Privacy policy
PRIVACY POLICY FOR USERS OF THE EMPATYZER.COM WEBSITE
Who we are and how to contact us
The administrator of your personal data collected via the website www.empatyzer.com (hereinafter: “Service”) is EMPATYZER LIMITED LIABILITY COMPANY KRS 0001048777, NIP 9662180081, REGON 525921140 (hereinafter: “Administrator”).
For all matters related to personal data protection, you can contact the Administrator via email: em@empatyzer.com.
How and why we process your personal data
We process your data in connection with your browsing of the Service (as an unlogged user).
The principles of measuring and statistics described in this policy apply equally to every subpage of the Service, including this Privacy Policy page. We measure, among others, whether content was read, how much was read, and which elements were clicked, so that analytics are consistent across the entire website.
CONTACT WITH THE ADMINISTRATOR
By contacting us, you may provide your personal data, including information contained in the content of correspondence or provided during a phone call.
The legal basis for processing the data you provide when contacting us is Article 6(1)(f) of the GDPR (processing is necessary for the purposes of the legitimate interests pursued by the administrator or a third party). The legitimate interest is to provide answers to the questions asked, including those regarding the Service and the Administrator’s activities.
OPERATIONAL DATA
We may process data of unlogged users of the Service (individuals visiting the Service) characterizing the manner in which they use our Service (operational data, mostly anonymous). This processing includes automatic reading of a unique identifier identifying the telecommunication terminal or information system used, as well as the date and time of the server, technical parameters of the software and device used, as well as the location from which you are connecting to our server. This information may be used for marketing purposes, market research, and improving the functioning of the Service. Data stored in server logs are not associated with specific individuals using the Service. Server logs serve only as auxiliary material for administering the Service.
The legal basis for the processing of operational data is Article 6(1)(f) GDPR. The legitimate interest is enabling error diagnostics in the Service and improving its quality.
MARKETING OF THE ADMINISTRATOR’S OWN SERVICES
With your separate consent, we may process your personal data for marketing purposes, including sending you commercial, promotional, advertising, or marketing information.
The legal basis for processing your personal data for these purposes is generally Article 6(1)(a) GDPR. You may withdraw your consent at any time – without affecting the lawfulness of processing based on consent before its withdrawal.
In some cases, the legal basis for processing your personal data for direct marketing purposes may be the legitimate interest of the administrator (Article 6(1)(f) GDPR). However, remember that you always have the right to object at any time and free of charge to such processing, including profiling, if it is related to direct marketing. After filing an objection, the Administrator can no longer process your data for such purposes.
CLAIM HANDLING
The content of the correspondence with you may be archived. You have the right to request the history of the correspondence you have had with us (if it was archived) and also to request its deletion unless the archiving is justified by our legitimate interests.
The legal basis for processing your personal data after the contact with us has ended is our legitimate interest in the need to ensure the ability to demonstrate certain facts in the future. Therefore, we may process your personal data for the purpose of establishing, pursuing, or defending against claims based on Article 6(1)(f) GDPR.
COOKIES
Like almost all other websites, we use cookies. Cookies are small text files stored on your end device, which can be read by our information system. You can read more about cookies here: https://pl.wikipedia.org/wiki/HTTP_cookie or: https://www.allaboutcookies.org/.
Cookies allow us to:
- ensure the proper functioning of the website,
- improve the speed and security of using the website,
- use analytical tools,
- use marketing and remarketing tools.
We use cookies based on your consent, except in situations where cookies are necessary for the proper delivery of services to you electronically.
In the cases outlined above (1-3), information contained in cookies is processed based on Article 6(1)(f) GDPR. The legitimate interest is to ensure the proper functioning of the Service, as well as to monitor and analyze traffic and maintain visit statistics.
In the situation described in point 4 (marketing), information contained in cookies is processed based on Article 6(1)(a) GDPR, in accordance with Article 18(4) of the Electronic Services Act of July 18, 2002.
During your first visit to the Service, a notification will be displayed to you regarding the use of cookies. Accepting this notification means that you consent to the use of cookies as described in this privacy policy for all the purposes outlined above. You can withdraw your consent at any time by deleting cookies and changing the cookie settings in your browser.
Importantly, you do not have to provide us with information contained in cookies. You can prevent this by deleting cookies and changing cookie settings in your browser. Refusing cookies typically applies only to the specific browser – this means the same actions will need to be taken for any other browser used by you on the same or different device.
You can also use tools that allow for collective management of cookie settings and browser plugins that enable control over cookies. Web browsers also offer the option to use “incognito mode,” which allows you to visit websites without saving information about the websites visited and files downloaded in the browser history. Cookies created in incognito mode are generally deleted once all windows of this mode are closed.
However, remember that disabling cookies may cause difficulties in using the Service, as well as many other websites that use cookies.
The Service contains links to the aforementioned social media portals. These are social media plugins activated only after being clicked, when your browser connects to the specific portal. At that point, information, including your personal data, is transferred to that portal.
When displaying a page with such a plugin, your browser establishes a direct connection to the social media servers. The content of the plugin is transmitted by the service provider directly to your browser and integrated with the page. Through this integration, the service provider receives information that your browser has displayed our page, even if you do not have a profile at the provider or are not logged in at that time. Such information (often including your IP address) may be transmitted by your browser directly to the service provider’s server and stored there. If you are logged into one of the social media platforms, the service provider can directly link the visit to our Service with your profile on the platform. If you do not want social media platforms to collect data about you through our Service, you should log out before visiting our Service. You can also completely prevent plugins from loading on the page by using appropriate browser extensions.
