This Privacy Policy aims to maintain data confidentiality and respect the right to privacy of persons whose personal data is processed.
1. Definitions
1.1. User – means a natural person to whom the personal data processed by the Controller relates.
1.2. Personal data – means any information relating to an identified or identifiable individual, in particular on the basis of an identifier such as a name, identification number, location data, online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.3. GDPR – means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
2. Personal Data Administrator
Who manages your personal data?
2.1. The administrator of your personal data is Cooling spółka z ograniczoną odpowiedzialnością (formerly: COOLING.PL Zdziech spółka jawna) with its registered office in Sokołów (05-806), ul. Sokołowska 24, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division of the National Court Register, under KRS number: 0000970871, with share capital of PLN 500,000. Warsaw in Warsaw, 14th Commercial Division of the National Court Register under KRS number: 0000970871, with share capital of PLN 500,000, NIP number: 5223020887, REGON number: 3601744970 (hereinafter referred to as: ‘Administrator’). The Administrator can be contacted via e-mail: cookies@cooling.pl and by traditional mail, addressing correspondence to: Cooling sp. z o.o., ul. Sokołowska 24, 05-806 Sokołów.
2.2. The Administrator ensures that your Personal Data is:
2.2.1. processed lawfully, fairly and transparently;
2.2.2. collected for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes;
2.2.3. factually correct and adequate in relation to the purposes for which they are processed;
2.2.4. stored in a form that allows identification of the persons to whom they relate, for no longer than is necessary to achieve the purpose of processing;
2.2.5. processed in a manner that ensures adequate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
3. Purposes of Personal Data processing and legal basis for processing
For what purpose and on what legal basis does the Controller process your Personal Data?
3.1. The Administrator provides the possibility to contact him using electronic contact forms on the Administrator’s websites. The use of the forms requires the provision of Personal Data necessary to contact the User and respond to the enquiry. The User may also provide other data to facilitate contact or handling of the enquiry. Providing data marked as mandatory is required in order to accept and handle the enquiry, and failure to provide such data will result in the inability to handle the enquiry. Providing other data is voluntary. The Personal Data provided is processed for the purpose of identifying the sender and handling their enquiry sent via the form provided – the legal basis for processing is the necessity of processing for the performance of a service contract (Article 6(1)(b) of the GDPR); with regard to optional data, the legal basis for processing is consent (Article 6(1)(a) of the GDPR).
3.2. In the case of correspondence sent to the Administrator via e-mail or traditional mail unrelated to the services provided to the sender or other agreement concluded with them, the personal data contained in this correspondence is processed solely for the purpose of communication and resolution of the matter to which the correspondence relates. The legal basis for processing is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR) consisting in conducting correspondence addressed to him in connection with his business activity.
3.3. When contacting the Administrator by telephone in matters unrelated to the concluded contract or services provided, the Administrator may request Personal Data only if it is necessary to handle the matter to which the contact relates. The legal basis in such a case is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR) consisting in the need to resolve the reported matter related to his business activity.
3.4. The Administrator has public profiles on social media platforms such as YouTube, Facebook, Instagram, Messenger, Twitter, TikTok, LinkedIn, and Twitch. In connection with this, it processes data left by visitors to these profiles (including comments, likes, and online identifiers). Personal data is processed in order to enable activity on the profiles for the purpose of effective profile management, by presenting portal users with information about the Administrator’s initiatives and other activities, and in connection with the promotion of various types of events, services and products, as well as for statistical and analytical purposes. The legal basis for the processing of personal data is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in: promoting its own brand and improving the quality of services provided, if necessary – pursuing claims
and defending against claims. The above information does not apply to the processing of personal data by the controllers of the websites listed above.
3.5. In each case where we ask for your consent to process your personal data, providing this data is voluntary but necessary in order to perform a given activity. Your consent may be withdrawn at any time, but this will not affect the lawfulness of the processing we perform before its withdrawal.
4. Recipients of Personal Data
To whom may the Administrator disclose your Personal Data?
