1. General information
This policy applies to the website, operating under the URL: www.ledatel.pl and https://reklamacje.ledatel.pl (hereinafter collectively referred to as the “Service“).
The Operator of the Service and the Personal Data Controller in accordance with the provisions of the General Data Protection Regulation (“GDPR“) is: LEDATEL sp. z o.o. i Wspólnicy sp.k. with its registered office in Nowy Konik, ul. Terespolska 144, 05-074 Nowy Konik, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Lublin-Wschód in Lublin with its registered office in Świdnik, 6th Commercial Division of the National Court Register under the KRS number: 291642, NIP (TAX IDENTIFICATION NUMBER): 952-203-38-13, REGON (NATIONAL BUSINESS REGISTRY NUMBER): 141177150 (hereinafter referred to as the “’Controller”’ or “LEDATEL”). This means that we are responsible for the use of your data in a safe and secure manner and in accordance with applicable laws.
Contact email address of the Controller: email@example.com. You can get help and information on all matters related to the processing of your personal data by the Controller at this address. In matters related to the operation of the Service and LEDATEL’s activities, we encourage you to contact us via the contact form available in the Service under “Contact”.
LEDATEL is the personal data controller with regard to your personal data voluntarily provided in the Service through the forms, as well as the personal data collected automatically by the Service during its use.
2. Extent and purposes of data processing
The Service obtains information about users and their behaviour in the following ways (by collecting the following data and processing it on the following legal bases):
through the use of the Service – ELLT automatically has access to the public IP addresses from which visitors view the content of the Service and the data contained in the logs (HTTP requests), as well as information about the web browser used by you and the date and time of your visit to the Service. The legal basis for the processing of this data is the fulfilment of the Controller’s legitimate interests in the form of the administration and operation of the Service (Article 6(1)(f) GDPR). Based on the data collected, statistics may be generated to help administer the Service. The statistics do not include any identifying details of visitors to the Service;
through the data you voluntarily enter in the forms, which are entered into the Controller’s systems – LEDATEL also collects the data you choose to provide to us through the contact form (name, e-mail address and other data provided in the message) or the complaint form (name and surname, address of residence/correspondence, telephone number, e-mail address and other data provided) or the registration form in the event of registration of an account to make a complaint (name and surname, e-mail address, password, date and time of registration). Your consent is the legal basis for the processing of this data (Article 6(1)(a) GDPR). This consent may be withdrawn at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent prior to its withdrawal;
by placing an order – LEDATEL collects the data received in connection with the order (name, e-mail address, address of residence/correspondence, delivery address, company name, NIP (TAX IDENTIFICATION NUMBER), REGON (NATIONAL BUSINESS REGISTRY NUMBER), payment data – bank account number, information regarding the subject of the order(s)). The legal basis for the processing of this data is the conclusion and performance of the agreement (Article 6(1)(b) GDPR), as well as the fulfilment of LEDATEL’s legal obligations, including those imposed by tax law (Article 6(1)(c) GDPR); by storing Cookies on the terminal device.
The Service processes the above personal data for the following purposes:
handling of enquiries via the form – in the case of data collected via the contact form;
handling of complaints – in the case of data collected via a complaint form;
setting up and operating an account in the Service for the purpose of filing and monitoring complaints – in the case of data collected through the registration form;
the fulfilment of the order and services and bookkeeping, issuing and storing of invoices – in the case of personal data provided with the order;
presentation of an offer or information – in the case of personal contact data provided to us with a request to send an offer or information, or personal data of our customers.
3. Data protection methods selected by the Operator
The login and personal data entry locations are protected in the transmission layer (SSL certificate). This ensures that the personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
User passwords are stored in hashed form. The hash feature works unidirectionally – it is not possible to reverse its operation, a modern standard for storing user passwords.
The Controller periodically changes their administrative passwords.
In order to protect the data, the Controller makes regular security copies.
An essential element of data protection is the regular updating of all software used by the Controller to process personal data, meaning in particular regular updates of software components.
The Service is hosted (technically maintained) on the operator’s servers: OVH. This means that your personal data is transferred to the designated entity that processes the data on behalf of LEDATEL, providing hosting services.
5. Your rights and further information on how your data will be used
In certain situations, the Controller has the right to transfer your personal data to other recipients should it be necessary for the performance of an agreement concluded with you or for the fulfilment of obligations incumbent on the Controller. This applies to such groups of recipients:
authorised employees and associates who use the data in order to carry out the tasks entrusted to them by the Controller;
entities processing data on behalf of LEDATEL, involved in carrying out the processing activities, i.e. IT systems operating entities and those providing us with IT tools, entities providing us with hosting, advisory, consultancy, auditing, tax and accounting services;
entities processing data on their own behalf, i.e. postal and courier operators, banks or payment institutions.
In order to offer you better services and products and to tailor the offer to your individual needs, we use profiling tools. Profiling means any form of automated processing of personal data which involves the use of personal data to evaluate certain personal factors of an individual, in particular, to analyse or predict aspects concerning the individual’s health, personal preferences, interests, reliability, behaviour or location. However, LEDATEL will not make automated decisions, including decisions arising from profiling that would have legal effects or otherwise materially affect you.
