Privacy and cookie policy

PRIVACY AND COOKIE POLICY

This privacy and cookies policy (hereinafter: “Privacy Policy”) is a set of rules for the processing of personal data and collecting cookies on the website www.ogbpro.pl of the service (hereinafter: “Service”).

This Privacy Policy is addressed to all users of the website www.ogbpro.pl and the social networking profiles of the Service on Facebook and Twitter (hereinafter: “User”).

In accordance with Article 13 (1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR), we inform you about the rules for the processing of your personal data and your rights relating to it. These rules apply from 25 May 2018.

SERVICE ADMINISTRATOR

The Service Administrator is Ogólnopolska Grupa Badawcza Spółka z ograniczoną odpowiedzialnością (hereinafter: „Administrator”), ul. Smoleńska 83/80, 03-528 Warsaw, NIP: 5242882294, REGON: 382733896, KRS: 0000774372, registry court: District Court for the Capital City of Warsaw, XII Commercial Division of the National Court Register KRS, share capital: 5.000,00 zł.

In case of any doubts relating to the privacy policy, the User may contact the Administrator by sending an e-mail to [email protected].

PERSONAL DATA

The Administrator of your personal data in accordance with regulations regarding the protection of personal data is Ogólnopolska Grupa Badawcza Spółka z ograniczoną odpowiedzialnością, ul. Smoleńska 83/80, 03-528 Warsaw, NIP: 5242882294, REGON: 382733896, KRS: 0000774372, registry court: District Court for the Capital City of Warsaw, XII Commercial Division of the National Court Register KRS, share capital: 5.000,00 zł.

Purposes, legal grounds and period of processing the personal data of the User are indicated separately for each purpose of data processing (see the description of individual purposes of personal data processing below).

RIGHTS

GDPR grants the User the following potential rights related to personal data processing:

• right of access to personal data,
• right to personal data rectification,
• right to erasure of personal data,
• right to restriction of personal data processing,
• right to object to processing of personal data,
• right to data portability,
• right to lodge a complaint with a supervisory authority,
• right to withdraw the consent for personal data processing, if such consent has been given by the User.

The rules related to the execution of the indicated rights have been described in detail in Articles 16 – 21 of GDPR. We encourage to acquaint with these rules. The abovementioned rules are not absolute and will not be available to Users in relation to all activities of processing Users’ personal data. For the convenience of the Users, the Administrator made every effort in order to indicate the rights of the Users as part of the description of individual personal data processing operations.

The Administrator emphasizes that one of the rights indicated above is always available to the User – if they consider that the Administrator has breached the provisions on the protection of personal data while processing personal data, the User has a possibility to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office).

The User may always ask the Administrator to provide information regarding the data in their possession about the User, as well as the purposes of its processing. Please send a message to [email protected].

Użytkownik zawsze może zwrócić się do Administratora z żądaniem udostępnienia informacji o tym, jakie dane na temat Użytkownika posiada oraz w jakich celach je przetwarza. Wystarczy przesłać wiadomość na adres: [email protected].

SAFETY

The Administrator guarantees the confidentiality of all provided personal data to the User. The Administrator ensures taking all measures of security and protection of personal data required by the regulations on personal data protection. Personal data are collected with due diligence and adequately protected against access of unauthorized persons.

RECIPIENTS OF THE DATA (CATEGORIES OF RECIPIENTS)

The Administrator may disclose personal data only to the entities with whom they settled a personal data processing agreement. The personal data of the User will not be transferred to a third state or an international organization. The personal data of the User may be disclosed to external entities providing services to the Administrator such as logistic, legal, auditing and accounting services, as well as IT service providers, including e-mail. Detailed information may be obtained by sending an e-mail to [email protected].

Personal data are collected in mailing system FreshMail belonging to FreshMail Spółka z ograniczoną odpowiedzialnością, al. 29 Listopada 155c, 31-406 Kraków, NIP: 6751496393, REGON: 123040091, KRS: 0000497051, registry court: District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register KRS.

TRIAL ACCESS

While registering for the trial access, the User provides the Administrator with the following information:

• name and surname,
• e-mail address,
• institution with which they are associated,
• industry in which they operate,
• telephone number.

Registration for the trial access means setting up a User account in the Service. The data provided by the User is assigned to this account and stored in the database of the Service.

The legal ground and the purpose of processing personal data contained in the account of the User is the execution of the contract, i.e. the provision of a service to the User in the form of providing the User with access to the content of the Service intended only for the registered Users (Article 6(1)(b) GDPR). Details related to the execution of the service can be found in the regulations accepted by the User while logging into the Service for the first time.

