Statute

Entry

This Regulation helps to harmonise and implement the most important provisions of the personal data protection file, which are also required by law. It applies to permanent staff and collaborators who have valid authorisations to process personal data given by the controller. In addition, the Commission considers that the measure is compatible with the internal market. this Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. and in the Order of the Minister of the Interior and Administration of 29 April 2004. on the documentation of the processing of personal data and the technical and organisational conditions to be complied with by the equipment and information systems used for the processing of personal data (OJ 2004 No 100, p. 68 and 69 (1) (3) of the law of 27 august 2009. in accordance with Article 21 of the Financial Regulation, any revenue will be used to provide additional appropriations

1. Granting authorizations and permissions

1.    The data administrator, who also serves as the IT system administrator, grants all access authorizations to the system.

Two. Before being entitled to process personal data, everyone must:

a)   read these Regulations,

(b) receive the necessary training,

(c) sign a declaration of confidentiality and be aware of its obligations.

The processing of personal data in paper form shall be authorised for the following purposes:

  1. The processing of personal data for purposes related to the activities of the data controller is lawful when the data were obtained from the person to whom they concern and permissible when it is necessary to exercise the right or fulfill the obligation arising from the law.

  2. If personal data have not been obtained from the person they concern, their processing is lawful if a specific provision so provides.

  3. The need to process personal data to fulfil the legitimate purposes of the controller should be assessed on a case-by-case basis

  4. Processing of data for a purpose other than that for which it was collected shall be permitted if it does not infringe the rights and freedoms of the data subject and is carried out in order to exercise a right or fulfil an obligation under a law

4.     If authorization is granted for collection in an IT system, the administrator of this system assigns the person an individual and unique identifier in the system.

5.    If the authorization to process personal data is revoked for any reason, the rights granted in the person's IT system are blocked.

6.    The system administrator is personally responsible for registering the granted authorizations in the IT system and is obliged to ensure and supervise their compliance with the actual state.

7. You should be aware that anyone who has access to the room where the IT system equipment is installed may damage it or may have access to information displayed on the monitor or printouts. Threats to the system may also come from any other person, e.g. support staff, technical staff, consultants, etc., with sufficient skills and knowledge to gain access to the network.

8. Rooms with computer stations are: a) closed if no one is there; b) equipped with safes or other containers for storing documents. The installation of system and IT network devices takes place with the knowledge and under the control of the Information Security Administrator, who is also responsible for the conditions of putting into use, storing, operating and decommissioning each device.

2. Password policy

1.   The password for access to the IT system consists of at least 8 characters (uppercase and lowercase letters and numbers or special characters)

2.   The access password to the IT system is changed at least every 30 days and immediately if there is a suspicion that the password may have been disclosed.

3. The system user can change his password while working in the application, if necessary.

4.    The password is changed by the user automatically

5.   Passwords cannot be commonly used words, in particular the following should not be used as passwords: dates, names, surnames, initials, car registration numbers, telephone numbers.

6.   The User undertakes to keep the password confidential, even after it expires, and in particular it is prohibited to save passwords openly in places not intended for this purpose and to forward them to other people.

3. Use of the IT system

1.     IT equipment consists of desktop computers, network printing equipment and server stations

2. The system user performs all work necessary for effective and safe work at the workstation (also using a workstation). He is obliged to maintain the necessary security conditions, in particular to comply with procedures for access to the system and protection of personal data. Person using the IT system:

(a) must use the equipment in accordance with its intended purpose, in accordance with the instructions supplied with it and to protect the equipment against destruction, loss or damage,

b)   is obliged to immediately inform the administrator of this system about any situation of destruction, loss or damage to the entrusted equipment,

(c) not to install and freely use any software in a computer system not previously approved by ASI, nor to attempt to break into or obtain administrative privileges in that system, nor to play on a computer's hard drive and to run any illegal programs and files downloaded from an unknown source (illegal source). Such files should only be downloaded with the consent of the Controller on a case-by-case basis and only in justified cases, provided that this does not infringe the law

d)   cannot arbitrarily interfere, move, open (disassemble) equipment, install additional devices (e.g. hard drives, memory) or connect any unapproved devices to the IT system (including private devices, even only for the purpose of charging the batteries of these devices).

3. Anti-virus policy In the field of anti-virus protection, the following recommendations are made: a) do not use software on the workstation other than that recommended by the system administrator; b) you must not install freeware or shareware; c) regularly update the virus database of the installed anti-virus software; d) before using the data carrier, check whether it is not infected with a computer virus.

4. Clean screen policy

1. Clean screen policy, i.e. taking all steps to prevent unauthorized persons from having access to the content displayed on screen monitors or laptop screens on which Customer data is stored.

2.    The person authorized to use the IT system is obliged to manually activate the password-protected screen saver each time he leaves the workstation, also when he leaves the IT system unattended, even for a moment.

3.   Screenshots from the IT system where data is displayed, as well as sending such information outside the organization without the consent of the system administrator is prohibited.

4.    Everyone who is authorized to use the IT system is obliged to:

a)   setting monitors and screens of portable computers in such a way that it is impossible to view the content displayed on them, both in relation to the windows and entrance doors to the rooms in which they are located,

b)     to ensure discretion and protection of data displayed there when running portable computers outside the processing area, e.g. airports, railway stations, conference rooms and any other public place,

c)     supervising unauthorized persons in the data processing area.

5. Clean desk and clean print policy

1. Pure desk policy, i.e. taking care that after the work is completed, all documents on which the data of the persons are beyond the reach of unauthorized eyesight and hands.

Two. If the room is furnished with furniture or a locked cabinet, the cabinets must be locked before the work is finished, all sensitive data and documents stored in advance, and the keys must be kept in a secure place to prevent unauthorised access.

3.     Whoever is the last to leave the data processing area should check whether all windows are closed and whether any other security measures are activated, e.g. the alarm system. It must be armed, the doors must be locked and any other security systems must be activated.

Four. It shall be prohibited to leave documents and printouts containing personal data in places where printers, photocopiers and scanners are located, unattended. Any documents which are improperly printed or which are intended to be discarded must be destroyed immediately using shredders or containers for disposing of confidential documents.

5. If it is necessary and there is a situation of transporting documents in the paper version of personal data outside the area of their processing, this must be done in a way that ensures their confidentiality, i.e. the documents must be covered and protected against accidental loss and insight for those unauthorized .

6. Sharing of personal data

1.    When transmitting data by telephone, the person processing personal data must be sure of the identity of the interlocutor; in case of doubts as to the identity, the administrator should be notified of the problem in determining the identity of the interlocutor. If the oral provision of data does not guarantee confidentiality, a written version (for inspection) should be used.

2.     Personal data may only be made available to the data subject or to another person with his or her consent, stored for evidentiary purposes in accordance with the procedure specified in the point above.

3.    When sharing personal data off-site where they cannot be adequately protected (e.g. in publicly accessible places), maximum confidentiality of this data should be guaranteed.

4.    The risk of disclosing personal data or other information about the security measures used to unauthorized persons should be mitigated by taking various measures appropriate for this purpose. Risky situations include:

(a) requesting data on the security measures used by impersonators (identity theft),

b)     request to provide information about previously used access passwords to IT systems (telephone social engineering),

(c) any other suspicious requests for confidential information, in particular by telephone.

7. Use of Internet access

1.    Everyone who processes data is obliged to use the Internet only for the purposes necessary to perform the functions entrusted to him by the administrator. It is strictly forbidden to visit websites for private purposes while working.

2.     When using the Internet, data processors are obliged to comply with the law, in particular industrial property and copyright.

The third. Data processors shall be strictly prohibited from using the Internet for the purpose of viewing content unrelated to their function, work and, in particular, content that is offensive, immoral or contrary to generally accepted standards of conduct, as well as from playing online or computer games, watching films or enjoying other forms of entertainment.

Four. To the extent permitted by law, the data controller reserves the right to inspect and control the use of Internet data processors in accordance with the principles described above.

8. Using e-mail

One. Electronic mail is intended and may be used solely for the performance of the duties of the post, any other use is prohibited and may give rise to liability.

2. When using e -mail processors, the data processors are obliged to comply with industrial property and copyrights.

The third. Data processors should take particular care not to inadvertently send over the internet, including via a private electronic mailbox, messages containing information identified as confidential to unauthorised persons, such as the data controller, its employees, customers, suppliers or contractors.

4.     Persons processing data should exercise particular caution and should not open messages sent electronically from unknown senders if the title does not suggest a connection with their duties in their position, they should report such messages to the administrator and delete them from their mailbox.

5.    If files containing personal data are sent electronically to external entities that are authorized to do so, the person processing the data is obliged to pack them and put a password on them. The password should be sent by a separate means of communication so that in the event of incorrect sending or unauthorized interception there is no risk of opening the data file.

9. Electronic data carriers

1.   Electronic data carriers include, for example, removable hard drives, pen-drives, CDs, DVDs, Flash memory.

2.   Data processors cannot leave the processing area of removable electronic media, both private and shared, in the event of information containing personal data being transferred to them without the consent of the data controller and without his knowledge in each case.

3.   If a given medium containing personal data is damaged, worn out or no longer used, it should be physically destroyed by burning or shredding so that the information contained therein cannot be read or used again.

10th emergency instruction

  1. The data processor shall be obliged to notify the controller of any finding or suspicion of a breach of personal data protection.

  2. Once an IT system breach has been detected, the IT system administrator shall be obliged to ensure that traces are preserved to identify the causes of the IT system breach, to analyse and determine the effects of the IT system breach, to identify the factors that caused the IT system breach and to make the necessary corrections to the IT system to protect the system from further breach. The administrator shall take similar measures where it finds that:

(a) traces on doors, windows and cabinets indicate an attempted break-in,

(b) the data record is destroyed without the use of a shredder or not destroyed at all,

(c) the doors to the rooms, cabinets where the personal data are stored remain open,

d)   the arrangement of monitors does not ensure security against access by unauthorized persons,

e)   unauthorized copying and removal of personal data in paper and/or electronic form outside the processing area without the consent and notification of the administrator,

(f) telephone attempts are made to extract personal data or passwords,

g)   computers or electronic data carriers were stolen,

(h) a threat notified by the anti-virus software appears,

  1. system passwords are not properly secured or stored near the computer.

11. Disciplinary proceedings

One. Any unjustified failure to comply with the data protection guidelines set out in these Rules of Procedure may be considered as a serious breach of an employee's essential professional or contractual obligations which require the individual to behave in a particular situation. Disciplinary proceedings may be instituted against a person who, in the event of a breach of the security of an information system or a reasonable suspicion of such a breach, fails to take the action provided for in these Rules and, in particular, fails to notify the person concerned in accordance with certain rules, which shall not preclude him from being held liable under the relevant provisions of law for the damage caused or the risk thereof.

2.    Disciplinary punishment, when applied to a person who fails to notify the administrator about the danger, does not exclude the possibility of bringing him/her to additional criminal liability in accordance with the Act of May 10, 2018 on the protection of personal data (Journal of Laws of 2018, item 1000, 1669, of 2019, item 730), and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and the possibility of bringing a civil action against it for compensation for losses incurred.

Privacy policy

GSyOr6l3tzfLH_vpXIkrXx2ofKnHPandcYFcEYvMeCld2JK2izwvQSbTCddne-fbQ9EfoAj5FbhMJxJwOAPu-mSec231UPhoehv3ufJRqJV2GutB0BhjdTuVYvl4UAxeGBUDaKUWwi4CUAebk_cgk4EggZn-EQB58TehNPGq_BkRMELJnnQUXLvr685HomwG6qOTdgaNTw

§1 General provisions

  1. This document constitutes an annex to the Regulations. By using our services, you entrust us with your information. This Privacy Policy is intended only to help you understand what information and data is collected and for what purposes and what we use it for. This data is very important to us, so please read this document carefully as it sets out the principles and methods of processing and protecting personal data. This document also defines the rules for using cookies

  2. We hereby declare that we comply with the principles of personal data protection and all legal regulations provided for by the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing personal data and on the free movement of such data and repealing Directive 95/46/EC.

