Privacy policy

The following Privacy Policy establishes the principles of storing and accessing data on Users’ Devices using the Service for the purpose of providing electronic services by the Administrator, and the principles of collecting and processing Users’ personal data, which were provided by them personally and voluntarily through the tools available in the Service.

This Privacy Policy is an integral part of the Service Regulations, which defines the rules, rights, and obligations of Users using the Service.

§1 Definitions

• Service – the “ALBUD” internet service operating at https://www.albud.net.pl/
• External Service – internet services of partners, service providers, or service recipients cooperating with the Administrator
• Service / Data Administrator – The Administrator of the Service and the Data Administrator (hereafter referred to as the Administrator) is “ALBUD sp. z o.o.”, operating at: Raciborowice Górne 11 59-720 Raciborowice, with the tax identification number (NIP): 6121872707, providing electronic services via the Service
• User – a natural person for whom the Administrator provides electronic services via the Service.
• Device – an electronic device along with software, through which the User accesses the Service

§2 Data Protection Officer

Based on Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.

For matters related to data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

• Internal Cookies – files placed and read from the User’s Device by the Service’s information technology system
• External Cookies – files placed and read from the User’s Device by the information technology systems of External Services. Scripts of External Services, which may place Cookies on the User’s Device, have been consciously included in the Service through scripts and services provided and installed in the Service
• Session Cookies – files placed and read from the User’s Device by the Service or External Services during a single session of the Device. After the session ends, the files are deleted from the User’s Device.
• Persistent Cookies – files placed and read from the User’s Device by the Service or External Services until they are manually deleted. Files are not automatically deleted after the Device session ends unless the User’s Device configuration is set to delete Cookie files after the Device session ends.

§4 Data Storage Security

• Mechanisms for Storing and Reading Cookie Files – The mechanisms for storing, reading, and exchanging data between Cookies stored on the User’s Device and the Service are implemented through built-in internet browser mechanisms and do not allow for downloading other data from the User’s Device or data from other websites visited by the User, including personal data or confidential information. The transfer of viruses, Trojan horses, and other worms to the User’s Device is also practically impossible.
• Internal Cookies – Cookies applied by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that could threaten the security of personal data or the security of the Device used by the User.
• External Cookies – The Administrator takes all possible actions to verify and select service partners in the context of Users’ security. The Administrator chooses well-known, large partners with global social trust for cooperation. However, the Administrator does not have full control over the content of Cookies from external partners. The Administrator is not responsible for the safety of Cookies, their content, and the use in accordance with the license by the Scripts installed in the service, originating from External Services, as far as the law allows. The list of partners is included in the further part of the Privacy Policy.
• Cookie Control
  • The User can at any time independently change settings regarding the saving, deleting, and access to data stored in Cookies by each website
  • Information on how to disable Cookies in the most popular computer browsers is available on the page: how to disable cookies or from one of the indicated providers:
    • Managing cookies in the Chrome browser
    • Managing cookies in the Opera browser
    • Managing cookies in the FireFox browser
    • Managing cookies in the Edge browser
    • Managing cookies in the Safari browser
    • Managing cookies in the Internet Explorer 11 browser
  • The User can at any time delete all Cookies saved so far using the tools of the User’s Device, through which the User uses the services of the Service.
• User-Side Risks – The Administrator applies all possible technical means to ensure the security of data placed in Cookie files. However, it should be noted that ensuring the security of these data depends on both parties, including the User’s activities. The Administrator is not responsible for intercepting these data, impersonating the User’s session, or their deletion, as a result of the User’s conscious or unconscious activities, viruses, Trojan horses, and other spyware that may have or had infected the User’s Device. Users should follow the rules of using the internet to protect themselves against these threats.
• Storing Personal Data – The Administrator ensures that all efforts are made to ensure that processed personal data voluntarily entered by Users are secure, access to them is limited and carried out in accordance with their purpose and processing objectives. The Administrator also ensures that all efforts are made to protect the owned data from loss, using appropriate physical and organizational security measures.

§5 Purposes for which Cookies are Used

• Improving and facilitating access to the Service
• Personalizing the Service for Users
• Providing multimedia services

§6 Purposes of Processing Personal Data

Personal data voluntarily provided by Users are processed for one of the following purposes:

• Implementation of electronic services:
• Communication of the Administrator with Users regarding matters related to the Service and data protection
• Ensuring the legally justified interest of the Administrator

Data about Users collected anonymously and automatically are processed for one of the following purposes:

• Ensuring the legally justified interest of the Administrator

§7 Cookies of External Services

The Administrator in the Service uses JavaScript scripts and web components of partners who may place their own cookies on the User’s Device. Remember that in your browser settings, you can decide for yourself about the allowed cookies that can be used by individual websites. Below is a list of partners or their services implemented in the Service, which may place cookies:

• Multimedia services:

Services provided by third parties are beyond the control of the Administrator. These entities may change their service terms, privacy policies, data processing purposes, and methods of using cookies at any time.

§8 Types of Collected Data

The Service collects data about Users. Some data is collected automatically and anonymously, and some data are personal data voluntarily provided by Users when signing up for various services offered by the Service.

Some data (without identifying information) may be stored in cookies. Some data (without identifying information) may be transferred to a statistical service provider.

§9 Access to Personal Data by Third Parties

As a rule, the only recipient of personal data provided by Users is the Administrator. Data collected as part of the services provided are not transferred or sold to third parties.

Access to data (most often based on a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for running the service, such as:

§10 Method of Processing Personal Data

Personal data voluntarily provided by Users:

• Personal data will not be transferred outside the European Union unless they have been published as a result of an individual action by the User (e.g., entering a comment or post), making the data available to anyone visiting the site.
• Personal data will not be used for automated decision-making (profiling).
• Personal data will not be sold to third parties.

Anonymous data (without personal data) collected automatically:

• Anonymous data (without personal data) may be transferred outside the European Union.
• Anonymous data (without personal data) will not be used for automated decision-making (profiling).
• Anonymous data (without personal data) will not be sold to third parties.

§11 Legal Basis for Processing Personal Data

The Service collects and processes Users’ data based on:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Art. 6(1)(a) – the data subject has consented to the processing of his or her personal data for one or more specific purposes
  • Art. 6(1)(b) – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  • Art. 6(1)(f) – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
• The Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
• The Act of 16 July 2004 – Telecommunications Law (Journal of Laws 2004 No. 171, item 1800)
• The Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)

§12 Duration of Personal Data Processing

Personal data voluntarily provided by Users:

As a rule, the indicated personal data are stored only for the duration of the Service provided by the Administrator within the Service. They are deleted or anonymized within 30 days from the end of the provision of services (e.g., deletion of a registered user account, unsubscribing from the newsletter, etc.)

An exception is a situation that requires securing legally justified purposes of further processing of these data by the Administrator. In such a case, the Administrator will store the indicated data, from the time of their deletion request by the User, no longer than for a period of 3 years in case of violation or suspicion of violation of the service regulations by the User

Anonymous data (without personal data) collected automatically:

Anonymous statistical data, not constituting personal data, are stored by the Administrator for the purpose of conducting service statistics for an indefinite period

§13 Users’ Rights Related to the Processing of Personal Data

The Service collects and processes Users’ data based on:

• Right of access to personal data
  Users have the right to access their personal data, implemented upon request submitted to the Administrator
• Right to rectification of personal data
  Users have the right to request the Administrator to promptly rectify incorrect personal data or complete incomplete personal data, implemented upon request submitted to the Administrator
• Right to erasure of personal data
  Users have the right to request the Administrator to promptly erase personal data, implemented upon request submitted to the Administrator. In the case of user accounts, the deletion of data involves the anonymization of data enabling the identification of the User. The Administrator reserves the right to suspend the implementation of the data deletion request to protect the legally justified interest of the Administrator (e.g., when the User has committed a violation of the Regulations or the data were obtained as a result of conducted correspondence).
  In the case of the newsletter service, the User has the option to independently delete their personal data using the link provided in each sent email.
• Right to restriction of processing of personal data
  Users have the right to restrict the processing of personal data in cases indicated in Art. 18 of the GDPR, including questioning the accuracy of personal data, implemented upon request submitted to the Administrator
• Right to data portability
  Users have the right to obtain from the Administrator personal data concerning the User in a structured, commonly used and machine-readable format, implemented upon request submitted to the Administrator
• Right to object to the processing of personal data
  Users have the right to object to the processing of their personal data in cases specified in Art. 21 of the GDPR, implemented upon request submitted to the Administrator
• Right to lodge a complaint
  Users have the right to lodge a complaint with the supervisory authority dealing with the protection of personal data.

§14 Contacting the Administrator

Contact the Administrator in one of the following ways:

• Postal address – ALBUD sp. z o.o., Raciborowice Górne 11 59-720 Raciborowice
• Email address – albud@albud.net.pl
• Telephone connection – +48 75 73 89 703; +48 75 73 89 203
• Contact form – available at: /contact

§15 Service Requirements

• Limiting the storage and access to Cookies on the User’s Device may cause some functions of the Service to work improperly.
• The Administrator is not responsible for improperly functioning features of the Service in case the User restricts in any way the ability to store and read Cookie files.

§16 External Links

In the Service – articles, posts, entries, or comments by Users, there may be links to external websites with which the Service owner does not cooperate. These links and the pages or files indicated under them may be dangerous for your Device or pose a threat to the security of your data. The Administrator is not responsible for the content located outside the Service.

§17 Changes to the Privacy Policy

• The Administrator reserves the right to make any changes to this Privacy Policy without the need to inform Users about it in terms of the use and exploitation of anonymous data or the use of Cookies.
• The Administrator reserves the right to make any changes to this Privacy Policy in terms of processing Personal Data, about which it will inform Users with user accounts or subscribed to the newsletter service, via email within 7 days of the change of provisions. Continued use of the services means familiarization and acceptance of the introduced changes to the Privacy Policy. In the case where the User does not agree with the introduced changes, they are obliged to delete their account from the Service or unsubscribe from the newsletter service.
• The introduced changes to the Privacy Policy will be published on this subpage of the Service.
• The introduced changes come into effect at the moment of their publication.