This document entitled ‘Privacy policy in OmegaOne Sp. z o.o.’ (hereinafter referred to as: Privacy policy) is a document which contains information regarding personal data processing, in particular, it describes the purpose and scope of collection and processing of personal data by OmegaOne Sp. z o.o.
1. The Personal Data Controller (hereinafter referred to as the“Controller”) is OmegaOne Sp. z o.o. with its registered office in Morawica, 32-084 Morawica, phone number: +48-12-390-66-00, hello@one-omega.com, Tax Identification Number [NIP] PL 679-002-90-81, Business Statistical Number [REGON] – 003925744, registered in the District Court for Kraków Śródmieście in Kraków, 11th Commercial Division, under the KRS number: 0000145175, Share capital: PLN 196 500.00.
2. The contact with the Controller is possible using the following e-mail address: hello@one-omega.com. In all matters regarding the processing of personal data and exercising of the rights related to the dataprocessing, it is also possible to write to the following postal address: OmegaOne Sp. z o.o. with the registered office in Morawica, 32-084 Morawica.
This privacy policy complies with article 13, para. 1 and para. 2 of Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, andrepealing Directive 95/46/EC, (general data protection regulation) Official Journal of the EU L 119 (hereinafter referred to as the GDPR). On the aforementioned basis, OmegaOne Sp. z o.o. wishes to fulfil the obligation to provide information.
Legal grounds for personal data processing:
1. Art. 6(1)(a) of the GDPR, i.e. the data subject has consented tothe processing of their personal data for one or more specific purposes.
2. Art. 6(1)(b) of the GDPR, i.e.: the processing is necessary to perform an agreement the party of which is the data subject, or to take actions upon request of the data subject prior to the conclusion of the agreement.
3. Art. 6(1)(c) of the GDPR, i.e. the processing is necessary to fulfil the legal obligation of the Administrator.
4. Art. 6(1)(f) of the GDPR, i.e.: the processing is necessary for purposes resulting from legitimate interests pursued by the Administrator.
As has been indicated above, personal data shall be processed in accordance with and in pursuance of the generally applicable laws, above all, the GDPR. In particular, the personal data shall be processed for the purpose of accomplishment of a specific purpose, based on prior consent (a) to perform an agreement/complete an order or conclude an agreement/place an order, (b) to comply with the legal obligation to which the Controller is subject, (c) for purposes related to the legitimate interests pursued by the Controller or a third party, except the situations in which the interests or fundamental rights and freedoms of the data subject override these interests (f).
The provision of personal data is voluntary, however it is necessary for the accomplishment of the aforementioned purposes.
The Controller shall not store your personal data for a period longer than that which is necessary to accomplish the purposes for which the data were collected or longer than the period defined by the law. In particular: within the scope of the consent given, data will be stored until the consent is withdrawn or until an answer is provided to an enquiry made, within the scope of performance of the agreement, the personal data will be stored for a period necessary to perform the Agreement, and also after its performance, only in cases and to the extent acceptable by the law, within the scope of fulfilment of legal obligations of the Controller, the personal data will be processed until the fulfilment of these obligations, within the scope of pursuing the legitimate interests of the Controller, the personal data will be stored until an effective objection is made.
The data subject shall have the right to access their data, rectify and correct them as well as restrict their processing, erase them and lodge a complaint with the President of the Office of Personal Data Protection. With regards to the data which have been provided on the basis of the consent to data processing, the data subject shall have the right to withdraw the consent at any time, and this will not affect the lawfulness of processing performed before its withdrawal.
Personal data shall not be made available to any external entities for their own internal use, but only for the purpose of provision of our services. The personal data may be transferred to data processors at the request of the Controller; these shall be authorised employees of the Controller, authorities and agencies that perform the statutory obligations related to the concluded agreements, entities that provided services to the data controller for the purpose of performance of agreements and contractors that provide, in particular, accounting, marketing, IT and legal services; insurers.
The data shall not be subject to processing in the context of the automated decision-making; neither shall they be subject to profiling.
