1. We declare that we process data on the connection of your terminal device to the technical infrastructure of our website and that we use “Cookies”. These data are aggregate and anonymous – they do not contain characteristics that identify specific individuals.

2. Cookies are IT data, in particular text files sent by Us to your terminal equipment and stored there. Cookies can only be read by Us.

3. During your visit to our site, data about your visit may be automatically collected, and include information on the domain name of the website from which you were referred to our site, your browser type, operating system type, IP address, your ID. In addition, we may process operational data or location information about the device used to access our site.

4. Cookies allow Us, among other things, to ensure the proper functioning of the site, improve the speed and security of your use of the site, to improve the features you use, and to use of marketing tools.

5. Please be advised that restrictions on the use of Cookies may affect some of the functionality available on our site or prevent you from using it.

6. We declare that Our use of Cookies does not cause any configuration changes in your terminal device or in the software installed on it.

7. We use the following Cookies: necessary, statistical and personalization Cookies as well as functional and advertising Cookies.

8. We use the necessary Cookies mainly to provide you with the services and functionalities you want to use. Necessary Cookies may be installed by Us through the site. These Cookies are necessary for the functioning of the website and cannot be disabled. They are usually set only in response to actions you take that involve inquiries for services, such as setting privacy preferences or filling out forms. They also include basic visitor counts, which are needed for Our services. You can set your browser to block these Cookies or to warn you about them, but some parts of the site will then not work. These Cookies do not store any of your personal information. The legal basis for data processing in the use of necessary Cookies is the necessity for the performance of the agreement (Article 6(1b) of GDPR).

9. We use functional Cookies to remember and customize the site according to your choices. These Cookies allow Us to ensure greater functionality and personalization of the services provided. These Cookies may be set by Us or by third-party providers whose services have been added to Our websites. If you do not allow these Cookies, some or all of these services may not function properly. Processing of data related to the use of functional Cookies requires your consent. Such consent can be withdrawn at any time via our site settings.

10. We use statistical and personalization Cookies to obtain information on the number of visits and sources of traffic on Our site. These files are processed in order to improve the performance of Our site, to develop, test and improve the services provided, as well as to solve related problems. These files are aggregated and are not intended to establish your identity. The files help to determine user behavior in order to provide relevant and personalized content. Such files may be installed through our site by Us and by Our partners. The legal basis for the processing of data in the use of analytical Cookies is our legitimate interest (Article 6(1f) of GDPR), which is to ensure the highest quality of services provided through our website.

11. We also use advertising Cookies that allow Us to tailor the content we display to your interests through our website. These Cookies may be used to build a profile of your interests and display relevant ads on other sites. They do not directly store personal data, but rely on the unique identification of the browser and Internet equipment. If you do not allow to use these Cookies, you will experience less targeted advertising. Such files may be installed by Us and by Our trusted partners. The legal basis for data processing in the use of advertising Cookies is the User’s consent (Article 6(1b) of GDPR). Such consent can be withdrawn at any time via our site settings.

12. We also process Personal Data of Users visiting profiles maintained by Us on social media (Facebook, LinkedIn, Instagram, Twitter, YouTube). The data are processed exclusively in connection with the operation of the profile, including the purpose of reporting on Our activities and promoting various events and services. The legal basis for processing of your personal data is your consent (Article 6(1a) of GDPR).

13. For more information on the cookies used by the aforementioned entities, please refer to their privacy policies.

14. You can give your consent to Cookies by using the Cookies settings. Using the “Accept All” or “Customize” buttons, you can give the appropriate consents and also manage your preferences.

15. You can revoke the consents you have given at any time.
 

1. In order to provide services and ongoing maintenance, User’s data may be transferred to specialized entities for processing. Data may be entrusted in particular to:

a. IT service providers,
b. marketing agencies, marketing partners and marketing platform providers,
c. cloud service providers,
d. providers of data analysis services,
e. consultants, lawyers, accountants and other professional service providers,
f. entities affiliated with the Controller personally and by equity, which help the Controller to provide services or perform data processing tasks on the Controller’s behalf,
– in which case such entities process data on the basis of an agreement concluded with the Controller and only in accordance with the Controller’s instructions.

2. Based on the User’s voluntary consent to the processing of the User’s Personal Data (personal data stored in Cookies on the User’s device and in the User’s cache, including data provided in the browsing history and data collected during the User’s activity on the Website, and location data generated by the User’s device), data may by provided for marketing purposes including automated analysis of the User’s activity on the websites in order to determine potential interests for tailoring advertising.

3. The Controller also provides Users’ data to authorized state bodies if they request the Controller to provide data in connection with their tasks. These may include, in particular, organizational units of the prosecutor’s office, the police, the General Inspector of the Personal Data Protection (in the future, the President of the Personal Data Protection Office), the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communications.

