Privacy Policy
Publication date: 11.02.2025
This Privacy and Cookies Policy governs the processing and storage of personal data necessary for the provision of services electronically through the hermanas.pl website , hereinafter referred to as the “Site” or “Service”, and the use of cookies.
general provisions
1. the administrator of the personal data collected through the Site is HERMANAS ANNA FEDORCZAK Jurajska 1B/74 Street, 25-640 Kielce, NIP 9512301235 , hereinafter referred to as , “Administrator”.
2. Personal data collected by the Administrator through the Website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), also referred to as RODO, and with the Act on the Protection of Personal Data of May 10, 2018.
3. Contact with the Administrator is possible via e-mail: kontakt@hermanas.pl.
Definitions
– Administrator – a natural or legal person, public authority, entity or other entity that alone or jointly with others determines the purposes and means of processing personal data, within the meaning of this Privacy and Cookies Policy, the Administrator is understood to mean HERMANAS ANNA FEDORCZAK ul. Jurajska 1B/74, 25-640 Kielce, NIP 9512301235
– Cookies – text data collected in the form of files placed on the User’s Device,
– Personal data – any information relating to an identified or identifiable living individual, including device IP, location data, Internet ID, and information collected through cookies and other similar technology,
– Policy – this Privacy and Cookies Policy, containing information about the processing of personal data and the use of cookies,
– RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of Personal Data and on the free flow of such data and repealing Directive 95/46/EC,
– Personal Data Protection Act – the Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000, as amended),
– Service / Site – the website operated by the Administrator under the name hermanas.pl
– User – a natural person for whom the Administrator provides electronic services through the Website, as well as a visitor to the Website
– Device – an electronic device through which the User accesses the Site.
Type of personal data processing, purposes and legal basis
(1) The Administrator processes the following categories of User’s personal data:
(a) Name,
(b) Email address,
(c) Telephone number
(2) The Administrator processes personal data through the Site for the purpose of:
(a) to ensure security on the Site and to customize content (Article 6(1)(f) of the RODO);
b) to answer questions, provide an ordered offer and conduct correspondence for the purpose of settling a case or fulfilling a reported order on the basis of the User’s consent (Article 6(1)(a) RODO);
c) delivery and display of content on the Website – for this purpose, the Administrator collects personal data in the form of: IP address, cookies (Article 6(1)(f) RODO);
d) to establish, defend and pursue claims – the legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) of the DPA), consisting in the protection of its rights;
e) posting of opinions by the User about services provided by the Administrator (Article 6(1)(a) RODO);
(f) use of cookies on the Site and its sub-sites (Article 6(1)(a) of the RODO);
(g) analytical and statistical – consisting in verification of Users’ activity on the Site in order to improve the applied functionalities and their preferences for optimization of services and products and applied functionalities of the Site (Article 6 (1) (f) of the DPA);
(h) newsletter service (Article 6(1)(a) RODO and Article 6(1)(f) RODO);
i) account registration, verification of the User’s identity and execution of the agreement on provision of services by electronic means in accordance with the Act on Provision of Services by Electronic Means of July 18, 2002, including, in particular, by providing the possibility to use the User’s account – on the basis of acceptance of the terms and conditions of the Regulations (Article 6(1)(b) RODO);
(j) communication with the User in order to provide the User with necessary information and to build a positive and reliable relationship with the User, which constitutes the Administrator’s legitimate interest (Article 6(1)(f) of the RODO);
k) to promote the Administrator’s own products and/or services and those of its Partners by directing marketing information (newsletters) by electronic means, provided that the User has consented to receive such notifications via e-mail (Article 6(1)(a) of the RODO);
(l) to grant access to information on industry news directly related to the Administrator’s business, provided that the User has consented to receive such notifications via e-mail (Article 6(1)(a) of the RODO),
(m) use of the contact form service on the Website – the legal basis for processing is the necessity of processing for the performance of the service contract (Article 6(1)(b) RODO); with regard to data provided optionally, the legal basis for processing is consent (Article 6(1)(a) RODO).
(3) In each of the above-mentioned cases (paragraph 2), the provision of data is voluntary, but necessary to conclude a contract or use other functionalities of the Service.
(4) When using the Site, additional information may be collected, in particular: the IP address assigned to the User’s computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
(5) Navigational data may also be collected from Users, including information about links and references they choose to click on or other actions taken on the Site. Legal basis – legitimate interest (Article 6(1)(f) RODO) to facilitate the use of electronically provided services and to improve the functionality of such services.