The data of the User contained in the account of the User are processed during the time of operation of the account. The User may at any time decide to delete the account, which will result in deletion of the personal data from the database as well. Deletion of the account does not result in deletion of the data regarding the payments made by the User in connection with the use of the Service. These data may be processed by the Administrator until the limitation of claims arising from the contracts settled with the User. The User may rectify the personal data contained in the account at any time. The User also has the right to data portability referred to in Article 20 GDPR.

PAYABLE CONTRACT

While settling a contract for paid access to the Service, the User must provide the data necessary for execution of the order. Providing data is voluntary but necessary to conclude the contract.

The data provided to the Administrator in connection with the conclusion of the contract are processed in order to execute the contract (Article 6(1)(b) GDPR), issue an invoice (Article 6(1)(c) GDPR), include an invoice in the accounting documentation of the Administrator (Article 6(1)(c) GDPR), as well as for archival and statistical purposes (Article 6(1)(f) GDPR).

The data regarding the orders will be processed during the time necessary for the execution of the order, and then until the expiry of the limitation period for claims arising from the concluded contract. In addition, after the expiry of this period, the data may still be processed by the Administrator for statistical purposes. The Administrator is obliged to store the invoices including the personal data of the User for a period of five years from the end of the tax year in which the tax obligation arose.

In case of data regarding the orders, the User cannot rectify these data after execution of the order. The User also cannot object to processing of the data and demand the deletion of the data until the expiry of the limitation period for claims arising from the concluded contract. Similarly, the User may not object to processing the data and demand the deletion of the data contained in the invoices. After the expiry of the limitation period for claims arising from the concluded contract, the User may object to processing of the data of the User by the Administrator for statistical purposes, as well as demand the removal of the data from the database of the Administrator.

In relation to the data regarding the orders, the User also has the right to data portability referred to in Article 20 GDPR.

USE OF THE SERVICE

If the User does not use the Service under the individual contract concluded with the Administrator but as a result of creating the access for the User on the basis of the agreement e.g. with the employer of the User, then a user account has been established for the User in the Service and the data assigned to this account are stored in the database of the Administrator.

The legal ground and the purpose of processing personal data contained in the account of the User is the provision of a service to the User in the form of providing the User with access to the content of the Service intended only for the registered Users (Article 6(1)(b) GDPR).

The data of the User contained in the account of the User are processed during the time of operation of the account. The User may at any time decide to delete the account, which will result in deletion of the personal data from the database as well. The User may rectify the personal data contained in the account at any time. The User also has the right to data portability referred to in Article 20 GDPR.

COMPLAINTS

While filing a complaint, the User provides the Administrator with the personal data included in the content of the complaint, which comprises name and surname, address, telephone number, e-mail address and the bank account number. Provision of the data is voluntary, but necessary in order to file a complaint.

The data provided to the Administrator in connection with filing a complaint are used in order to perform the complaint procedure (Article 6(1)(c) GDPR).

The data will be processed during the period necessary for execution of the complaint procedure. The complaints may also be archived in statistical purposes.

In case of data included in the complaints, the User cannot rectify these data after execution of the order. The User also cannot object to data processing and demand the deletion of the data until the expiry of the limitation period for claims arising from the concluded contract. However, after the expiry of the limitation period for claims arising from the concluded contract, the User may object to processing of the data of the User by the Administrator for statistical purposes, as well as demand the removal of the data from the database of the Administrator.

CONTACT

While filling the contact request form, the User provides the Administrator with the following information:

• name and surname,
• telephone number.

The sent form is saved as e-mail correspondence on the mailbox server.

The legal ground of processing of personal data of the User included in the form is the consent implied from the fact of sending a contact request (Article 6(1)(a) GDPR). In this case, the data of the User are processed solely for the purpose of contact with the User.

The data will be processed by the Administrator during the period necessary to establish and maintain contact with the User and after this time will be deleted from the database of the Administrator, unless the User gives consent in this period for processing the data by the Administrator also in statistical purposes which will result in the data being sent to the marketing database of the Administrator and processed in it until the Administrator decides to remove this database or the User resigns from the marketing communication which will result in the deletion of the data from the database.

