Privacy policy

---

This privacy policy outlines how we process information about you, including personal data and cookies.

---

1. General Information

1. This policy applies to the website operating at the URL: limesup.pl
2. The service operator and Personal Data Administrator is the company: Malwina Uzdejczyk Jankowce 109, 38-600 Lesko, NIP: 6881268928
3. Contact email address of the operator: limesup.info@gmail.com
4. The Operator is the Administrator of your personal data in relation to data voluntarily provided in the Service.
5. The Service uses personal data for the following purposes:
   • Newsletter operations
   • Comment system management
   • Classified ads system management
   • Inquiry form handling
   • Preparation, packing, and shipping of goods
   • Execution of ordered services
   • Debt collection
   • Presentation of offers or information
6. The Service obtains information about users and their behavior in the following ways:
   • Through data voluntarily entered into forms, which are then entered into the Operator’s systems.
   • Through the storage of cookie files on end devices.

2. Selected data protection methods used by the Operator

1. The places of logging in and entering personal data are protected at the transmission layer (SSL certificate). As a result, personal data and login information entered on the site are encrypted on the user’s computer and can only be read on the target server.
2. Personal data stored in the database is encrypted in such a way that only the Operator holding the key can read it. This ensures data protection in case the database is stolen from the server.
3. Users’ passwords are stored in a hashed form. The hashing function works in one direction – it is not possible to reverse its operation, which currently represents a modern standard in the storage of user passwords.
4. The Operator periodically changes its administrative passwords.
5. To protect data, the Operator regularly performs backups.
6. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which specifically means regular updates of software components.

3. Hosting

1. The Service is hosted (technically maintained) on the servers of the operator: cyberFolks.pl

4. Your rights and additional information on how the data is used

1. In certain situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to the following groups of recipients:
   • hosting company on the basis of entrustment
   • couriers
   • postal operators
   • insurers
   • legal offices and debt collectors
   • banks
   • payment operators
   • public authorities
   • comment system operators
   • authorized employees and collaborators, who use the data to achieve the purpose of the site
   • companies providing marketing services for the Administrator
2. Your personal data processed by the Administrator no longer than is necessary to perform the related activities specified by separate regulations (e.g., on accounting). In relation to marketing data, data will not be processed longer than 3 years.
3. You have the right to request from the Administrator:
   • access to personal data concerning you,
   • their rectification,
   • deletion,
   • processing restrictions,
   • and data portability.
4. You have the right to object in the scope of processing indicated in section 3.3 c) against the processing of personal data for the performance of legally justified interests pursued by the Administrator, including profiling, whereby the right of objection cannot be exercised if there are valid legally justified grounds for processing, overriding your interests, rights, and freedoms, in particular for establishing, pursuing, or defending claims.
5. Actions of the Administrator are subject to complaint to the President of the Personal Data Protection Office, Stawki Street 2, 00-193 Warsaw.
6. Providing personal data is voluntary, but necessary for the Service’s operation.
7. Actions may be taken in relation to you consisting of automated decision-making, including profiling, in order to provide services under the concluded contract and for the Administrator to conduct direct marketing.
8. Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.

5. Information in Forms

1. The Service collects information voluntarily provided by the user, including personal data, if they are provided.
2. The Service may save information about connection parameters (time stamp, IP address).
3. In some cases, the Service may save information facilitating the linking of data in the form with the email address of the user filling out the form. In such a case, the user’s email address appears inside the URL of the page containing the form.
4. Data provided in the form are processed for the function of the specific form, e.g., to process a service request or commercial contact, registration services, etc. Each time, the context and description of the form in a clear manner informs what it is for.

6. Administrator Logs

1. Information on users’ behavior in the service may be logged. This data is used to administer the service.

7. Essential Marketing Techniques

1. The Operator employs statistical analysis of website traffic through Google Analytics (Google Inc., based in the USA). The Operator does not transmit personal data to the service provider, only anonymized information. The service is based on the use of cookies on the user’s end device. Regarding information about the user’s preferences gathered by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
2. The Operator uses remarketing techniques, allowing for the adjustment of advertising messages to the user’s behavior on the site, which may give the illusion that the user’s personal data are used for tracking, however, in practice, no personal data is transferred from the Operator to the advertisers. The technical condition for such activities is the enabled support for cookies.
3. The Operator utilizes the Facebook pixel. This technology means that the Facebook service (Facebook Inc., based in the USA) knows that a person registered with it is using the Service. In this case, it is based on data for which it is the administrator itself; the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.
4. The Operator employs a solution that examines user behavior by creating heat maps and recording behavior on the site. These informations are anonymized before being sent to the service operator so that they do not know which physical person they relate to. Specifically, the recording does not include passwords or other personal data.
5. The Operator uses a solution that automates the Service’s operation in relation to users, e.g., it can send an email to a user after visiting a specific subpage, provided that they have consented to receive commercial correspondence from the Operator.
6. The Operator may use profiling in the sense of regulations on personal data protection.

8. Information about cookies

1. The Service uses cookies.
2. Cookies are IT data, particularly text files, which are stored in the Service User’s end device and are intended for the use of the Service’s websites. Cookies usually contain the name of the website they come from, the time of storage on the end device, and a unique number.
3. The entity placing cookies on the Service User’s end device and accessing them is the Service Operator.
4. Cookies are used for the following purposes:
   1. maintaining the Service user’s session (after logging in), thanks to which the user does not have to re-enter the login and password on every subpage of the Service;
   2. achieving the goals outlined above in “Essential Marketing Techniques”;
5. Within the Service, two main types of cookies are used: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User’s end device until logging out, leaving the website, or disabling the software (web browser). Persistent cookies are stored in the User’s end device for the time specified in the cookies’ parameters or until they are deleted by the User.
6. Web browsing software (web browser) usually by default allows storing cookies in the User’s end device. Service Users can change the settings in this area. The web browser allows deleting cookies. It is also possible to automatically block cookies Detailed information on this subject is contained in the help or the documentation of the web browser.
7. Limitations on the use of cookies can affect some functionalities available on the Service’s websites.
8. Cookies placed in the Service User’s end device may also be used by entities cooperating with the Service Operator, in particular, this applies to companies: Google (Google Inc., based in the USA), Facebook (Facebook Inc., based in the USA), Twitter (Twitter Inc., based in the USA).

9. Managing cookies – how to express and withdraw consent in practice?

1. If the user does not want to receive cookies, they can change the browser settings. We reserve that disabling the handling of cookies necessary for authentication processes, security, maintaining user preferences, might complicate, and in extreme cases, may prevent the use of websites.
2. To manage cookie settings, select from the list below the web browser you use and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera
3. Mobile devices:
   • Android
   • Safari (iOS)
   • Windows Phone

This policy template was generated free of charge, for informational purposes, based on our knowledge, industry practices, and legal regulations in force on 2018-08-14. We recommend checking the policy template before using it on your site. The template is based on the most commonly occurring situations on websites, but may not reflect the full and accurate specifics of your www site. Carefully read the generated document and, if necessary, adjust it to your situation or seek legal advice. We do not take responsibility for the consequences of using this document, as only you can influence whether all the information contained in it is true. Also, note that the Privacy Policy, even the best one, is only one of the elements of your care for personal data and user privacy on the www site.