Privacy policy

Privacy policy

1. General Information
This policy applies to the Service available at the URL: willapodorlem.pl
The operator of the service and the Personal Data Administrator is the company Willa pod Orłem, located in Zakopane at ul. Piłsudskiego 49b, Zakopane 34-500.
The contact email address of the operator: kontakt@willapodorlem.pl
The operator is the Administrator of your personal data in relation to data voluntarily provided in the Service.
The Service uses personal data for the following purposes:

  • Conducting online chat conversations
  • Handling inquiries via forms
  • Presentation of offers or information
     The Service collects information about users and their behavior in the following ways:
  • Through voluntarily entered data in forms, which are entered into the Operator’s systems.
  • By saving cookies on end-user devices (so-called “cookies”).

2. Selected Data Protection Methods Used by the Operator
Login areas and places where personal data is entered are protected by transmission layer security (SSL certificate). This means that personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the destination server.
Personal data stored in the database is encrypted in such a way that only the Operator possessing the key can read it. This protects data in case of database theft from the server.
User passwords are stored in a hashed form. The hashing function is one-way – it is currently a standard method in storing user passwords and cannot be reversed.
The Operator periodically changes its administrative passwords.
To protect data, the Operator regularly performs backup copies.
An important part of data protection is the regular update of all software used by the Operator for processing personal data, which particularly means regular updates of software components.

3. Hosting
The Service is hosted (technically maintained) on servers provided by the operator: Hostido.pl
The hosting company maintains server logs for technical reliability. The logs may include:

  • Resources specified by URL identifiers (addresses of requested resources – pages, files),
  • Request arrival time,
  • Response sending time,
  • Client station name – identification performed via HTTP protocol,
  • Information about errors occurring during HTTP transactions,
  • The URL of the previously visited page (referrer link) – if the transition to the Service was made via a link,
  • Information about the user’s browser,
  • Information about the IP address,
  • Diagnostic information related to the self-service ordering process via site recorders,
  • Information related to handling email directed to the Operator and sent by the Operator.

4. Your Rights and Additional Information on Data Use
In certain situations, the Administrator has the right to provide your personal data to other recipients if necessary to perform a contract with you or to fulfill obligations binding on the Administrator. This applies to the following groups of recipients:

  • Hosting company under a data processing agreement,
  • Operators of online chat solutions,
  • Authorized employees and collaborators who use data to fulfill the site’s purpose,
  • Companies providing marketing services on behalf of the Administrator.

Your personal data processed by the Administrator will not be stored longer than necessary to perform the associated tasks specified by separate regulations (e.g., accounting). Regarding marketing data, data will not be processed for longer than 3 years.

You have the right to request from the Administrator:

  • Access to your personal data,
  • Correction,
  • Deletion,
  • Restriction of processing,
  • Data portability.

You have the right to object to the processing described in point 3.2 regarding processing for the purpose of legally justified interests pursued by the Administrator, including profiling, but the objection cannot be exercised if there are overriding legally justified grounds for processing that prevail over your interests, rights, and freedoms, especially the establishment, exercise, or defense of claims.

You have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.

Providing personal data is voluntary but necessary for the operation of the Service.

Automated decision-making, including profiling, may be performed in relation to you for the provision of services under the contract and for the Administrator’s direct marketing purposes.

Personal data is not transferred to third countries within the meaning of data protection regulations. This means we do not transfer data outside the European Union.

5. Information in Forms
The Service collects information voluntarily provided by the user, including personal data, if submitted.
The Service may save connection parameters (time stamp, IP address).
In some cases, the Service may save information facilitating the linking of form data with the user’s email address filling out the form. In such cases, the user’s email address may appear inside the URL of the page containing the form.
Data provided in forms is processed for the purpose resulting from the specific form’s function, e.g., handling service requests or business contact, registration of services, etc. The context and description of the form clearly inform the user about its purpose.

6. Administrator’s Logs
Information about user behavior on the site may be logged. These data are used for site administration purposes.

7. Important Marketing Techniques
The Operator uses statistical traffic analysis on the site via Google Analytics (Google Inc., USA). The Operator does not provide personal data to this service, only anonymized information. The service relies on cookies on the user’s end device. Regarding information on user preferences collected by the Google advertising network, users may review and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
The Operator uses the Facebook pixel. This technology enables Facebook (Facebook Inc., USA) to know that a registered user on Facebook is visiting the Service. It is based on data Facebook itself administers; the Operator does not provide any additional personal data to Facebook. The service relies on cookies stored on the user’s device.

8. Information About Cookies
The Service uses cookies.
Cookies (so-called “cookies”) are IT data, mainly text files, stored on the end device of the Service User and intended for use with the Service’s web pages. Cookies usually contain the website’s name, storage duration on the end device, and a unique number.
The entity placing cookies on the User’s device and accessing them is the Service operator.
Cookies are used for the following purposes:

  • Maintaining the user session (after logging in), so the user does not have to re-enter login and password on every subpage,
  • Realization of marketing techniques described above.

Two main types of cookies are used in the Service: “session” cookies and “persistent” cookies. Session cookies are temporary files stored on the User’s device until logout, leaving the website, or browser shutdown. Persistent cookies are stored on the User’s device for the period specified in the cookie parameters or until deleted by the User.

Web browsers usually accept cookies by default. Users can change their browser settings regarding cookies. Browsers allow deletion or automatic blocking of cookies. Detailed information can be found in browser help or documentation.
 Limiting cookie usage may affect some functionalities on the Service’s web pages.

Cookies placed on the User’s device may also be used by cooperating entities with the Operator, in particular companies such as Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).

9. Managing Cookies – How to Give and Withdraw Consent in Practice?
If the user does not want to receive cookies, they can change browser settings. We warn that disabling cookies necessary for authentication, security, or user preference maintenance may hinder or, in extreme cases, prevent the use of the website.

To manage cookie settings, select the browser you use from the list below and follow the instructions:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

Mobile devices:

  • Android
  • Safari (iOS)
  • Windows Phone