What personal data we process
We may process the following categories of information about you:
- data of individuals contacting the Administrator: first name and last name, phone number, email address, other information that may be included in the message content or attached documents, or provided during a phone call;
- operational data concerning unlogged users of the Service: device’s IP address, server date and time, location of the end device from which the user connects to the Service, technical parameters of the device and software used by the user, data about the source from which the user arrived at the Service, geographical location (country), preferred language (device interface language), mouse actions (movements, locations, clicks) and keystrokes, URL referral code and its domain, device screen resolution, online identifiers, internet protocol addresses, and device identifiers.
Who we disclose your data to
In our operations, we use the support of specialized external entities that may or must have access to some of your data – these include entities providing IT, accounting, legal, hosting, email system, analytics, marketing and remarketing tools, social media plugin providers, and our trusted partners and collaborators. Data of unlogged users of the Service may also be disclosed to external entities providing us with services related to cookies.
The data of unlogged users of the Service and individuals contacting us are processed in an IT system, partly in the so-called public cloud computing provided by third parties.
Those authorized by law may also have access to information related to your use of the Service (e.g., state administration bodies in case of such a request).
Some of the operations described above involve transferring your personal data to so-called third countries (outside the European Economic Area). However, this always takes place based on legal instruments provided by GDPR, ensuring adequate protection of your rights and freedoms.
When the European Commission has not issued a decision on adequate protection of personal data for those countries, we take appropriate corrective measures to ensure the proper level of protection when transferring data. These include standard contractual clauses of the European Union or binding internal data protection regulations. Where this is not possible, data transfer is based on the exceptions described in Article 49 GDPR, particularly with explicit consent or the necessity of data transfer to fulfill contractual conditions or actions preceding a contract.
We inform you that when sending data to a third country for which no decision has been made regarding adequate personal data protection or appropriate guarantees, there is a possibility and risk that authorities in the third country may access the data for collection and analysis and that the enforcement of rights of data subjects cannot be guaranteed.
How long we will process your personal data
Your personal data will be processed as long as you use the Service, and in justified cases, also later for a period necessary for the expiration of claims determined by applicable regulations.
Personal data provided through the communication channels you choose will be stored no longer than necessary to provide a response, and after that, may only be stored in justified cases for a period necessary to expire claims as determined by applicable regulations.
Processing of your personal data contained in cookies lasts until the possibility of using them is disabled. You can do this by deleting cookies and changing the cookie settings in your browser.
Processing of your personal data based on consent as the legal basis lasts until the consent is withdrawn.
How we enable you to exercise your rights
We make every effort to ensure that you are satisfied with our cooperation. However, remember that you have many rights that allow you to influence the way we process your personal data, and in some cases, stop such processing.
Personal Data Access Right (Article 15 GDPR)
The data subject has the right to obtain from the administrator confirmation as to whether personal data concerning them are being processed, and if so, they have the right to access those data and information about the purposes of the processing, the categories of personal data concerned, information on recipients or categories of recipients, the planned storage period, rights to rectification, erasure or restriction, the right to lodge a complaint with a supervisory authority, the source of data, and information about automated decision-making, including profiling.
If personal data are transferred to a third country or an international organization, the data subject has the right to be informed about the appropriate safeguards provided in Article 46 related to the transfer.
The administrator shall provide the data subject with a copy of the personal data being processed. The right to obtain a copy shall not adversely affect the rights and freedoms of others.
Right to rectification (Article 16 GDPR)
The data subject has the right to obtain from the administrator without undue delay the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
The data subject has the right to obtain from the administrator the erasure of personal data concerning them without undue delay where one of the grounds in Article 17 GDPR applies. This includes situations where the data are no longer necessary, consent is withdrawn, or processing is unlawful. This right does not apply where processing is necessary for freedom of expression, compliance with a legal obligation, public interest, or the establishment, exercise, or defense of legal claims.
Right to restriction of processing (Article 18 GDPR)
The data subject has the right to obtain restriction of processing in cases where the accuracy of the data is contested, processing is unlawful and the data subject opposes erasure, the administrator no longer needs the data, or an objection to processing is pending verification.
Right to data portability (Article 20 GDPR)
The data subject has the right to receive their personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller where processing is based on consent or contract and is carried out by automated means.
Right to object (Article 21 GDPR)
The data subject has the right to object at any time, on grounds relating to their particular situation, to processing of personal data concerning them based on Article 6(1)(e) or (f), including profiling. If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to such processing, including profiling.
To exercise any of the rights described above, contact us via email at em@empatyzer.com.
Complaint to a supervisory authority
Under Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
In Poland, the supervisory authority is the President of the Personal Data Protection Office. More information is available at https://uodo.gov.pl/.
If you want to contact another supervisory authority responsible for personal data protection, visit https://edpb.europa.eu/about-edpb/about-edpb/members_pl.
Is providing data necessary for concluding a contract with us?
Your personal data obtained in connection with using our Service are not collected for the purpose of concluding a contract with you.
Providing selected personal data when contacting us is voluntary, but in most situations necessary to respond to your inquiry.
You do not have to provide us with information contained in cookies. You can prevent this by deleting cookies and changing cookie settings in your browser. However, changing cookie settings in a way that blocks the use of information contained in cookies may cause difficulties in using the Service.
Where do we get your personal data from
Data of unlogged users of the Service and individuals contacting us are obtained only from them.
Other data, including anonymous operational data and personal data related to the use of cookies, are obtained automatically – most often these are not personal data.
Automated processing and profiling
Operational data and data related to the use of cookies may be processed in an automated manner within the meaning adopted by GDPR.
Data processed through marketing and remarketing tools or social media plugins may be subject to profiling.
Other data processed in connection with the use of the Service, including data of visitors and individuals contacting us, are not subject to automated decision-making, including profiling.