Privacy Policy

Privacy policy

Privacy policy

This document sets out the Privacy and Cookies Policy for the website available at https://cyran.net.pl, which is owned by Piotr Cyran,
4a Piastowska Street, 72-600 Świnoujście.

§1 Data controller

1.1 The controller of your personal data is Piotr Cyran, 4a Piastowska Street, 72-600 Świnoujście, Tax Identification Number (NIP) 8551558713, National Business Registry Number (REGON) 320845310 (hereinafter referred to as the ”Controller”).                                

1.2 The Controller’s contact details:
Postal address: 4a Piastowska Street, 72-600 Świnoujście
Email address: biuro@cyran.net.pl
Telephone number: +48 91 888 78 88

1.3 Pursuant to Article 37 of the GDPR, the Data Controller has not appointed a Data Protection Officer (DPO) and carries out the duties relating to the protection of personal data itself.

§2 Definitions

Administrator – Data Controller: the entity that determines the purposes and means of processing personal data

Personal data – this refers to information relating to natural persons; it concerns a person who is identified or can be identified, either directly or indirectly; personal data includes, in particular, an identification number and factors determining physical, physiological, mental, economic, cultural or social characteristics

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

Privacy and Cookie Policy – this document, hereinafter referred to as the „Policy”

Service – the website operated by the Controller at https://cyran.net.pl

Website user – any individual who visits the Website or uses at least one service provided by the Controller or one of the Website’s features

Cookies – in Polish, „cookies” are small pieces of information in the form of text strings that are placed or read by a website in the web browser used by the User

Sole traders – individuals carrying out business activities on the basis of an entry in the Central Register and Information on Economic Activity

§3 General provisions

3.1 The Controller collects data from Users of the Website located at
https://cyran.net.pl.

3.2 The type of data collected by the Controller depends on the service offered by the Controller that the User is using.

3.3 Personal data will be processed by the Controller in accordance with the provisions of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, known as the General Data Protection Regulation, hereinafter „GDPR”.

3.4 The provision of any personal data is voluntary and is at the User’s discretion. However, in certain cases, the provision of specific personal data is necessary in order to meet the User’s expectations regarding the use of the services offered by the Controller.

3.5 The services offered by the Controller via the Website are intended for persons aged 18 or over. Consequently, the Controller does not knowingly process the personal data of children.

§4 Purpose, legal basis and duration of data processing

4.1 Contact

4.1.1 Whose data is processed?
Details of people who contact us by email.

4.1.2 What data is processed?
The personal data provided in the email will be processed:

  • first name and surname
  • email address
  • telephone number

4.1.3 What is the purpose of data processing?
Identifying the user making contact and answering their question.

4.1.4 What is the legal basis for data processing?
Legitimate interest – Article 6(1)(f) of the GDPR.

4.2.5 What is the data retention period?
Until the expiry of the limitation period for claims.

4.1.6 Is it necessary to provide this information?
Providing your details is voluntary, but necessary for user verification.

§5 Entrusting and disclosing personal data

In the course of its business activities, the Controller may disclose personal data to the following entities if this is necessary to achieve the purposes of processing:

  • companies providing hosting services or IT solutions,
  • public authorities that receive data in connection with the Controller’s legal obligations,
  • companies providing marketing services to the Controller,
  • to staff and colleagues.

§6 Rights of Website Users

6.1 In connection with the processing of personal data, the User is entitled to the following rights:

6.1.1 Right of access to personal data – The User has the right to obtain information regarding the personal data held by the Controller about them, including a copy of such data.

6.1.2 the right to have your data rectified – You have the right to request the rectification of your personal data if it is inaccurate or incomplete.

6.1.3 Right to erasure – The User has the right to request the erasure of their personal data held by the Controller in the following cases: (a) the User’s personal data is no longer necessary for the purposes for which it was collected,(b) the User has withdrawn the consent on which the processing is based and there is no other legal basis for the processing,(c) the User has objected to the processing and there are no overriding legitimate grounds for the processing, or the objection relates to the processing of data for direct marketing purposes,(d) the User’s personal data has been processed unlawfully, (e) the personal data must be erased in order to comply with a legal obligation under Union or national law.