  3. The person whose personal data is processed has the right to contact us to obtain comprehensive information on how we use his or her personal data. We always try to provide clear information about the data we collect, how we use it, what purposes it is to be served and to whom we transfer it, what protection we provide to this data when transferring it to other entities, and we provide information about institutions to contact in case of doubts.

  4. The website uses technical measures such as: physical protection measures for personal data, hardware measures for the IT and telecommunications infrastructure, protection measures within software tools and databases, and organizational measures to ensure proper protection of personal data being processed, and in particular to protect personal data against disclosure to unauthorized third parties. , obtaining them by an unauthorized person and using them for an unknown purpose, as well as accidental or intentional change, loss, damage or destruction of such data.

  5. Under the terms set out in the Regulations and in this document, we have exclusive access to the data. Access to personal data may also be entrusted to other entities through which payments are made, which collect, process and store personal data in accordance with their Regulations, and entities that are responsible for fulfilling the order. Access to personal data is granted to the above-mentioned entities to the extent necessary and only to those that will ensure the provision of services.

  6. Personal data is processed only for the purposes to which you have consented by clicking on the appropriate fields of the form available on the Website or in another express manner. The legal basis for the processing of your personal data is consent to data processing or the requirement to provide a service (e.g. ordering a Product) that you ordered from us (pursuant to Article 6(1)(a) and (b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - GDPR.

§2 Privacy Policy

  1. We take privacy seriously. We are characterized by respect for privacy and the fullest possible and guaranteed convenience of using our services.

  2. We value the trust that Users have in us by entrusting us with their personal data in order to complete the order. We always use personal data honestly and so as not to disappoint this trust, only to the extent necessary to complete the order, including its processing.

  3. You have the right to obtain clear and complete information about how we use your personal data and for what purposes it is needed. We always provide clear information about the data we collect, how and to whom we transfer it, and provide information about entities to contact in case of doubts, questions or comments.

  4. If there are any doubts regarding our use of the User's personal data, we will immediately take action to clarify and dispel such doubts, and we will fully and comprehensively answer all related questions.

  5. We will take all reasonable steps to protect Users' data against improper and uncontrolled use and secure it in a comprehensive manner.

  6. Data Administrator Your personal data can be found in the "contact" tab located on the website

  7. The legal basis for the processing of your personal data is Art. 6 section 1 letter b) GDPR. Providing data is not obligatory, but necessary to take appropriate actions preceding the conclusion of the contract and its implementation. We will transfer your personal data to other recipients entrusted with the processing of personal data on our behalf and for our benefit. Your data will be transferred pursuant to Art. 6 section 1 letter f) GDPR, where the legitimate interest is the proper performance of contracts/orders. In addition, we will share your personal data with other business partners. We store the collected personal data within the European Economic Area ("EEA"), but they may also be transferred to a country outside this area and processed there. Each operation of transferring personal data is performed in accordance with applicable law. Where data is transferred outside the EEA, we use standard contractual clauses and the Privacy Shield as safeguards for countries where the European Commission has not determined an adequate level of data protection.

  8. Your personal data related to the conclusion and implementation of the contract for the implementation of contracts will be processed for the period of their implementation, and for a period no longer than provided for by law, including the provisions of the Civil Code and the Accounting Act, i.e. no longer than 10 years, counting from the end of the calendar year in which the last contract was performed.

  9. Your personal data processed for the purpose of concluding and performing future contracts will be processed until you raise an objection.

  10. You have the right to: access your personal data and receive a copy of the personal data being processed, rectify your incorrect data; request deletion of data (right to be forgotten) in the event of the circumstances provided for in Art. 17 GDPR; request restriction of data processing in the cases indicated in Art. 18 GDPR, to object to data processing in the cases indicated in Art. 21 GDPR, transfer of the provided data processed in an automated manner.

