PRIVACY POLICY
At FinObserve, we respect your privacy and take the protection of your data seriously. We want you to have full transparency regarding what information we collect, how we use it, and how we protect it. We invite you to review our Privacy Policy.
General information
-
The website www.fin-observe.com (hereinafter: the “Website”) is operated by Finobserve sp. z o.o., with its registered office in Kraków, Kazimierza Morawskiego 5/323, 30-102 Kraków, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Kraków – Śródmieście in Kraków, 11th Commercial Division of the National Court Register, under KRS number: 0001120697, NIP (Tax Identification Number): 6772514021, share capital: PLN 5 000, e-mail: info@fin-observe.com (hereinafter: the „Controller”).
-
As part of the operation of the Website, data of users of the Website (hereinafter: the “Users”), including personal data, may be collected, processed and used.
-
Users’ data may be collected through the use of cookies.
-
Information may also be collected regarding the user’s IP address, the time of receipt of a request and dispatch of a response, the address of the website from which the User was redirected to the Website, and the type of software used by the User. This information is used for the purposes of administering the Website and creating statistics and analyses.
Cookies
-
As part of the operation of the Website, cookies are used and stored on Users’ end devices. The use of cookies means their storage and access to them by the Controller.
-
Cookies are IT data, in particular text files, which are stored on the User’s end device and are intended for use of websites. Cookies usually contain the name of the website from which they originate, the time of storage on the end device, content (e.g. action identifiers) and a unique number.
-
Due to the period for which cookies are installed on the User’s end device, cookies used within the Website are divided into two basic types:
1) session cookies (session storage) – temporary files stored on the User’s end device until the end of the session (e.g. leaving the Website, deleting them by the User, or closing the software);
2) persistent cookies (local storage) – stored on the User’s end device for the period specified in the cookie parameters or until deleted by the User.
-
Depending on the purpose for which they are used, cookies are divided into:
1) necessary – required for the proper functioning of the Website, including ensuring security, session handling and the consent management mechanism;
2) analytical – enabling measurement of traffic on the Website and analysis of the use of services, e.g. displaying maps, downloading fonts or protection against bots.
-
Within the Website, the Controller uses the following cookies:
Necessary cookies
Nazwa | Provider / Domena | Okres przechowywania | Opis pliku |
|---|---|---|---|
XSRF-TOKEN, hs, svSession, SSR-caching, TS*, bSession, fedops.logger.sessionId, server-session-bind, client-session-bind | Wix.com Ltd/ wix.com | Session | Session handling, website and system security, error monitoring and real-time website performance monitoring. |
uc_user_country | Usercentrics GmbH/ usercentrics.com | 1 year | Identifies the country in order to display the appropriate consent window version and website language. |
uc_ui_version | Usercentrics GmbH/ usercentrics.com | 1 year | Indicates the version of the consent interface, ensuring that the cookie consent window is up to date. |
uc_settings | Usercentrics GmbH/ usercentrics.com | 1 year | Stores cookie consent settings, language version and decision history. |
uc_user_interaction | Usercentrics GmbH/ usercentrics.com | 1 year | Informs the website whether consent to the use of cookies has already been given, in order to avoid displaying the consent banner unnecessarily. |
ucData | Usercentrics GmbH/ usercentrics.com | 1 year | Contains information about Google Consent Mode, required for the proper functioning of analytical and advertising features. |
Analytical cookies
Nazwa | Provider / Domena | Okres przechowywania | Opis pliku |
|---|---|---|---|
_GRECAPTCHA | Google LLC/ google.com | 5 months and 27 days | This cookie is set to allow Google to perform risk analysis of activity on the Website and to distinguish whether the user is a human or a bot. |
NID | Google LLC/google.com | 6 months | Stores user preferences and settings. |
-
Default web browser settings usually allow the storage of necessary cookies on users’ end devices. These settings may, however, be changed by the User.
-
Personal data will be processed in connection with the use of performance and analytical cookies only after obtaining the User’s consent within the Website to the use of the above cookies. Consent to their use may be withdrawn at any time by selecting the appropriate option in the cookie settings available on the Website.
-
Irrespective of the above, the User may specify the conditions for the use of cookies by means of the settings of the software (web browser) installed on their end device. Changes may consist in partially or completely restricting the storage of cookies on the user’s end device, which may at the same time result in incorrect display of the Website’s content.
-
The use of cookies does not cause configuration changes to the User’s end device or to the software installed on that device.
