General information.
1. The Website operator is CA Analitka Cyberbezpieczeństwa, Ofiar Grudnia 70, Building 53B, Premises No. 8, 80-180 Gdańsk, hereinafter referred to as the ADMINISTRATOR. 
2. The website collects information about users and their behavior in the following ways:
a. Through information voluntarily entered into forms.
b. By storing cookies on end devices.
c. By collecting web server logs.

Information about cookies.
1. The website uses cookies.
2. Cookies are IT data, in particular text files, which are stored on the Website User’s end device and are intended for use on the Website’s pages. Cookies usually contain the name of the website they come from, their storage time on the end device, and a unique number.
3. The entity placing cookies on the Website User’s end device and accessing them is the Website Operator.
4. Cookies are used for the following purposes:
a. creating statistics that help understand how Website Users use websites, which allows improving their structure and content;
b. maintaining the Website User’s session (after logging in), thanks to which the User does not have to re-enter their login and password on every subpage of the Website;
c. determining the user’s profile in order to display tailored materials in advertising networks, in particular the Google network.
5. The Website uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User’s end device until they log out, leave the website, or turn off their web browser. (web browser). Persistent cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
6. Software for browsing websites (web browser) usually allows cookies to be stored on the User’s end device by default. Website users can change their settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help section or documentation of your web browser.
7. Restrictions on the use of cookies may affect some of the functionalities available on the Website.
8. Cookies placed on the Website User’s end device may also be used by advertisers and partners cooperating with the Website operator.
9. We recommend that you read the privacy policies of these companies to learn about the rules for using cookies used in statistics: Google Analytics Privacy Policy
10. Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the way the user uses the Website. For this purpose, they may retain information about the user’s navigation path or the time spent on a given page.
11. With regard to information about user preferences collected by the Google advertising network, users can view and edit information derived from cookies using the following tool: https://www.google.com/ads/preferences/

Server logs.
1. Information about certain user behaviors is logged at the server level. This data is used solely for the purpose of administering the website and ensuring the most efficient provision of hosting services.
2. The resources viewed are identified by URL addresses. In addition, the following may be recorded:
a. the time of the request,
b. the time of the response,
c. the name of the client station – identification via the HTTP protocol,
d. information about errors that occurred during the HTTP transaction,
e. the URL of the page previously visited by the user (referrer link) – if the transition to the Website took place via a link,
f. information about the user’s browser,
g. information about the IP address.
3. The above data is not associated with specific individuals browsing the website.
4. The above data is used solely for server administration purposes.
5. Data disclosure.
a. The data is disclosed to external entities only to the extent permitted by law.
b. Data enabling the identification of a natural person is disclosed only with the consent of that person.
c. The operator may be required to provide information collected by the Website to authorized authorities on the basis of lawful requests to the extent resulting from the request.

Cookie management – how to give and withdraw consent in practice?
1. If you do not want to receive cookies, you can change your browser settings. Please note that disabling cookies necessary for authentication, security, and maintaining user preferences may hinder, and in extreme cases may prevent, the use of websites.
2. To manage your cookie settings, select your web browser/system from the list below and follow the instructions:
a. Internet Explorer
b. Chrome
c. Safari
d. Firefox
e. Opera
f. Android
g. Safari (iOS)
h. Windows Phone

PERSONAL DATA PROTECTION
In this document, the ADMINISTRATOR presents how it implements the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data in relation to the personal data of its contractors and persons representing them.

Personal data is any information relating to an identified or identifiable person. By giving your consent, you agree to the collection, use, and sharing of information in accordance with the Privacy Policy. When collecting and using personal data, we maintain transparency regarding the basis and manner of processing personal data.

SECURITY
We have implemented measures to protect personal data against loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. All collected data is protected using appropriate technical and organizational measures and security procedures. We implement our internal policies, procedures, and training covering data protection, security, and confidentiality.

PROCESSING OF PERSONAL DATA
The ADMINISTRATOR collects and processes data in accordance with and for the purposes of its business activities, in connection with the services or products offered and provided. This includes contact and personal data necessary for the performance of current and future contracts, including those related to the quality of services provided and the security of their performance. The ADMINISTRATOR does not collect or process other data that is not necessary for the performance of the contract. The provision of personal data is voluntary, but it is a prerequisite for the performance of contracts for services offered by the ADMINISTRATOR. Similarly, this applies to contracts concluded between the ADMINISTRATOR and Suppliers.

PURPOSE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
The CONTROLLER processes your personal data because it is necessary for the performance of a contract concluded with you or your employer or client, including for:
a) providing, maintaining, and improving services;
b) ensuring proper customer service;
c) handling requests you send to us;
d) contacting you for purposes related to the provision of services;

In addition, processing is necessary to fulfill the legal obligation incumbent on the ADMINISTRATOR under the contracts performed (e.g., tax rules, storage of documents and accounting records), as well as for the performance of tasks related to business activities, including, for example, work planning and organization, reporting, and conducting analyses.

We also process your personal data on the basis of a legitimate interest, which is:
a) conducting marketing activities for the ADMINISTRATOR’s own services in relation to existing and future contracts.
b) contacting you for purposes related to permitted marketing activities, in particular and with your consent, by e-mail;

DATA RETENTION PERIOD
Your personal data is stored for the duration of the contract concluded with you, as well as after its termination for the purposes of performing obligations arising from legal provisions, including tax and accounting provisions, pursuing claims in connection with the performance of the contract, and archiving. The maximum storage period is 10 years from the end of the contract. Personal data obtained for marketing purposes and for the purpose of sending commercial information by electronic means is stored until you withdraw your consent to such processing. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

TRANSFER OF PERSONAL DATA TO THIRD PARTIES
We only disclose personal data to other entities when permitted by law. We include provisions in relevant agreements regarding security measures to protect data and maintain confidentiality. Therefore, your data may be transferred to:
a) entities cooperating with us that provide us with support in the provision of services and perform activities related to their implementation;
b) external entities that operate and manage our internal IT systems;
c) supervisory authorities, in response to a request for information, if the disclosure is consistent with or required by applicable law, regulation, legal process, or government request;

YOUR RIGHTS
Under applicable law, individuals have certain rights regarding their personal data, and the controller is responsible for ensuring that these rights are exercised. Where the CONTROLLER is the data controller and decides on the manner and purpose of personal data processing, we inform you of your rights:

• Right of access to personal data – individuals have the right to access their data that we store as the controller.
• Right to rectify data – if your data is outdated or incorrect.
• Right to erasure – if your data is no longer necessary for the purposes for which it was collected or you do not consent to further processing of your data.
• Right to restrict processing – if you notice that your data is incorrect or is being processed unlawfully, you may request that the processing of your data be restricted for a period of time allowing us to verify the accuracy of the data or its compliance.
• Right to object – at any time, when the processing of your personal data is based on a legitimate interest and the objection is justified by the specific situation you find yourself in, or your personal data is processed for marketing purposes.

If you wish to exercise these rights, please send a message to the email address provided in the contact tab or by post. You have the right to lodge a complaint regarding our processing of your personal data with the supervisory authority, i.e. the President of the Personal Data Protection Office. For more information, please visit www.giodo.gov.pl.

CHANGES TO THE PRIVACY POLICY
The Privacy Policy shall enter into force on May 25, 2018, and shall remain in force subject to the possibility of future amendments to its provisions.
The updated Privacy Policy will come into force on the date of its publication by the ADMINISTRATOR on this website.