Privacy policy
This Privacy and Cookies Policy sets out the rules for the processing and storage of personal data necessary to provide services electronically via the website jmsols.com, hereinafter referred to as the „Website” or „Website”, and the use of Cookies.
General provisions
1. The administrator of personal data collected via the Website is JM Solutions Maurycy Jankowski, ul. Śliska 21A/12, 61-369, Poznań, NIP: 7822901655, hereinafter referred to as the „Administrator”.
2. Personal data collected by the Administrator via the Website are processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), also known as GDPR, and the Personal Data Protection Act of May 10, 2018.
3. Contact with the Administrator is possible via e-mail:
mj@jmsols.com and by phone: +48 514 429 902
Definitions
• Administrator – a natural or legal person, public authority, unit or other entity that, alone or jointly with others, determines the purposes and methods of processing personal data, within the meaning of this Privacy and Cookies Policy, the Administrator is understood as JM Solutions Maurycy Jankowski, ul. Śliska 21A/12, 61-369, Poznań, NIP: 7822901655
• Cookies – text data collected in the form of files placed on the User’s Device,
• Personal data – all information relating to an identified or identifiable living natural person, including device IP, location data, online identifier and information collected via cookies and other similar technology,
• Policy – this Privacy and Cookies Policy, containing information on the processing of personal data and the use of cookies,
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC,
• Personal Data Protection Act – Act of May 10, 2018 on the protection of personal data (Journal of Laws of 2018, item 1000, as amended),
• Website / Website – website run by the Administrator under the name jmsols.com
• User – a natural person for whom the Administrator provides services electronically via the Website, as well as a visitor to the Website/online store,
• Device – an electronic device through which the User gains access to the Website.
Type of personal data processed, purposes and legal basis
1. The Administrator processes the following categories of User’s personal data:
a) Name and surname,
b) E-mail address,
c) Telephone number
2. The Administrator processes personal data via the Website in order to:
a) ensuring security within the Website and customizing content (Article 6(1)(f) of the GDPR);
b) answering questions, forwarding the ordered offer and conducting correspondence in order to resolve the matter or to complete the submitted order based on the User’s consent (Article 6(1)(a) of the GDPR);
c) providing and displaying content on the Website – for this purpose, the Administrator collects personal data in the form of: IP address, cookies (Article 6(1)(f) of the GDPR);
d) determining, defending and pursuing claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in the protection of his rights;
e) posting by the User an opinion about the services provided by the Administrator (Article 6(1)(a) of the GDPR);
f) the use of cookies on the Website and its subpages (Article 6(1)(a) of the GDPR);
g) analytical and statistical – consisting in verifying Users’ activity on the Website in order to improve the functionalities used and their preferences for optimizing services and products and the functionalities of the Website (Article 6(1)(f) of the GDPR);
h) newsletter service (Article 6(1)(a) of the GDPR and Article 6(1)(f) of the GDPR);
i) account registration, verification of the User’s identity and implementation of the contract for the provision of electronic services in accordance with the Act of July 18, 2002 on the provision of electronic services, in particular by ensuring the possibility of using the User’s account – based on acceptance of the terms of the Regulations ( Article 6(1)(b) of the GDPR);
j) communication with the User in order to provide him with the necessary information and build positive and reliable relations with the User, which constitutes the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR);
k) promoting the Administrator’s own and its Partners’ products and/or services by sending marketing information electronically (newsletter), provided that the User has agreed to receive such notifications via e-mail (Article 6(1)(a) of the GDPR) ;
l) granting access to information about news from the industry directly related to the Administrator’s activities, provided that the User has agreed to receive such notifications via e-mail (Article 6(1)(a) of the GDPR),
m) using the contact form service on the Website – the legal basis for processing is the necessity of processing to perform the contract for the provision of the service (Article 6(1)(b) of the GDPR); in the scope of optional data, the legal basis for processing is consent (Article 6(1)(a) of the GDPR).
3. In each of the cases mentioned above (section 2), providing data is voluntary, but necessary to conclude a contract or use other functionalities of the Website.
4. When using the Website, additional information may be downloaded, in particular: the IP address assigned to the User’s computer or the external IP address of the Internet provider, domain name, browser type, access time, operating system type.