DATA SHARING
(1) Users’ personal data may be transferred to third parties whose services are used by the Administrator in connection with the operation of the Service. Personal data, depending on the purpose of processing, may be disclosed to entities affiliated with the Administrator, subcontractors, in particular, entities providing and operating selected IT systems and solutions, entities handling online payments, entities providing courier and postal services, law firms.
2. Users’ personal data are transferred to service providers used by the Administrator in running the Site. Service providers to whom personal data is transferred, depending on contractual arrangements and circumstances, either are subject to the Administrator’s instructions as to the purposes and means of processing such data (processors) or determine the purposes and means of processing themselves (administrators).
(a) The Administrator uses suppliers who process personal data only at the Administrator’s direction. These include, but are not limited to, suppliers that provide hosting services, accounting services, suppliers that provide marketing systems, systems for analyzing Website traffic, systems for analyzing the effectiveness of marketing campaigns.
b) The Administrator uses providers who do not act solely on instructions and determine themselves the purposes and uses of Users’ personal data. They provide electronic payment services and banking services.
3. The service providers are mainly based in Poland and other countries of the European Economic Area (EEA).
4. Due to the use of Google or Facebook, Users’ personal data may be transferred outside the European Economic Area, especially to the United States of America (USA), Canada and other countries. These entities guarantee the appropriate level of protection of personal data required by European regulations.
5. If a request is made, the Administrator shall make personal data available to authorized state authorities, in particular to organizational units of the Prosecutor’s Office, the Police, the President of the Office of Personal Data Protection, the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communications.
6. As part of the Administrator’s activities, social media plug-ins have also been embedded on the website. The purpose and scope of data collection and their further processing and use by service providers are described in the privacy policies of the following:
a) Facebook – https://www.facebook.com/privacy/explanation,
b) Instagram – https://help.instagram.com/519522125107875?helpref=page_content.
Period of personal data processed
(1) Where the basis for the processing of personal data is the User’s consent, then the User’s personal data shall be processed by the Administrator as long as the consent is not revoked (withdrawn), and after the revocation of consent – for a period of time corresponding to the period of limitation of claims that the Administrator may raise and that may be raised against the Administrator. If a special provision does not provide otherwise, the statute of limitations is six years, and for claims for periodic benefits and claims related to the conduct of business – three years.
2. If the basis for the processing of personal data is the performance of a contract, then the User’s personal data are processed by the Administrator for as long as it is necessary for the performance of the contract, and thereafter for a period of time corresponding to the statute of limitations for claims that the Administrator may raise and that may be raised against him. Unless a special provision provides otherwise, the statute of limitations is six years, and for claims for periodic benefits and claims related to the conduct of business – three years.
3. Data related to web traffic analysis collected through cookies and similar technologies may be stored until the cookie expires. Some cookies never expire, so the duration of data storage will be equivalent to the time necessary for the Administrator to fulfill the purposes of data collection, i.e. ensuring security and analysis of historical data related to website traffic.
4. The period of data processing may be extended in case the processing is necessary for the establishment and investigation of possible claims or defense against claims, and after that time only in case and to the extent required by law. After the expiration of the processing period, the data shall be irreversibly deleted or anonymized.
Your rights related to the processing of your personal data
(1) The data subject has the right to access the content of his/her personal data and the right to request rectification, erasure, restriction of processing, data portability, lodge an objection, and the right to withdraw consent at any time, without affecting the legality of the processing performed on the basis of consent before its withdrawal.
2. Legal grounds for the User’s request:
a) Access to data – Art. 15 RODO,
b) Correction of data – Art. 16 RODO,
c) Deletion of data (so-called right to be forgotten) – Art. 17 RODO,
d) Restriction of processing – Art. 18 RODO,
e) Data portability – Article 20 RODO,
f) Objection to processing taking place on the basis of a legitimate interest of the controller – Article 21 RODO,
g) Withdrawal of consent – Article 7(3) RODO.
3Withdrawal of consent has effect from the moment of withdrawal of consent. Withdrawal of consent does not entail any negative consequences for the User, however, it may prevent further use of services or functionalities that, according to the law, the Administrator may provide only with consent.
4. In order to exercise the rights referred to in paragraphs 1 and 2, the User should contact the Administrator via e-mail at the following address: kontakt@beker-media.com
5. In a situation of requesting an entitlement under the above rights, the Administrator shall fulfill the request or refuse to fulfill it immediately, but no later than within one month after receiving it. However, if – due to the complicated nature of the request or the number of requests – the Administrator will not be able to fulfill the request within one month, it will fulfill it within another two months, first informing the person who made the request, within one month of receiving the request – about the intended extension of the deadline and the reasons for it.