  11. If you believe that your personal data is being processed unlawfully, you may lodge a complaint with the supervisory authority (Office for Personal Data Protection, ul. Stawki 2, Warsaw). If you need additional information related to the protection of personal data or want to exercise your rights, please contact us by mail to the correspondence address.

  12. We make every effort to protect against unauthorized access, unauthorized modification, disclosure and destruction of information in our possession. Especially:

  13. We control how we collect, store and process information, including physical security measures, to help protect against unauthorized system access.

  14. We grant access to personal data only to those employees, contractors and representatives who need to have access to it. Moreover, under the contract, they are obliged to maintain strict confidentiality, to allow us to control and check how they fulfill their obligations, and in the event of failure to fulfill these obligations, they may face consequences.

  1. We will comply with all applicable data protection laws and regulations and will cooperate with data protection authorities and authorized law enforcement authorities. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, principles of social coexistence and established customs.

  2. The exact method of personal data protection is included in the personal data protection policy (ODO: security policy, personal data protection regulations, IT system management instructions). For security reasons, due to the procedures described therein, it is available only to state control authorities

  3. If you have any questions about how we handle personal data, please contact us via the website from which you were redirected to this Privacy Policy. The contact request will be immediately forwarded to the appropriate person.

  4. You always have the right to notify us if:

  1. no longer wishes to receive information or messages from us in any form;

  2. would like to receive a copy of your personal data that we hold;

  3. correct, update or delete your personal data in our records;

  4. wishes to report breaches, misuse or processing of his personal data.

  1. To make it easier for us to respond or respond to this information, please provide your name and further details.

§3 Scope and purpose of personal data collection

  1. We process personal data necessary for the provision of services and for accounting purposes and only for such purposes. The following:

  2. to place an order,

  3. in order to conclude a contract, make a complaint and withdraw from the contract,

  4. the issue of a VAT invoice or other receipt

  5. to monitor traffic on our websites;

  6. collect anonymous statistics to determine how users use our website;

  7. determining the number of anonymous users of our websites

  8. control how often the selected content is shown to users and which content is shown most often;

  9. controlling how often users choose a given service or from which service contact occurs most often;

  10. search for newsletter subscriptions and contact options;

  11. using a personalized recommendation system for e-commerce;

  12. use of the tool for both e-mail and subsequent telephone communication;

  13. integration with the community portal;

  14. possible online payments.

  1. We collect, process and store the following user data:

  1. name,

  2. address of residence,

  3. address for delivery (if different from residence),

  4. the tax identification number (TIN),

  5. e-mail address,

  6. telephone number (mobile, landline)

  7. date of birth,

  8. PESEL,

  9. information about the web browser used

  10. other personal data voluntarily provided to us.

  1. Providing the above data is completely voluntary, but also necessary for the full provision of services.

  2. Purpose of collection and processing or use of data by us:

  1. direct marketing, archival purposes of advertising campaigns

  2. fulfilling obligations imposed by law by collecting information about undesirable activities;

  1. We may transfer personal data to servers located outside your country of residence or to related third-party entities located in other countries within the EEA (European Economic Area, EEA – Free Trade Area and Common Market, comprising the European Union and the European Free Trade Association EFTA countries) in order for such entities to process personal data on our behalf in accordance with the provisions of this Privacy Policy and applicable data protection laws, practices and regulations

  2. We store your personal data for no longer than is necessary for the proper quality of service and, depending on how and for what purpose they are collected, for as long as they are collected and after they have been collected for the following purposes:

  1. fulfillment of obligations arising from legal provisions, tax and accounting regulations;

  2. the prevention of abuse or crime;

  3. statistical and archiving purposes.

  4. Marketing activities - for the duration of the contract, granting separate consent to the processing of such data - until the completion of activities related to the transaction, you object to such processing or withdraw your consent.

  5. Sales and promotional activities – e.g. contests, promotional campaigns – for the duration and settlement of such campaigns.

