Isolution sp. o.o. dated 15.02.2021
The administrator of the data processed for the purposes stated herein (points 2 and 3 below) is “Isolution sp. z o.o. located in Warsaw, at Eustachego Tyszkiewicza 21, postal code 01-157 Warsaw, entered into the Register of Entrepreneurs of the National Court Register by the District Court for the Capital City of Warsaw, XII Commercial Division of the National Court Register under the KRS number 0000619669, NIP: 5321754449”. (hereinafter referred to as the “Administrator”).
The Administrator can be contacted quickly and effectively at the Administrator’s headquarters, i.e. the address indicated above, as well as by phone or e-mail using the data indicated at the address:
When contacted, the Administrator may request additional information to verify the identity of the person making contact.
Personal data is classified as any information about an identified or identifiable natural person (“data subject”). It will therefore include data such as, for example, name, address, date of birth, telephone number or email address (the list is not exhaustive).
Personal data are processed in accordance with GDPR i.e. REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (EU) 2016/679 of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation / hereinafter “GDPR”).
You have the right to:
Right to object
(See more on your rights: www.uodo.gov.pl). We also encourage you to read the flyer on your rights available at https://www.gov.pl/cyfryzacja/rodo-informator.
You can exercise your rights personally in the Administrator’s office, by mail or e-mail (see above for Administrator’s contact details).
In response to your request, you may be asked to provide data necessary to identify your personal data (e.g. for tracing purposes) or to verify your identity (confirmation that you are the person you claim to be). In this case, personal data will be processed only to the extent necessary to document the correct performance of duties related to the reported request (e.g. correct documentation of withdrawal of consent), for the purpose of defence against claims (Article 6(1)(f) GDPR, the so-called legitimate interest of the Data Controller) and for the performance of obligations under GDPR (e.g. ensuring accountability Article 6(1)(c) GDPR). For these purposes, data will be processed for a maximum period of the statute of limitations for potential related claims.
In accordance with the GDPR, information shall be provided in writing or by other means, including, where appropriate, electronically. If the data subject requests so, the information may be provided orally as long as the identity of the data subject is confirmed by other means.
If processing of personal data based on consent were to occur (e.g., use of an image for promotional purposes – see more Part 2), remember that:
Only authorized employees/co-workers acting within the Administrator’s instructions will have access to your personal data. The data may also be disclosed to service providers, e.g. IT service providers supporting the realization of the Administrator’s goals listed below (after having concluded relevant entrustment agreements). The data may also be disclosed to recipients who are separate administrators, e.g. to public administration bodies at their request.
For electronic communication (Microsoft tools), data is physically stored within the EU but through remote access in specific cases data can be transferred outside the EU:
Microsoft as stated in:
– personal data processing statement
– a link to the legal conditions for data processing by Microsoft (data entrustment agreement and standard data transfer clauses that legalize the transfer):
For details on the purposes of data disclosure, see below where describing specific purposes of the processing (Part 2 and Part 3).
The provision of data is in principle voluntary. Whenever the provision of data will be:
you will be informed about this separately and explicitly (e.g. on the form through which personal data will be collected).
As a rule, the Administrator obtains data directly from you.
We obtain data from other sources for the purpose of tax verification of the contractor / client from publicly available sources (e.g. KRS / CEIDG / taxpayer registers published by public administration bodies), at the stage of signing and realization of the contract in the scope which results from these public sources. If we obtain data from another source you will be informed about it separately and explicitly.
The Administrator processes only ordinary data, including contact details as indicated in point 1.7.
We do not process special categories of data, i.e. information that could reveal: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person or data concerning health, sexuality or sexual orientation of that person.
Links to other websites may appear in www. Such websites operate independently of the Administrator and are not supervised by the Administrator in any way. These websites may have their own privacy policies and regulations, with which we recommend that you become familiar.
Where data processing deadlines are indicated below, they shall be regarded as maximum deadlines. If the purpose of data processing concludes earlier, the controller is obliged to and will delete the data earlier. In particular, the data will be deleted or anonymized.
Contact via phone/email
Providing the data is voluntary but necessary to achieve the above mentioned goals.
The data will be processed until the statute of limitations for claims related to the conducted correspondence, unless an effective objection within the meaning of Article 21 GDPR is raised beforehand.
Data protection principles for social media accounts (administration of facebook fanpage and other social media sites)
Purposes of personal data usage:
Basis for processing:
(in terms of obtaining information about other users) – Article 6(1)(f) GDOR i.e. legitimate interest of the data controller.
Categories of obtained data:
Data visible by default on Facebook (or another portal, as appropriate):
Full Name or Alias;
Profile photo or avatar;
Data made public by the user as part of general Facebook settings;
Platform usage data for the purpose of creating anonymous statistics.
