Privacy policy

What does this document contain?
Information about the protection of your personal data, including your rights.

The policy is divided into three parts:                                      

1. explanation of concepts used in the Policy, information about our contact data and your rights;
2. detailed information about the processing of your personal data;
3. information about the processing of your data on our social media profiles;
4. information about cookie files.

Part I. General provisions
§ 1
Controller

1. Your personal data is controlled by EPOL IT Sp. z o. o. seated in Krakow. Further in this Privacy Policy, we refer to ourselves in the first person or as the ‘Controller’.
2. Our registration files are kept by the District Court for Krakow Śródmieście in Krakow, XI Commercial Division of the National Court Register, under reference number 0000967874, Tax Identification Number: 6762616116. Our files contain the most important information about us, e.g. financial statements or the articles of association of our company.
3. You can contact us:
   1. by post: Bobrzynskiego Street 12, Krakow (30-438)
   2. by e-mail: gdpr@epol-it.com.

§ 2
Definitions used in the Privacy Policy
If you notice below any of the following concepts written with a capital letter, they should be interpreted in accordance with the following definitions:

1. ‘Website’ – the website https://epol-it.com/en and its subpages,
2. ‘Policy’ – this document, namely the privacy policy you’re reading now,
3. ‘GDPR’ – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. The text of GDPR can be found here,
4. ‘Social media' - the social networks where we have our profiles, including LinkedIn.

§ 3
Protection of personal data

1. We apply the technical measures required by data protection regulations to prevent unauthorised persons from collecting and modifying personal data sent electronically, i.e. within the framework of our Website.
2. Please note that the specific risks associated with the use of the Site are:
   1. hacking of data indicated in the contact form.

§ 4
Your rights with regards to personal data

1. We process your personal data, and therefore:

1. you have the right to access your personal data,
2. you have the right to rectify your data,
3. you have the right to demand the erasure of your personal data where enabled by the GDPR,
4. you have the right to restrict the processing of your data, to the extent specified in GDPR.

2. The second part of the Policy contains information about your additional rights, as you will have additional options when filling in certain forms.
3. Do you want to exercise your rights or learn more about them? Contact us. Our contact data can be found in § 1 subsection 3 of the Policy.

§ 5
Right to object

0. 1. 1.  
1. After you provide us with your personal data, you may exercise your right to object. You have the right to object in two situations, where we process your personal data:
   1. for the purposes of direct marketing – no justification is needed for such an objection;
   2. based on our other legitimate interest; objection in this case requires justification based on your particular situation. You need to inform us why we should not process your personal data.

2. Do you want to exercise your right to object? Contact us. Our contact data can be found in § 1 subsection 3 of the Policy.

§ 6
Complaint to a supervisory authority
If you believe that we are processing your personal data contrary to regulations, you may submit a complaint to a supervisory authority. The supervisory authority in Poland is the President of the Personal Data Protection Office. Here’s the link to the authority’s website.

§ 7
Questions concerning the Policy and its location

1. If you have any questions about the Policy let us know.
2. The Policy can be found at https://epol-it.com/privacy-policy and at our head office.

Part II. Information relating to the processing of your personal data in the various forms and when contacting us

§ 8
Contact us by e-mail, post, contact form or telephone number
If you are using that function of our Website, take note of the following issues:
 

1. 1. For what purpose and on what legal basis do we process your personal data?

Purpose of processing	Legal basis for processing
Responding to your message, communicating with you and resolving the issue you have raised.	The legal basis for processing your personal data for this purpose is our legitimate interest, i.e. Article 6(1)(f) GDPR.  Our legitimate interest is: to resolve the case you have presented and to respond to your message.
Taking action by us at your request to enter into a contract with you.   Example: You contact us with a request by email or telephone to prepare an individual offer.	The legal basis for processing your personal data for this purpose is for us to carry out pre-contractual activities with you at your request, i.e. Article 6(1)(b) GDPR.

 

1. 2. How long will we process your data?

For the time it takes to resolve the case you have presented. Depending on the nature of the case, also for the time needed to demonstrate that we have resolved it, i.e. the period of limitation of the claim.
 

1. 3. What are your rights?

You can find them in § 4 and 5 of the Policy.
 

4. Are you required to provide us with your data?

This is voluntary. Without your contact details we may not be able to resolve the case you have presented. 
Without your personal data we will not be able to prepare an offer for you if you have contacted us for this purpose.
 

5. Who will we provide with your data?
   1. 1. 1. to the entities hosting (storing) our email boxes and the Website, 
         2. to the Polish Post Office or couriers, if we respond to your message by post,
         3. to providers of IT systems and services and to providers of technical support in this regard,
         4. to providers of legal services.

