PRIVACY POLICY

1. General information

  1. This policy applies to the website operating under the URL: figlarnia.eu
  2. The service operator and data controller is: ZBI-MARKT sp. z o.o. ul. ŁOPUSKIEGO, nr 36-38, Kołobrzeg
  3. Contact email address of the operator: salazabaw@gmail.com
  4. The operator is the controller of your personal data with respect to the data provided voluntarily in the Service.
  5. The service uses personal data for the following purposes:
    • Handling inquiries via the form
    • Fulfilling ordered services
    • Presentation of an offer or information
  6. The service collects information about users and their behavior in the following ways:
    1. Through voluntarily entered data in forms, which are entered into the operator’s systems.
    2. By storing cookies on end devices (so-called “cookies”).

2. Selected data protection methods used by the Operator

  1. Login and data entry points are protected within the transmission layer (SSL certificate). This ensures that personal data and login details entered on the site are encrypted on the user’s computer and can only be read on the target server.
  2. Personal data stored in the database is encrypted in such a way that only the operator holding the key can read it. This protects the data in case the database is stolen from the server.
  3. User passwords are stored in a hashed form. The hashing function is one-way – it is not possible to reverse its operation, which is the current standard for storing user passwords.
  4. Two-factor authentication is used in the service, which constitutes an additional form of protection for logging into the service.
  5. The operator periodically changes its administrative passwords.
  6. To protect data, the operator regularly performs backups.
  7. An essential element of data protection is the regular update of all software used by the operator for processing personal data, particularly the regular updates of programming components.

3. Hosting

  1. The service is hosted (technically maintained) on the servers of the operator: cyberFolks.pl
  2. The hosting company, to ensure technical reliability, maintains logs at the server level. The records may include:
    • resources identified by a URL (addresses of requested resources – pages, files),
    • the time the request was received,
    • the time the response was sent,
    • the name of the client’s station – identification carried out by the HTTP protocol,
    • information about errors that occurred during the HTTP transaction,
    • the URL address of the page previously visited by the user (referrer link) – in the case when the transition to the Service occurred via a link,
    • information about the user’s browser,
    • information about the IP address,
    • diagnostic information related to the self-ordering process through recorders on the site,
    • information related to handling emails directed to and sent by the operator.

4. Your rights and additional information on data usage

  1. In certain situations, the administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the administrator. This applies to such groups of recipients:
    • hosting company on the basis of entrustment
    • postal operators
    • payment operators
    • authorized employees and associates who use the data to achieve the purpose of the website
  2. Your personal data processed by the administrator is stored no longer than necessary for performing activities related to them, specified in separate regulations (e.g., accounting regulations). With regard to marketing data, the data will not be processed for more than 3 years.
  3. You have the right to request from the administrator:
    • access to your personal data,
    • rectification,
    • deletion,
    • restriction of processing,
    • and data portability.
  4. You have the right to object to the processing specified in point 3.2 to the processing of personal data for the purpose of performing the legitimate interests pursued by the administrator, including profiling, with the proviso that the right of objection cannot be exercised if there are valid legitimate grounds for processing, overriding your interests, rights, and freedoms, in particular establishing, pursuing, or defending claims.
  5. Actions of the administrator are subject to a complaint to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
  6. Providing personal data is voluntary but necessary to use the service.
  7. Automated decision-making, including profiling, may be applied to you in order to provide services under the concluded contract and for direct marketing by the administrator.
  8. Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.

5. Information in forms

  1. The service collects information provided voluntarily by the user, including personal data, if provided.
  2. The service may save information about connection parameters (time, IP address).
  3. The service, in some cases, may save information facilitating the linking of data in the form with the user’s email address filling out the form. In such a case, the user’s email address appears inside the URL of the page containing the form.
  4. The data provided in the form is processed for the purpose resulting from the function of the specific form, e.g., to perform the service request or commercial contact, service registration, etc. Each time, the context and description of the form clearly indicate its purpose.

6. Administrator logs

  1. Information about user behavior in the service may be logged. This data is used for administering the service.

7. Important marketing techniques

  1. The operator uses statistical traffic analysis on the site through Google Analytics (Google Inc. based in the USA). The operator does not transfer personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s end device. Within the scope of information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/

8. Cookie information

  1. The service uses cookies.
  2. Cookies (“cookies”) are IT data, in particular text files, which are stored on the user’s end device and are intended for using the service’s websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.
  3. The entity placing cookies on the user’s end device and accessing them is the service operator.
  4. Cookies are used for the following purposes:
    1. maintaining the user’s session in the service (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage of the service;
    2. achieving the objectives specified above in the “Important Marketing Techniques” section;
  5. Two basic types of cookies are used within the service: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the user’s end device until logging out, leaving the website, or turning off the software (web browser). “Persistent” cookies are stored on the user’s end device for the time specified in the cookie parameters or until deleted by the user.
  6. Web browsing software (web browser) usually allows cookies to be stored on the user’s end device by default. Users of the service can change the settings in this regard. The web browser allows the deletion of cookies. It is also possible to automatically block cookies. Detailed information on this subject is included in the help or documentation of the web browser.
  7. Restrictions on the use of cookies may affect some of the functionalities available on the service’s websites.
  8. Cookies placed on the user’s end device may also be used by entities cooperating with the service operator, in particular, this applies to companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing cookies – how to express and withdraw consent in practice?

  1. If the user does not want to receive cookies, they can change the browser settings. We reserve that disabling cookies necessary for authentication processes, security, maintaining user preferences may make it difficult, and in extreme cases may prevent the use of websites
  2. To manage cookie settings, select the web browser you use from the list below and follow the instructions:

    Mobile devices: