Your privacy is very important to us, so we have prepared all the necessary information for you to understand what happens to your personal data when you use our website (service). Be welcome to read it!
PS: we have tried to prepare this information in an accessible form for you, avoiding sections, articles and legal jargon 🙂
This policy prepared has been prepared to help you understand:
Who we are?
What kind of your data we collect?
How do we use the collected data?
With whom do we share the collected data?
How we store and secure the collected data
How to exercise your rights under the GDPR?
Transfer of data outside the European Economic Area (EEA)
Other important information about your privacy
You leave your personal data with us when you use our products or services or otherwise interact with us (for example, by participating in our events and contests or by communicating with us), unless a different policy applies in a particular case that provides you with details about the processing in such situation. Such case may occur as we are not able to foresee all possible scenarios, that we might want to implement in the future.
You can find detailed information about how we process your data in specific processes in the information clauses tab.
Who we are?
We are called the Data Controller – this means that we are responsible for determining the purposes of collecting and processing your personal data, and we are required to provide you with all information related to your privacy on our websites.
As for the details, below you will find the details of our Company:
EDISONDA spółka z ograniczoną odpowiedzialnością sp.k. with its registered office in Krakow (31-039), Dietla Street 52/9, registered in the Register of Entrepreneurs under KRS number: 0000335987, having NIP (tax number): 6793017492 and share capital of PLN 190,000.00.
We have also appointed a person in our structure who takes care of the appropriate level of people’s privacy. This person is the Data Protection Officer (DPO or IOD, in Polish) – Marcin Troszak, whom you can contact in any situation in which you need additional clarification or are concerned about the security of your data. Contact e-mail to our DPO: email@example.com
What data do we collect about you?
We collect information about you when you provide it to us while using our services.
Information you provide to us
We collect information about you when you enter it into the services or otherwise provide it to us directly.
Personal information you provide through our services
This includes our websites that we own or operate. We collect data that you submit to these sites, including social media or social networking sites operated by us. For example, you provide us with personal information when you provide feedback or participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events. An additional action when you disclose personal information to us through our sites is when you participate in recruitment and apply for a position.
Information we collect automatically when you use the services
We collect information about you when you use our websites, including when you browse our websites and take certain actions on our websites.
Device and connection information
We collect information about your computer, phone, tablet or other device you use to browse our websites. Through your device, we also collect, among other things, information about your operating system, browser type, IP address, referring page URLs/device IDs, geographic location, age range and activity on the site. We use your IP address and/or your country preferences to provide you with a better experience on our websites.
Cookies and other tracking technologies
How do we use the data we collect?
We use your personal data to:
- provide you with newsletter services, including sending you commercial information. We will send you newsletters upon your consent to do so, or due to our legitimate interest to maintain positive business relationships with customers.
- organize corporate events that require us to collect your data in order to send you an invitation or allow you to attend the event. In this case, data processing is based on your consent or our legitimate interest to maintain positive business relations with customers.
- carry out other forms of marketing of the Controller’s own services, including maintaining fanpage-type websites, answering your questions and organizing promotions and other types of corporate events – in such case the basis for processing is your consent and/or the necessity of processing your personal data for the performance of the contract and the fulfillment of the Controller’s legitimate interest, which is to be considered marketing of its own services.
- carry out a recruitment process, i.e. to collect applications for a given position, conduct meetings with the candidate and select a candidate who meets the requirements of the offer on the basis of your consent or activities aimed at concluding a contract with you.
- purposes related to safety and security: we use your information to detect, prevent and respond to potential or actual security incidents and to monitor and protect against other malicious or illegal activities on our service.
- protect our legitimate business and legal interests and to protect our own claims, as well as to defend ourselves against possible claims, to exchange correspondence. In this case the basis of processing is our legitimate interest of the Controller, which we consider to be the fulfillment of the Controller’s statutory activities.
- profiling, which helps us to adjust the information sent to you. In practice, this is segmenting of users of the site based on the data collected on the website, e.g. if you have read an article related to a certain content, we may display you an advertisement related to such content. We base this on your activities undertaken on the site, interests, position, age range and geographic location. The basis for processing is our legitimate interest of the Controller, which we consider to be the fulfillment of the Controller’s statutory activities
To whom do we transfer the data we collect?