  6. Operational activities - until the limitation of obligations imposed by the GDPR Regulation and relevant national regulations expire, in order to demonstrate reliability in the processing of personal data

  7. pursuing any claims related to the completed contract;

  1. Bearing in mind that many countries to which this personal data is transferred do not have the same level of legal protection for personal data as in your country. Your personal data stored in another country may be accessed in accordance with the laws applicable there, for example: courts, law enforcement and national security authorities, in accordance with the laws applicable in that country. Subject to lawful requests for disclosure, we undertake to require entities processing personal data outside your country to take measures to protect your data in a manner adequate to the provisions of their domestic law.

§4 Policy "Cookies"

  1. We automatically collect information contained in cookies in order to collect User data. A cookie file is a small piece of text that is sent to the User's browser and which the browser sends back the next time you visit the website. They are mainly used to maintain a session, e.g. by generating and sending back a temporary identifier after logging in. We use "session" cookies stored on the User's end device until logging out, turning off the website or turning off the web browser, and "persistent" cookies stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.

  2. Cookies adapt and optimize the website and its offer for the needs of Users through activities such as creating statistics of views and ensuring security. Cookies are also necessary to maintain the session after leaving the website.

  3. The Administrator processes the data contained in Cookies every time the website is visited by visitors for the following purposes:

  4. optimising the use of the website;

  5. identification of Service Users as currently logged in;

  6. adaptation, graphics, selection options and any other content of the website to the individual preferences of the Service User;

  7. remembering automatically and manually completed data from Order Forms or login details provided by the visitor;

  8. collecting and analyzing anonymous statistics showing how the website is used in the administration panel and Google Analytics

  9. creating remarketing lists based on information about preferences, behavior, how to use the Website, interests and collecting demographic data, and then sharing these lists in AdWords and Facebook Ads.

  10. creating data segments based on demographic information, interests, preferences in the selection of viewed products/services.

  11. using demographic and interest data in Analytics reports.

  1. The user can completely block and delete the collection of cookies at any time using his web browser.

  2. Blocking the ability to collect Cookies on your device by the User may make it difficult or impossible to use some functionalities of the website, to which the User is fully entitled, but in such a situation the User must be aware of the functional limitations.

  3. A user who does not want cookies to be used for the purpose described above can delete them manually at any time. To read detailed instructions, please visit the website of the manufacturer of the web browser currently used by the User.

  4. You can find more information about cookies in the help menu of any web browser. Examples of web browsers that support these Cookies”:

  5. Cookie settingsInternet Explorer

  6. Cookie settingsChromate

  7. Cookie settingsFirefox

  8. Cookie settingsOpera

  9. Cookie settingsOther

  10. Cookies inAndroid

  11. Cookies inBlackberry

  12. Cookies iniOS (Safari)

  13. Cookies inWindows Phone

§5 Rights and obligations

  1. We have the right, and in cases specified by law, also a statutory obligation, to provide selected or all information regarding personal data to public authorities or third parties who submit such a request for information under applicable Polish law.

  2. The User has the right to access the content of his/her personal data that he/she provides, the User may correct and supplement this data at any time, and also has the right to request that it be deleted from his/her databases or that its processing be discontinued, without giving any reason. In order to exercise their rights, the User may at any time send an appropriate message to the e-mail address or in another way that will deliver/forward such a request.

  3. The processing of personal data of natural persons who are our clients is based on:

  4. justified interest as a data controller (e.g. in the field of creating a database, analytical and profiling activities, including activities related to the analysis of product use, direct marketing of own products, securing documentation for the purpose of defending against possible claims or for the purpose of pursuing claims)

  5. consents (including in particular consent for e-mail marketing or telemarketing)

  6. performance of the contract

  7. obligations arising from law (e.g. tax law or accounting rules).

