Privacy policy

Dear User,

On May 25, 2018, the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (referred to as “GDPR” or “General Data Protection Regulation”) came into effect. Therefore, we would like to inform you about the processing of your data and the rules that apply after May 25, 2018.

This privacy policy concerns the website https://energy.instrat.pl/

WHAT DATA ARE WE TALKING ABOUT?

We are referring to personal data that you provide in forms and data collected when you use our website, including data stored in cookies.

WHO WILL BE THE DATA CONTROLLER OF YOUR PERSONAL DATA?

The data controller of your personal data will be: FUNDACJA INSTRAT Hoża 51 00-681 Warsaw, Poland NIP 5213736420

WHY DO WE WANT TO PROCESS YOUR PERSONAL DATA?

We process your personal data for the following purposes:

1. To enable you to contact us via forms.
2. To ensure the security of our services, detect robot actions, fraud, and abuse, and to measure and create better, more personalized services for you.

TO WHOM WILL YOUR PERSONAL DATA BE DISCLOSED?

Data will be disclosed to external entities only to the extent permitted by law. Data will not be transferred to external entities.

User data may be transferred outside the European Union – to third countries.

As the Administrator uses external providers of various services, e.g. Facebook and its subsidiaries, Google, Microsoft, Apple, etc., user data may be transferred to the United States of America (USA) due to their storage on U.S. servers (in whole or in part). Google and Facebook apply compliance mechanisms provided for by the GDPR (e.g., certificates) or standard contractual clauses regarding their services. They will be transferred only to recipients who guarantee the highest protection and security of data, including:

1. Cooperation with entities processing personal data in countries for which an appropriate decision of the European Commission has been issued.
2. The use of standard contractual clauses issued by the European Commission (as is the case with Google).
3. The use of binding corporate rules approved by the relevant supervisory authority or the consent of the User to the transfer of personal data to a given recipient.

Detailed information is available in the privacy policy of each provider of these services, available on their websites. For example:

Apple (PL): https://www.apple.com/pl/legal/privacy/

Google LLC: https://policies.google.com/privacy?hl=pl

Facebook Ireland Ltd.: https://www.facebook.com/privacy/explanation

Currently, the services offered by Google and Facebook are mainly provided by entities located in the European Union. However, it is recommended to review the privacy policy of these providers to obtain the most up-to-date information on data protection.

LEGAL BASIS FOR DATA PROCESSING

Personal data is processed in accordance with the principles of applicable law:

1. In part a) based on Article 6(1)(a) of the General Data Protection Regulation of April 27, 2016 (the data subject has given consent to the processing of their personal data for one or more specific purposes).
2. In part b) based on Article 6(1)(f) of the General Data Protection Regulation of April 27, 2016 (processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child).

HOW LONG WILL YOUR DATA BE PROCESSED?

We process your personal data for as long as is necessary to achieve the designated purpose or until you withdraw your consent.

RIGHTS OF DATA SUBJECTS

According to the GDPR, you have the following rights:

a) The right to access your data and obtain a copy thereof. b) The right to rectify (correct) your data. c) The right to erase personal data. d) The right to restrict or object to the processing of data. e) If you believe that we have violated the rules for processing your personal data, you have the right to lodge a complaint directly with the supervisory authority, the President of the Office for Personal Data Protection. To exercise this right, you should provide a full description of the situation and specify which action you believe violates your rights or freedoms. The complaint should be submitted directly to the supervisory authority at the address: ul. Stawki 2, 00-193 Warsaw.

Contact for personal data: info@instrat.pl

HOW DOES DATA COLLECTION WORK EXACTLY?

The website collects information about users and their behavior in the following ways:

1. INFORMATION IN FORMS: The website collects information voluntarily provided by the user. The website may also save information about connection parameters (time markings, IP address). Data in the form is not made available to third parties without the user’s consent. Data provided in forms is processed for the purpose resulting from the specific function of the form, e.g., to contact us. Data provided in forms may be transferred to entities technically performing some of our services.

2. INFORMATION ABOUT COOKIES: The website uses cookies. We inform you that we use cookies (small files stored on your computer) on our websites to record information about the pages you have visited and your activities on them. Cookies are simply information stored by your web browser. Thanks to cookies, websites remember your preferences and settings, such as your city setting in the weather forecast. Cookies do not allow the identification of personal data. Cookies have no impact on your software or hardware. These files are used for the following purposes:

• Authentication, primarily to identify the logged-in user to display the correct information relevant to their interests.
• Security – necessary support for security mechanisms on the website, e.g., protecting against data leakage.
• Research and analytics – We may use cookies to research and analyze the efficiency of the website and mobile applications. This is also done to improve their functioning.
• We may use the popular Google Analytics software; in this case, the website places special code on the user’s computer, allowing data to be collected. However, at any time, the user can disable data collection by Google Analytics software by making appropriate changes to the settings of their web browser.
• Please note that internet browsers usually allow users to control cookies in their settings. Limiting cookies in these settings may result in reduced website performance.

3. SERVER LOGS: Information about certain user behaviors is subject to server logging. This data is used solely for the purpose of administering the website and ensuring the most efficient performance of hosting services. The viewed resources are identified by URL addresses. The logs may include:

• Time of inquiry arrival,
• Time of sending a response,
• Client station name – identification carried out via the HTTP protocol,
• Information about errors that occurred during the HTTP transaction,
• URL address of the page previously visited by the user (referrer link) – in the case when the transition to the website was made through a link,
• Information about the user’s browser,
• Information about the IP address.

The above data is not associated with specific individuals browsing the pages. The data is used solely for server administration purposes.

MANAGING COOKIES ON VARIOUS BROWSERS:

Internet Explorer

Microsoft Edge

Chrome

Safari

Firefox

Opera