Transfer to external entities
Your personal data, may be disclosed to entities entitled to receive it under applicable laws, including relevant state authorities.
We also share or entrust for processing your personal data with external entities that help us operate, provide, improve, integrate, customize, support and market our services, among others:
- marketing and event agencies,
- external consulting or auditing entities,
- subcontractors involved in the provision of some of our services,
- entities providing technical services primarily related to the maintenance and delivery of IT systems and websites,
- entities providing services in the organization of training, conferences and other corporate events,
- entities providing postal services.
Sharing with affiliated companies
We share the information we collect with affiliated companies in Poland:
- Grant Thornton Frąckowiak P.S.A.
- Grant Thornton Legal Maślanko Kancelaria Prawna sp. k.
- Grant Thornton Polska P.S.A.
- Immusec sp. z o. o.
How we store and secure the data we collect
Information storage and security
We use industry-standard technical and organizational measures to secure the information we store. Although we implement safeguards to protect your information, no security system is 100% secure, so we strive to constantly monitor and oversee the level of security.
How long we keep information
This looks different in each process. If you want to know exactly the storage times look at the information clauses tab.
How to take exercise the rights granted to you by GDPR?
Depending on the specific processing activity, you have a corresponding catalog of rights that you may be entitled to. These include:
- the right of access to the data,
- the right to rectify data,
- the right to erasure of data,
- the right to restrict processing,
- the right to data portability,
- the right to object to the data processing.
If you wish to exercise the above rights, please contact our Data Protection Officer at: firstname.lastname@example.org
Remember that at any time you also have the right to lodge a complaint about the processing activities carried out by us to the competent supervisory authority. In Poland, this is the President of the Personal Data Protection Office – you can find more information here: https://uodo.gov.pl/pl/83/155.
Transfers of data outside the European Economic Area (EEA)
International transfers of the personal data we collect
In most cases, your personal data will not be transferred to a third country/international organization outside the EEA. In case of the provision of a newsletter service, personal data may be transferred to a third country, among others, to the USA. In any such case, we verify the provider to ensure adequate standards of personal data protection and enter into Standard Contractual Clauses with the provider, which is one of the measures for secure data transfer.
In the case of servicing certain clients, personal data, including the personal data of their employees, may be transferred to another Grant Thornton International affiliate located in a third country. Safeguards for such transfer are Standard Contractual Clauses, which are an appendix to the Inter Firm Agreement operating within Grant Thornton International.
Other important privacy information
If you have questions or concerns about how we handle your data, please direct your inquiry to our Data Protection Officer: email@example.com
Our website uses information stored by “cookie” files and other tracking technologies, i.e. computer data, stored on your devices, which are designed for the use of websites. These cookies allow to recognize your device and appropriately display̨ the website tailored to your individual preferences.
If you use the website without changing the settings of Cookies that are displayed when you access the website, it means that they will be stored on your end device. You can change your Cookie settings at any time in your web browser or through the mechanism available on our “Cookie Settings” page.
Types of cookies that we use
Our website uses the following Cookie files:
- essential: necessary for the proper functioning of the website – files processed on the basis of the justified interest of the controller (art.6(1)(f) GDPR);
- analytical: they allow us to study website traffic, learn about our users’ preferences, analyze their behavior on the site, and enable interactions with external networks and platforms – files processed based on the user’s voluntary consent (art.6.1.a GDPR);
- marketing: allow us to customize the advertisements and content displayed to our users’ preferences and run personalized marketing campaigns – files processed based on the user’s voluntary consent (Article 6(1)(a) GDPR).
Cookie storage time
Cookie files used by our service are stored according to the following information:
|Type / source (domain)||Type of cookie (expiry time)||Description|
|Edisonda (edisonda.pl)||_tcSessInfo (session)|
_tcfpup (1 year)
nQ_userVisitId (1 year)
moove_gdpr_popup (1 year)
nQ_cookieId (1 year)
ti_ukp (1 year)
_lfa (1 year)
|Google Analytics / Google Tag Manager (edisonda.pl)||_ga (1 year)|
_gid (24 hours)
SNID (1 year)
Our website uses Google Analytics – detailed information about how Google uses the data collected from the use of our partners’ websites and applications is available at www.google.com/policies/privacy/partners/.