This document regards the accepted principles regarding the processing of personal data of outside users, contacting ECO5TECH S.A., in relation to their use of the following service: www.eco5tech.pl.
I. Identification data:
The Personal Data Controller regarding users, collected with the use of the service is:
General Manager of Eco5tech S.A.
Company main office in Warsaw:
Branch in Bydgoszcz:
ul. Królowej Jadwigi 18/218
NIP 953 245 97 26
Tel: 22 122 14 53
II. Information on the Inspector for the Protection of Personal Data (when such person has been appointed).
Presently, Eco5tech S.A. (resulting from the act and guidelines of the Personal Data Protection Office) has no obligation to appoint the Inspector for the Protection of Personal Data.
In order to secure the process of personal data processing in ECO5TECH S.A., the supervisor for personal data is appointed, acting on behalf of the Personal Data Controller.
III. Processed personal data and legal framework, and resulting from it responsibilities of the Controller
- Eco5tech S.A. protects personal data and applies appropriate organizational and technical measures preventing an interference with privacy of users by third parties. Our activities are focused on guarantying to the user the sense of complete security, meeting the standards of laws that are currently in force, including:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
- Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws of 2020, art. 344);
- Act of 16 July 2004. Telecommunication Law (Journal of Laws of 2021, art. 576).
- The service uses the following personal data
A. concerning business and commercial relations, and contact for the following purposes:
- establishing cooperation,
- conclusion, performance and settlement of contracts,
- presentation of an offer and providing information on services provided,
- handling of inquiries sent through the form available on the website,
- providing answers to all inquiries and applications, and further exchange of letters / contact in this field,
- marketing and contact related to other information and services provided by the Controller,
- defense against potential claims, and also possible lodging of claims,
- fulfilment of legal responsibilities of the Controller (for instance, regarding public, tax, accounting companies).
B. in relation to recruitment, we process data for the following purposes:
- reviewing candidacy and performance of recruitment process, and in the case of consent, also for the needs of future recruitment,
C. concerning relations with investors, for the following purposes:
- performance of contracts regarding acquisition of securities,
- exercising of rights resulting from the possession of securities,
- redemption or cancellation of securities,
- related to taxes and accounting,
- marketing of own activity, products and services and,
- related to potential disputes.
3. The service performs functions related to acquiring of information on users and their behavior in the following way:
- through voluntary entering of data on forms, which will be entered to Eco5tech systems,
- through recording on terminal equipment files known as Cookies*,
- trough analysis of website traffic (measurement function) (Google Analytics),
- through anonymous reading of IP numbers for the purpose of statistics related to impact range of an offer.
4. Undertakings in the scope of personal data protection carried out by the Controller:
- the service is used though SSL* protocol that significantly increases protection of data transmission on the Internet,
- logging and personal data entry places are protected in the transmission layer (SSL* certificate). Therefore, personal data entered on the website is encrypted on the user’s computer and can be read only on the target server,
- the Operator periodically changes its administrator passwords,
- for the purpose of protection of data, the Operator makes backup copies on a regular basis,
- regular updates of all types of software, used by the Controller for personal data processing.
IV. Collection of personal data:
- Eco5tech S.A., during the use of service by outside user, registers http inquiries directed to the server.
- The reviewed resources are identified through URL addresses and regard:
- public IP address of terminal equipment, from which an inquiry was sent,
- user’s station name – identification is conducted through http protocol, when possible,
- inquiry arrival time,
- first line of http request,
- http response code,
- number of data sent by the server,
- information on user’s browser.
- The above mentioned data is not associated with specific persons browsing the service pages. Services do not collect any information in an automated way, with the exception of information contained in Cookies.
- Information collected in this way is used to:
- manage the service,
- confirm possible security threats,
- check the aggregated user traffic within the service and for statistical purposes, including with the use of Google Analytics and GetResponse, only when mailing campaigns are additionally conducted
- Outside user, in the scope of using the functionality of service, can be asked to provide the following personal data:
- first name and surname,
- phone number,
- business address and name,
- content of contact message.
Providing of this data is voluntary; however, when it is not provided, it may not be possible to use the service in the scope of its functionality, which is required.
