- User – an individual, legal entity or organizational unit without a legal entity that uses the services provided in electronic form using the websites specified in this paragraph. 2;
- Personal data – all information about an identified individual or one that can be identified.
- Operator, administrator of personal data – Transfer24 Sp. z o.o., address: ul. Sienkiewicza 11, 25-350 Kielce, NIP 657-277-22-50, REGON 260204830, the company is registered in Kielce District Court, X Economic Department of the National Judicial register with the number KRS 0000311111. Authorized capital PLN 240,000, fully paid;
- Service – internet services are hosted in the following Internet domains:
each of which is separately defined as the “Service”.
2. General information
- 1.The service operator is Transfer24 Sp. z o.o., address: ul. Sienkiewicza 11, 25-350 Kielce, NIP 657-277-22-50, REGON 260204830, the company is registered in Kielce District Court, X Economic Department of the National Judicial register with the number KRS 0000311111. Authorized capital PLN 240,000, fully paid;
- The operator can get information about users and their behavior in the following way:
- through information and data voluntarily entered into the forms of the website;
- storing cookies in terminal devices (so-called “cookies”).
- by collecting web server logs.
- The operator makes every effort to provide users of the service with the protection of their privacy and applies a policy to minimize actions that lead to the provision of user data or transfer to third parties the processing of such data. The operator has implemented and applied the rules and procedures for the protection of users’ personal data, which is required by the Regulation 2016/679 of the European Parliament and Council (EU) d.d. 27 April 2016 on the protection of individuals regarding the processing of personal data and the free flow of such data, as well as the repeal of Directive 95/46/EC (hereinafter referred to as “RODO”).
- The operator has appointed a Data Protection Supervisor. Interested parties can contact the inspector for all questions related to the processing of personal data by the operator by e-mail firstname.lastname@example.org; or in writing to the operator’s address: ul. Sienkiewicza 11; 25-350 Kielce.
3. Website forms
- The operator, using the forms, collects and processes only information and personal data provided by the user voluntarily.
- The website can also store information about connection parameters (timestamp, IP address).
- The data provided in the form is processed for purposes arising from the function of a particular form.
- user data (including personal data) provided in the registration form and account activation on Transfer24 website is processed by the Operator as a Personal data administrator in order to conclude a User Agreement and perform Services in accordance with the rules of this Site;
- user data (including personal data) provided in the registration form and account activation onTransfer24 website may also be processed for marketing purposes (including direct) of the Operator’s services-with prior, separate and voluntary consent.
- user data (including personal data) provided in the contact form on Transfer24 website is processed by the Operator as a Personal data administrator in order to answer questions and conduct correspondence.
- The Data provided in the forms may be provided to entities that technically perform certain services, in particular, this applies to the provision of information to payment services or other organizations with which the service Operator cooperates in this regard.
- When filling out the forms available on the site, the user data (especially used when logging in and initiating a transfer) is protected from theft or interception by encryption using an SSL certificate. The entire process from logging in to logging out of your account is encrypted (end-to-end data protection).
4. Server logs
- Information about some user behavior should be recorded at the server level. This data is used to administer the service and ensure the most efficient delivery of services.
- Visited resources are identified by their URLs. In addition, the following data can be registered:
- question time.
- response time.
- name of the client station – in case of identification implemented by the HTTP protocol,
- information about errors in the implementation of transactions – in the case of implementation by the HTTP protocol,
- URL-address of the page that the user previously visited (referrer link) – if the page was logged in via a link,
- information about the user’s browser,
- information about the IP address.
- The data specified in paragraph 2 above may be related to specific users of the service.
5. Newsletter and contact with users via email, including direct marketing of the operator
- An order from the operator of electronic and free messages with marketing content (including a newsletter) does not require filling out a separate form. In order to send newsletters and other forms of e-marketing, the operator processes the following personal data: first and last name, email address. An email address is required to be able to send the text to the reader. First and last names allow referring to the user in a personalized way.
- Newsletters contain information about the Operator’s services and Services (for example, promotions, new offers, partner promotions, lotteries, and user contests), non-commercial lists (for example, greetings, personal comments, etc.), and other marketing information about the services provided by the Service.
- Consent to email marketing is always voluntary. The Operator never makes the user’s registration or activation of an account in the Service depend on consent to direct marketing to the email address provided by the User.
- Expressing consent to receive newsletters is equivalent to giving consent to such content:
Acting as an end-user in the meaning of the article. 172 cl. 1 of the law d.d. July 16, 2004 Telecommunications Act (Journal of Laws 2016, article 1489 as amended) I agree for the Operator (Transfer24 Sp. Z. oo based in Kielce) to carry out direct marketing by means of telecommunication devices by sending to the e-mail address provided by me marketing and commercial information which also orders commercial information specified in Article 10 of the Law d.d. 18 July 2002. On the provision of electronic services (consolidated text: Journal of Laws d.d. 2016, paragraph 1030 as amended).
- The user may at any time withdraw its consent to email marketing to the submitted email address, which also means a refusal for the operator to process its personal data for the marketing purposes specified in the article. 21 cl. 2 of the GDPR. Withdrawing consent to receive messages that constitute email marketing (expressing objections to data processing for direct marketing purposes) does not restrict or exclude other services of the Operator.