Source of data
Facebook (or other social network) users
Facebook (or other social networking site)
The administrator does not configure and has no data about you from cookies stored by Facebook (or any other social network). The statistical data resulting from these cookies are only made available to the administrator in aggregated (anonymous) form and not individualized. Therefore, only the services (including Facebook) can technically respond to your requests regarding the cookies used.
Voluntariness of providing data
The provision of data is voluntary. The user makes his/her own decisions in this regard. In order to use personalized information, social features or online response services, the user must be a member of the social network.
Access to data exchanged between users is governed by the rules of the particular social network.
Transfers of data outside the EU
Publications will be accessible due to their presence on Facebook outside the European Union. Data necessary for the compilation of statistics may be processed outside the European Union in accordance with the data management policies implemented by Facebook (or other social network).
Data processing duration
Data is kept for the duration of the existence of the social network account in question, except for the exercise of the right of deletion or objection by the interested party.
Cookies are small text files that are placed on your computer by websites you visit. They are commonly used to make websites work better or more efficiently, and to provide information to website owners. The table below explains the cookies we use and why.
We use the following categories of cookies: session cookies and permanent cookies.
Considering the purpose of using the files, the Administrator uses two categories of cookies: “necessary” and “optional” for the following purposes:
Session cookies may be used on our websites for this purpose.
permanent and session cookies may be used.
The use of this category of cookies is based on your consent.
Indicated data is not combined with information such as name, email address and other data which makes it possible to easily identify the visitor to the website.
Analytical (Third Party) Cookies:
|Google Analytics / Provider: Google inc.||_ga|
|These cookies are used to collect information about how visitors use our website. We use this information to create reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the site and the blog from which visitors visited the site and the pages visited.Read Google’s information on privacy and data protection https://support.google.com/analytics/answer/6004245|
Data entrustment occurs. The entrustment agreement is available at: https://privacy.google.com/businesses/processorterms/As part of the service provided, data may be transferred outside the EEA and Switzerland, primarily to the United States. For this purpose, Google ensures the security of these data flows by:- participation in the Privacy Shield program: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
You can withdraw your consent at any time and stop the installation and acquisition of data via cookies. Withdrawal of consent does not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.
Most browsers offer the ability to accept or decline all cookies. You can also easily change your cookie settings via your browser settings. Please note that if you block all cookies from the Website, you may experience operational difficulties or be unable to use certain features of our website at all.
Managing and deleting cookies varies depending on the browser you use. You can find out exactly how to do this by using your browser’s Help function or by visiting http://www.allaboutcookies.org, which explains step-by-step how to control and delete cookies in most browsers.
You can see information about each browser on these pages:
To opt out of Google Analytics across all sites, visit: http://tools.google.com/dlpage/gaoptout.
Even if no cookies are installed, the website administrator may gain access to the following data characterizing the use of the website (hereinafter: other operational data):
To ensure the highest quality of our service, we occasionally analyze log files to determine: which pages are visited most often, which Web browsers are used, whether the structure of the site contains errors, etc.
Usage data is not combined with information such as name, email address and other data that can easily identify a website visitor.
Information obtained through the cookie mechanism and usage data may constitute personal data within the meaning of GDPR in certain exceptional situations. If the information indicated above is qualified as personal data, the Administrator is the controller of the personal data. Even in case of doubts whether a certain category of information is personal data the Administrator introduces mechanisms protecting this information as personal data.
The processing of the above categories of data to the extent that it is necessary for the correct display of the website (“essential” cookies) is based on the so-called legitimate interest of the website administrator (Article 6(1)(f) of the GDPR in conjunction with Article 173(3)(2) of the Telecommunications Law.
For this purpose the following may occur:
In the above cases, you have the right to object (when the processing is based on Article 6(1)(f) GDPR).
On the other hand, if you agree to the installation of “optional” cookies (analytical cookies provided by Google Analytics), the information collected in this way will be used to research the preferences of people using our website and the results of this research will be used to improve the quality of the website displayed. In this case, the basis for data processing is Article 173(2) of the Telecommunications Law (Journal of Laws of 2004, No. 171, item 1800) in connection with Article 6(1)(a) GDPR. As indicated in Article 174 of the Telecommunications Law, the provisions on personal data protection shall apply to obtain the consent of the subscriber or end user.
You can withdraw your consent at any time and delete cookies from your device. Withdrawal of consent does not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal. You should also delete the files from your browser.
Recipients of the data: IT entities providing services to the Administrator.
Your personal data will be deleted or anonymized at most after the expiration of the limitation period for potential claims related to the use of the website (no later than 6 months from the date of recording), or earlier if you make an effective objection. The provision of data is voluntary, but necessary for the aforementioned purposes.