Privacy Policy of the website www.exarto.com

 

1. The terms used in this Privacy Policy mean:
    

a)     Privacy Policy - this document along with all attachments and additions thereto, which clearly refer to it and constitute its integral part;

b)     GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC;

c)     Administrator - Exarto sp. z o.o. based  in Warsaw at 
ul. Świętokrzyska 32, office 156, 00-116 Warsaw, entered into the register of entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register, under the number KRS 0000555714, NIP: 5272735451, REGON: 361376487, being the administrator of Users' personal data within the meaning of the GDPR.

d)     Service - means the website located at  www.exarto.com  along with its subpages;

e)     Website functionalities - means the functionality offered by the Website, including enabling contact with the Administrator via the contact form;

f)      User - means a person using the Website;
 

2. This Privacy Policy sets out the principles of privacy and the processing of Users' personal data based on the GDPR, as well as national provisions on the protection of personal data.
 

The administrator complies with the principles set out in the GDPR, including, in particular, adequately securing personal data against unlawful access to personal data by third parties, in particular, encrypts personal data, archives personal data, assesses personal data security measures, ensures confidentiality, integrity , availability and resilience of processing systems and services.
 

4. The Company is the administrator of Users' personal data.
 

5. The Administrator can be contacted in the following way: electronically to the e-mail address: rodo@exarto.com or in writing to the following address: ul. Świętokrzyska 32, office 156, 00-116 Warsaw.
 

6. Providing personal data is voluntary, but refusal to provide it will make it impossible to receive a reply to the inquiry sent.

​

7.   The Administrator collects and processes Users' personal data in the following scope:
 

a)   data related to the contact form, such as: name, surname, e-mail address, job title, company data, telephone number;

b)   data on the use of the Website, in particular IP address, location data, data about the User's device from which it connects to the Website;

c)   data on the use of the Website stored in the so-called cookie files, such as the history of clicks, navigation or browsing, data on preferences or behaviors while browsing the Website;

d)   other data related to the Users' use of the Website's functionalities.  
 

8. Personal data is processed by the Administrator for the following purposes:

a)   performance of the contract to which the data subject is a party, or to take action at the request of the data subject, before concluding the contract, in particular preparing an offer regarding the services provided by the Administrator and enabling the use of the Website's functionalities (legal basis: Article 6 section 1 letter b of the GDPR);

b)   responding to received messages and inquiries, including those submitted via the contact form available on the Website (legal basis: Article 6 (1) (f) of the GDPR);

c)   fulfillment of the obligations incumbent on the Administrator under the law (legal basis: Article 6 (1) (c) of the GDPR), in particular for accounting and billing purposes;

d)   implementation of the legitimate interests of the Administrator, in particular for archival, evidence, statistical and reporting purposes, in order to pursue claims or defend against them (legal basis: Article 6 (1) (f) of the GDPR);

e)   to promote the Administrator's services, i.e. for direct marketing purposes (legal basis: Article 6 (1) (f) of the GDPR);

f)     in other cases, the data will be processed only on the basis of the prior consent, to the extent and for the purpose expressed therein (legal basis: Article 6 (1) (a) of the GDPR. If Users agree to receive marketing messages by e-mail and telephone number, the legal basis will also be Art. 10 of the Act of July 18, 2002 on the provision of electronic services and art. 172 of the Act of July 16, 2004 - Telecommunications Law.  

 

9.   The administrator will process personal data for the period necessary to achieve the purposes for which they were collected, i.e .:
 

a)   in the scope of fulfilling the legal obligation incumbent on the Administrator for the period and to the extent required by law;

b)   in the event that personal data will be processed for the purposes of the performance of the contract, they will be processed for the time necessary for its performance and demonstrating the correctness of its implementation, i.e. for the period of limitation of claims or the period of limitation of tax liabilities;

c)   in the event that personal data will be processed in order to implement the legitimate interests of the Administrator, referred to above, for the period until these interests are realized or object to such processing;

d)   in the event that personal data will be processed on the basis of consent - until such consent is withdrawn. To the extent that the data are processed on the basis of a separate consent of the Users, they have the right to withdraw their consent at any time. However, this will not affect the lawfulness of data processing that was carried out before its withdrawal.
 

