1. PERSONAL DATA
- We process the data of Website Users which, under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “General Regulation” or “GDPR”), is personal data.
- The Controller of the personal data of Website Users is the owner and operator of the Website, Vista Poland Sp. z o.o., with its registered office in Krobanów 34, 98-220 Zduńska Wola, NIP: 8291736252, REGON: 101307855, KRS 0000399742.
- The Controller can be contacted in writing, by post to the address: Krobanów 34, 98-220 Zduńska Wola or by email at: firstname.lastname@example.org
- We process the data provided by Website Users for the purpose and to the extent necessary for the proper operation of the Website and the delivery of the value and results that are provided for by the scope of the Website, such as the preparation of a response to an enquiry.
- The surname, address, telephone number or email address of Website Users will not be stored, unless the Website User provides them voluntarily, for example in a newsletter, in a job application or in an enquiry addressed to us.
- We also process statistical data of Website Users in order to understand how users use the Website and to improve its operation.
- We do not process special categories of personal data or personal data relating to criminal convictions and violations of the law or related security measures.
- The personal data of Website Users is processed for purposes other than those set out in the preceding sentences (such as marketing of services or receipt of commercial information) only with the User’s consent and to the extent indicated in such consent.
- The provision of personal data is voluntary, but it may be necessary in order for the Website to take appropriate action, including responding to an enquiry. The provision of other personal data (i.e. data that is not necessary for the provision of the service by electronic means) is not obligatory and is at the discretion of the User to whom it relates, and its processing is subject to the User’s consent. The User can set the browser to block all cookies from a specific domain or from all domains, and can also make settings at device level – the device can provide settings by which the User can control the information collected.
2. COLLECTION AND STORAGE OF PERSONAL DATA
- We use various technologies to collect and store information, including cookies, local memory such as browser memory or application cache, databases and server logs.
- Entering our website automatically triggers the transmission of information to our website’s server and via the browser installed on the Website User’s device and the temporary storage of this information in a so-called log-file. This process is beyond our control.
The following information is collected without the participation of the Website User and is stored until it is automatically deleted:
- IP address of the device sending the request on the network,
- date and time of entry,
- name and URL,
- website/application from which contact was made (Referrer-URL),
- the browser used and, if applicable, the operating system of the device operating on the network, and the name of the internet service provider providing internet access to the Website User.
- When contacting us (via the contact form or by email), User data necessary for the acceptance and handling of the contact/enquiry is processed in accordance with Article 6(1)(b) of the GDPR (to take steps prior to entering into a contract). User data can be stored in our CRM system (Customer-Relationship-Management System) or in a comparable system receiving enquiries. The CRM system is administered by the provider based on our legitimate interest (efficient and fast processing of detailed user data). Accordingly, we entered into an agreement with the provider in accordance with Article 28 of the GDPR, in which the provider, as a processor, undertakes to process user data only in accordance with our instructions, as well as to comply with the data protection standards adopted in the EU.
3. PERSONAL DATA SHARING
- The User has the option of blocking the storage of cookies by means of an appropriate setting in the browser software. However, in such a situation, not all the features of the website will be able to be fully utilised. The User can furthermore block the collection of data produced by cookies and related to the use of the Google website (including the IP address) as well as block the processing of this data by Google by downloading and installing a browser plug-in at:
- https://tools.google.com/dlpage/gaoptout?hl=pl As an alternative to the browser plug-in or for browsers on mobile devices, an opt-out cookie can be installed via this link, blocking future data storage by Google Analytics within this website.
- We monitor user information using the Google Analytics tool, which records user behaviour on the website.
- Our website uses Google Maps to display maps and provide directions. Google Maps is managed by Google. By using our website, the Website User agrees to the collection, processing and use of data recorded automatically as well as provided by the User through Google, one of its representatives or third-party providers. Data processing is based on consent within the meaning of Article 6(1)(a) of the GDPR. The terms and conditions of use of Google Maps can be found at: https://policies.google.com/terms?hl=pl
- The personal data of Website Users may be transferred to recipients in third countries (USA), i.e. outside the European Economic Area (EEA) or international organisations.
- The Controller makes every effort to ensure that all physical, technical and organisational measures are in place to protect personal data against accidental or intentional destruction, accidental loss, alteration, unauthorised disclosure, use or access, in accordance with all applicable legislation. To ensure the security of the personal data we collect and process, we use:
- Encryption to ensure data privacy during transmission.
- Control of information collection, storage and processing procedures, including physical security measures to prevent unauthorised access to our systems.
- Restriction of access to personal data. It is only available to employees, subcontractors and associates of Vista Poland Sp. z o.o., when this is justified in accordance with Article 6 (1) (b) of the GDPR and necessary from the point of view of the contract or based on a legitimate interest in the economic and efficient conduct of business. Anyone with such access is obliged to maintain strict confidentiality, and may face consequences, including termination of cooperation, if these obligations are not met.
5. USER RIGHTS
- In relation to the processing of personal data, the Website User has the right to:
- request access from the Controller to the Website User’s personal data,
- request the Controller to update and correct the Website User’s personal data,
- request the Controller to delete the Website User’s personal data,
- request the Controller to restrict the processing of the Website User’s personal data,
- object to the processing of the Website User’s personal data,
- portability of the Website User’s personal data,
- lodge a complaint with a supervisory authority.
- The rights set out in paragraph 5.1. can be exercised by the Website User by
- email at: email@example.com,
- in writing, by post to the address: Krobanów 34, 98-200 Zduńska Wola.