Privacy policy

PRIVACY POLICY

The following Privacy Policy sets out the rules for storing and accessing data on the Devices of Users using the Website for the purposes of the provision of electronic services by the Administrator, as well as the rules for the collection and processing of the Users' personal data provided by them personally and voluntarily through the tools available on the Website.

The following Privacy Policy is an integral part of Terms of Service, which sets out the rules, rights and obligations of Users using the Website.

§1 Definitions

  1. Service - internet service "www.venax.net" operating at https://venax.net.
  2. External service - the websites of partners, service providers or customers who cooperate with the Administrator.
  3. Service/Data Administrator (Administrator) - the company "Venax Sp z o.o.", doing business at: ul. Kamienna 3A, having tax identification number (NIP): 9141563945 and KRS number: 0000501679, providing services electronically through the Website.
  4. User - a natural person for whom the Administrator provides services electronically through the Website.
  5. Device - an electronic device with software through which the User accesses the Website.
  6. Cookies - textual data collected in the form of files placed on the User's Device.
  7. RODO - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).
  8. Personal data - information about an identified or identifiable natural person ("data subject"). An identifiable person is one who can be identified, directly or indirectly (e.g. by name, identification number, location data, an online identifier or one or more factors defining the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person).
  9. Processing - an operation or set of operations which is performed upon personal data (or sets of personal data), whether or not by automatic means, such as collection, recording, organisation, organisation, storage, adaptation, modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  10. Limitation of processing - marking of stored personal data in order to limit future processing.
  11. Profiling - any form of automated processing of personal data involving the use of personal data to evaluate certain personal factors relating to an individual, in particular for the purpose of analysing or forecasting aspects relating to work, economic situation, health, preferences, interests, reliability, behaviour, location or movement.
  12. Consent - a freely given, specific, informed and unambiguous demonstration of will, whereby the data subject, by means of a statement or a clear affirmative action, consents to the processing of personal data concerning him or her.
  13. Data protection violations - a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or unauthorised access to personal data transmitted, stored or otherwise processed.
  14. Pseudonymisation - the processing of personal data in such a way that they cannot be attributed to a specific person, without the use of additional information stored separately (subject to appropriate technical and organisational measures).
  15. Anonymisation - an irreversible process of data manipulation that destroys / overwrites personal data, making it impossible to identify or link a particular record to a specific user or individual.

§2 Data Protection Officer

Pursuant to Article 37 RODO, the Administrator has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Controller directly.

§3 Types of Cookies

  1. Internal cookies - files placed and read from the User's Device by the Service's ICT system.
  2. External cookies - files uploaded to and read from the User's Device by the ICT systems of external Services. The scripts of these External Services may be deliberately placed on the Website.
  3. Session cookies - files uploaded to and read from the User's Device by the Website during a single session of the relevant Device (once the session has ended, the files are deleted).
  4. Persistent cookies - files uploaded to and read from the User Device by the Service until they are manually deleted (they are not deleted automatically after the end of the session, unless the configuration of the User Device is set to automatic deletion mode).

§4 Security of data storage

  1. Mechanisms for storing and reading cookies
    These mechanisms are implemented through the built-in mechanisms of web browsers and do not allow the extraction of other data from the User Device (including personal data or confidential information) or data of other sites visited by the User. The transfer of viruses, Trojan horses and other malware to the User Device is practically impossible.

  2. Internal cookies
    Cookies used by the Administrator are safe for the Users' Devices and do not contain scripts, content or information that may compromise security.

  3. External cookies
    The Administrator makes every effort to verify and select service partners in terms of User security. However, the Administrator does not have full control over the content of cookies from external partners. To the extent permitted by law, the Administrator is not responsible for the security of cookies, their content and their use by the scripts installed in the service from external services in accordance with the licence. The list of partners can be found further in the Privacy Policy.

  4. Cookie control

    • The user can change the settings for storing, deleting and accessing cookies at any time.
    • Information on how to disable cookies in the most popular browsers is available in their documentation or on their help pages:
      • Chrome
      • Opera
      • Firefox
      • Edge
      • Safari
      • Internet Explorer 11
    • The User may, at any time, delete all cookies already stored, using the tools available on the Device through which he/she uses the Website.

  5. Risks on the User's side
    The Administrator uses all possible technical measures to ensure the security of the data placed in cookies, however, the security of this data also depends on the User himself (e.g. on protecting the device against viruses).

  6. Storage of personal data
    The Administrator shall make every effort to ensure that personal data voluntarily entered by Users is secure, access to it limited and carried out in accordance with the purposes of the processing.

  7. Storage of passwords
    Passwords are stored in encrypted form, using the latest standards and guidelines in this area.

§5 Purposes for which cookies are used

  • Improve and facilitate access to the Service.
  • Personalisation of the Service for Users.
  • Enabling a login to the Service.
  • Marketing, remarketing in external services.
  • Advertising serving services.
  • Affiliate services.
  • Maintenance of statistics (e.g. users, number of visits, types of device).
  • Serving multimedia services.
  • Provision of community services.

§6 Purposes of personal data processing

  1. Personal data voluntarily provided by users are processed for the following purposes:

    • Implementation of electronic services:
      • Services for the registration and maintenance of the User's account on the Website and the functionalities associated with it.
      • Newsletter service (including sending - with consent - advertising content).
      • Services for commenting on/liking posts on the Website without registering.
      • Services for sharing content posted on the Website on social networks or other sites.
    • The Administrator's communication with Users on matters relating to the Service and data protection.
    • To ensure the legitimate interest of the Administrator.

  2. User data collected anonymously and automatically are processed for the following purposes:

    • Keeping statistics.
    • Remarketing.
    • Serving advertisements tailored to Users' preferences.
    • Support for affiliate programmes.
    • To ensure the legitimate interest of the Administrator.

§7 Cookies of external services

The Administrator uses JavaScript and web components of partners on the Website, who may place their own cookies on the User's Device. In the settings of the browser, the User can decide on the scope of cookies allowed.

List of partners or their services implemented on the Website (which may place cookies):

  • Multimedia services:

    • YouTube
    • Vimeo
    • Spotify

  • Community / combined services (registration, login, content sharing, communication, etc.):

    • Twitter
    • Microsoft
    • Facebook
    • Google+
    • LinkedIn

  • Content sharing services:

    • WhatsApp

  • Newsletter services:

    • Freshmail
    • MailChimp
    • Mailerlite
    • GetResponse
    • SALESmanago

  • Ad serving services and affiliate networks:

    • Google Adsense
    • MyLead

  • Keeping statistics:

    • Google Analytics
    • Adobe Analytics
    • WordPress Stats (Automattic Inc.)
    • Facebook Analytics for Apps

  • Other services:

    • Internet Archive
    • Google Maps

The services provided by third parties are beyond the control of the Administrator and may change their terms of service, privacy policies, purposes of data processing, and uses of cookies at any time.

§8 Types of data collected

  1. Anonymous data collected automatically (including through cookies):

    • IP address
    • Browser type
    • Screen resolution
    • Approximate location
    • Openable subpages of the website
    • Time spent on the relevant sub-page of the website
    • Type of operating system
    • Address of previous subpage
    • Link address
    • Browser language
    • Internet connection speed
    • Internet service provider

  2. Data collected during registration:

    • First name / surname / nickname
    • Login
    • E-mail address
    • Telephone number
    • IP address (automatically collected)
    • VAT number
    • KRS number
    • REGON number

  3. Data collected when subscribing to the Newsletter service:

    • First name / surname / nickname
    • E-mail address
    • IP address (automatically collected)

  4. Data collected when adding a comment:

    • Name / nickname
    • E-mail address
    • Web address
    • IP address (automatically collected)

Part of the data (without identifying information) may be stored in cookies. Part (also without identifying data) may be passed on to providers of statistical services.

§9 Access to personal data by third parties

In principle, the Administrator is the only recipient of the personal data provided by Users. The data collected as part of the services provided is not passed on or resold to third parties.

Access to the data (usually on the basis of a data processing entrustment agreement) may be granted to the entities responsible for maintaining the infrastructure and services necessary for the running of the Website, i.e.:

  • Hosting companies, providing hosting or related services to the Administrator.
  • Companiesthrough which the Newsletter service is provided.
  • IT service and support companies, carrying out maintenance or responsible for the maintenance of IT infrastructure.
  • Companies responsible for bookkeeping Administrator (in the case of a purchase transaction on the Website).
  • Companies responsible for supplying physical products to the User (postal/courier services - in the case of purchase transactions on the Website).

Entrustment of personal data processing - Newsletter

In order to provide the Newsletter service, the Administrator uses the services of third parties (including Freshmail, MailChimp, Mailerlite, GetResponse, SALESmanago). The data entered in the Newsletter subscription form are transferred, stored and processed in the infrastructure of the third-party service provider.

Entrusting the processing of personal data - Hosting, VPS or dedicated server services

In order to run the Website, the Administrator uses the services of an external hosting provider (e.g. nazwa.pl). All data collected and processed on the Website are stored in the infrastructure of the service provider located in Poland.

Entrustment of the processing of personal data - Website maintenance

The administrator also uses the services of an external provider (SiZ Zbigniew Jedliński). The staff of this provider has access to the data entered by users when registering and editing their user account and/or data concerning the Newsletter service.

