The privacy policy outlines the principles of how we process information about you, including personal data and cookies.
1. General Information
This policy applies to the website operating under the URL: scertsprzedszkole.pl. The service operator and the data controller is: ODIS ŚWIATA CIEKAWI MAGDALENA PYTEL, ul. Bukowińska 10 lok. 236, 02–703 Warsaw, Poland. The operator’s contact email address is: recepcja@odispsycholog.pl.
The operator is the controller of your personal data provided voluntarily on the website. The website uses personal data for the following purposes:
- Managing the newsletter
- Running an online forum
- Conducting online chat conversations
- Handling inquiries via a contact form
- Fulfilling ordered services
- Presenting offers or information
The website gathers information about users and their behavior in the following ways:
- Through data voluntarily entered in forms, which are entered into the operator’s systems.
- By storing cookies on users’ devices.
2. Selected Data Protection Methods Used by the Operator
Login and data entry points are protected at the transmission layer (SSL certificate). This ensures that personal data and login information entered on the site are encrypted on the user’s computer and can only be read on the target server. Personal data stored in the database is encrypted in such a way that only the operator with the key can read it, providing protection in case of database theft from the server. User passwords are stored in a hashed form, which cannot be reversed, aligning with modern standards for password storage.
The operator periodically changes administrative passwords. To protect data, the operator regularly backs up the data. An essential element of data protection is the regular updating of all software used by the operator for personal data processing, including regular updates of software components.
3. Hosting
The website is hosted on the servers of the operator: cyberFolks.pl. The hosting company logs information at the server level to ensure technical reliability. Logs may include:
- Resources identified by URL (addresses of requested resources – pages, files)
- Time of the request
- Time of sending the response
- The client station’s name – identified via the HTTP protocol
- Information about errors that occurred during the execution of the HTTP transaction
- The URL of the previously visited page (referrer link) if the transition to the website was made via a link
- Information about the user’s browser
- Information about the IP address
- Diagnostic information related to the self-ordering of services via website recorders
- Information related to the handling of email correspondence directed to or sent by the operator.
4. Your Rights and Additional Information on Data Usage
In some situations, the controller has the right to transfer your personal data to other recipients if necessary for the performance of a contract or to fulfill obligations imposed on the controller. This applies to such groups of recipients as:
- The hosting company, under a data processing agreement
- Couriers
- Postal operators
- Law firms and debt collectors
- Payment operators
- Public authorities
- Online chat service operators
- Authorized employees and associates who use the data to achieve the website’s objectives
- Companies providing marketing services on behalf of the controller
Your personal data is processed by the controller no longer than necessary for the activities related to them as specified by separate regulations (e.g., accounting regulations). For marketing data, processing will not exceed three years.
You have the right to request from the controller:
- Access to your personal data
- Correction
- Deletion
- Restriction of processing
- Data portability
You have the right to object to the processing of your personal data under point 3.2, including profiling, for the purposes of the controller’s legitimate interests, but the objection cannot be exercised if there are legitimate grounds for processing that override your interests, rights, and freedoms, particularly for establishing, pursuing, or defending claims.
You have the right to file a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00–193 Warsaw, Poland. Providing personal data is voluntary but necessary to operate the website. Automated decision-making, including profiling, may take place regarding you to provide services under the agreement and for direct marketing by the controller. Personal data is not transferred to third countries as defined in personal data protection regulations, meaning it is not sent outside the European Union.
5. Information in Forms
The website collects information voluntarily provided by the user, including personal data, if provided. The website may save information about connection parameters (timestamp, IP address). In some cases, the website may save information to help link data in a form to the user’s email address. In such cases, the user’s email address appears inside the URL of the page containing the form. Data provided in a form is processed for purposes resulting from the specific form’s function, e.g., for servicing a service request or business contact, registering services, etc. Each time, the context and description of the form clearly inform what it is used for.
6. Administrator Logs
User behavior information on the website may be subject to logging. This data is used to administer the website.
7. Important Marketing Techniques
The operator uses statistical traffic analysis on the website via Google Analytics (Google Inc. based in the USA). The operator does not provide personal data to the operator of this service, only anonymized information. The service relies on the use of cookies on the user’s end device. Regarding user preferences gathered by Google’s advertising network, the user can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/.
The operator uses remarketing techniques to tailor advertising messages to user behavior on the site, which may create the illusion that the user’s personal data is being used for tracking, but in practice, no personal data is transferred from the operator to advertisers. The technical condition for such actions is the enabled cookie support.
The operator uses the Facebook pixel. This technology ensures that Facebook (Facebook Inc., based in the USA) knows that a registered person is using the website. This is based on data for which Facebook is the controller; the operator does not provide any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.
The operator uses solutions that examine user behavior by creating heat maps and recording behavior on the site. This information is anonymized before it is sent to the service operator so that they do not know which physical person it concerns. In particular, passwords and other personal data entered are not subject to recording.
The operator uses solutions that automate the website’s operation concerning users, e.g., it may send an email to the user after visiting a specific subpage, provided that the user has consented to receive commercial correspondence from the operator.
8. Information About Cookies
The website uses cookies. Cookies are IT data, in particular text files, stored in the user’s end device and intended for using the website. Cookies typically contain the name of the website they come from, the time they are stored on the end device, and a unique number. The entity placing cookies on the user’s end device and accessing them is the website operator.
Cookies are used for the following purposes:
- Maintaining the user’s session (after logging in), so the user does not have to re-enter login and password on each subpage of the website.
- Implementing the purposes described above in the “Important Marketing Techniques” section.
The website uses two fundamental types of cookies: “session” (session cookies) and “persistent” (persistent cookies). Session cookies are temporary files stored on the user’s device until they log out, leave the website, or close the browser. Persistent cookies are stored on the user’s device for the time specified in the cookie parameters or until the user deletes them.
Web browsers typically allow cookies to be stored on the user’s end device by default. Users of the website can change their settings in this regard. The web browser allows the deletion of cookies. It is also possible to automatically block cookies. Detailed information on this topic is available in the help or documentation of the web browser.
Limiting the use of cookies may affect some functionalities available on the website.
Cookies placed on the user’s end device may also be used by entities cooperating with the website operator, particularly by companies: Google (Google Inc., based in the USA), Facebook (Facebook Inc., based in the USA), Twitter (Twitter Inc., based in the USA).
9. Managing Cookies – How to Express and Withdraw Consent in Practice
If the user does not want to receive cookies, they can change the browser settings. We reserve that disabling cookies essential for authentication processes, security, or maintaining user preferences may hinder, and in extreme cases may prevent, the use of websites.
To manage cookie settings, select the web browser you use from the list below and follow the instructions:
Mobile devices: