1. This policy pertains to the website: varma.com.pl
  2. The operator of the service and the Personal Data Administrator is: VARMA Michał Sikora LINDEGO 1C, 30-148 KRAKÓW
  3. Operator’s email contact address: biuro@varma.com.pl
  4. The operator is the Administrator of your personal data concerning the data voluntarily provided on the Service.
  5. The service utilizes personal data for the following purposes:
    • Handling inquiries through the form
    • Fulfillment of ordered services
    • Presentation of offers or information
  6. The service performs functions to gather information about users and their behavior in the following ways:
    1. Through voluntarily entered data in forms, which are then entered into the systems of the Operator.
    2. By storing cookie files (so-called “cookies”) on end devices.
  7. Login and data entry areas are protected in the transmission layer (SSL certificate). This encryption ensures that personal and login data entered on the website is encrypted on the user’s computer and can only be read on the destination server.
  8. To protect data, the Operator regularly performs backup copies.
  9. A crucial element of data protection is the regular updating of all software used by the Operator to process personal data, including regular updates of programming components.
  10. The service is hosted (technically maintained) on the servers of the operator: another company.
  11. The hosting company maintains server-level logs to ensure technical reliability. The following may be subject to recording:
    • Resources specified by a URL identifier (addresses of requested resources – pages, files),
    • Time of request arrival,
    • Time of response dispatch,
    • Client station name – identification performed by the HTTP protocol,
    • Information about errors occurring during the execution of HTTP transactions,
    • URL address of the page previously visited by the user (referer link) – in case the transition to the Service occurred through a hyperlink,
    • Information about the user’s browser,
    • Information about the IP address,
    • Diagnostic information related to the process of independently ordering services through recorders on the website,
    • Information related to the handling of email directed to the Operator and sent by the Operator.
  12. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary for the performance of the contract concluded with you or for the fulfillment of obligations imposed on the Administrator. This applies to the following groups of recipients:
    • Hosting company on the basis of entrustment
    • Authorized employees and collaborators who use the data to achieve the website’s operational goals
    • Companies providing marketing services on behalf of the Administrator
  13. Your personal data processed by the Administrator will not be processed for a period longer than necessary to perform activities related to them as specified by separate regulations (e.g., accounting regulations). In relation to marketing data, the data will not be processed for more than 3 years.
  14. You have the right to request from the Administrator:
    • Access to your personal data
    • Their correction,
    • Deletion,
    • Restriction of processing,
    • And data portability.
  15. You have the right to object to the processing specified in point 3.2 regarding the processing of personal data for the purpose of pursuing the legitimate interests pursued by the Administrator, including profiling. However, the right to object cannot be exercised if there are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, especially the establishment, exercise, or defense of legal claims.
  16. There is a right to file a complaint with the President of the Personal Data Protection Office regarding the actions of the Administrator, ul. Stawki 2, 00-193 Warszawa.
  17. Providing personal data is voluntary but necessary for the operation of the Service.
  18. In relation to you, activities involving automated decision-making, including profiling, may be undertaken for the purpose of providing services under the concluded agreement and for conducting direct marketing by the Administrator.
  19. Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not transfer them outside the European Union territory.
  20. The service collects information voluntarily provided by the user, including personal data if they are provided.
  21. The service may save information about connection parameters (timestamp, IP address).
  22. In some cases, the service may save information facilitating the correlation of data in the form with the email address of the user filling out the form. In such a case, the user’s email address appears within the URL of the page containing the form.
  23. The data provided in the form is processed for the purpose arising from the specific function of the particular form, such as handling a service request, business contact, service registration, etc. Each time, the context and description of the form clearly inform what its purpose is.
  24. Information about user behavior on the website may be subject to logging. These data are used for the purpose of administering the service.
  25. The operator employs statistical analysis of traffic on the website through Google Analytics (Google Inc. based in the USA). The operator does not transfer personal data to the operator of this service but only anonymized information. The service relies on the use of cookies on the user’s end device. Regarding user preference information collected by the Google advertising network, the user can view and edit information derived from cookie files using the tool: https://www.google.com/ads/preferences/
  26. The operator employs remarketing techniques allowing for the customization of advertising messages based on user behavior on the website. This may create an impression that user personal data is used for tracking; however, in practice, no personal data is transferred from the operator to advertising operators. The technological condition for such actions is the enabled support for cookie files.
  27. The operator uses the Facebook pixel. This technology informs the Facebook service (Facebook Inc. based in the USA) that a registered user is using the Service. In this case, it is based on data for which the operator is the administrator, and the operator does not provide any additional personal data to the Facebook service. The service relies on the use of cookies on the user’s end device.
  28. The operator uses an automated solution to manage the Service in relation to users, for example, to send an email to the user after visiting a specific subpage, provided the user has consented to receiving commercial correspondence from the operator.
  29. The service uses cookies.
  30. Cookies (so-called “cookies”) are computer data, specifically text files, which are stored on the end device of the Service User and are intended for using the Service’s websites. Cookies typically contain the name of the website they come from, the time they are stored on the end device, and a unique number.
  31. The entity placing cookies on the end device of the Service User and accessing them is the operator of the Service.
  32. Cookies are used for the following purposes:
    1. Maintaining the user’s Service session (after logging in), allowing the user to not have to re-enter their login and password on each subpage of the Service;
    2. Achieving the goals specified above in the “Essential Marketing Techniques” section;
  33. Two fundamental types of cookies are used within the Service: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the User’s end device until logging out, leaving the website, or turning off the software (web browser). “Persistent” cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
  34. Web browsing software (web browser) usually allows cookies to be stored on the User’s end device by default. Service Users can change their settings in this area.  The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this topic can be found in the help or documentation of your web browser.
  35. Limiting the use of cookies may affect some functionalities available on the Service’s websites.
  36. Cookies placed on the end device of the Service User may also be used by entities cooperating with the operator of the Service, in particular, this applies to companies such as Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
  37. If the user does not want to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication processes, security, and maintaining user preferences may impede, and in extreme cases, prevent the use of websites.
  38. To manage cookie settings, choose the internet browser from the list below that you are using and follow the instructions:

    Mobile Devices: