Privacy Policy

Privacy Policy

This document regulates the Privacy Policy and “cookies” for the website, available at https://cyran.net.pl, owned by Piotr Cyran, ul. Piastowska 4a, 72-600 Świnoujście.

§1 Personal data administrator

1.1 The administrator of your personal data is Piotr Cyran, ul. Piastowska 4a, 72-600 Świnoujście, NIP 8551558713, REGON 320845310 (hereinafter referred to as the Administrator).

1.2 Contact details of the Administrator:
Correspondence address: ul. Piastowska 4a, 72-600 Świnoujście
E-mail address: biuro@cyran.net.pl
Phone number: +48 91 888 78 88

1.3 Pursuant to art. 37 of the GDPR, the Personal Data Administrator has not appointed a Data Protection Officer (DPO) and independently performs the duties related to the protection of personal data.

§2 Definitions

Administrator – Personal Data Administrator, an entity that decides on the purposes and means of processing personal data

Personal data – information about natural persons, they concern a person identified or identifiable directly or indirectly; personal data are in particular the identification number, factors determining physical, physiological, mental, economic, cultural or social characteristics

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

Privacy and cookie policy – ​​this document, hereinafter referred to as the “Policy”

Service – the website operated by the Administrator at https://cyran.net.pl

Service user – any natural person visiting the Service or using at least one service provided by the Administrator or the Service’s function

Cookies – in Polish “cookies”, are small pieces of information in the form of a text string placed or read by the website in the web browser used by the User

JDG entrepreneurs – natural persons conducting business activity based on an entry in the Central Register and Information on Economic Activity

§3 Provisions general

3.1 The Administrator collects data of Users of the Service located at https://cyran.net.pl.

3.2 The type of data collected by the Administrator depends on the service offered by the Administrator that the User uses.

3.3 Personal data will be processed by the Administrator in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, referred to as the general regulation on the protection of personal data, hereinafter referred to as “GDPR”.

3.4 Providing any personal data is voluntary and depends on the User’s decision. However, in some cases, providing certain personal data is necessary to meet the User’s expectations in terms of using the services offered by the Administrator.

3.5 The services offered by the Administrator as part of the Service are offered to persons who are over 18 years of age. Therefore, the Administrator does not consciously process children’s personal data.

§4 Purpose, basis and time of data processing

4.1 Contact

4.1.1 Whose data is subject to processing?
Data of persons who contact via e-mail.

4.1.2 What data is subject to processing?
The personal data provided in the content of the e-mail message is subject to processing:

  • name and surname
  • e-mail address
  • phone number

4.1.3 What is the purpose of data processing?
Identification of the User contacting and providing an answer to the question asked.

4.1.4 What is the legal basis for data processing?
Legitimate interest – art. 6 sec. 1 letter f GDPR.

4.2.5 What is the period of data storage?
Until the expiry of the limitation period for claims.

4.1.6 Is the provision of data necessary?
Providing data is voluntary, but necessary for verification of the User.

§5 Entrusting and sharing personal data

In connection with the conducted business activity, the Administrator may disclose personal data to the following entities, if it is necessary to achieve the purposes of processing:

  • companies providing hosting services or IT solutions,
  • public bodies receiving data in connection with the implementation of the Administrator’s legal obligations,
  • companies providing marketing services to the Administrator,
  • employees and collaborators.

§6 Rights of the Service User

6.1 In connection with the processing of personal data, the User has the following rights:

6.1.1 the right to access the content of their data – the User has the right to obtain information regarding the personal data stored by the Administrator about themselves, including a copy of this data.

6.1.2 the right to rectify (correct) their data – the User has the right to request the rectification of their personal data, which are incorrect or incomplete.

6.1.3 right to delete data – the User has the right to demand the deletion of their personal data stored by the Administrator in the following cases: (a) the User’s personal data are no longer necessary for the purposes for which they were collected, (b) the User has withdrawn the consent on which the processing is based and there is no other legal basis for the processing, (c) the User has objected to the processing and there are no overriding legitimate grounds for the processing or the objection concerns the processing of data for direct marketing purposes, (d) the User’s personal data were processed unlawfully, (e) the personal data must be deleted in order to comply with a legal obligation under EU or national law.

