GENERAL INFORMATION
Pursuant to art. 13 sec. 1-2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR, OJ of the EU, L 119, p. 1), w inform that:
I. The Administrator of personal data:
The Administrator of your personal data is Dariusz Biniasz Komu Media with its registered office in 32-060 Rączna 551, entered into the Register of Entrepreneurs kept by the District Court in Łódź-Śródmieście, 20th Commercial Department of the National Court Register under NIP: 7272360182.
II. The scope of processed data:
As the Data Administrator, we process the personal data indicated in the agreement concluded with you or on the invoice received from you: name, surname, mailing address, place of business, NIP, name of your company, e-mail address, telephone number.
III. The purposes and bases for the processing:
We have defined the purposes for which your data will be processed. As the Administrator, we process your data for the purpose of the performance of the agreement concluded with you, its settlement, the exercise of rights with respect to the guarantee and warranty, for the possible amendment of the content of the agreement, for the extension of its duration and for tax purposes. The basis for the processing of your personal data is art. 6 sec. 1 point b) of the GDPR.
IV. The right to object:
You have the right at any time to object to the processing of your data as described above. We will no longer process your data for these purposes unless we can demonstrate that there are compelling legitimate grounds for us to do so in relation to your data that override your interests, rights and freedoms, or that we need your data to enable us to determine, pursue or defend any claim, if necessary.
V. The period of data storage:
Your personal data is stored at the registered office of Dariusz Biniasz Komu Media in Rączna for a period of 5 years and 1 year from the end of the calendar year in which we have deducted VAT on the basis of an invoice received from you. This period corresponds to the general period of time specified in art. 74 of the Accounting Act of 29.09.1994 (consolidated text Journal of Laws of 2018, item 395, as amended). The additional period of one year is intended to protect our company from the demands of the tax authorities or a claim made by you at the last minute, or in the event of difficulty in delivering the claim to our company.
VI. The recipients of the data:
Your personal data will only be passed on to such recipients as our auditors, contractors and banks.
VII. The rights of the data subjects:
In accordance with the GDPR, you are entitled to:
a) access your data and to receive a copy of them;
b) rectify (correct) your data;
c) erase the data, limit the processing of the data;
d) object to processing of the data;
e) transfer the data;
f) lodge a complaint with the supervisory authority – the President of the Office for the Protection of Personal Data;
g) withdraw consent to the processing of personal data, where processing by Dariusz Biniasz Komu Media of your personal data will be valid and legitimate for the period prior to the withdrawal of your consent.
VIII. Information on the requirement or voluntary nature of data provision:
The provision of personal data by you is voluntary but necessary for the implementation and settlement of the agreement concluded with you.
IX. Automated decision making:
Your personal data will not be processed automatically and will not be profiled.
COOKIE POLICY
I. What is a cookie policy?
A cookie policy is a declaration to your users on what cookies are active on your website, what user data they track, for what purpose, and where in the world this data is sent.
Also, a cookie policy should contain information on how your users may opt out of the cookies or change their settings in regard to the cookies on your website.
Many website owners choose to incorporate the cookie policy as a section of their privacy policy.
The privacy policy is a document, usually a page on the website, in which all of the methods and purposes of the data processing activities on the site are outlined, including contact forms, mailing lists etc.
Cookies are a potential privacy risk, because they are able to track, store and share user behaviour.
Whereas most of the remaining privacy policy may be static, the cookies used on a website are dynamic and might change often. Therefore, an adequate cookie policy should be regularly updated to make sure that the information is accurate.
If you do not want information about you being used in this way, you need to change the privacy settings in your browser:
II. How does the EU cookie law 2018 affect my cookie policy?
The EU law on personal data, the General Data Protection Regulation (GDPR), gives website visitors the right to receive specific, up-to date information on what data is registered about them at all times, for what purpose, and where in the world it is sent (along with the possibility to prevent it from happening).
These rules affect your cookie policy as well as your cookie notification, your cookie consent and your documentation of consents.
The law means that you need a proper cookie policy on your website, containing specific, accurate, and up to date information on the website’s use of cookies and the users’ options of accepting and rejecting them.
III. Requirements for my cookie policy
Your cookie policy should state:
- What types of cookies are set,
- How long they persist on your user’s browser,
- What data they track,
- For what purpose (functionality, performance, statistics, marketing, etc.),
- Where the data is sent and with whom it is shared,
- How to reject cookies, and how to subsequently change the status regarding the cookies.
IV. What is the difference between the cookie policy and the privacy policy?
The cookie policy deals specifically with the use of cookies on your site, whereas the privacy policy is a general document regarding all of the data processes on a website, including contact forms, mailing lists, etc.
Often, the cookie policy is integrated as a part of the privacy policy of a website or an app. Arguably, it is the most challenging part. At the heart of this is the nature of cookies:
Firstly, cookies tend to change often. This means that the policy, having to be updated and correct, also must be revised accordingly.
Secondly, cookies operate out of sight. Most website owners don’t even know themselves, what cookies are in operation on their own website.
Thirdly, the majority of the cookies in operation on a website are usually set by third parties, i.e. have another provenance than the website itself.
Therefore, it can be hard to have a complete overview at all times of the cookies in operation on your website, what information they gather, for what purpose, and where in the world the data goes to.
Read more about cookies in our introduction Internet Cookies – What are they and what do they do?
The easiest way to ensure full control over your cookies, and to be sure that you have an accurate and updated cookie policy for your website, is to get a GDPR-compliant cookie solution, where the cookie policy is integrated with the actual monitoring of cookies on your website.
With Cookiebot, the monthly report from the cookie scan can with a few lines of JavaScript be integrated as an automatically updated part of your privacy policy or cookie policy, guaranteeing that they always are up to date and accurate.
Cookiebot is one of the only fully GDPR-compliant cookie solutions on the market.
We enable you to take care of all that is cookie-related on your website, so that you can have peace of mind, knowing that your website complies with the regulations.
V. Does the EU cookie law affect sites in the US and the UK?
The short and simple answer to this is: Yes.
First and foremost, the GDPR is a universal law for the European Union.
This means that the GDPR not only regards all websites that are operating within the EU but also, all websites that are dealing with users from the EU.
So, with its enforcement in May 2018, all sites but strictly local ones outside of the EU will be affected.
In a PwC survey of American multinational organisations, 92 percent said GDPR compliance was a top priority, and 71 percent had already started preparations (in January 2017). These included privacy policies, IT security and discovery of all the data they currently had.
In regards to the UK specifically, it is still a part of the EU upon the date of enforcement of the GDPR. Also, the UK government is preparing for a new Data Protection Bill that will follow the same requirements as the GDPR, so that the same rules still will apply, once the UK leaves the European Union in 2019.
In the US, the laws on the protection of data are more fragmented, because they are a patchwork of sector specific laws, regarding for example healthcare companies or financial institutions, or restricted to specific states, like California.
However, the GDPR being the most thorough and far-reaching data protection regulation ever passed, it is likely to go global or in the least to serve as a model for future regulations the protection of data.
Therefore, it is in any case relevant to take measures to comply.
The regulations might here and now seem like an annoying obstacle for companies, but in the long run they are helping to restore the trust and equity between companies and consumers in a data driven world.