Personal data is not transferred from third countries within the meaning of data protection legislation. This means that we do not transfer them beyond the European Economic Area.
Your personal data collected in connection with your use of the Service will be processed by the Controller for no longer than is necessary for the administration and operation of the Service. If an order is made, your personal data will be processed for the time needed to process the order and thereafter for the period required by law (e.g. tax law) and for the period of limitation of possible claims (whichever period is longer), i.e. by default for a maximum period of 6 years from the end of the calendar year in which the order was made. In the case of personal data collected via the complaint form, it will be processed for the period necessary to process the complaint and for the limitation period of any claims. In the case of personal data provided during Service registration, this data will be stored until the account is deleted. In the case of personal data collected via the contact form, this data will be processed for the time necessary to respond to the enquiry/further enquiry. Subsequently, their processing will be limited to their storage as part of the archiving of e-mail correspondence. This data will be kept until a successful request for deletion is made.
You have the right to request from the Controller:
access to the personal data relating to you (i.e. access to information about the processing of the data and to receive a copy of the data), rectification, erasure, restriction of processing (i.e. suspension of operations on the data), and to transfer your data to another controller or make the data available to you in a commonly used, structured format (to the extent set out in Article 20 of the GDPR).
You have the right to object to the processing of your personal data for the marketing of LedaTel’s own products and services or for other legitimate interests pursued by LedaTel, whereby the right to object shall not be executed if there are valid legal grounds for the processing which override your interests, rights and freedoms, in particular, the establishment, assertion or defence of claims.
The Controller’s actions may be subject to a complaint to the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.
6. Information in the forms
The Service collects information voluntarily provided by the user, including personal data where provided.
The Service can save information about the connection parameters (time stamps, IP address).
The Service, in some cases, may record information to help link the data provided in the form with the e-mail address of the user completing the form. In such a case, the user’s e-mail address will appear within the URL address of the page containing the form.
7. Controller logs
Information about user behaviour in the Service may be subject to logging. This data is used for the administration of the Service.
8. Essential marketing techniques
9. Information on Cookies
Cookies are IT data, in particular, text files, stored in the Service user’s terminal device and intended for the use of the Service’s websites. Cookies usually contain the name of the website from which they originate, the length of time they are stored on the terminal device and a unique number.
The operator of the Service is the entity placing Cookies on the Service user’s terminal device and accessing them.
Cookies are used for the following purposes:
maintaining a session of the Service user (after logging in), so that the user does not have to re-enter their login and password on each sub-page of the Service; for the purposes specified above under “Essential marketing techniques”.
The Service uses two main types of Cookies: “Session Cookies” and “Permanent Cookies”. “Session Cookies” are temporary files that are stored on the user’s terminal device until the user logs out, leaves the website or switches off the software (web browser). “Permanent Cookies” are stored on the User’s terminal device for the time specified in the parameters of the Cookies or until they are deleted by the User.
The web browsing software (web browser) usually allows Cookies to be stored on the user’s terminal device by default. The Service users can change their settings in this regard. The web browser allows you to delete Cookies. It is also possible to block Cookies automatically. For details, please consult the help or documentation of your web browser.
Cookies placed in the Service user’s terminal device may also be used by entities cooperating with the Controller, in particular, companies: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA), Twitter (Twitter Inc. with its registered office in the USA).
Detailed information on Cookies can be found in the Service’s Cookies Policy.
10. Managing Cookies – how to give and withdraw consent in practice?
If you do not consent for the Cookies, you can change your browser settings. Please note that disabling Cookies that are essential for authentication processes, security and maintaining user preferences may make it difficult, and in extreme cases, impossible, to use the websites.
To manage your Cookie settings, select the web browser you are using from the list below and follow the instructions:
Pursuant to Article 24 of the Personal Data Protection Act of 29 August 1997 (Journal of Laws of 2002, No. 101, item 926 with amendments), we inform you that:
- The Controller of the personal data is the owner of the complaint handling application, Ledatel.
- The personal data of customers using the complaints service is processed exclusively for the purpose of providing the service in question.
- The customer using the complaints service has the right to access their data and correct it.
- The provision of personal data by the customer using the complaints service is voluntary. This means that the customer is not obliged to provide their personal data, with the reservation that in such a case the use of the complaints system will not be possible.
LEDATEL sp. z o.o. i Wspólnicy sp.k.
Registered office: Terespolska 144, 05-074 Nowy Konik Registry Court: District Court Lublin-Wschód in Lublin with its registered office in Świdnik, 6th Economic Division of the National Court Register; KRS number: 0000291642; Amount of share capital: PLN 5,000.00; REGON (NATIONAL BUSINESS REGISTRY NUMBER) 141177150, NIP (TAX IDENTIFICATION NUMBER) 952-20-33-813, BDO No. 000005293