§1 Definitions
- Service – the website “Kloslegal” operating at https://kloslegal.pl/
- External Service – websites of partners, service providers, or clients cooperating with the Administrator
- Service / Data Administrator – the Service Administrator and Data Administrator (hereinafter the Administrator) is the company “Bogumił Kłos KANCELARIA RADCY PRAWNEGO BOGUMIŁ KŁOS”, operating at: ul. Jacka Malczewskiego 7, 05-850, with tax identification number (NIP): 9482256434, providing electronic services via the Service
- User – a natural person for whom the Administrator provides electronic services through the Service
- Device – an electronic device with software through which the User accesses the Service
- Cookies – text data collected in the form of files placed on the User’s Device
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- Personal data – information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
- Processing – any operation or set of operations performed on personal data or sets of personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
- Restriction of processing – marking stored personal data with the aim of limiting their processing in the future
- Profiling – any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movements
- Consent – any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them
- Personal data breach – a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed
- Pseudonymization – processing of personal data in such a manner that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures
- Anonymization – an irreversible process of transforming data in such a way that “personal data” is destroyed or overwritten, preventing identification or association of a given record with a specific user or natural person
§2 Data Protection Officer
Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.
For matters related to data processing, including personal data, please contact the Administrator directly.
§3 Types of Cookies
- Internal Cookies – files placed and read from the User’s Device by the ICT system of the Service
- External Cookies – files placed and read from the User’s Device by ICT systems of External Services
- Session Cookies – files placed and read during a single session of a given Device and deleted after the session ends
- Persistent Cookies – files stored on the User’s Device until manually deleted
§4 Data storage security
- Cookie storage and reading mechanisms – mechanisms used by browsers do not allow retrieving other data from the User’s Device.
- Internal cookies – cookies used by the Administrator are safe and do not contain scripts or content that threaten security.
- External cookies – the Administrator makes every effort to verify partners but does not control cookie content from external partners.
- Cookie control
- Users can change cookie settings at any time.
- Information on disabling cookies is available here: how to disable cookies
- Users can delete cookies at any time using their device tools.
- User-side risks – the Administrator applies technical measures but cannot be responsible for threats caused by malware on the User’s device.
- Personal data storage – the Administrator takes all reasonable steps to secure personal data.
§5 Purposes for which cookies are used
- Improving and facilitating access to the Service
- Personalization of the Service for Users
- Statistics (users, visits, device types, etc.)
§6 Purposes of personal data processing
Personal data voluntarily provided by Users are processed for:
- Providing electronic services
- Communication with Users
- Ensuring the legitimate interest of the Administrator
Anonymous data collected automatically are processed for:
- Statistical purposes
- Ensuring the legitimate interest of the Administrator
§7 Cookies of external services
The Administrator uses JavaScript scripts and web components from partners who may place cookies on the User’s Device.
- Statistics:
Services provided by third parties remain outside the Administrator’s control.
§8 Types of collected data
The Service collects user data.
Anonymous data collected automatically:
- IP address
- Browser type
- Screen resolution
- Approximate location
- Visited subpages
- Time spent on the page
- Operating system
- Previous page address
- Referring page address
- Browser language
- Internet connection speed
- Internet service provider
Data collected during registration:
- Name / surname / nickname
- Login
- Email address
- Phone number
- IP address
Data collected for Newsletter:
- Email address
§9 Access to personal data by third parties
As a rule, the only recipient of personal data is the Administrator.
§10 Method of personal data processing
Personal data provided voluntarily:
- Personal data will not be transferred outside the EU unless published by the User.
- Personal data will not be used for automated decision-making (profiling).
- Personal data will not be sold to third parties.
Anonymous data collected automatically:
- Anonymous data may be transferred outside the EU.
- They will not be used for automated decision-making.
- They will not be sold to third parties.
§11 Legal basis for processing
The Service processes data based on:
- Regulation (EU) 2016/679 (GDPR)
- Act of 10 May 2018 on Personal Data Protection
- Telecommunications Law of 16 July 2004
- Act of 4 February 1994 on Copyright
§12 Data retention period
Personal data are stored for the duration of service provision and deleted or anonymized within 30 days after termination.
§13 Users’ rights
Users have the right to:
- Access their personal data
- Rectify personal data
- Delete personal data
- Restrict processing
- Data portability
- Object to processing
- Lodge a complaint with the supervisory authority
§14 Contact with the Administrator
- Postal address – Bogumił Kłos KANCELARIA RADCY PRAWNEGO BOGUMIŁ KŁOS, ul. Jacka Malczewskiego 7, 05-850
- Email – bogumil.klos@kloslegal.pl
- Phone – +48 698 698 952
- Contact form – https://kloslegal.pl/#contact
§15 Service requirements
- Disabling cookies may cause some Service functions to malfunction.
- The Administrator is not responsible for improper functioning caused by disabling cookies.
§16 External links
The Service may contain links to external websites that are outside the Administrator’s control.
§17 Changes to the Privacy Policy
- The Administrator reserves the right to modify this Privacy Policy.
- Users will be informed about changes concerning personal data processing via email.
- Changes will be published on this page.
- Changes enter into force upon publication.