous statistical data, not constituting personal data, are stored by the Administrator for the purpose of conducting website statistics for an indefinite period.

§13 User Rights Related to Personal Data Processing

The Service collects and processes User data based on:

Right of access to personal data: Users have the right to obtain access to their personal data, which is fulfilled upon request submitted to the Administrator.

Right to rectification of personal data: Users have the right to request immediate rectification by the Administrator of inaccurate and/or completion of incomplete personal data, which is fulfilled upon request submitted to the Administrator.

Right to erasure of personal data: Users have the right to request immediate erasure of personal data, which is fulfilled upon request submitted to the Administrator. In the case of user accounts, data deletion consists of anonymizing data that allows for user identification. The Administrator reserves the right to suspend the fulfillment of the data deletion request to protect the legally justified interests of the Administrator (e.g., in cases where the User has violated the Terms and Conditions or the data has been obtained through ongoing correspondence). In the case of the Newsletter service, Users have the option to independently delete their personal data by using the link provided in each email.

Right to restriction of personal data processing: Users have the right to restrict the processing of personal data in cases specified in Article 18 of the GDPR, including challenging the accuracy of personal data. This right is fulfilled upon request submitted to the Administrator.

Right to data portability: Users have the right to receive personal data concerning them, provided to the Administrator, in a structured, commonly used, and machine-readable format. This right is fulfilled upon request submitted to the Administrator.

Right to object to the processing of personal data: Users have the right to object to the processing of their personal data in cases specified in Article 21 of the GDPR. This right is fulfilled upon request submitted to the Administrator.

Right to lodge a complaint: Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection.

§14 Contact with the Administrator

You can contact the Administrator in one of the following ways:

Postal address: Leasing Adviser Anna Kuśmierek-Rudy, ul. Kolonia 5

Email address: wynajem@iapartmentopole.eu

Phone call: +48 606 566 266

Contact form: available at: /contact

§15 Website Requirements

Limiting the storage and access to Cookie files on the User's device may result in the improper functioning of certain Website features.

The Administrator shall not be held responsible for any malfunctioning features of the Website if the User restricts the ability to store and read Cookie files in any way.

§16 External Links

The Website may contain links to external websites in articles, posts, entries, or User comments that are not affiliated with the Website Owner. These links, as well as the linked pages or files, may pose a risk to your device or the security of your data.