4.1. Your Personal Data may be transferred to other entities cooperating with the Administrator, including:
4.1.1. the entity providing website hosting;
4.1.2. companies providing IT infrastructure support and management (e.g. information technology providers, cloud software providers, as well as entities providing identity management, hosting and website management, data analysis, backup, security, etc. services);
4.1.3. consulting companies in the field of personal data protection;
4.1.4. YouTube, Facebook, Instagram, Messenger, Twitter, TikTok, LinkedIn, Twitch;
4.1.5. on the basis of a relevant legal provision or decision of a competent authority, we will also have to disclose your personal data to other entities, including authorised state authorities.
4.2. Your personal data may be transferred outside the European Union, but only for the purpose of providing the highest quality services and only on the basis of an appropriate agreement between the Controller and that entity, containing standard data protection clauses adopted by the European Commission. The Controller may also store personal data in a location that is subject to a jurisdiction other than the place of residence or registered office of a specific User. Data may only be transferred to a third country if the conditions for ensuring an adequate level of protection of personal data, as guaranteed in the GDPR, are met.
5. Period of storage of Personal Data
How long will your personal data be stored?
5.1. The period of processing of Personal Data by the Controller depends on the type of service provided and the purpose of processing. The period of processing of Personal Data may also result from regulations, when they constitute the basis for processing.
In the case of processing of Personal Data on the basis of the Administrator’s legitimate interest, it is processed for a period enabling the pursuit of that interest or until an effective objection to the processing of data is lodged. If the processing is based on consent, Personal Data is processed until such consent is withdrawn. When the basis for processing is the necessity to conclude and perform a contract, Personal Data is processed until the contract is terminated.
6. Your rights
What rights do you have in relation to the processing of Personal Data by the Controller?
6.1. Right to request access to Personal Data from the Controller:
you have the right to request information from the Controller at any time about whether and which of your personal data we store. The information we will provide you with includes
in particular, the purposes of processing, the scope of Personal Data held, information about recipients or categories of recipients to whom personal data has been or will be disclosed, in particular recipients in third countries or international organisations, and, where possible, the planned period of storage of personal data, and where this is not possible, the criteria for determining this period.
6.2. Right to request the Controller to rectify Personal Data: you have the right to request the Controller to immediately rectify your Personal Data that is incorrect. Taking into account the purposes of processing, you have the right to request the completion of incomplete Personal Data, including by providing an additional statement.
6.3. Right to request the Controller to delete Personal Data: you have the right to request the Controller to immediately delete your Personal Data if:
6.3.1. your Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed;
6.3.2. consent to the processing of Personal Data has been withdrawn and there is no other legal basis for processing;
6.3.3. an objection to the processing of Personal Data has been lodged and there are no overriding legitimate grounds for processing;
6.3.4. your Personal Data has been processed unlawfully;
6.3.5. your Personal Data must be erased in order to comply with
a legal obligation under Union law or the law of a Member State to which the Controller is subject.
6.4. Right to request the Controller to restrict the processing of Personal Data: you have the right to request the Controller to restrict the processing if:
6.4.1. you contest the accuracy of the Personal Data – for a period enabling the Controller to verify the accuracy of the data;
6.4.2. the processing is unlawful and you oppose the erasure of the Personal Data, requesting instead that its use be restricted;
6.4.3. the Controller no longer needs your Personal Data for processing purposes, but you need it to establish, pursue or defend claims;
6.4.4. an objection to the processing of Personal Data has been lodged – until it is determined whether the processing is lawful;
6.5. Right to object to the processing of Personal Data: you have the right to object to the processing of your Personal Data at any time. The controller may no longer process that personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
6.6. Right to transfer Personal Data: you have the right to receive
your Personal Data, which has been provided to the Controller, in a commonly used machine-readable format, and you have the right to transmit that Personal Data to another controller without hindrance from the Controller, where the processing is based on consent or on a contract and the processing is carried out by automated means. You also have the right to request that your Personal Data be transmitted directly from the Controller to another controller, where technically feasible.