 

6. Will your personal data be transferred outside the European Economic Area?

es, your data may be transferred outside the European Economic Area, including to the United States due to the use of tools provided by Microsoft Corporation. In the event that this is necessary, then this will be done on the basis of a European Commission Decision dated 10.07.2023 issued on the basis of the Regulation of the European Parliament and of the Council (EU) stating the adequate level of personal data protection provided under the EU-US data protection framework.
 

7. Will automated decisions be made on the basis of your data, including profiling

No.

Part III. Our social media profiles

§ 9
Using our social media profiles
If you use our profile, please note the following:
 

1. For what purpose and on what legal basis do we process your personal data?

Purpose of processing	Legal basis for processing
Responding to private messages you address to us.   Example: We will respond to messages you send to us using the tools available on social media e.g. priv messages.	The legal basis for processing your personal data for this purpose is our legitimate interest, i.e. Article 6(1)(f) GDPR.  Our legitimate interest is: to resolve the matter you have raised and respond to your message.
Having a discussion with you within the comments under individual posts.   Example: If you comment on our post or tag us in a discussion, we are more than likely to reply to your message. We will then see your account name on the relevant social network and your profile picture.	The legal basis for processing your personal data for this purpose is our legitimate interest, i.e. Article 6(1)(f) GDPR.  Our legitimate interest is: holding discussions with users commenting on our social media posts or tagging us in their discussions.
Statistical, which involves the Social media providers presenting us with data about the display of our posts, their reach, the number of interactions or the demographics of our followers.  The data presented to us by the Social media providers is statistical data, but it is created on the basis of that company's observation of your behaviour on our profile.   Example: we will obtain information from the social media providers at what times and on what days the largest number of our observers are logged into a particular portal.	The legal basis for processing your personal data for this purpose is our legitimate interest, i.e. Article 6(1)(f) GDPR.  Our legitimate interest is: gaining knowledge of the users who follow our social media profiles and interact with our posts. This allows us to optimise the way we communicate, including adjusting our communication to the average age of our followers or optimising the timing of our posts.
Marketing to inform people about our services and ourselves through posts we make on our profiles, including sponsored posts that are displayed to a wider range of social media users.	The legal basis for processing your personal data for this purpose is our legitimate interest, i.e. Article 6(1)(f) GDPR.  Our legitimate interest is: conducting our marketing.

 

2. How long will we process your data?

For the time it takes to carry out the activities described above, i.e. responding to your messages, conducting discussions on Social media and for the above marketing and statistical purposes. However, we will not process your personal data for longer than the time period in which you express your objection.
 

3. What are your rights?

You can find them in § 4 and 5 of the Policy.
 

4. Are you required to provide us with your data?

This is voluntary. However, due to the rules applied by Social media we will see your name or nickname and photo if you write to us or comment on our post.
 

5. Who will we provide with your data?

Social media providers, especially LinkedIn (LinkedIn Corporation.
 

6. Will your personal data be transferred outside the European Economic Area?

Yes, your data may be transferred outside the European Economic Area, including to the United States due to the use of tools provided by Microsoft Corporation. In the event that this is necessary, then this will be done on the basis of a European Commission Decision dated 10.07.2023 issued on the basis of the Regulation of the European Parliament and of the Council (EU) stating the adequate level of personal data protection provided under the EU-US data protection framework.
 

7. Will automated decisions be made on the basis of your data, including profiling?

No.


Part IV. Information on cookies
§ 10
Entering the Website
When you visit the Website, we process the information contained in cookies. Under the terms and conditions described below.

§ 11
What are cookies and why do we use them

1. Our Website uses cookies, small text files kept on your end device (e.g. computer, tablet, smartphone). Cookies may be read by the Website. Want to know more about cookies? Check this Wikipedia article.
2. We keep cookies on your computer, telephone or tablet and access information stored in therein for the following purposes:
   1. ensure the correct operation of the service, including maintaining your session;
   2. to store your settings, e.g. language, consents given,
   3. for statistical and marketing purposes, in particular to enable analysis of your use of the Website.
3. In the cases described in points b-c above, processing of your personal data may take place:
   1. heir processing is carried out on the basis of our legitimate interest, i.e. Article 6(1)(f) GDPR;
   2. our legitimate interest is to collect statistical data about your use of our Website in order to optimise the performance of the Website, including the layout of the content displayed to you and other users and to adjust the Website settings to your preferences;
   3. we have set out your rights in relation to this processing in § 4 and 5 of the Policy;
   4. remember that you can contact us at any time and object to the processing of your personal data for marketing purposes. You do not need to justify this objection;
   5. we will pass your personal data to advertising network operators, including social networks and analytics tool providers;
   6. we will retain it for as long as we carry out these marketing and statistical activities or until you object to further data processing;
   7. situations may arise in which your personal data processed for marketing and statistical purposes will be transferred to the United States on the basis of a European Commission decision of 10.07.2023 issued on the basis of a Regulation of the European Parliament and of the Council (EU) finding an adequate level of personal data protection ensured under the EU-US data protection framework;
   8. the provision of this personal data is voluntary, and there are no negative consequences if you do not provide it, e.g. by using appropriate blocking software; you will not then see advertisements for our products tailored to your activities on the Website.
4. In the cases described in the provision of paragraph 2(a) above, cookies are used on the basis of Article 173(3) of the Telecommunications Act.

§ 12
Types of cookies

1. Several types of cookies are used on the Website:
   1. session cookies, which stay in your browser’s cache until you close it,
   2. permanent, which remain in your browser's memory until you delete them,
   3. external, from providers of analytics tools on our Website.
2. A full list of cookies and their validity periods can be found in Appendix 1 of the Policy.

§ 13
How to delete cookies

1. You can configure your browser so as to prevent it from storing cookies on your computer, telephone or tablet.
2. You can delete cookies after they are saved by the Website. To do so, you may use the suitable function of your browser, software made specially for this purpose or suitable tools available as part of your operating system.
3. Methods of deleting cookies using the most popular browsers can be found at the below links:

• Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox,
• Opera: https://blogs.opera.com/tips-and-tricks/2023/04/clean-browser-and-remove-trackers/,
• Internet Explorer: https://support.microsoft.com/en-us/help/278835/how-to-delete-cookie-files-in-internet-explorer;
• Chrome:https://support.google.com/accounts/answer/32050?co=GENIE.Platform%3DDesktop&hl=en;
• Safari: https://support.apple.com/en-gb/HT201265;

§ 14
How to block cookies

0. 1. 1.  
1. You can configure your internet browser to prevent cookies from being stored on your computer, phone or tablet. You can also use appropriate browser extensions or programmes to do this. 
2. You will find information on how to block cookies in the most popular web browsers under these links:
3. Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox;
4. Opera: https://help.opera.com/en/latest/web-preferences/#cookies;
5. Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09;
6. Internet Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d;
7. Chrome:https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DAndroid&hl=en&sjid=5934739774798502305-EU;
8. Safari: https://support.apple.com/en-gb/105082.

§ 15
Effects of changing browser settings on using the Website
Changing your browser settings so as to prevent or restrict the storage of cookies may limit the functionality of the Website. Deleting cookies while using the service may lead to similar effects. This means that some of our services will not be available without cookies, e.g. you will not be able to use the contact form.

§ 16
External cookies

1. Cookies stored on your computer, telephone or tablet may come from other service providers. You can delete them from your device yourself. We explain how to do this in § 13. These files are stored on your device for different lengths of time, depending on the file in question.
2. We use the services of Google Analytics, provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). These services help us analyse traffic on the Site. From them we obtain statistics and analytical data showing how you and other users use the Site. You can block the operation of Google Analytics. To do so, install this browser plugin provided by Google Inc., available here: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
3. situations may arise in which your personal data will be transferred to the United States on the basis of a European Commission decision of 10.07.2023 issued on the basis of a Regulation of the European Parliament and of the Council (EU) finding an adequate level of personal data protection ensured under the EU-US data protection framework.

Appendix 1 - List of cookies used
Cookies used for statistical purposes

File name	File provider	Purpose of use	Validity period
_gid	epol-it.com	Registers a unique identifier that is used to collect statistical data about how visitors use the website.	1 day
_ga	epol-it.com	Registers a unique identifier that is used to collect statistical data about how visitors use the website.	2 years

 
 
Cookies used for functional purposes

File name	File provider	Purpose of use	Validity period
_gcl_au	epol-it.com	Used by Google Ad Sense to increase the effectiveness of ads on websites that use their services.	3 months
NID	www.google.com	Used to remember settings and other information – such as your preferred language, the number of search results displayed on a page (for example, 10 or 20), and whether to enable or disable the SafeSearch filter.	6 months
CONSENT	www.google.com	Used to store information about the user's decision to use cookies.	2 years
_GRECAPTCHA	www.google.com	Provides protection against spam.	2 years