Transfer of personal data - Accounting Services

If a transaction is concluded, part of the personal data of individuals (or the data of individuals carrying out business activities) may be transferred to the entity providing accounting services to the Administrator "AS" Agata Nędzi Biuro Rachunkowo-Prawne ul. Wolności 171.

Transfer of personal data - Courier services

In the event of a transaction requiring the delivery of a product, part of the personal data (of individuals or of sole traders) is transferred to a postal/courier service provider chosen by the User.

§10 Processing of personal data

Personal data provided voluntarily by users:

  1. They will not be transferred outside the European Union unless they have been published as a result of an individual action by the User (e.g. entry, comment), which will make them accessible to any visitor to the Website.
  2. They are used for automated decision-making (profiling).
  3. The profiling shall not produce legal effects or similarly materially affect the data subject.
  4. They will not be resold to third parties.

Anonymous data (without personal data) collected automatically:

  1. They can be transferred outside the European Union.
  2. They may be used for automated decision-making (profiling).
  3. The profiling of such data shall not produce legal effects or similarly materially affect the data subject.
  4. They may be resold to third parties (e.g. in the form of paid access to Service statistics).

§11 Legal grounds for processing personal data

The Service collects and processes Users' data on the basis of:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. (RODO), in particular:
    • Article 6(1)(a) (consent of the data subject),
    • Article 6(1)(b) (necessity for performance of the contract),
    • Article 6(1)(f) (legitimate interest of the Administrator).
  • Law of 10 May 2018 on the protection of personal data (Journal of Laws 2018 item 1000).
  • Act of 16 July 2004. Telecommunications Law (Journal of Laws 2004 No. 171 item 1800).
  • Law of 4 February 1994 on copyright and related rights (Dz. U. 1994 Nr 24 poz. 83).

§12 Period for processing personal data

  1. Personal data provided voluntarily by users:

    • Generally only stored for the duration of the respective service on the Website. Deleted or anonymised within 30 days after termination of the service (e.g. deletion of account, unsubscribing from Newsletter).
    • An exception to this is the need to safeguard legitimate interests (e.g. violation of the Rules of Procedure), in which case the retention period may be up to 3 years.

  2. Anonymous data (without personal data) collected automatically:

    • They are stored indefinitely for statistical purposes.

§13 Users' rights in relation to the processing of personal data

  1. Right of access to personal data
    You have the right to access your personal data by submitting a request to the Administrator.

  2. Right to rectification of personal data
    The user has the right to request the immediate rectification of personal data that is incorrect or incomplete.

  3. Right to erasure of personal data
    You have the right to request the immediate deletion of your personal data.

    • In the case of a user account, deletion of data means anonymisation of the User's identifiable data.
    • The Administrator may suspend the execution of the deletion request if the User has violated the Terms of Use or in other cases of safeguarding the legitimate interests of the Administrator.
    • In the case of the Newsletter, the user can delete his/her data himself/herself using the link in each email.

  4. Right to restrict processing of personal data
    The user has the right to request the restriction of data processing in the cases indicated in Article 18 RODO (e.g. questioning the accuracy of the data).

  5. Right to data portability
    You have the right to obtain personal data concerning you in a structured, commonly used and machine-readable format.

  6. Right to object to the processing of personal data
    The user has the right to object to the processing of his/her data in the cases set out in Article 21 RODO.

  7. Right of action
    The user has the right to lodge a complaint with the data protection supervisory authority.

§14 Contact to the Administrator

The Administrator can be contacted in one of the following ways:

  • Postal address:
    Venax Sp z o.o.
    3A Kamienna Street
  • Email address:
    biuro@venax.pl
  • Telephone connection:
    +48 513 410 421
  • Contact form:
    available at / contact

§15 Service requirements

  1. Restricting the storage of and access to Cookies on the User's Device may result in the malfunction of certain features of the Website.
  2. The Administrator shall not be held liable for improper functioning of the Website in the event that the storage and reading of cookies by the User is restricted.

§16 External links

The Website (including, but not limited to, articles, posts, entries or comments) may contain links to external websites not related to the Administrator. Sites or files under the indicated links may be dangerous to the User's Device or pose a threat to data security. The Administrator shall not be held liable for any content outside the Website.

§17 Changes to the Privacy Policy

  1. The Administrator reserves the right to amend this Privacy Policy at any time, with regard to the use and application of anonymised data or the use of cookies, without notifying Users.
  2. The Administrator reserves the right to amend this Privacy Policy at any time with regard to the processing of personal data, of which it will inform Users who have user accounts or who are subscribed to the Newsletter service by e-mail within 7 days of the introduction of the changes.
  3. Continued use of the services implies that you have read and accepted the changes to the Privacy Policy. If you do not accept the changes, you should delete your account or unsubscribe from the Newsletter service.
  4. Any changes made to the Privacy Policy are published on this subpage of the Website and take effect as soon as they are published.