5. Navigational data may also be collected from Users, including information about links and references they decide to click or other activities undertaken on the Website. Legal basis – legitimate interest (Article 6(1)(f) of the GDPR), consisting in facilitating the use of services provided electronically and in improving the functionality of these services.
Data sharing
1. Users’ personal data may be transferred to third parties whose services the Administrator uses in connection with running the Website. Personal data, depending on the purpose of processing, may be disclosed to entities related to the Administrator, subcontractors, in particular entities providing and operating selected IT systems and solutions, entities handling online payments, entities providing courier and postal services, and law firms.
2. Users’ personal data are transferred to service providers used by the Administrator to run the Website. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, are either subject to the Administrator’s instructions regarding the purposes and methods of processing this data (processors) or independently determine the purposes and methods of their processing (controllers).
a) The Administrator uses suppliers who process personal data only at the Administrator’s request. These include, among others: suppliers providing hosting services, accounting services, providing marketing systems, systems for analyzing traffic on the Website, systems for analyzing the effectiveness of marketing campaigns.
b) The Administrator uses suppliers who do not act solely on instructions and who determine the purposes and methods of using Users’ personal data themselves. They provide electronic payment services and banking services.
3. Service providers are based mainly in Poland and other countries of the European Economic Area (EEA).
4. Due to the use of Google or Facebook services, Users’ personal data may be transferred outside the European Economic Area, in particular to the United States of America (USA), Canada and other countries. These entities guarantee an adequate level of personal data protection required by European regulations.
5. If a request is made, the Administrator provides personal data to authorized state authorities, in particular organizational units of the Prosecutor’s Office, the Police, the President of the Personal Data Protection Office, the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communications.
6. As part of the Administrator’s business, social media plug-ins have also been embedded on the website. The purpose and scope of data collection and its further processing and use by service providers are described in the privacy policies indicated below:
a) Facebook – https://www.facebook.com/privacy/explanation,
b) Instagram – https://help.instagram.com/519522125107875?helpref=page_content.
Period of personal data processing
1. If the basis for the processing of personal data is the User’s consent, then the User’s personal data are processed by the Administrator until this consent is revoked (withdrawn), and after the consent is withdrawn – for a period of time corresponding to the limitation period for claims that may raised by the Administrator and what may be raised against him. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
2. If the basis for the processing of personal data is the performance of a contract, then the User’s personal data are processed by the Administrator for as long as it is necessary to perform the contract, and after that time for a period corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against him. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
3. Data related to network traffic analysis collected via cookies and similar technologies may be stored until the cookie expires. Some cookies never expire, therefore the data storage time will be equivalent to the time necessary for the Administrator to achieve the purposes of data collection, i.e. ensuring security and analyzing historical data related to website traffic.
4. The data processing period may be extended if processing is necessary to determine and pursue possible claims or defend against claims, and after that time only if and to the extent required by law. After the processing period has expired, the data is irreversibly deleted or anonymized.
Your rights related to the processing of your personal data
1. The data subject has the right to access his or her personal data and the right to request their rectification, deletion, limitation of processing, data transfer, objection and the right to withdraw consent at any time, without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
2. Legal basis for the User’s request:
a) Access to data – art. 15 GDPR,
b) Rectification of data – art. 16 GDPR,
c) Deletion of data (the so-called right to be forgotten) – Art. 17 GDPR,
d) Restriction of processing – Art. 18 GDPR,
e) Data transfer – art. 20 GDPR,
f) Objecting to processing based on the legally justified interest of the administrator – Art. 21 GDPR,
g) Withdrawal of consent – art. 7 section 3 GDPR.
3. Withdrawal of consent takes effect from the moment of withdrawal. Withdrawal of consent does not entail any negative consequences for the User, but may prevent further use of services or functionalities that, in accordance with the law, the Administrator can only provide with consent.
4. In order to exercise the rights referred to in section 1 and 2, please contact the Administrator via e-mail at the following address: mj@jmsols.com
5. In the event of exercising the rights arising from the above rights, the Administrator shall comply with the request or refuse to comply with it immediately, but no later than within one month after receiving it. However, if – due to the complicated nature of the request or the number of requests – the Administrator will not be able to fulfill the request within a month, he will fulfill it within the next two months, having previously informed the person who submitted the request, within one month of receiving the request, about the intended extension. deadline and its reasons.
6. The User may submit to the Administrator complaints, inquiries and requests regarding the processing of his or her personal data and the exercise of his or her rights.
