Privacy policy

I. General provisions

1. This Privacy Policy concerns the rules of using websites functioning at the following addresses: list of services, which are hereinafter called jointly “Sites” and individually the “Site”.

2. This Privacy Policy specifies the rules of processing all information constituting personal data that are collected in connection with the use of Sites by Users.

II. Personal data controller

1. The personal data controller is Agencja Rozwoju Aglomeracji Wrocławskiej Spółka Akcyjna, a joint-stock company based in Wrocław, pl. Solny 14, Tax Identification Number (NIP) 897-171-03-46, 50-062 Wrocław, National Business Registry Number (REGON) 020204230, registered in the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Department of the National Court Register (KRS) under the number KRS 0000248319, with fully paid nominal capital of PLN 26,190,990.00, hereinafter called the “Controller”.

2. The Controller attaches great importance to the protection of the privacy and confidentiality of personal data of users of Sites and exercises due care to select and use appropriate technical and organisational means ensuring the protection of processed personal data. The Controller protects personal data from their unauthorised disclosure as well as their processing in violation of applicable legal provisions.

III. Legal basis of data processing

1.The Controller processes information about the User in accordance with legal provisions, particularly the Regulation of the European Parliament and the Council (EU) 2016/679 of 27 April 2016 on the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter called GDPR).

2. On the basis of the provisions of GDPR, the Controller is entitled to process the User’s personal data in the following circumstances:
a. the User consents to the processing of his personal data,
b. the processing of the User’s personal data will be necessary to fulfil the Controller’s legal obligation,
c. when this is necessary for the purposes resulting from legitimate interests of the Controller or third parties.

3. The Controller is entitled to process personal data collected by third parties that have been made available to the Controller on the basis of the data processing agreement.

4 .During the performance of various tasks and projects being carried out with the help of or via Sites, the Controller co-operates with third parties, in particular with the Municipality of Wrocław. In such cases, the Controller may process personal data at the request of such third parties as the Processor within the meaning of Article 28 of GDPR, which will be notified to the User, and the Controller will meet all requirements specified in this provision.

IV. Scope of personal data processing

1. The use of Sites will not require registration by the User or the submission of any personal data. In some situations, reporting certain data will be required for the purpose of access to a specific service, particularly a competition. These services include:
a. newsletter service based on sending trade information subject to the User’s consent,
b. the possibility of commenting articles and events,
c. the publication of ads,
d. participation in conferences.

2.In cases described in par. 1, the Controller may process the following personal data of the User:
a. first name and surname,
b. nick,
c. phone number,
d. e-mail address.

3.The User may also express his consent to making his personal data available to the Controller for the Controller's marketing purposes.

4.Irrespective of the above, the User using Sites may make the following data available to the Controller:
a. IP address,
b. URL address of the request,
c. domain name,
d. type of browser,
e. number of interactions with the Site,
f. amount of time spent on the Site,
g. date and time of using the Site,
h. geolocation data,
i. technical information about the device.

5. The aim of the processing of data referred to in par. 3 by the Controller is to analyse activities of Users who use the Site and to customise the content of Sites, particularly ads, to the User’s preferences. The data referred to in par. 3 are collected in an automated manner. The User’s consent will allow the Controller to customise the content of ads. The User’s consent is voluntary and is not required for the proper use of Sites. If the User does not give his consent in this respect, the Controller undertakes not to process the User’s data.

V. Period of personal data processing

Personal data submitted by the User will be stored for the following periods:
1. cookies – 1 year,
2. analytic data – 26 months (from the last visit to the Site),
3. participation in a competition – 6 years,
4. other data – 2 years, unless the consent to personal data processing is revoked, data are removed upon request or an objection is made.

VI. Availability of data to other entities

Personal data of Users may be made available to the following entities:
a. the Controller’s employees and collaborators authorised to process personal data,
b. the Controller’s partners (List of partners),
c. public authorities to which data will be submitted due to pending proceedings and on the basis of applicable legal provisions.

VII. User's rights

1. The User who has submitted personal data is entitled to:
a. access the content of his data,
b. rectify his data,
c. modify his data,
d. restrict the scope of data processing,
e. delete his data,
f. transfer his data (data portability).

