PL | EN |

PRIVACY POLICY

 
 Cookie and Privacy Policies
of www.podaniolami.pl service („Privacy Policy”)

This Privacy Policy has been developed in the interests of the persons visiting the www.podaniolami.pl website and using the services offered there. It has also been developed as the fulfilment of the information obligation under Art. 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council as of 27 April, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/CE (General Data Protection Regulation) (EU Official Journal L119 as of 4.05.2016, p. 1) (hereinafter: „GDPR”).

We kindly inform you that the data acquired with relation to the service are protected from the use by any unauthorised persons, pursuant to the provisions of the generally binding law, including in particular: GDPR, Personal Data Protection Act as of 10 May, 2018 (Journal of Laws, 2018, item 1000) and the Electronic Services Act as of 18 July, 2002 on providing services by electronic means (Journal of Laws, 2018, item 650, as amended). This Privacy Policy is disclosed to all the entities concerned. The service is open to anyone interested.

The service owner is allowed to gather personal data and the data of other nature. Depending on the nature of the data, their gathering is either automatic or is a result of the activities of the persons visiting the website.

I. General Information

1. The person who is the Service Owner and Operator is Jacek Łodziński, who conducts a single-person business activity under the following name: Jacek Łodziński Restauracja „Pod Aniołami” [„Pod Aniołami” Restaurant] with registered office in Kraków, addres: ul. Grodzka 35, 31-001 Kraków, Taxpayer ID No 6760112481, Business Registration No 350857583 (hereinafter: „Entrepreneur”). According to the GDPR provisions, the Entrepreneur is also the Administrator of the service users’ personal data (hereinafter: „Administrator”).
2. Within the activities performed, the Administrator uses cookies files in such a manner that by user traffic monitoring and analyzing it takes up marketing actions. However, for the performance of the actions referred to in this item, the Administrator does not process personal data within the meaning of GDPR.
3. The service carries out the functions of the acquisition of the service users information and their conduct in the following way:
a. The service automatically gathers the information contained in the cookies files.
b. By voluntary entering personal information by the service users in the questionnaires made available in the service.
c. By automatic gathering of the web server logging by the hosting operator.
4. Cookies files (the, so-called, „cookies”) are the IT data, particularly the text files which are stored on the Website User’s end device, and they are intended to use the service websites. As a rule, cookies contain the name of the website they come from, the time of their storage in the end device and their unique number.
5. In the course of visiting the service, users’ data concerning a given visit in the service and including, among others, the IP address, type of browser, domain name, number of views, website addresses from which the service was entered, or time of using the service, can be automatically gathered. These data are not personal data and they do not allow to identify the person using the service.
6. Within the service there may be links to other websites. The Administrator does not bear any responsibility for the privacy principles binding on these websites. At the same time, the Entrepreneur encourages the user to become acquainted with the privacy policy established within these websites. This privacy policy does not refer to other website services.

7. The entity that stores cookies files on the web user’s end device and obtains access to them is the service owner.
8. Cookies files are used in order to create statistics which help to understand how the service users use the websites, which enables the improvement of their structure and content.
9. Within the service, the so-called „strictly-necessary” cookies are used among others, which enable the use of the services available within the service.
10. The service uses in particular two principal types of cookies files: „session” and „permanent” cookies. Session cookies are temporary files, stored in the end device till the time when a given user leaves the website or switches off the Internet browser (e.g. Chrome, Mozilla, Opera). In the case of permanent cookies files, they are stored in the user’s end device for the time determined in the cookies files parameters or till they are removed by the service user.
11. It has to be noted that in majority of cases the software used for browsing the websites implicitly allows to store cookies files in the service user’s end device. Service users find it possible to make changes in the settings concerning cookies files. The settings can be changed with an option of the Internet browser, e.g. in the way that makes automatic service of cookies files impossible or which enforces informing the service user about each storage of cookies files in his/her device. Detailed information concerning the possibilities and ways of cookies files service is available in the Internet browser settings.
12. Cookies files stored in a given user’s end device can also be used by advertisers cooperating with the service co-owner or partners.

II. Personal data processing, information about forms

1. Personal data of the service users can be processed by the Administrator only in the situations specified in Art. 6 par. 1 of GDPR, especially including the situation when the service user consents to it by marking the proper box in the booking form in the service in order to take up actions which the form relates to (Art. 6 par. 1 ”a” of GDPR).
1. Within the service, the personal data that are processed are those which are voluntarily supplied by the service users. The Administrator processes personal data of the service users exclusively in the scope necessary for the purposes specified in item 1 above and for the period necessary for the pursuing of the goals, or till the service user’s consent is withdrawn. If the service user does not accept this Privacy Policy, it can result in certain cases in the lack of possibility to implement the goals for which specifying the data is indispensable.
2. Within the booking form stored in the service the following personal data of the service user can be gathered: first name, surname, e-mail address, telephone number.
3. Personal data supplied by the user can be transferred by the Administrator to third parties cooperating with the Administrator in relation to the implementation of the goals specified in item 1.
4. The data supplied in the form stored in the service are processed for the purposes resulting from the function of a specific form, and, moreover, they can be used by the Administrator for filing and statistic purposes. The acceptance of this Privacy Policy is done by marking a proper box in the form, which certifies at the same time that the service user has become acquainted with and accepts this Privacy Policy of the service.
5. The data supplied in the forms can be transferred to the entities which technically implement certain services. This particularly concerns the transfer of information about the owner of the domain registered to the entities that are the Internet domain operators.
6. Personal data of the service users are stored in the database where technical and organization means have been applied to protect the data processed according to the requirements specified in the applicable regulations.
7. In cases provided for by law, the Administrator can make some personal data of the users available to third parties for the purposes related to the protection of the third parties’ rights.
8. The Administrator reserves the right to send e-mails to all service users notifying of important changes in the service and changes in this Privacy Policy. The Administrator may send e-mails of commercial nature, especially advertisements and other texts that have a nature of trade information, if the service user has consented to it. Advertisements and other texts that have a nature of trade information can also be attached to the e-mails incoming or outgoing from the system account.