-
Detailed information on changing browser settings relating to cookies and deleting them can be found on the official website of the relevant browser. In particular, such information can be found at the following websites:
1) Firefox browser;
2) Chrome browser;
3) Microsoft Edge browser;
4) Opera browser;
5) Safari browser.
Personal data
-
The controller of the Users’ personal data is Finobserve sp. z o.o. with its registered office in Kraków, Kazimierza Morawskiego 5/323, 30-102 Kraków, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Kraków – Śródmieście in Kraków, 11th Commercial Division of the National Court Register, under KRS number: 0001120697, NIP (Tax Identification Number): 6772514021, share capital: PLN 5 000, e-mail: gdpr@fin-observe.com.
-
Through the Website, the Controller may collect and subsequently process personal data for purposes such as:
1) responding to inquiries or correspondence sent by the User to the Controller;
2) conducting direct marketing of the Controller’s own products or services;
3) statistics and analysis of Users’ behaviour on websites.
-
The Controller processes personal data on the basis of the following legal grounds:
1) in the case of data processed for the purpose of responding to User inquiries or correspondence – on the basis of the legitimate interest of the Controller, which consists in responding to Users’ inquiries (Article 6(1)(f) GDPR);
2) in the case of data processed for the purpose of conducting direct marketing of the Controller’s own products or services – on the basis of the legitimate interest of the Controller, which consists in promoting its business activities (Article 6(1)(f) GDPR);
3) in the case of data processed for the purpose of statistics and analyses – on the basis of the legitimate interest of the Controller, which consists in verifying how Users use the Website (Article 6(1)(f) GDPR).
-
The Controller may disclose Users’ data to its subcontractors (entities whose services it uses in processing), such as providers of IT services and solutions.
-
The Controller may use IT service providers that have their registered offices outside the European Union. Consequently, data may be transferred outside the EU. The Controller uses only IT services provided by entities established in countries which the European Commission has recognised as ensuring an adequate level of protection, by entities processing personal data on the basis of Standard Contractual Clauses adopted by the European Commission referred to in Article 46 GDPR, concluded between the Controller and such entities, or by entities processing data on the basis of the Data Privacy Framework.
-
In the case of data processed for the purpose of:
1) responding to Users’ inquiries or correspondence – for a period of 3 years from the date of submission of the inquiry or correspondence;
2) conducting direct marketing of the Controller’s own products or services – data are processed until the User objects or withdraws consent to receive commercial information;
3) conducting statistics and analysis of Users’ behaviour on the Website – data are processed for a maximum period of one year from the date of their collection.
-
The User whose data are processed has the following rights:
1) the right of access to personal data and the right to obtain a copy thereof – the User may request information from the Controller as to whether their data are being processed and, if so, may request access to them. The User may also request a copy of the processed personal data. The provision of further copies of the data may require the User to pay a fee corresponding to administrative costs;
2) the right to request rectification of personal data – the User may request the Controller to rectify inaccurate personal data concerning them or to complete incomplete personal data, taking into account the purposes of the processing;
2) the right to request erasure of personal data – the User may request the Controller to erase personal data concerning them if at least one of the following applies:
a) The personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
b) The personal data are processed in breach of legal provisions;
c) The personal data have been processed unlawfully;
d) The User has withdrawn consent which formed the basis for the processing pursuant to Article 6(1)(a) GDPR, and there is no other legal ground for the processing of personal data;
e) The User has objected to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of legal claims; or where the User has objected to the processing pursuant to Article 21(2) GDPR;
f) The Controller is obliged to erase the personal data pursuant to applicable provisions of European Union law;
4) the right to request restriction of processing of personal data – the User may request the Controller to restrict the processing of personal data concerning them if at least one of the following applies:
a) The User contests the accuracy of the personal data – for a period enabling the Controller to verify the accuracy of the data;
b) The processing is unlawful and the User opposes the erasure of the personal data, requesting instead the restriction of their use;
c) The Controller no longer needs the personal data for the purposes of processing, but they are required by the User for the establishment, exercise or defence of legal claims;
d) The User has objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the Controller override those of the data subject;
5) the right to data portability;
6) the right to object to the processing of personal data;
7) the right to lodge a complaint with a supervisory authority – in Poland, this is the President of the Personal Data Protection Office.
-
In order to exercise the above rights, the User should contact the Controller.
-
Providing data is voluntary; however, failure to provide them will make it impossible for the Controller to provide services or to contact the Controller.
-
The Controller does not take decisions with regard to the User that are based solely on automated processing, including profiling.