2. In addition to the rights referred to above, the User may revoke his consent to process data submitted by the User at any time. When the Controller learns that User’s consent has been revoked, the Controller will immediately take actions to remove stored data.

3. The User may exercise the rights referred to above by contacting the Controller as specified in Chapter XI item 2 of this Privacy Policy.

4. The User is entitled to submit a complaint to the supervisory authority (Chief Data Privacy Officer) if he thinks that data are processed by the Controller in violation of the applicable law, particularly the provisions of GDPR.

VIII. Profiling and targeting

1. The Controller places profiled ads and targeted ads on the Site.

2. Targeting means the identification of specific factors due to which it is possible to adjust the User to a group of other Users with similar preferences and general characteristics.

3. Profiling means any form of automated processing of personal data that consists in the use of personal data for the evaluation of some personal factors of a natural person, particularly for an analysis or forecast of aspects concerning the results of work of this natural person, his economic situation, health, personal preferences, hobbies, credibility, behaviour, location or movement.

4. Ads and contents addressed to the User’s devices and browsers will be published on Sites according to the following criteria:
a. geolocation,
b. displaying on the specific Site,
c. displaying in articles on specific topics,
d. technical information about the User’s device.

5. Within the scope of submitted data, the Controller will assign each User to a specific category in order to adjust ads to Sites used by Users.

6. Any received information and data about Users may be transferred to partners in connection with profiling and targeting.

IX. Cookies

1. The Site automatically collects data contained in cookies.

2. “Cookies” mean IT data, particularly text files, that are stored in User’s end devices and are intended for the use of websites.

3. Cookies are used by the Controller only for the operation of the Site, including the identification of the User’s device, the display of pages of the Site in a manner adapted to the User’s individual needs, the creation of anonymous statistics of the Site and the improvement of the efficiency and effectiveness of using Sites.

4. Cookies are not used for the acquisition of any personal data of Users.

5. The User may consent to the storage of cookies by checking the consent box in the dialogue window concerning cookies immediately upon downloading of the Site by the browser. The User’s consent to the storage of cookies is given voluntarily. Cookies for which the User may give his consent are divided into three categories:
a. cookies concerning functionality that allow primary functionalities to be displayed on the web page.
b. cookies concerning efficiency that allow the Controller to improve the efficiency of the website.
c. cookies concerning advertising contents that have an impact on the display of ads.

6. In each case, the User may block the installation of cookies, delete permanent cookies or otherwise change the conditions or storage or receipt of cookies using relevant options of his web browser, e.g.:
a. in Internet Explorer (https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies)
b. in Mozilla Firefox (http://support.mozilla.org /pl/kb/ciasteczka)
c. In Google Chrome (http://support.google.com/ chrome/bin/answer.py?hl=pl&answer=95647)
d. in Opera (http://help.opera.com /Windows/12.10/pl/cookies.html)
e. in Safari (https://support.apple.com/kb/PH5042?locale=en-GB)

It is stipulated, however, that disabling cookies in the browser may cause difficulties in using the Site.

X. Security of the User’s and children’s data

1.The Controller undertakes to use adequate technical means to achieve the maximum level of security with regard to the User’s personal data, making every effort to prevent any unauthorised access to data.

2. The Controller undertakes to protect data from accidental or unlawful disclosure to unauthorised persons, destruction, loss, damage, alteration and processing in violation of the applicable law.

3. The Controller represents that it will not intentionally collect and process personal data reported by persons aged below 16 years without obtaining prior consent from their parents or other legal representatives.

4. If the Controller learns that it has obtained unintentionally any personal data of a person aged below 16 years, the Controller undertakes to take immediate action to cease the processing of such data and delete them.

XI. Final comments

1. This Privacy Policy may change due to the technological process or modification of existing standards. Therefore, the Controller undertakes to review the Policy periodically and regularly to introduce the most recent legal and technological updates.

2. In the case of any doubts concerning the content of this Policy, you can obtain clarification after sending a message to the Controller by e-mail: rodo@araw.pl or by post:
Agencja Rozwoju Aglomeracji Wrocławskiej S.A.
RODO
pl. Solny 14
50-062 Wrocław.