The content of the correspondence may be archived and the Administrator is not able to clearly determine when will it be deleted. The User has a right to demand the presentation of the history of the correspondence exchanged with the Administrator (if it has been archived), as well as to demand its removal, unless its archiving is justified due to the overriding interests of the Administrator, e.g. defense against potential claims of the User.

NEWSLETTER

If the User wants to subscribe to the newsletter, they must provide the Administrator with their e-mail address by the newsletter subscription form. Provision of the data is voluntary, but necessary in order to subscribe to the newsletter. The newsletter bases on the mailing platform FreshMail. The newsletter has a form of an e-mail notification directed to the e-mail address of the User and/or a SMS notification sent to the telephone number of the User. In both cases it is necessary to give consent for sending messages by e-mail or phone.

The data provided to the Administrator when subscribing to the newsletter are used in order to send the newsletter to the User and the legal ground of their processing is the consent of the User for sending the information by e-mail and/or phone (Article 6(1)(a) GDPR) expressed when subscribing to the newsletter.

The data will be processed during the period of duration of the newsletter unless the User resigns earlier from its receipt which will result in deletion of the data from the database of the Administrator.

The User may at any time rectify their data saved in the newsletter database, as well as they may demand its deletion by resigning from the receipt of the newsletter. The User also has the right to data portability referred to in Article 20 GDPR.

The User independently chooses the alerts they are interested in. These include, among others, newsletter in Polish version, newsletter in English version, alert regarding new contents on the Websites or alert regarding new podcasts.

COOKIES POLICY

1. Cookie files (so-called “cookies”) are IT data, in particular text files, stored in the end device of the User of the Service, intended for using websites of the Service.
2. Cookies usually contains the name of the website they come from, the storage time in the end device and a unique number.
3. Cookies are used in order to collect information related to use of the Service by the User.
4. In particular, cookies enable to:

• maintain the session of the logged in Service User,
• adjust the content of the websites of the Service to the preferences of the User,
• optimize the Service in order to properly display the website which is adapted to the individual needs of the User thanks to them,
• create statistics which allow to understand how do the Service Users use the websites in order to improve their structure and content,
• As the Service includes the plug-in of the social networking sites Facebook and Twitter, sometimes the cookie files may also be used to record the presence of the User on the website of the Service by the social networks, as well as to adjust the displayed advertisements to the activity of the User.

5. Session cookie files (session cookies) being temporary files are used in the Service. They are stored in the end device of the User (web browser) until logging out of the website by the User or switching off the software used to browse the websites. Persistent cookie files (persistent cookies) are stored in the end device of the User during the period indicated in the parametres of the cookies or until the moment of their deletion by the User.
6. The following types of cookies are used in the Service:

• necessary – these files enable using the services and the functions available in the Service,
• efficient – these files enable collecting information regarding the way of using the websites of the Service,
• functional – these files enable saving the settings chosen by the User and e.g. personalization of the interface in the User’s panel,
• statistical – these files enable making analytical measures regarding the activity of the User in the Service; in this case the Google Analytics tool is used by the Administrator.

7. Software (web browser) used in order to browse the websites may by default allow cookies to be stored in the end device of the User.

It is possible to change the settings regarding cookies as a Service User in any time. Detailed information on the possibilities and methods of handling cookies are available in the settings of the software (web browser). However, it should be noted that the limitation of using cookies introduced by the User may affect some of the functionalities of the Service.

8. How may the User change the cookies settings in the most popular browsers:

Google Chrome – read on the website of the manufacturer or check in your browser:

Menu > Settings > Show advanced settings > Content settings

https://support.google.com/chrome/answer/95647?hl=pl

Internet Explorer – read on the website of the manufacturer or check in your browser:

Menu > Tools > Internet Options > Privacy

https://support.microsoft.com/pl-pl/hub/4338813/windows-help?os=windows-10

Mozilla Firefox – read on the website of the manufacturer or check in your browser:

Menu > Tools > Options > Options > Privacy

https://support.mozilla.org/pl/kb/wzmocniona-ochrona-przed-sledzeniem-firefox-desktop?redirectlocale=pl&redirectslug=W%C5%82%C4%85czanie+i+wy%C5%82%C4%85czanie+obs%C5%82ugi+ciasteczek

Opera – read on the website of the manufacturer or check in your browser:

Menu > Settings > Preferences > Advanced > Cookies

https://help.opera.com/pl/latest/web-preferences/#cookies

Safari – read on the website of the manufacturer or check in your browser:

Menu > Tools > Preferences > Privacy

https://support.apple.com/pl-pl/guide/safari/sfri11471/mac