- Withdrawal of consent to receive electronic messages by e-mail with marketing content is carried out by selecting the appropriate field in the content of each such message. Regardless of the method specified in the previous statement, the user can submit an application to the operator at any time to refuse to process its personal data for direct marketing purposes, which for the operator will be equivalent to withdrawing consent to direct marketing. The application can be submitted in any form, but the operator recommends sending it by e-mail to the following email address: email@example.com
6. User’s phone number and phone marketing by the specified phone number
- The phone numbers provided by users are used to provide the ordered services, in particular, to check and confirm orders and provide the user with information about order fulfillment. In this case, the operator performs both voice calls and sends SMS/MMS messages.
- The user can allow the Operator to inform about new services, offers, advertising campaigns, initiate phone calls, or send SMS/MMS messages to the specified phone number. The operator reserves the right to use such information for direct marketing of goods and services.
- Giving consent to receive information and suggestions at the specified phone number is equivalent to agreeing to the following text:
Acting as an end-user in the meaning of the article. 172 cl. 1 of the law d.d. July 16, 2004 Telecommunications Act (Journal of Laws 2016, article 1489 as amended) I agree for the Operator (Transfer24 Sp. Z. oo based in Kielce) to carry out direct marketing by means of telecommunication devices by sending to the e-mail address provided by me marketing and commercial information which also orders commercial information specified in Article 10 of the Law d.d. 18 July 2002. On the provision of electronic services (for example, Journal of laws d.d. 2016, paragraph 1030 as amended).
- The user can cancel its consent to use the phone number provided to the Operator for direct marketing free of charge and at any time.
7. Rules for processing and protecting user data
- Operators process user data, in particular personal data, for the purpose for which they were collected, are subject to adequate protection, and become available to third parties only within the limits permitted by law.
- The Administrator of users’ personal data is the Operator.
- The operator processes users’ personal data in accordance with the regulation of the European Parliament and of the Council (EU) 2016/679 d.d. 27 April 2016 on the protection of individuals regarding the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC and relevant national legislation, using appropriate technical and organizational measures to ensure a degree of data protection corresponding to the risks of violations of the rights and freedoms of data subjects.
- The operator, in the course of all actions related to the processing of the user’s personal data, ensures that personal data are:
- processed in accordance with the law, fairly and transparently for the data subject;
- adequate, appropriate and limited to what is necessary for the purposes of the processing;
- correct and updated when needed;
- were stored for a period that allows identification of the person no more than is necessary for the purposes of the processing;
- processed in a way that ensures appropriate safety.
- The operator grants all users of the service the right to:
- access to their data and obtain a copy thereof;
- refutation (correction) of their data;
- data deletion, restriction of data processing;
- prohibition of personal data processing;
- data transfer.
- Each user of the site has the right to file a complaint with the Supervisory Authority regarding data processing operations performed by the Operator.
- Only persons who have the Operator’s clear written permission may have access to personal data.
- The Operator informs that access to personal data may also be obtained by the authorized state bodies within the competence defined by the relevant regulatory acts, in particular by judicial bodies (including the police, prosecutor’s office, courts).
- The Operator may also be obliged to provide the information collected by the service to other entities authorized on the basis of legitimate requests and to the extent that follows from the request.
- Users’ personal data may be provided by the Operator as needed:
- to the operators of electronic payment systems;
- to the postal operators;
- to the entities that provide marketing services commissioned by the Operator, including personalization of contacts with the User.
- The operator allows entrusting the processing of users’ personal data to third parties only to the extent necessary for the Operator’s accounting, legal, and IT services. The Operator may also entrust the processing of personal data to entities that, at its request, provide services in the field of marketing goods and services of the Operator. A User can get information at any time about the objects entrusted with the processing of personal data, as well as about the purpose and scope of trust in its processing.
- Cookies – IT data, in particular text files, which are stored on the end-device of the User of the website and are intended for use by the websites of the services. Cookies usually contain the name of the website they come from, their storage time on the end-device, and a unique number.
- The entity that places cookies on the end-device of the user of the website and gets access to it, is the Service operator.
- Cookies are used for the following purposes:
- create statistics that help understand how users of the service use websites, which allows improving their structure and content;
- support for the site user session (after logging in), so that the user does not need to re-enter its username and password on each subpage of the service;
- The service uses two main types of cookies: “session” and “persistent” cookies. Session cookies are temporary files that are stored on the user’s end-device before disconnecting, leaving the website, or disabling software (web browser). Persistent cookies are stored on the user’s device for the time specified in the cookie settings or until they are deleted by the user.
- Website browsing software (web browser) usually allows storing cookies on the user’s end-device. Users of the service can change the settings in this matter. The web browser allows deleting cookies. It is also possible to block cookies automatically. For detailed information on this issue, please refer to your web browser’s help or documentation.
- Cookies placed on the end-device of the website user may also be used by advertisers and partners who cooperate with the service operator.
- Cookies may be used by advertising networks, in particular Google network, to display ads adapted to the way the User uses the Services. For this purpose, they can store information about the User’s navigation path or the time spent on a particular page.
- From the point of view of information about user settings collected by Google advertising network, the user can view and edit the information obtained as a result of cookies using the tool: https://www.google.com/ads/preferences/
- If the user does not want to receive cookies, it can change its browser settings. We warn you that disabling cookies required for authentication, security, and saving user settings may complicate your work, and in extreme cases may make it impossible to use the service.
- To manage your cookie settings, follow the instructions provided for each browser.
9. Final provisions