6.1.4 right to withdraw consent to the processing of personal data for marketing purposes at any time – the User has the right to withdraw the expressed consent to the processing of personal data at any time. The withdrawal of consent to the processing will not affect the lawfulness of the processing carried out before its withdrawal.

6.1.5 right to limit data processing – the User has the right to request that the processing of their personal data be limited in the following cases:(a) the User questions the accuracy of the personal data, for a period allowing the Administrator to check the accuracy of this data,(b) the processing is unlawful and the User objects to the deletion of the personal data, requesting instead to limit their use,(c) the Administrator no longer needs the personal data for the purposes of processing, but they are necessary for the User to establish, pursue or defend claims,(d) the User has filed an objection under Article 21, Section 1 of the GDPR to the processing – until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for the objection.

6.1.6 right to file an objection to the processing of data (objection due to a special situation) – if the User’s personal data are processed on the basis of the Administrator’s legitimate interest, the User has the right to object at any time to the processing, in accordance with Article 21 of the GDPR.

6.1.7 the right to transfer data – the User has the right to receive in a structured, commonly used, machine-readable format the personal data concerning him/her that he/she has provided to the Administrator, and has the right to send this personal data to another administrator without hindrance from the Administrator to whom this personal data has been provided, if the processing is based on consent and in an automated manner.

6.1.8 the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection.

6.2 If you wish to use the rights listed in point 6.1 of the Policy, please contact us using the Administrator’s contact details.

§7 Transfer of personal data to third countries
The User’s personal data will not be transferred outside the European Economic Area.

§8 Cookie Policy

8.1 Purpose of using cookies

8.1.1 The Administrator does not collect any information automatically, with the exception of information contained in cookies.

8.1.2 Cookies are used in many ways.

8.1.3 Cookies are used for functional purposes, content personalization, statistics, analytics and marketing.

8.2 Types of cookies:

8.2.1 The Service uses the following types of cookies:

  • “session cookies”, which are deleted from the hard drive of a given browser session or when the computer or mobile device is turned off
  • “persistent cookies”, which are stored in the memory of the computer or mobile device until they are manually deleted by the User using the appropriate tools in the web browser or until they expire
  • “third party cookies”, this is information posted by scripts of other websites.

8.2.2 The following types of cookies are used within the Service:

  • “essential”, enabling the use of services available within the Service,
  • “performance”, enabling the collection of information on how the Service is used,
  • “functional”, enabling the “remembering” of settings selected by the User and personalizing the User interface, e.g. in terms of the selected language or region,
  • “advertising”, enabling the provision of advertising content to Users that is more tailored to their interests.

8.3 Managing cookies:

8.3.1 Most often, browser settings allow cookies and other information to be placed on the end device by default. If the User does not agree to the storage of these files, it is necessary to change the browser settings accordingly. It is possible to disable their storage for all connections from a given browser or for a specific website, as well as to delete them. The method offile management depends on the software used. The current rules for file management can be found in the settings of the web browser used.

8.3.2 Information on managing cookies on a mobile phone can be found
in the User Manual of the given phone.

8.3.3 Consent to the processing of cookies is voluntary. However, it should be remembered that restrictions on their use may make it difficult or impossible to use some of the functionalities of the website operated at the address: https://cyran.net.pl.

§9 Data security

9.1 The User’s personal data are stored and protected with due diligence, in accordance
with the implemented internal procedures of the Administrator. The Administrator processes information
about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular the provisions on personal data protection. These measures are primarily intended to protect the Users’ personal data against access by unauthorized persons.

9.2 In particular, only authorized persons who are obliged to keep this data secret or entities entrusted with the processing of personal data under a separate data entrustment agreement have access to the Users’ personal data.

§10 Final provisions

10.1 The Administrator reserves the right to change this Privacy and Cookies Policy. In such a case, an updated version will be published in this location.

10.2 In matters not regulated by this Privacy Policy, the provisions on the protection of personal data apply.

10.3 This Privacy Policy shall be effective from 29.08.2024.