7. If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.
Data safety
1. The User’s personal data is stored and protected with due care, in accordance with the implemented internal procedures of the Administrator.
2. The Administrator applies technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular protects the data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of applicable regulations and their change, loss, damage or destruction.
3. The Administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him is:
a) processed in accordance with law,
b) collected for specified, lawful purposes and not subjected to further processing inconsistent with these purposes,
c) substantively correct and adequate in relation to the purposes for which they are processed and stored in a form enabling identification of the persons to whom they concern, no longer than is necessary to achieve the purpose of processing.
Cookies
1. The website uses cookies. Cookies (so-called „cookies”) are IT data, including text files, that the web browser can send to the server each time the website is visited and which are saved on the device used by the User. They can be read by the Administrator („own cookies”, which the Administrator uses to ensure the proper operation of this website), as well as by systems belonging to other entities whose services the Administrator uses („external cookies”).
a) The Administrator uses its own cookies for analysis, research and audience auditing, and in particular to create anonymous statistics that help understand how Users use the Website, which allows improving its structure and content.
b) The Administrator uses external cookies to present a map indicating the location of the Administrator’s office on the information pages of the Website, via the website maps.google.com (administrator of external cookies: Google Inc based in the USA).
2. The installation of cookies is necessary for the proper provision of services on the Website.
3. Cookies are saved by the Administrator on the User’s end device, if the web browser allows it. A cookie usually contains the name of the domain it comes from, its „expiration time” and an individual, randomly selected number identifying the file. Information collected using this type of files helps adapt the products offered by the Administrator to the individual preferences and real needs of people visiting the Website.
4. During your first visit to the Website, information about the use of cookies is displayed. Not changing your browser settings is tantamount to consenting to their use.
5. Types of cookies:
a) Internal cookies – files placed and read from the User’s Device by the Website’s IT system.
b) External cookies – files placed and read from the User’s Device by the IT systems of external websites.
c) Session cookies – files placed and read from the User’s Device by the Website during one session of a given Device. After the session ends, the files are deleted from the User’s Device.
d) Persistent cookies – files placed and read from the User’s Device by the Website until they are manually deleted. Files are not deleted automatically after the end of the Device session, unless the configuration of the User’s Device is set to the mode of deleting cookies after the end of the Device session.
6. The cookie mechanism is safe for Users’ computers.
7. Changing cookie settings or deleting them is possible via the browser used by the User. It is also possible to block the collection of User’s data during a visit to the Website by using the so-called incognito mode. Restricting or disabling the cookies used by the Administrator may affect some of the functionalities available on the Website.
8. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.
Newsletter
1. By subscribing to the newsletter, the User provides the Administrator with the following personal data: e-mail address. Providing the above data is voluntary, but necessary to subscribe to the newsletter.
2. You can unsubscribe from receiving the newsletter at any time. You can unsubscribe from the newsletter by contacting the Administrator or clicking on the appropriate link, which is included in each message sent as part of the newsletter.
3. By subscribing to the newsletter, the User consents to being sent marketing and commercial information via electronic means of communication within the meaning of the Act on the provision of electronic services.
IP address
1. The Administrator may collect Users’ IP addresses. An IP address is a number assigned to the computer of a person visiting the Website by the Internet service provider. The IP number allows you to access the Internet. In most cases, it is assigned to the computer dynamically, i.e. it changes every time you connect to the Internet, and is therefore generally treated as non-personal identifying information.
2. The IP address is used by the Administrator to diagnose technical problems with the server, create statistical analyses, as information useful in administering and improving the Website, as well as for security purposes and possible identification of undesirable automatic programs for viewing the content of the Website that burden the server.
Changes to the privacy policy
1. The Administrator reserves the right to introduce changes to this Privacy and Cookies Policy and at the same time ensures that Users’ rights arising from this document will not be limited.
2. This privacy notice will be updated as necessary. If changes to the Privacy Policy and Cookies are published, the date of the last update given in the header will change. Earlier versions of the Privacy Policy and Cookies will be stored in the archive.
3. The Administrator is not obliged to inform about changes to the Privacy Policy and Cookies.
4. Questions related to the Privacy and Cookies Policy can be sent to the following e-mail address: mj@jmsols.com
5. In matters not regulated by this Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.
6. Date of last modification: 21/05/2024