10.  Personal data may be made available by the Administrator to the following categories of recipients:
 

a)   authorized employees and associates of the Administrator;

b)   service providers supplying the Administrator with technical and organizational solutions enabling the provision of services (in particular courier and postal companies, entities providing IT services - including entities providing hosting services, marketing entities, entities supporting accounting processes, providers of legal and advisory services and their authorized employees and associates);

c)   entities performing data analytics in order to personalize advertisements, develop remarketing campaigns and being separate administrators in this regard;

d)   entities providing tools for the analysis, optimization and efficient operation of the Administrator's services, being separate administrators in this respect;

e)   public authorities, as long as they are authorized to do so by applicable law (upon presentation of a relevant request by the authorities concerned).
 

11.  The administrator will not transfer or permit the transfer of personal data outside the EEA, unless he takes the necessary measures to ensure that the transfer is in accordance with the GDPR. These measures may include, in particular, the transfer of personal data to a recipient in a country that, pursuant to a decision of the European Commission, ensures adequate protection of personal data.
 

12. The data subject has the right to access his / her data, the possibility of correcting, rectifying, deleting or limiting processing, the right to transfer data and object to data processing. In addition, he has the right to withdraw consent to their processing at any time. Withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal. In addition, if the data subject believes that the Administrator is processing his data unlawfully, he may submit a complaint in this matter to the President of the Personal Data Protection Office or another competent supervisory authority.
 

13. The website has not been designed for children under 16 (say: sixteen) years of age, nor is it addressed to children.
 

14. In connection with the use of a web browser, i.e. software for browsing websites, the Website automatically collects information contained in cookies referred to in this Privacy Policy.  
 

15. Cookie files (so-called "cookies") include IT data, in particular text files, which are stored in the User's end device, intended for the use of the Website's pages. Cookies contain, among others the name of the website they come from, the storage time on the end device and a unique number. Cookies are harmless to the computer as well as to its User and his data.
 

16. The Website uses two basic types of cookies:
 

a)   session cookies - temporary files that are stored on the User's end device until logging out, leaving the Website or turning off the software (appropriate web browser);

b)   persistent cookies - files stored on the User's end device for the time specified in the cookie file parameters or until they are deleted by the User.
 

17. The Website uses the following types of cookies:  
 

a)   necessary cookies to enable basic functions to work, such as security, identity verification and network management;

b)   marketing cookies used to track the effectiveness of advertisements in order to provide more tailored services and display advertisements better suited to the interests of Users;

c)   functional cookies that collect data in order to remember the individual choices of Users and provide them with a better and more personalized experience;

d)   analytical cookies that help the Administrator understand how Users interact with the Website, they also help detect errors and provide better overall statistics.
 

18. Cookies placed on the User's end device may be installed and used by the Administrator and third parties for purposes related to displaying advertisements tailored to the manner in which the User uses the Website. For this purpose, they may keep information about the User's navigation path or the time of staying on a given page. In terms of information about the User's preferences collected by the Google advertising network, the User may view and edit information resulting from cookies using the tool:  https://adssettings.google.com/authenticated?hl=pl .  
 

19. Users can change cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about their every entry in the User's device. Detailed information on the possibilities and methods of handling cookies is available in the settings of the software (web browser) used by the User.
 

20. Information on the management of cookies in individual browsers can be found on the pages dedicated to individual browsers:
 

a)   Firefox:  http://support.mozilla.org/pl/kb/ciasteczka ;

b)   Internet Explorer:  http://support.microsoft.com/kb/196955/pl ,

c)   Chrome:  http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647 ,

d)   Opera:  http://help.opera.com/Linux/12.10/pl/cookies.html ,

e)   Safari: http://support.apple.com/kb/HT1677?viewlocale=pl_PL&locale=pl_PL.
 

21. The Administrator reserves that restricting the use of cookies may affect some of the functionalities available on the Website, and in extreme cases may prevent the use of the Website.

​