Privacy policy describes the principles of processing your information, including personal data and cookies, within the website www.doit.biz.pl.
I. General information
a. This policy applies to the website www.doit.biz.pl.
b. The website operator and personal data administrator is DOIT.BIZ Sp. z o.o., ul. Wrzosowa 28, 62-023 Borówiec Poland.
c. Operator’s email contact address: office@doit.biz.pl
d. The operator is the administrator of your personal data with regard to the data voluntarily provided on the website.
e. The website uses personal data for the following purposes:
i. Newsletter management
ii. Online chat conversations
iii. Handling inquiries via the form
iv. Providing ordered services
v. Presenting offers or information
II. The website collects information about users and their behavior in the following ways:
a. By voluntarily entering data in forms that are entered into the operator’s systems.
b. By saving cookies in end devices.
III. Selected methods of data protection used by the operator
a. Login and personal data entry areas are protected by a transmission layer (SSL certificate). This encrypts personal data and login data entered on the site, which can only be read on the target server.
b. Personal data stored in the database are encrypted in such a way that only the operator holding the key can read them. This protects the data in case the database is stolen from the server.
c. User passwords are stored in hashed form. Hashing works one way only, meaning that it is not possible to reverse it. This is the current standard for storing user passwords.
d. The website uses two-factor authentication, which provides an additional form of login protection.
e. The operator periodically changes their administrative passwords.
f. The operator regularly performs backup copies to protect the data.
g. Regularly updating all software used by the operator to process personal data is an important element of data protection, including regular updates of programming components.
IV. Hosting
a. The website is hosted (technically maintained) on unixstorm.org servers.
V. Your rights and additional information about data usage
a. In some situations, the administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the administrator. This applies to such recipient groups:
b. Hosting companies on the basis of entrustment
c. Couriers
d. Postal operators
e. Operators of online chat solutions
f. Authorized employees and associates who use data to achieve the purpose of the website’s operation
g. Companies providing marketing services to the administrator
VI. Your personal data processed by the administrator will not be stored longer than necessary to perform activities related to them specified by separate regulations (e.g. accounting). Regarding marketing data, the data will not be processed for longer than 3 years. You can familiarize yourself with the administrator’s information obligation under GDPR.
VII. You have the right to request from the administrator:
a. Access to your personal data,
b. Correction of your personal data,
c. Deletion of your personal data,
d. Restriction of data processing,
e. Data portability.
VIII. You have the right to object to the processing specified in point 3.3 c) regarding the processing of personal data for the purposes of legitimate interests pursued by the administrator, including profiling, provided that the right to object cannot be exercised if there are compelling legitimate grounds for processing, overriding your interests, rights, and freedoms, especially the establishment, exercise, or defense of legal claims.
IX. You have the right to lodge a complaint with your local GDPR supervisory authority, regarding the actions of the administrator.
X. Providing personal data is voluntary but necessary for the operation of the website.
XI. Actions may be taken against you involving automated decision-making, including profiling, to provide services under a contract and to conduct direct marketing by the administrator.
XII. Personal data is transferred to third countries within the meaning of the provisions on personal data protection. This means that they are sent outside the European Union.
XIII. Information in forms
XIV. The website collects information voluntarily provided by the user, including personal data, if provided.
XV. The website may save information about connection parameters (time stamp, IP address).
XVI. In some cases, the website may save information that facilitates linking the data in the form with the email address of the user filling out the form. In this case, the user’s email address appears inside the URL of the page containing the form.
XVII. Data provided in the form is processed for the purpose resulting from the function of a specific form, e.g. to process a service request or commercial contact, register services, etc. Each time, the context and description of the form inform clearly what it is used for.
XVIII. Administrator’s logs
a. Information about user behavior on the website may be subject to logging. This data is used to administer the website.
XIX. Important marketing techniques
a. The administrator uses statistical analysis of traffic on the website through Google Analytics (Google Inc. based in the USA). The administrator does not provide personal data, including anonymized information, to Google Inc. The service is based on the use of cookies on the user’s device. In terms of user preferences collected by the Google advertising network, the user can view and edit information from cookies using the tool: https://www.google.com/ads/preferences/
b. The administrator uses remarketing techniques to match advertising messages to user behavior on the website, which may give the impression that the user’s personal data is being used to track them, but in practice no personal data is transmitted from the administrator to advertising operators. The technological condition for such actions is the enabled support for cookies.
c. The administrator uses and utilizes the Facebook pixel. This technology means that Facebook (Facebook Inc. based in the USA) knows that a particular registered person is using the website. In this case, it is based on data for which the administrator is the administrator, and the administrator does not provide any additional personal data to Facebook. The service is based on the use of cookies on the user’s device.
d. The administrator uses a solution to analyze user behavior by creating heat maps and recording behavior on the website. This information is anonymized before being sent to the service operator, so they do not know which individual the data is about. In particular, entered passwords and other personal data are not subject to recording.
e. The administrator uses a solution to automate the website’s operation for users, e.g. sending an email to the user after visiting a specific subpage, provided that the user has consented to receiving commercial correspondence from the administrator.
XX. Information about cookies
a. The Service uses cookies.
b. Cookies are computer data, especially text files, which are stored in the end device of the Service User and are intended to be used for the Service’s websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device and a unique number.
c. The entity placing cookies on the end device of the Service User and accessing them is the Service operator.
d. Cookies are used for the following purposes:
i. maintaining a Service User’s session (after logging in), which allows the user to not have to re-enter their login and password on each subpage of the Service;
ii. carrying out the purposes specified in the “Important marketing techniques” section above;
XXI. Within the Service, two basic types of cookies are used: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the Service User’s end device until they log out, leave the website or close the software (web browser). “Persistent” cookies are stored on the Service User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
XXII. Web browsing software (web browser) usually allows cookies to be stored on the Service User’s end device by default. Service Users can change their settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.
XXIII. Limitations on the use of cookies may affect some functionalities available on the Service’s websites.
XXIV. Cookies placed on the Service User’s end device can also be used by entities cooperating with the Service operator, in particular by companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
XXV. Managing cookies – how to express and withdraw consent in practice?
a. If the user does not want to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, and user preferences may make it difficult, and in extreme cases may prevent the use of websites.
b. To manage cookie settings, select the web browser you are using from the list below and follow the instructions:
Mobile devices:
