ITALUX PRIVACY POLICY

This Privacy Policy is an integral part of the Italux Terms and Conditions. Definitions of terms used in this Privacy Policy are included in the Regulations. The provisions of the Regulations shall apply accordingly. The legal basis of the Privacy Policy is in particular the Act of August 29, 1997 on the protection of personal data (i.e. Journal of Laws of 2002, No. 101, item 926, as amended).

§ I. PERSONAL DATA

  1. The Administrator of Users' personal data is the Service Provider.
  2. The purpose and scope of the processed personal data is determined by the scope of consents and supplemented data sent using the appropriate Form. The processing of Users' personal data concerns the e-mail address, computer IP address and other data necessary to perform services provided in accordance with the Regulations. The nature of the services provided by the Service Provider makes it impossible to provide them anonymously.
  3. Users' personal data will be processed for the purpose of:

a) implementation of legal provisions,

b) creating a Customer Zone, implementing contracts for the provision of electronic services, including handling complaints and optimizing the Service Provider's services,

c) promotional and commercial activities of the Service Provider.

  1. Providing personal data and consenting to the sending of commercial offers is voluntary, but the lack of consent to the processing of personal data marked in the form as obligatory will prevent the Service Provider from performing services and contracts, subject to the section below.
  2. The processing of the User's personal data for marketing purposes of sending commercial offers requires a separate consent.
  3. These consents may be withdrawn at any time by the User by sending such a request to the e-mail address or the local address of the Service Provider provided in the Regulations or Contact. In addition, information collected as part of the provision of services is ad hoc and is deleted when it is not necessary to provide them.
  4. The legal basis for the processing of personal data in the case referred to above in section 3. lit. a, there is a statutory authorization to process data necessary to act in accordance with the law, while in the case referred to above in paragraph 3 lit. b.c., it is a contractual authorization to process personal data in the event that it is necessary to fulfill legally justified purposes pursued by the Data Service Provider or data recipients and the User's consent.
  5. Only authorized persons have access to the data collected on the Website. Personal data collected by the Service Provider are not made available to other persons, except for cases provided for by law or when such disclosure is necessary and indispensable for the Service Provider to perform services. Disclosure of personal data to unauthorized entities according to the Regulations may take place only with the prior consent of the User to whom the data pertains.
  6. Users have the right to control the processing of data concerning them contained in data sets, and in particular the right to: access their personal data, supplement and correct data by submitting such a request to the Service Provider, requesting temporary or permanent suspension of their processing or delete them if they are incomplete, outdated, untrue or have been collected in violation of the Act or are no longer necessary to achieve the purpose for which they were collected, object to the processing of their personal data - in cases provided for by law - and the right to request their removal, when they will become unnecessary for the purpose for which they were collected.
  7. Entrusted personal data is stored and secured in accordance with the principles set out, among others, in the regulation of the Minister of the Interior and Administration of April 29, 2004 on the documentation of personal data processing and technical and organizational conditions to be met by devices and IT systems used for personal data processing (Journal of Laws No. 100 , item 1024).
  8. The website may automatically store http queries, therefore the server log files may contain information about the User, including the IP address of the computer from which the query came, the name of the User's station, if possible, date and system time of registration on the website and incoming inquiries, the number of bytes sent by the server, information about the User's browser or information about errors that occurred during the execution of the http transaction.
  9. Log files can be analyzed in order to compile website traffic statistics and errors. This information is anonymous and the summary of such information does not identify Users. Logs may be collected as material for the proper administration of the Website. Only persons authorized to administer the IT system have access to information.

§ II. INFORMATION SECURITY

  1. The service provider uses technical and organizational measures to ensure the protection of personal data being processed appropriate to the threats and categories of data protected, and in particular secures data technically and organizationally against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of the Act and change, loss, damage or destruction, including SSL certificates are used. The set of collected Users' personal data is stored on a secured server and the data is also protected by the Service Provider's internal procedures in the field of personal data processing and information security policy.
  2. To log in to the Customer Zone, it is necessary to provide a login and password. To ensure an appropriate level of security, the password to access the Customer Zone exists only in encrypted form. In addition, work with the Website takes place in a secure https connection. Communication between the User's device and servers, in particular when making payments, is encrypted using the SSL (Secure Socket Layer) protocol.
  3. At the same time, the Service Provider indicates that the use of the Internet and services provided electronically may be at risk of malware entering the ICT system and User's device, as well as unauthorized access to User's data, including personal data, by third parties. In order to minimize these threats, the User should use appropriate technical security measures, e.g. using up-to-date anti-virus programs or programs protecting the User's identification on the Internet. In order to obtain detailed and professional information on maintaining security on the Internet, the Service Provider recommends obtaining them from entities specializing in this type of IT services.

§ III. COOKIES

  1. In order for the Website to function properly, the Service Provider uses Cookie files technology. Cookies are packets of information saved on the User's device via the Website, usually containing information in accordance with the purpose of a given file, by means of which the User uses the Website.
  2. Cookies usually containing the website address, date of placement, expiration date, unique number and additional information in accordance with the purpose of the file.
  3. The service provider uses two types of cookies: session cookies, which are permanently deleted at the end of the User's browser session, and persistent cookies, which remain after the end of the browser session on the User's device until they are deleted.
  4. On the basis of cookies, both session and persistent, it is not possible to determine the User's identity. The Cookies mechanism does not allow you to download any personal data.
  5. The Service Provider's cookies are safe for the User's device, in particular they do not allow viruses or other software to get into the device.
  6. External cookies (i.e. cookies placed by the Service Provider's partners) can be read by an external server.
  7. The user may disable the saving of cookies on his device, in accordance with the browser manufacturer's instructions, but this may result in unavailability of some or all of the Website's functions.
  8. The Service Provider uses its own Cookies for the following purposes: authentication of the User on the Website and maintaining the User's session; configuration of the Website and adjusting the content of the pages to the User's preferences, such as: recognizing the User's device, remembering the settings selected by the User; ensuring the security of data and the use of the Website; analyzes and audience research; providing advertising services.
  9. The Service Provider uses External Cookies for the following purposes of creating (anonymous) statistics that allow optimizing the usability of the Website, through analytical tools, including Google Analytics.
  10. The user can independently change the Cookie settings at any time, specifying the conditions for their storage, through the web browser settings or through the configuration of the service. The user may also independently delete cookies stored on his device at any time, in accordance with the instructions of the browser manufacturer.
  11. Detailed information on the use of Cookies is available in the web browser settings.