Privacy Policy

In order to ensure the Users’ security and explain the need for the processing of personal data and other information related to the Users, as well as the rules governing this process, a privacy policy (hereinafter referred to as: “Privacy Policy”) has been posted on the website of Summa Linguae S.A., available at https://summalinguae.com.

The Privacy Policy is compliant with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

The Privacy Policy enters into force on 25 May 2018.

  1. Personal Data Controller and Inspector
    • Summa Linguae S.A., based in Krakow at 63 Josepha Conrada Street, 31-357 Krakow, shall be the controller of personal data processed in connection with the operation of the Website (“Controller”).
    • Contact with the Controller is possible on business days from 9 am to 5 pm by phone on +48 12 293 93 80 or by email to office@summalinguae.com.
    • The Controller has designated a Personal Data Inspector (“PDI”). This function shall be held by Michał Zdanowski. Contact with PDI is possible by phone on + 48 12 293 93 80 or by email to iod@summalinguae.com.

 

  1. Definitions

All terms that are capitalized and not otherwise defined herein shall have the meanings assigned to them in the Rules and Regulations available at https://summalinguae.com/pl/polityka-prywatnosci/.

Cookies           IT data, in particular small text files, saved and stored on devices, by means of which the User uses the Website.

Website           Website, available at https://summalinguae.com, via which the Controller provides online services to the User.

User                A natural person using the Website that is bound or may be bound by an agreement on the provision of services in electronic form.

GDPR              Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Rules and Regulations            Rules and Regulations governing the provision of online services by the Controller through the System, available at https://summalinguae.com/pl/regulamin/.

 

  1. Purpose and Grounds for the Processing of Data within the Website
    • The Controller shall process the services Users’ personal data collected through the Website for the following purposes:
  • to provide to the User online services described in detail in the Rules and Regulations.

The User’s personal data shall be processed under Article 6(1)(b) of the GDPR – in order to execute the agreement to which the User is a party or to take action at the User’s request before the agreement is concluded;

  • to handle the User’s inquiries sent to the Controller through the contact form available on the Website.

The User’s personal data shall be processed under Article 6(1)(a) of the GDPR – upon the User’s consent. Such consent may be withheld by the User at any time.

  • As regards the email address provided by the User: for direct marketing purposes of the Controller, including providing the User with commercial information relating to the Controller’s new services.

The User’s personal data shall be processed under Article 6(1)(a) of the GDPR – upon the User’s consent. Such consent may be withheld by the User at any time.

  • Personal data of the Client may be processed by the Controller to be automatically processed by profiling. Profiling shall mean any form of automated processing of personal data by the Service Provider, which involves the use of personal data to assess certain personal factors, in particular to analyse or forecast preferences, interests, credibility, behaviour, location or movement of the Client.
  1. Types and Sources of Personal Data Processed by the Controller
    • In order to meet each objective of data processing the Controller may process the following personal data of the Users:
  • Name and surname

With respect to the quotation form

  • Phone number

With respect to the quotation form and contact form, provided that the User has granted consent to the Controller to contacts by phone.

  • Email address

With respect to the quotation form and contact form.

  • Other personal data of the User made available to the Controller in documents provided for quotation or contained in the “Message” box, available in the quotation form and the contact form.
    • The above personal data shall be provided on a voluntary basis, but they may be necessary to conclude with the Controller an agreement on the provision of services in electronic form and to execute this agreement. The email address shall be necessary also to enable the Controller to provide the User with commercial information.
    • The Controller shall specify and mark that personal data the provision of which is required for the aforementioned purposes.

 

  1. User’s Rights Related to the Processing of Personal Data

In connection with the processing of the User’s personal data by the Controller the User shall have various rights described below.

  • The User shall have the right to be informed about the manner in which the Controller uses the User’s personal data and to have access to this data.
  • The User shall have the right to request to have its personal data corrected, deleted or to be processed to a lesser extent.
  • The User shall have the right to object to the processing of its personal data.
  • As for data provided to the Controller automatically – the User shall have the right to receive this information in a structured, commonly used machine-readable format or to transfer it directly to another controller of personal data, if technically possible.
  • In so far as the User’s data is processed under the User’s consent, in particular for the Controller’s direct marketing purposes, the User shall have the right to withhold its consent at any time, which shall be without prejudice to the lawfulness of data processing prior to the withdrawal date.
  • The User shall have the right to object to any and all decisions made based on automatic processing of its personal data, including profiling.
  • The User shall have the right to lodge a complaint to the supervisory authority, i.e., under Article 34(2) of the Personal Data Protection Act of 10 May 2018, the President of the Office for Personal Data Protection.

 

  1. Data Recipients

Recipients and categories of recipients authorized to access the User’s personal data processed by the Controller are specified below.

  • Due to the use by the Controller of data hosting services, the User’s personal data may be transferred to the entity providing these services to the Controller.
  • The User’s personal data, including its name, surname, email address and telephone number, may be transferred to third parties providing marketing services to the Controller.
  • The User’s personal data may be transferred to those Controller’s employees that hold relevant authorizations to process personal data, as well as entities providing the Controller with services under civil law agreements.
  • In cases provided for by law, the Controller may transfer the User’s personal data to competent public authorities.

 

  1. Duration of Data Storage
    • The User’s personal data processed for the purpose of providing the User with quotation services shall be stored for 2 years, and shall be deleted afterwards.
    • The User’s personal data processed in connection with completing the contact form by the User shall be stored for 2 years, and shall be deleted afterwards.
    • Notwithstanding the provisions of paragraphs 1 and 2 above, the Controller may continue to process the User’s data with respect to its email address, provided that the User has granted its consent to the processing of the User’s data for the Controller’s own marketing purposes.
    • Data processed by the Controller for the Controller’s own marketing purposes shall be stored until the User withholds its consent for its processing.

 

  1. Collection of Anonymous Data
    • Only technical information, such as the Internet browser type, operating system, the number and dates of the User’s visits and history of the User’s activity on the Website (operating data), shall be automatically recorded in connection with the use of the Website.
    • Some areas of the Website may use cookies, i.e. text files stored on the User’s device to identify it as needed so as to enable the operation of certain features of the Website. The aforementioned files may be used only for
  • statistic purposes related to the operation of the Website;
  • determination of the User’s preferences so as to display on its device tailored materials available in advertising networks, in particular Google.
    • Cookie files shall be used within the Website on the User’s consent. The User may grant its consent based on the settings of the software with which it uses the Website, e.g. using the settings of the web browser used by it.
    • The User may refuse to grant its consent or withhold it at any time by changing relevant settings of the software with which it uses the Website. In numerous cases software enabling to use the Website (web browsers) allows by default the use and storage of cookie files on devices of the Website’s users.
    • The User should check the settings of the software used by it and change them accordingly, if necessary. In particular, the settings of such software may be changed in such a way as to block the automatic handling of cookie files.
    • If the User grants its consent for the settings of the software used by it to handle cookie files, this will be tantamount to granting consent to use cookie files by the Website within the meaning of Article 173(2) of the Act of 16 July 2004 – Telecommunications Law.