6.7. Right to withdraw consent to the processing of Personal Data: you have the right to withdraw your consent to the processing of your Personal Data at any time without affecting the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.
6.8. Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence.
7. Social media
7.1. The website uses social media in the form of Facebook, Instagram and YouTube to provide information about the Administrator’s activities. By clicking on the link to these social media platforms (marked with a logo or name) on the website, the User can connect the content of the website with their profile on a given platform and assign their visit to the website to their profile on that platform. For more information on this subject, see:
7.1.1. Facebook – click here;
7.1.2. YouTube – click here;
7.1.3. Instagram – click here.
8. Cookies
8.1. When you use our website, small files (in particular text files) containing information necessary for the proper use of the website, known as cookies, are stored on your end device (computer, smartphone, tablet, etc.).
Cookies enable us to collect statistical data about the website, which allows us to develop the website. Cookies enable us to collect statistical data about the website, which allows us to develop the website. The legal basis for collecting data read from cookies is Article 6(1)(a) of the GDPR, i.e. your consent.
8.2. Cookies do not contain any data that identifies you, and cannot be used to determine anyone’s identity. These files are in no way harmful to your device and do not change its settings or the settings of the software installed on it. The contents of these files can only be read by the server that created them.
8.3. When you use the website, we use two types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on your device until you close your browser. Persistent cookies are stored on your device for a period specified in the parameters of these files or until you delete them.
9. Personal data processed during visits to the website
9.1. Your personal data during visits to the website is processed in order to adapt the content of the website to the user’s preferences, improve the quality of browsing, evaluate the use of the website, and improve the website.
9.2. Depending on the purpose and legal basis, we process the following personal data:
9.2.1. e-mail address;
9.2.2. first and last name;
9.2.3. IP address;
9.2.4. browser type and version;
9.2.5. operating system;
9.2.6. date and time of your visit;
9.2.7. URL address;
9.2.8. type of device used to access the URL website;
9.2.9. browser settings.
9.3. The Administrator uses Google Analytics and HotJar tools. Personal data may also be used in advertising tools such as: Google Ads advertising system, Facebook Ads (Facebook, Instagram, Messenger, Facebook partner networks) and to promote the website on YouTube, Facebook, Instagram, Messenger, Twitter, TikTok, LinkedIn, and Twitch.
9.4. The legal basis for processing in the above-mentioned scope is Article 6(1)(f) of the GDPR, i.e. the legitimate interest pursued by the Administrator or by a third party.
10. Cookies used
10.1. We use the following cookies:
10.1.1. cookies necessary for the website to function – these cookies enable the website to function properly and allow you to navigate the website. Without them being stored on your device, it is impossible to use the website. The website uses cookies to tailor the content of the website to the individual preferences of the user, to prepare statistics that help to understand the preferences and behaviour of users, and to assess the popularity of the website and the possibility of undertaking marketing activities. The analysis of statistics is anonymous.
10.1.2. Statistical files – these enable us to collect statistical information about how the website is used.
10.1.3. Functional files – these files enable your settings and preferences to be remembered.
11. Refusal to accept cookies
11.1. Most browsers allow cookies by default. If you do not agree to these files being stored on your device, you must change your web browser settings accordingly. The change may consist of not storing cookies on your device or informing you each time a file is stored on your device. You can also delete files from your device each time you visit the website. Please note, however, that restrictions on the use of cookies may hinder or prevent the use of the website. Your device’s browser settings allowing files to be saved mean that you consent to these files being saved on your device.
12. Update
12.1. The Administrator reserves the right to change this Privacy Policy, in particular in the event of changes in the technology used to process Personal Data, as well as in the event of changes in the methods, purposes or legal basis for the processing of Personal Data.
12.2. The Administrator undertakes to regularly review this Privacy Policy and amend it when necessary or desirable due to: new legal regulations, new guidelines from authorities responsible for supervising personal data protection processes, best practices in the field of personal data protection. The change will take place