1. In the course of the Controller’s use of tools supporting its day-to-day business operations, Personal Data, if necessary, and with an appropriate degree of protection, may be transferred outside the European Economic Area (EEA). If this situation occurs, Personal Data will be transferred only to recipients who guarantee the highest protection and security of the data, among others by:

a. use of standard contractual clauses issued by the European Commission,
b. application of binding corporate rules approved by the relevant supervisory authority,
c. cooperation with processors of personal data in countries for which a relevant decision of the European Commission has been issued in regard to the determination of ensuring an adequate level of Personal Data protection.

2. The Controller’s Trusted Partners are mostly located in countries of the European Economic Area (EEA) or in Switzerland, recognized as a country that meets an adequate level of Personal Data protection. Some of the Controller’s Trusted Partners, e.g. Google or Facebook, are based outside the EEA. In connection with transfer of the User’s data outside the EEA, the Controller verifies that the Trusted Partners provide a guarantee of a high level of Personal Data protection. Such guarantees arise in particular from the obligation to use standard contractual clauses adopted by the Commission (EU), in accordance with the wording of Article 46(2) of GDPR.

3. The User have the right to request, by directing the request to the address indicated in §1 that the Controller shall provide him/her with a copy of the standard contractual clauses.
 

1. The Controller guarantees that the Personal Data will be kept only for the time necessary to fulfill the purposes for which the data were collected.

2. Data will be kept as long as it is needed by the Controller to provide services to Users.

3. The retention period for Personal Data is determined on an individual basis and depends on, among other things, the nature of the data or the reason for its collection and processing. After this time, the data are deleted or anonymized in such a way that it is not possible to determine the identity of the User.

4. Personal data will be processed until there is a basis for processing, i.e.:

a. if consent has been given, until it is revoked, restricted, or in the event of other actions on the part of the User that limit such consent,
b. in the case of the necessity of the data for the performance of the agreement, for the duration of its performance and until the expiration of the statute of limitations for claims under this agreement (3 or 6 years). The beginning of the period is calculated from the date the claim is due,
c. where the basis for data processing is the legitimate interest of the Controller, until the User raises an effective objection,
d. for tax and accounting purposes to the extent and for the duration consistent with applicable regulations.
 

1. In connection with the Controller’s processing of Personal Data, Users have the following rights:

a. the right to request access to individual Personal Data, rectification, deletion or restriction of processing,
b. the right to object to processing,
c. the right to portability of Personal Data,
d. the right to withdraw consent to the processing of Personal Data for a specific purpose, if the User has previously given such consent,
e. the right to lodge a complaint with a supervisory authority in connection with the Controller’s processing of the User’s Personal Data.

2. Users may exercise the above rights in accordance with the rules described in Articles 16 – 21 of GDPR by sending a message to the e-mail address indicated in §1.

3. All applications received shall be treated with special attention and completed as soon as possible. In the case of certain requests (of a complex nature or concerning data processing burdened with special legal regulations), the processing time may be prolonged, but in any case, within one month, the User shall be informed about the actions that the Controller has taken to complete the request. In providing a response and in order to ensure that the Controller will properly complete the request, the Controller reserves the right to verify the identity of the User.
 

The Administrator shall apply technical and organizational measures to ensure the protection of the processed Personal Data appropriate to the risks and categories of data under protection, and in particular shall protect the data from unauthorized access, processing in violation of applicable regulations, and from alteration, loss, damage or destruction, such as, but not limited to:

1.    securing the dataset against unauthorized access,
2.    SSL certificate on the pages of the Website, where Users’ data are provided.
 

1. For Policy issues, please contact us at contact@datahiro.com.

2. Data Hiro reserves the right to change the Policy in the future – this may occur, among others, for the following important reasons:

a. changes in applicable laws, in particular in the area of personal data protection, telecommunications law, provision of services by electronic means law and in provisions regulating consumer rights, affecting the rights and obligations or the rights and obligations of the User;
b. development of electronic functionality or services dictated by advances in Internet technology, including the use/implementation of new technological or technical solutions, affecting the scope of the Policy.

3. If the Policy is changed, its new content will be announced at www.datahiro.com. The new version of the Policy enters into force on the date of its promulgation.

4. In case of doubt or contradiction between the Policy and the consents given by the User, regardless of the provisions of the Policy, the basis for taking and determining the scope of actions by the Controller shall always be the consents voluntarily given by the User or provisions of the law.

5. To the extent not regulated in the Policy, the provisions of GDPR and the mandatory laws of the Republic of Poland shall apply.

6. The Policy was drawn up in two language versions: Polish and English In case of discrepancies between language versions, the Polish language version shall prevail.

7. The competent court for disputes arising out of the application of the Policy shall be the court having jurisdiction over the seat of Data Hiro, if exclusive jurisdiction does not apply. 

8. The Website may contain links to other websites. Data Hiro urges that when you go to other sites, read the privacy policy established there, including the advertiser’s privacy policy. This Policy applies only to designated Data Hiro activities.

9. The policy comes into force on 25.06.2024.