The Controller shall make every effort to ensure all physical, technical and organisational measures for the protection of personal data against their accidental or deliberate destruction, incidental loss, modification, unauthorised use or access, in accordance with all applicable laws.
As a rule, the data shall not be provided to any third country. However, if necessary, this shall take place on the basis of legally acceptable grounds (including art. 46, art. 47 or 49 of the GDPR), in particular, the data transfer to third countries shall take place on the basis of a decision of the European on the adequate level of personal data protection. If no decision of the European Commission has been taken in reference to a given third country on the adequate level of personal data protection, then the transfer to that third country shall take place provided that adequate security level, referred to in art. 46(2) of the GDPR is ensured. Third countries are countries outside the European Economic Area. The European Economic Area shall comprise all countries of the European Union as well as the countries of the so called European Free Trade Association, which include Norway, Iceland and Liechtenstein.
1. Cookie policy
The Website Administrator would like to point out that cookies or other technologies are used on the website to improve the quality and content of the website and render top quality services to you in a manner tailored to your individual preferences and needs.
Cookies are small text files sent to your device, designed for use on websites. The files are not harmful to any computer, its User or their data. The cookies can only work if they are accepted by the web browser used by the User and if they are not deleted from the disk. The cookies allow for the recognition of the User’s device and the appropriate display of the website tailored to the User’s individual preferences and needs. Data stored in the cookies are not associated with any personal data of the User (name, address, etc.).
When using the Administrator’s website, the User shall give their consent to the installation of cookies, their storage on the User’s device and the gaining of access to them. If the User does not give their consent to the foregoing, they must change their browser settings.
The User may, at any time, change the settings for storing and gaining access to cookies by means of settings of the browser or device used. In particular, the User may disable the option of accepting cookies by changing the settings of the software used to browse websites, in such a way as to block the automatic handling of cookies in the settings of their web browser or inform the User each time a cookie is sent to their device. Detailed information about the options and ways to handle cookies is available in the software (web browser) settings. Restrictions in the use of cookies may affect certain functionalities available on websites. The User may, at any time, delete the cookies placed on their device after they stop using the given website.
Legal basis: Art. 6(1)(a) of the GDPR (consent).
2. Google Analytics
The WebsiteAdministrator would like to point out that it uses Google Analytics. GoogleAnalytics (hereinafter GA) is an online analysis service provided by GoogleIreland Ltd. (”Google”). Please read the details of the Google Analyticsprivacy policy: https://policies.google.com/privacy?hl=pl.
If we have not obtained a separate consent to the processing of data for marketing purposes, we have limited the configuration of Google Analytics to the measuring/statistical function exclusively. GA uses the specific form of cookie which is stored on the user’s PC and enables analysis of the use of the Administrator’s website (e.g. data concerning the visited websites such as number of visits, country, browser, length of visit, etc.). The information about the use of this website, generated by the cookie, is usually sent to the Google server in the USA and stored there. Please note that Google Analytics on this website has been extended by the following code:"gat. _AnonymizeIp ();" in order to guarantee the anonymous capture of IP addresses (so called IP masking). Owing to the anonymisation of the IPaddress on the website, the User’s IP address is truncated by Google within the territory of the EU and Treaty States of the European Economic Area. Only in exceptional cases, the full IP address is transmitted to the Google server in the USA and truncated there. Google uses the collected information on behalf of the Administrator to analyse the use of this website for the purpose of creating reports regarding traffic on its website and providing additional services related to the use of the website and the Internet. The IP address sent through the browser in the context of GA is not combined with other Google data.
The Website Administrator uses GA in order to analyse andimprove the operation of the website on a regular basis. The obtainedstatistical data may be used to improve our offer and make it more interestingfor users. Additionally, the information on the functionality of the website iscollected.
By changing the browser settings, the User may disable the storage of the cookies. Furthermore, the user may prevent Google from registering the data related to the use of the website generated by the cookies (including the IP address) and the processing of these data.