- Contact form
The data provided on the form is processed for the purpose resulting from the function of a specific form, for instance, for the purpose of handling inquiries related to business, commercial relations and contact, recruitment, and relations with investors. Every time, the context and description of the form informs in a clear war its purpose.
The service collects information provided voluntarily by the user, including personal data, when provided.
V. Data retention period
- Personal data collected from users is stored for a specific purpose of processing and no longer that its retention period.
- Some data can be stored for a longer period, based on laws that are in force in this scope (e.g. financial, personal/human resources).
- The Controller keeps marketing data for a period of 3 years (from the time of completion of a specific undertaking, subject, project).
VI. Identification of personal data recipients
- Personal data of outside user, as a rule, is processed for the needs related to activity of Eco5tech S.A.
- In some situations, the Controller has the right to transfer personal data of outside user to other recipients, when it is necessary for performance of a contract concluded with this outside user or to fulfill responsibilities by the Controller.
It applies to the following groups of recipients:
- hosting company based on assignment,
- authorized employees and co-workers who use the data for the purpose of fulfilment of the purpose of activity of a party,
- companies providing marketing services on behalf of the Controller.
VII. Rights of the people who are the data subjects
- The outside user has the right to request from the Controller:
- access to personal data concerning him/her,
- its correction,
- restriction of processing and transfer of data,
- lodging an objection in the scope of data processing.
- You can lodge a complaint related to Controller’s actions to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa.
VIII. Eco5techA. service contains information on using Cookies*
An obligation to feature on the website information on the processing of personal data results from the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1–88, known as “GDPR.”
- Cookies, which are files that makes possible analysis of behavior of outside user of the service, make possible adjustment of its content to a specific user (targets, retention period or their supplier).
- The above mentioned activity allows also for adjustment of the service to collect data on categories of recipients, their partial personal data and their information needs.
- Cookies are used for the following purposes:
- to facilitate to outside user use of the service during its browsing,
- to associate later the outside user in the event of repeated connection of the service with equipment on which they were recorded,
- to create statistics, which allow to understand how outside users use websites, allowing to improve their structure and content,
- adjustment of the content of websites of the service to specific preferences of outside user as well as their optimization and adjustment to individual needs of outside user.
- Within the Service we use the following types of Cookies:
- “session cookies” – stored on terminal equipment of outside user until logging out, leaving the website or turning off a browser,
- “persistent cookies” – stored on terminal equipment of outside user for a specific period in parameters of Cookies or until their deletion by outside user,
- “performance cookies” – make possible gathering of information on the type of using websites of the Service,
- “strictly necessary cookies” – make possible the use of services available within the Service,
- “own cookies” – placed by the Service,
- “third party cookies” – they come from outside websites other than the Service.
- Information is in no way associated with personal data of Service User and is not used to determine User’s identity. The scope of information gathered automatically depends on settings of User’s internet browser. User should check the settings of his/her browser in order to verify what information is provided by the browser automatically or for the purpose of changing these settings. For this purpose, we recommend reading the content of “Help” of the used internet browser.
- Internet browser makes possible deletion of Cookies. It is also possible to automatically block Cookies.Detailed information on this matter contains “help” or documentation of the internet browser used by outside user.
- When outside user does not want to receive Cookies, he/she can change the settings of his/her browser. However, turning off the service of Cookies necessary for authorization purposes, security or maintenance of preferences of outside user can hinder or even – in extreme cases – disable the use of Service.
Definitions (marked with the symbol “*” ):
- cookie – is a small piece of information recorded by the server on User’s computer, which the server can read after repeated connection from this computer,
- system log – is information transferred by the server by User’s computer during every connection; it can contain all types of data (e.g. IP number), from which one can more or less precisely determine the origin of connection,
- IP address – individual number, which – as a rule – is assigned to every computer connected to the Internet; IP number can be permanently allocated to a specific computer (static) or assigned to it for a specific connection (dynamic),
- SSL protocol – special standard of sending data on the Internet, in which transmission is encrypted, unlike ordinary sending, during which transmission is carried out with open text.