- Service – an internet service operating at the www.naturepark.pl
- External service – websites of partners, service providers or recipients cooperating with the Administrator
- Website / Data Administrator – The Administrator of Personal Data (hereinafter the Administrator) is a company Nature Park Limited Liability Company, operating at: ul. Słowackiego 4c/14 34-120 Andrychów, with the tax identification number (TAX ID): 551-26-19-828, providing services electronically through the Service
- User – a natural person for whom the Administrator provides services electronically through the Service.
- Device – electronic device together with the software through which the User accesses the Service
- Cookies – text data collected in the form of files placed on the User’s Device
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Personal data – means information about an identified or identifiable natural person (‘data subject’); an identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of an identifier such as name, identification number, location data, online identifier or one or more specific factors determining the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person
- Processing – means an operation or set of operations performed on personal data or sets of personal data by automated or non-automated means, such as the collection, recording, organisation, organisation, storage, adaptation or modification, retrieval, viewing, use, disclosure by transmission, dissemination or otherwise making available, matching or combining, restriction, deletion or destruction;
- Restriction of processing – means the marking of stored personal data in order to limit their future processing
- Profiling – means any form of automated processing of personal data, which consists in the use of personal data to assess certain personal factors of a natural person, in particular to analyze or forecast aspects concerning the work effects of that natural person, his economic situation, health, personal preferences, interests, reliability, behavior, location or movement
- Consent – consent of the data subject means voluntary, specific, informed and unambiguous presentation of the will to which the data subject, in the form of a statement or explicit affirmative action, consents to the processing of personal data concerning him or her
- Personal data breach – means a security breach leading to the accidental or unlawful destruction, loss, modification, unauthorised disclosure or unauthorised access to personal data transmitted, stored or otherwise processed
- Pseudonymisation – means the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and is subject to technical and organisational measures preventing it from being assigned to an identified or identifiable natural person
- Anonymization – Anonymization of data is an irreversible process of data operations that destroys/overwrites “personal data” by making it impossible to identify, or associate a particular record with, a specific user or individual.
§2 Data Protection Officer
Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.
In matters related to the processing of data, including personal data, please contact the Administrator directly.
§3 Types of Cookies
- Internal cookies – files placed and read from the User’s Device by the Website’s IT system
- External cookies – files placed and read from the User’s Device by the information and communication systems of external services. Scripts of external services that may place cookies on the User’s Devices have been knowingly placed on the Website through scripts and services made available and installed on the Website
- Session cookies – files placed and read from the User’s Device by the Website during one session of a given Device. At the end of the session, the files are deleted from your Device.
- Persistent cookies – files placed and read from the User’s Device by the Website until they are manually deleted. Cookies are not deleted automatically at the end of the Device session unless the configuration of your Device is set to cookie deletion mode at the end of the Device session.
§4 Data storage security
- Cookie storage and reading mechanisms – The mechanisms for storing, reading and exchanging data between cookies stored on the User’s Device and the Service are implemented through the built-in mechanisms of web browsers and do not allow the retrieval of other data from the User’s Device or data of other websites that the User visited, including personal data or confidential information. It is also virtually impossible to transfer viruses, Trojan horses, and other worms to your Device.
- Internal cookies – cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content or information that may endanger the security of personal data or the security of the Device used by the User.
- Cookie Control
- You can change the settings for saving, deleting and accessing the data of stored cookies by any website at any time
- Information about how to disable cookies in the most popular computer browsers is available on the websites of one of the specified providers:
- The User may at any time delete any cookies stored so far using the tools of the User’s Device through which the User uses the Services of the Service.
- Threats on the part of the User – the Administrator takes all possible technical measures to ensure the security of the data placed in cookies. Please note, however, that ensuring the security of this data depends on both parties including your activities. The Administrator shall not be liable for the interception of this data, impersonation or deletion of the User’s session, as a result of the user’s conscious or unconscious activity, viruses, Trojan horses and other spyware, which may be or has been infected with the User’s Device. Users should adhere to the network usage policy in order to protect against these threats. .
- Storage of personal data – The Administrator ensures that he makes every effort to ensure that the personal data processed voluntarily entered by users are safe, access to them is restricted and implemented in accordance with their purpose and purposes of processing. The administrator shall also ensure that he makes every effort to protect his/her data against loss by applying appropriate physical and organisational safeguards.
- Password storage – The Administrator declares that passwords are stored in encrypted form, using the latest standards and guidelines in this regard. It is practically impossible to decrypt the account access passwords provided on the Website.
§5 Purposes for which cookies are used
- Improving and facilitating access to the Service
- Personalization of the Service for Users
- Affiliate Services
- Keeping statistics (users, number of visits, device types, link, etc.)
- Serving multimedia services
- Provision of social services
§6 Purposes of the processing of personal data
Personal data voluntarily provided by Users are processed for one of the following purposes:
- Implementation of electronic services:
- Services for registration and maintenance of the User’s account on the Website and functionalities related to it
- Newsletter Services (including submission with the consent of advertising content)
- Communication of the Administrator with Users in matters related to the Service and data protection
- Ensuring the legitimate interest of the Administrator
User data collected anonymously and automatically is processed for one of the following purposes:
- Keeping statistics
- Support for affiliate programs
- Ensuring the legitimate interest of the Administrator
§7 External Service Cookies
- Multimedia services:
- Social /connected services:
(Registration, Login, Content Sharing, Communication, etc.)
- Keeping statistics:
§8 Types of data collected
The Service collects data about Users. Some data is collected automatically and anonymously, and some of the data is personal data provided voluntarily by Users when signing up for individual services offered by the Service.
Anonymous data collected automatically:
- Browser type
- Screen resolution
- Approximate location
- Site pages to open
Data collected during simulation generation:
- Investment location data
- Email address
- Phone number
- IP address (collected automatically)
Some data (without identifying data) may be stored in cookies. Some data (without identifying data) can be transferred to the statistical service provider.
§9 Access to personal data by third parties
As a general rule, the only recipient of personal data provided by Users is the Administrator. The data collected as part of the services provided are not transferred or resold to third parties.
Access to data (usually under the Data Processing Agreement) may be held by entities responsible for maintaining the infrastructure and services necessary for the operation of the service, i.e.:
- Hosting companies providing hosting services or related services to the Administrator
- Companies through which the service of construction of transport and installation of the house is provided
The Administrator uses the services of a third-party hosting provider, VPS or Dedicated Servers – home.pl S.A.