6. the User may lodge complaints, inquiries and requests to the Administrator regarding the processing of his/her personal data and the exercise of his/her rights.
7. If it is determined that the processing of personal data violates the provisions of the RODO, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.
Data security
(1) The User’s personal data shall be stored and protected with due care, in accordance with the implemented internal procedures of the Administrator.
(2) The controller shall apply technical and organizational measures to ensure the protection of the processed personal data appropriate to the risks and categories of data protected, and in particular shall protect the data from being disclosed to unauthorized persons, from being taken by an unauthorized person, from being processed in violation of applicable regulations, and from being altered, lost, damaged or destroyed.
(3) The controller shall exercise special care to protect the interests of data subjects, and in particular shall ensure that the data it collects are:
(a) processed in accordance with the law,
(b) collected for designated legitimate purposes and not subjected to further processing incompatible with those purposes,
(c) substantively correct and adequate in relation to the purposes for which they are processed, and stored in a form that allows the identification of the persons to whom they relate for no longer than is necessary to achieve the purpose of processing.
Cookies
1 The website uses cookies. Cookies (so-called “cookies”) are computer data, including text files that a web browser can send to a server each time a user visits a website and that are stored on the device used by the user. They can be read by the Administrator (“own cookies”, which the Administrator uses to ensure the proper operation of this website), as well as by systems belonging to other entities whose services the Administrator uses (“external cookies”).
a) The Administrator uses proprietary cookies for the purpose of analysis and research, as well as audience auditing, and in particular to create anonymous statistics that help to understand how Users use the Site, which enables the improvement of its structure and content.
b) The Administrator uses external cookies in order to present a map indicating the location of the Administrator’s office on the Site’s information pages, using the maps.google.com website (administrator of external cookies: Google Inc. based in the USA).
(2) The installation of cookies is necessary for the proper provision of services on the Site.
(3) Cookies are stored by the Administrator on the User’s terminal device, if the Internet browser allows it. A cookie usually contains the name of the domain from which it originated, its “expiration time” and an individual random number identifying the cookie. Information collected through files of this type helps to adapt the products offered by the Administrator to the individual preferences and real needs of visitors to the Website.
4. During the first visit to the Website, information on the use of cookies is displayed. If you do not change the settings of your browser, you agree to their use.
5. Types of cookies:
a) Internal cookies – files placed and read from the User’s Device by the Service’s data communications system.
b) External cookies – files placed and read from the User’s Device by the data communications systems of external Services.
c) Session cookies – files placed and read from the User’s Device by the Service during one session of a given Device. When the session ends, the files are deleted from the User Device.
d) Persistent cookies – files placed and read from the User Device by the Website until they are manually deleted. The files are not deleted automatically after the end of the session of the Device, unless the configuration of the User’s Device is set to delete cookies after the end of the session of the Device.
6. The mechanism of cookies is safe for Users’ computers.
7. Changing the settings of cookies or their removal is possible through the browser used by the User. It is also possible to block the collection of User data during a visit to the Site by using the so-called “cookies”. incognito mode. Restricting or disabling the Administrator’s use of cookies may affect some of the functionality that is available on the Site.
8. Detailed information about the possibility and methods of handling cookies is available in the settings of your software (web browser).
IP address
1 The Administrator may collect IP addresses of Users. An IP address is a number assigned to the computer of a visitor to the Site by an Internet service provider. The IP number allows access to the Internet. In most cases, it is assigned to the computer dynamically, i.e. changes every time you connect to the Internet, and for this reason it is commonly treated as non-personal identifying information.
2. The IP address is used by the Administrator to diagnose technical problems with the server, to create statistical analyses, as useful information for administering and improving the Site, as well as for security purposes and possible identification of server-laden, unwanted automatic programs for viewing the content of the Site.
Privacy policy changes
1 The Administrator reserves the right to make changes to this Privacy and Cookies Policy and at the same time ensures that the rights of Users under this document will not be restricted.
2. This Privacy Notice will be updated as necessary. If changes to the Privacy Policy and Cookies are published, the date of the last update shown in the header will change. Earlier versions of the Privacy and Cookies Policy will be kept in the archive.
3. The Administrator is not obliged to inform about changes to the Privacy and Cookies Policy.
4. Questions related to the Privacy and Cookies Policy can be sent to the following e-mail address: kontakt@hermanas.pl
5. In matters not covered by this Policy, the provisions of the RODO and other applicable provisions of Polish law shall apply accordingly.
6. Date of last modification: 11.02.2025