  1. The processing of personal data of natural persons who are potential customers is based on:

  1. the legitimate interest of the controller (e.g. database creation, direct marketing of own products)

  2. consents (including in particular consent for e-mail marketing or telemarketing)

  1. The User's request to delete personal data or to stop processing them may result in the complete inability to provide services or their serious limitation

  2. We attach particular importance to profiling and point out that:

  1. for profiling purposes, we generally process data that was previously subject to ssl encryption;

  2. we use typical data: email address and IP address or cookies

  3. we profile in order to analyze or forecast the personal preferences and interests of people using our Websites or products or services and to match the content on our Websites or products to these preferences

  4. we profile for marketing purposes, i.e. matching the marketing offer to the above-mentioned preferences.

  1. We undertake to act in accordance with applicable laws and principles of social coexistence.

  2. Information on out-of-court settlement of consumer disputes. The authorised entity within the meaning of the Act on out-of-court settlement of consumer disputes is the Financial Ombudsman, whose website address is www.rf.gov.pl.

§6 Basic safety rules

  1. Each user should take care of his own data security and the security of his internet access devices. Such a device should, as a minimum, have an anti-virus software with an up-to-date database of definitions, types and types of viruses, regularly updated, a secure version of the web browser it uses and an enabled firewall. The user should check that the operating system and the programs installed on it have the latest and compatible updates, as the attacks exploit errors detected in the installed software.

  2. Access data to services offered on the internet – e.g. logins, passwords, PINs, electronic certificates, etc. – should be secured in a place that is not accessible to others and cannot be hacked from the internet. They shall not be disclosed or stored on the device in a form that allows unauthorised access and reading by unauthorised persons.

  1. Be careful when opening strange attachments or clicking links in e-mails that you did not expect, e.g. from unknown senders or from the spam folder.

  2. It is recommended to run anti-phishing filters in the web browser, i.e. tools that check whether the displayed website is authentic and does not serve to phish information, e.g. by impersonating a person or institution.

  3. Files should be downloaded only from trusted places, services and websites. We do not recommend installing software from unverified sources, especially from unknown publishers with unverified reviews. This also applies to portable devices, e.g. smartphones, tablets.

  4. When using a home wireless Wi-Fi network, a password should be set to be secure and hard to break, and should not contain any pattern or string of characters that is easy to guess (e.g. street name, host name, date of birth, etc.). It is also recommended to use the highest possible encryption standards for Wi-Fi wireless networks, which can be run on your equipment e.g. WPA2

§7 Use of social media plugins

  1. Plugins from the social networking sites facebook.com and Twitter and others may be located on our websites. The related services are provided by Facebook Inc. respectively. and Twitter Inc.

  2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To view Facebook plugins go to: https://developers.facebook.com/docs/plugins

  3. Twitter is operated by Twitter Inc. , I'm sorry, but I'm not sure what to do. To see the Twitter plugins, please go to: https://dev.twitter.com/web/tweet-button

  4. The plug-in only tells its provider which of our websites you have accessed and at what time. If, while viewing or staying on our website, the user is logged in to his or her account, e.g. on Facebook or Twitter, the provider is able to combine your interests, information preferences, and other data obtained, e.g. by clicking the Like button or leaving comment, or enter the profile name in the search. This information will also be transmitted by the browser directly to the provider.

  5. More detailed information on the collection and use of data by Facebook or Twitter and on privacy protection can be found on the following pages:

  6. Data protection/counselling points. privacy policy issued by Facebook: http://www.facebook.com/policy.php

  7. Data protection/privacy advice issued by Twitter: https://twitter.com/privacy

  1. To avoid your selected user account being recorded via Facebook or Twitter on our website, you must log out of your account before browsing our websites.

Copyright note to the Regulations


The owner of all material copyright to the model of this policy is the Legato Law Firm, which has granted a non -exclusive and inalienable right to use this document for purposes related to its own commercial activity on the Internet and extends legal protection for the above -mentioned document for the duration of the contract. Copying and disseminating the pattern of this document without the consent of the Legato Law Firm is prohibited and may be subject to both criminal and civil liability. Internet sellers can learn more about the possibility of using the Privacy Policy and Cookies pattern on the websitehttp://www.kancelaria-legato.pl