Facebook Linkedin

Privacy Policy

The following Privacy Policy outlines the rules for saving and accessing data on the Devices of Users who use the Website for the purpose of receiving electronic services provided by the Administrator, as well as the rules for the collection and processing of Users’ personal data that were provided by them personally and voluntarily through the tools available on the Website.

§1 Definitions

  • Website – the website operating under the Administrator’s internet domain.

  • External Website – websites of partners, service providers, or service recipients cooperating with the Administrator.

  • Website / Data Administrator – The Website Administrator and Data Administrator (hereinafter the “Administrator”) is the company: EWA-BIS Sp. z o.o., ul. Serwituty 25, Warsaw, providing electronic services via the Website.

  • User – a natural person for whom the Administrator provides electronic services via the Website.

  • Device – an electronic device along with the software through which the User accesses the Website.

  • Cookies – text data collected in the form of files placed on the User’s Device.

  • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

§2 Data Protection Officer

Based on Art. 37 of the GDPR, the Administrator has not appointed a Data Protection Officer. In matters regarding data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

  • Internal Cookies – files placed and read from the User’s Device by the Website’s teleinformation system.

  • External Cookies – files placed and read from the User’s Device by the teleinformation systems of External Websites.

  • Session Cookies – files placed and read from the User’s Device by the Website during a single session of a given Device. After the session ends, the files are deleted from the User’s Device.

  • Persistent Cookies – files placed and read from the User’s Device by the Website until they are manually deleted.

§4 Data Storage Security

  • Cookie storage and reading mechanisms – The mechanisms for storing, reading, and exchanging data between Cookies saved on the User’s Device and the Website are implemented through built-in web browser mechanisms. They do not allow the retrieval of other data from the User’s Device or data from other websites visited by the User, including personal data or confidential information.

  • Internal Cookies – Cookies used by the Administrator are safe for Users’ Devices.

  • External Cookies – The Administrator takes all possible actions to verify and select website partners in the context of Users’ security. However, the Administrator does not have full control over the content of Cookies originating from external partners.

  • Cookie Control – The User may, at any time, independently change the settings regarding the saving, deleting, and accessing of data by saved Cookies for any website. Information on how to disable Cookies is available in the help section of the web browser (Chrome, Firefox, Opera, Edge, Safari, and others).

§5 Purposes for Which Cookies Are Used

  • Improving and facilitating access to the Website.

  • Keeping statistics (users, number of visits, types of devices, etc.).

  • Ensuring the security of the Website.

§6 Purposes of Personal Data Processing

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Communication between the Administrator and Users in matters related to inquiries sent via email or telephone (responding to an inquiry).

  • Ensuring the legally justified interests of the Administrator (e.g., defense against claims).

Data about Users collected anonymously and automatically is processed for the purpose of maintaining website statistics and ensuring its proper operation.

§7 Cookies of External Websites

The Administrator uses the scripts of partners on the Website, who may place their own cookies on the User’s Device. Below is a list of partners or their services implemented on the Website:

  • Maps: Google Maps (Google Inc. based in the USA).

  • Social media: Plugins directing to the Administrator’s social profiles.

§8 Types of Collected Data

The Website collects data about Users. Some data is collected automatically and anonymously, while some is personal data provided voluntarily by Users.

  • Anonymous data collected automatically: IP address, browser type, screen resolution, approximate location, opened subpages of the website, time spent on the site, type of operating system.

  • Data collected during contact (Email / Phone): First and last name / Company name, Tax Identification Number (NIP), email address, phone number, message content.

§9 Access to Personal Data by Third Parties

As a general rule, the only recipient of personal data provided by Users is the Administrator. Data collected as part of the provided services is not transferred or resold to third parties for marketing purposes. Access to data (based on appropriate entrustment agreements) may be granted to entities responsible for maintaining the technical infrastructure of the website, i.e.:

  • Hosting companies (server and email providers).

  • Companies providing IT and technical support for the website.

§10 Legal Bases for Personal Data Processing

The Website collects and processes Users’ data on the basis of the GDPR:

  • Art. 6(1)(a) GDPR: the data subject has consented to the processing of their personal data (e.g., by sending an email inquiry or contacting by phone).

  • Art. 6(1)(f) GDPR: processing is necessary for the purposes of the legitimate interests pursued by the controller (e.g., replying to correspondence, statistics, website security).

§11 Period of Personal Data Processing

  • Personal data provided voluntarily by Users: Data is stored for the period necessary to handle an inquiry sent by email or reported by phone (until the communication ends). Additionally, data may be stored for the limitation period of potential claims (usually 3 years) in order to defend against allegations (e.g., failure to respond to correspondence).

  • Anonymous data (without personal data) collected automatically: Anonymous statistical data is stored by the Administrator for the purpose of keeping website statistics for an indefinite period.

§12 Users’ Rights Related to Personal Data Processing

Users have the right to:

  • Access their personal data.

  • Rectify their personal data.

  • Erase their personal data (the “right to be forgotten”).

  • Restrict the processing of their personal data.

  • Data portability.

  • Object to processing.

  • Lodge a complaint with a supervisory authority (President of the Personal Data Protection Office).

§13 Contacting the Administrator

The Administrator can be contacted in one of the following ways:

  • Email address: sales@ewabis.com.pl

  • Phone: (22) 343 98 00

  • Mailing address: EWA-BIS Sp. z o.o., ul. Serwituty 25, Warsaw

§14 Changes to the Privacy Policy

The Administrator reserves the right to change this Privacy Policy, which they will announce by publishing the new content on this subpage. The introduced changes come into force upon their publication.