Privacy and Cookie Policy

Introduction

Pod Cyprysami sp. z o.o. values the trust of its Users and therefore stores their data with the utmost care and adherence to the highest security standards, protecting it from unauthorized access.
This Privacy Policy defines the principles of storing and accessing information on the User's device through Cookies, used to provide electronic services requested by the User by Pod Cyprysami sp. z o.o. Additionally, this privacy policy serves an informational purpose.

I. Definitions

a. Administrator – Pod Cyprysami limited liability company with its registered office in Warsaw, Aleje Jerozolimskie 94, 00-807 Warsaw, registered in the Register of Entrepreneurs of the National Court Register under number 0000333558, VAT ID: 1132771203, REGON 141943689, providing electronic services and storing and accessing information on the User’s device.

b. Cookies – means IT data, especially small text files, saved and stored on devices through which the User accesses the Service’s websites.

c. Administrator’s Cookies – means Cookies placed by the Administrator related to providing electronic services by the Administrator via the Service.

d. External Cookies – means Cookies placed by the Administrator’s partners via the Service’s website.

e. Service – means the website or application through which the Administrator operates the online service, operating at the domain www.podcyprysami.pl

f. Device – means the electronic device through which the User accesses the Service.

g. User – means the entity for whom services may be provided electronically or with whom an electronic service agreement may be concluded under the Terms of Service and legal regulations.

II. Types of Cookies Used

1. Cookies used by the Administrator are safe for the User’s Device. In particular, viruses, unwanted software, or malicious software cannot be transmitted via these files. They allow identifying the software used by the User and individually tailoring the Service. Cookies usually contain the domain name from which they come, the time of storage on the Device, and an assigned value.

2. The Administrator uses two types of cookies:

• a. Session Cookies: stored on the User’s Device until the browser session ends. Then the information is permanently deleted from the Device’s memory. Session cookies do not collect any personal or confidential information from the User’s Device.
  
• b. Persistent Cookies: stored on the User’s Device until deleted. Closing the browser or turning off the Device does not delete them. Persistent cookies do not collect any personal or confidential information from the User’s Device.

3. The User can limit or disable Cookie access to their Device. Using this option, accessing the Service is possible except for functions that inherently require Cookies.

III. Purposes for Which Cookies Are Used

1. The Administrator uses Own Cookies for the following purposes:

a. Service configuration

• I. Adjusting the Service’s website content to the User’s preferences and optimizing the use of the Service’s websites.
  
• II. Recognizing the User’s Device and location and properly displaying the website tailored to individual needs.
  
• III. Remembering User-selected settings and personalizing the User interface, e.g., language or region.
  
• IV. Remembering the history of visited pages in the Service for content recommendations.
  
• V. Maintaining the User session (after login), so the User doesn’t need to re-enter login and password on each subpage.
  
• VI. Correct configuration of selected Service functions, allowing authentication verification of the browser session.
  
• VII. Optimizing and increasing the performance of services provided by the Administrator.
  

c. Implementation of processes necessary for full website functionality

• I. Adjusting website content to User preferences and optimizing usage, especially allowing recognition of basic Device parameters.
  

d. Analytics and audience audit

• I. Creating anonymous statistics to understand how Users use the Service’s websites to improve their structure and content.

e. Ensuring Service security and reliability.

2. The Administrator uses External Cookies for the following purposes:

a. Presenting multimedia content on the Service’s websites sourced from external services:

• www.youtube.com [administrator cookies: Google Inc, USA]
  

b. Collecting general and anonymous statistical data via analytical tools:

• Google Analytics [administrator cookies: Google Inc, USA]
  

c. Presenting advertisements tailored to User preferences using web advertising tools:

• Google Advertising System [administrator cookies: Google Inc, USA]
  

d. Using interactive functions to popularize the Service through social media:

• plus.google.com [administrator cookies: Google Inc, USA]
  
• Facebook.com [administrator cookies: Facebook Inc, USA or Facebook Ireland, Ireland]
  

e. Execution and settlement of electronic services provided by the Administrator to the User:

• PayU [administrator cookies: PayU Sp. z o.o., Poznań]
• Possibilities of specifying storage or access condition

You can check how Google Inc uses your personal data here: http://www.google.com/policies/privacy/partners/

3. The User can change Cookie settings anytime, determining their storage and access conditions on the User’s Device. Changes can be made via browser settings or service configuration, such as blocking automatic handling or notifying about each Cookie placement. Detailed information on Cookie management is available in browser software settings.

4. The User can delete Cookies anytime using browser functions.

5. Limiting Cookies may affect some functionalities available on the Service’s website.

V. Personal Data Protection

1. Data Controller

The data controller is Pod Cyprysami sp. z o.o., with registered office in Warsaw, Aleje Jerozolimskie 94, 00-807 Warsaw, registered in the Register of Entrepreneurs of the National Court Register under number 0000333558, VAT ID: 1132771203, REGON 141943689, phone: 510 85 90 95.

2. Data Processing

Processing of personal data means operations performed on personal data manually or automatically, including collection, recording, organization, storing, adaptation, modification, retrieval, use, disclosure, dissemination, alignment, restriction, deletion, and destruction.

3. Purpose of Processing

Data is processed in accordance with the provisions of the GDPR for clearly defined purposes and to the extent necessary to achieve those purposes.
Data that may be voluntarily provided by the User is processed only to the extent that the User has given consent, and for the following purposes:
– informing about the content and services of Pod Cyprysami sp. z o.o. in response to a request or inquiry from the data subject
– ordering and providing services by Pod Cyprysami sp. z o.o.
– performance of contracts to which the data subject is a party
– compliance with legal obligations
– fulfillment of purposes arising from the legitimate interests pursued by the data controller or a third party

legitimate interests pursued by the data controller or third party.
Accordingly, Users are informed that under Articles 13 and 14 GDPR, data processing occurs both manually and automatically using IT systems.

4. Data Recipients

Data may be processed by employees and associates of Pod Cyprysami sp. z o.o. as “persons responsible for processing,” who, based on direct authorization from the Administrator or the Processor, have the right to process personal data in accordance with Articles 4.10 and 4.29 of the GDPR. Data may also be processed by trusted entities providing technical and organizational services to the Company under concluded data processing agreements or other legal instruments permitted by EU law. Additionally, the Data Administrator may disclose data to other recipients only upon request by entities authorized by law or when necessary to achieve the documented and legally justified purposes of the Administrator or a third party.

5. Consent to Data Processing

In cases where data processing does not result from an obligation arising from legal provisions, is not related to a contract or service being provided to you, and does not arise from a legitimate interest pursued by Pod Cyprysami sp. z o.o. or a third party, we ask for your consent to process personal data for the indicated purpose. In every case where you have given your consent to the processing of data for the stated purposes, such consent may be withdrawn at any time.Objection to Data Processing
Under Article 21 GDPR, Users can object anytime to processing for specified purposes; data will no longer be processed for those purposes unless legally required or justified.

6. Objection to Data Processing

In accordance with the provisions of Article 21 of the GDPR, the data subject has the right to object at any time to the processing of their personal data for the specified purposes. In such a case, the personal data will no longer be processed for the purpose indicated in the objection. The objection is not possible when the processing is based on a legal obligation or a legitimate interest pursued by the Controller or a third party.

7. Transfer of Personal Data to Third Countries

The collected and processed data may be transferred outside the European Economic Area to independent IT service providers or data storage service providers, including cloud storage. Data is transferred only in accordance with data protection regulations and subject to ensuring appropriate data safeguards and transmission measures, for example, based on a data transfer agreement relying on standard contractual clauses adopted by the European Commission concerning the transfer of personal data by data controllers in the EEA to data controllers and processors in legal systems that do not have adequate data protection regulations, or based on Privacy Shield agreements regarding the transfer of personal data by entities in the EU to entities in the United States, or equivalent arrangements in other legal systems; or transfers to a country for which the European Commission has determined that the level of data protection provided by its law is adequate; or when it is necessary to conclude or perform a contract with a third party and for the purposes of such contract the data transfer is in the interest of the data subject.
In other cases, transfer of data is also permissible when the data subject has given their consent to such transfer.

8. Data Retention Period

All personal data is collected lawfully, for the specified purposes, while adhering to the principles of necessity. Personal data will be stored in accordance with the principle of proportionality so as to allow the identification of the data subject and until the purposes of processing have been fulfilled.

9. Rights of the Data Subject

In accordance with Articles 13.2.b and 13.2.d, 14.2.c and 14.2.e, 15, 18, 19, and 21 of the GDPR, the Data Subject has the right to request from the Company access to their personal data, rectification, deletion, or restriction of processing, or to object to the processing; they have the right to data portability under Article 20 GDPR, the right to lodge a complaint with the President of the Personal Data Protection Office, and the right to rectification, deletion, or restriction of processing upon the request of the Data Subject.

10. Social Media Plugins

This website may contain plugins from certain social media platforms. Social media plugins are special tools that allow the integration of social media platform functions directly on the website. Such plugins are marked with the respective logo of each social media platform. When you visit our website and use a plugin, information is transmitted by your browser directly to the social media platform, which stores and processes it. For more detailed information about the purposes, types, and methods of collecting, processing, and storing personal data by social media platforms, as well as information on how to exercise your rights, please refer to the privacy policy of the respective social media platform.

11. Links to Independent Websites

This website may contain dedicated links through which you can directly connect to other independent websites. The Administrator of this website is not responsible for how independent websites manage personal data and authentication data transmitted by third parties.

12. Data Collected via Chatbot

We use ChatLab to operate the chatbot on our website, collecting and processing personal data such as chat logs and user interactions, in full compliance with the GDPR.

• Type of Data: We collect data in the form of chat logs and user interactions.
  
• Purpose: These data are used for lead generation and improving the quality of customer service.
  
• Legal Basis: The data are processed based on your consent, which you can withdraw at any time.
  
• Retention Period: The data are stored for 180 days and then automatically deleted.
  
• User Rights: You have the right to access, correct, or delete your data. To exercise these rights, please contact us by email at kontakt@podcyprysami.pl or via the contact form on the contact page.
  
• ChatLab Privacy Policy: For more information about how ChatLab handles data, please refer to their privacy policy at https://chatlab.com/privacy.