6.1.4 The right to withdraw consent to the processing of personal data for marketing purposes at any time – The User has the right to withdraw their consent to the processing of personal data at any time. Withdrawal of consent to processing will not affect the lawfulness of processing carried out prior to its withdrawal.

6.1.5 Right to restriction of processing – The User has the right to request that the processing of their personal data be restricted in the following cases:(a) the User disputes the accuracy of the personal data, for a period enabling the Controller to verify the accuracy of such data,(b) the processing is unlawful and the User objects to the erasure of the personal data, requesting instead that its use be restricted,(c) The Controller no longer needs the personal data for the purposes of processing, but the User requires it for the establishment, exercise or defence of legal claims,(d) the User has objected to the processing pursuant to Article 21(1) of the GDPR – until it is established whether the Controller’s legitimate grounds override the grounds for the objection.

6.1.6 the right to object to the processing of data (objection on grounds relating to a particular situation) – if the User’s personal data is processed on the basis of the Controller’s legitimate interest, the User has the right to object to the processing at any time, in accordance with Article 21 of the GDPR.

6.1.7 Right to data portability – The User has the right to receive, in a structured, commonly used and machine-readable format, the personal data concerning them that they have provided to the Controller, and has the right to transmit that personal data to another controller without hindrance from the Controller to whom the personal data was provided, where the processing is based on consent and is carried out by automated means.

6.1.8 the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection.

6.2 If you wish to exercise the rights set out in section 6.1 of the Policy, please contact the Controller using the contact details provided.

§7 Transfer of personal data to third countries
Your personal data will not be transferred outside the European Economic Area.


§8 Cookie Policy

8.1 Purpose of using cookies

8.1.1 The Controller does not collect any information automatically, with the exception of information contained in cookies.

8.1.2 Cookies are used in a variety of ways.

8.1.3 Cookies are used for functional purposes, to personalise content, and for statistical, analytical and marketing purposes.

8.2 Types of cookies:

8.2.1 The website uses the following types of cookies:

  • „session cookies”, which are deleted from the hard drive once the browser session ends or the computer or mobile device is switched off
  • „persistent cookies”, which are stored on a computer or mobile device until they are manually deleted by the User using the relevant tools in their web browser or until they expire
  • „third-party cookies” are pieces of information placed by scripts from other websites.

8.2.2 The Website uses the following types of cookies:

  • „essential”, enabling the use of the services available on the Website,
  • „performance cookies”, which enable the collection of information on how the Website is used,
  • „functional”, enabling the „saving” of settings selected by the User and the personalisation of the User interface, e.g. in terms of the selected language or region,
  • „advertising”, enabling us to provide Users with advertising content that is better tailored to their interests.

8.3 Managing cookies:

8.3.1 By default, browser settings usually allow cookies and other information to be stored on the end-user’s device. If the User does not consent to these files being stored, they must adjust their web browser settings accordingly. It is possible to disable the saving of cookies for all connections from a given browser or for a specific website, as well as to delete them. The method of managing cookies depends on the software used. The current rules for managing cookies can be found in the settings of the web browser you are using.

8.3.2 Information on managing cookies on your mobile phone can be found
in the User Manual for that phone.

8.3.3 Consent to the use of cookies is voluntary. However, please note that restricting their use may hinder or prevent you from using some of the features of the website at: https://cyran.net.pl.

§9 Data security

9.1 The User’s personal data is stored and protected with due care, in accordance with
in accordance with the Controller’s internal procedures. The Controller processes the information
We protect Users’ personal data using appropriate technical and organisational measures that comply with the requirements of applicable law, in particular data protection legislation. These measures are primarily designed to safeguard Users’ personal data against unauthorised access.

9.2 In particular, access to Users’ personal data is restricted to authorised persons, who are obliged to keep such data confidential, or to entities entrusted with the processing of personal data under a separate data processing agreement.

§10 Final provisions

10.1 The Controller reserves the right to amend this Privacy and Cookies Policy. In such cases, an updated version will be published here.

10.2 In matters not covered by this Privacy Policy, the provisions of data protection legislation shall apply.

10.3 This Privacy Policy comes into effect on 29 August 2024.