a. Server logs

According to the adopted practice of a majority of the Internet services, the service operator stores the http inquiries directed to the service operator’s server (information of certain types of service users’ conduct is subject to logging in the server layer). The resources surveyed are identified by URL. The information stored in the log files of the website server includes among others:
a. public IP address of the computer from which an inquiry has been sent;
b. information about the Internet browser of the service user;
c. the time when the service user started his/her visit in the service and the time when he/she finished the visit.
The above data are not associated with any specific persons browsing the websites available within the service. In order to ensure the best possible service quality, the service operator occasionally analyzes the log files in order to determine which webistes in the service are most frequently visited, which Internet browsers are used, whether the website structure contains any errors or not, art.
1. The logs gathered by the operator are stored for the period of one year as auxiliary material for the correct administration of the service. Information contained in th logs shall not be disclosed to any entities other than the operator or entities related to the operator by the person, capital or contract. On the basis of the information contained in the files, statistics can be generated that help in the service administration. Summaries containing such statistics do not contain any features identifying the persons visiting the service.

b. Rights of the service users concerning their personal data.

Pursuant to Art. 15 – 22, and Art. 77 of GDPR, each service user has the following rights:

1. Right to access the data (Art. 15 of GDPR)

The person whom the data refer to is entitled to obtain from the Administrator a confirmation that the data being processed are this person’s data, and if this is the case, such person is entitled to have access to such data. Pursuant to Art. 15, the Administrator shall provide the person whom the data refer to with a copy of personal data subject to processing.

2. Right to correct the data (Art. 16 of GDPR)
The person whom the data refer to is entitled to request that the Administrator immediately corrects the personal data concerning this person that are incorrect.

3. Right to remove the data (”right to be forgotten”) (Art. 17 of GDPR)
The person whom the data refer to is entitled to request that the Administrator immediately removes the personal data concerning this person, and the Administrator is obliged to remove without delay all the personal data, if any of the following occurs:
a. Personal data are no longer necessary for the purposes they were gathered or processed in any way;
b. The person whom the data refer to has withdrawn the consent to process such data;
c. The person whom the data refer to is filing an objection under Art. 21 par. 1 concerning the processing and there are no legally superior grounds for such processing.

1. Right to limit the processing (Art. 18 of GDPR)

The person whom the data refer to is entitled to demand that the Administrator limits the data processing in the following cases:
a. The correctness of personal data processed is questioned;
b. The processing of personal data is illegal, and the person whom the data refer to objects to the removal of the data and demands limitation of their use;
c. The Administrator does not need the personal data any more, but they are necessary to the person whom they refer to, in order to establish, settle or protect the claims of that person;
d. The person made an objection with regard to the data processing for the reasons related to its specific situation, till the time it is found whether there are legally justified grounds for such objection.

2. Right to transfer the data (Art. 20 of GDPR)

The Administrator can, at the service user’s request, issue the data concerning the person in a structured, commonly used, machine-readable format or transfer them to another entity, if it is possible.

3.  Right to object (Art. 21 of GDPR)

If the service user makes an objection concerning his/her personal data processing, justified by the specific situation, and the data are processed by the Administrator based on the Entrepreneur’s well-grounded interest or the task entrusted to the Entrepreneur in the public interest, the Entrepreneur will take this objection into consideration unless there are any legal grounds for processing at the Entrepreneur’s side that are superior to the interests, rights or liberties of the person making the objection or grounds for establishing, settling or protecting the claims.

4. Right to file a complaint (Art. 77 of GDPR)

If the service user thinks that his/her data are processed by the Entrepreneur in an unlawful manner, he/she is entitled to file a complaint to the President of the Office for Personal Data Protection or any other supervisory body.

c. Contact with the Administrator

In order to pursue their rights, the service user can always contact the personal data Administrator. Such contact is possible in the Entreprenuer’s registered office in Kraków at ul. Grodzka 35, 31-001 Kraków, in writing, by sending an applicable request to the registered address or by e-mail to: biuro@podaniolami.pl.

This website applies cookies files:
They helpu s to better adjust our website to your needs and preferences. Detailed information about cokies files can be found in our Privacy Policy