1. General Information

1. This policy applies to the website operating at the following URL: https://lodowiskomisialek.pl/
2. The website operator and the Data Controller is: Ośrodek Sportu i Rekreacji Oliwia Kasprzak Robert Kasprzak S.c., Poznańska 131A, 62-080 Tarnowo Podgórne

   Tax ID (NIP): 7812046970

3. Operator’s contact email address: lodowisko.misialek@gmail.com
4. The Operator is the Controller of your personal data in relation to data voluntarily provided on the website.
5. The website collects information about users and their behavior in the following ways:

    

   1. Through data voluntarily entered in forms, which are entered into the Operator’s systems.
   2. By storing cookies on users’ end devices.

2. Selected Data Protection Methods Used by the Operator

1. Login areas and places where personal data is entered are protected in the transmission layer (SSL certificate). Thanks to this, personal data and login details entered on the website are encrypted on the user’s computer and can only be read on the destination server.
2. Personal data stored in the database are encrypted in such a way that only the Operator possessing the appropriate key can read them. This protects the data in the event of the database being stolen from the server.
3. User passwords are stored in hashed form. The hashing function works in a one-way manner — it is not possible to reverse its operation, which is currently the standard method for storing user passwords.
4. The Operator periodically changes administrative passwords.
5. To minimize the risk of unauthorized access to data, the Operator uses complex passwords containing lowercase and uppercase letters, numbers and special characters, with a minimum length of 8 characters.
6. Two-factor authentication is used on the website as an additional form of login protection.
7. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which particularly means regular updates of programming components.
8. To protect data, the Operator regularly performs backups.

3. Hosting

1. The website is hosted (technically maintained) on the servers of the hosting provider: lh.pl
2. To ensure technical reliability, the hosting company keeps logs at the server level. The following information may be recorded:

    

   • resources identified by a URL (addresses of requested resources – pages, files),
   • time of request arrival,
   • time of response being sent,
   • name of the client station – identification performed via the HTTP protocol,
   • information about errors that occurred during HTTP transaction processing,
   • URL address of the page previously visited by the user (referer link) – if the user accessed the website through a link,
   • information about the user’s browser,
   • information about the IP address,
   • diagnostic information related to the process of ordering services independently via forms on the website,
   • information related to handling email correspondence sent to the Operator or sent by the Operator.

4. Your Rights and Additional Information About Data Usage

1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill obligations imposed on the Administrator. This applies to the following groups of recipients:

    

   • hosting company based on a data processing agreement
2. Your personal data processed by the Administrator will not be stored longer than necessary to perform activities related to them specified by separate regulations (e.g., accounting regulations). With regard to marketing data, the data will not be processed for longer than 3 years.
3. You have the right to request from the Administrator:

    

   • access to your personal data,
   • rectification of your personal data,
   • deletion of your personal data,
   • restriction of processing,
   • data portability.
4. You have the right to object to the processing indicated in point 3.3 c) regarding the processing of personal data for the purposes of legitimate interests pursued by the Administrator, including profiling. However, the right to object cannot be exercised if there are valid legally justified grounds for processing that override your interests, rights and freedoms, particularly for establishing, pursuing or defending legal claims.
5. You have the right to lodge a complaint against the Administrator’s actions with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.
6. Providing personal data is voluntary but necessary to use the website.
7. Automated decision-making processes, including profiling, may be applied to you for the purpose of providing services under a concluded contract and for direct marketing conducted by the Administrator.
8. Personal data may be transferred to third countries within the meaning of data protection regulations. This means that we may transfer them outside the European Union.

5. Information in Forms

1. The website collects information voluntarily provided by the user, including personal data if such data are provided.
2. The website may record information about connection parameters (timestamp, IP address).
3. In some cases, the website may store information that helps associate data in the form with the email address of the user filling out the form. In such a case, the user’s email address appears within the URL address of the page containing the form.
4. The data provided in the form are processed for purposes resulting from the function of the specific form, for example to process a service request, business contact, service registration, etc. Each time, the context and description of the form clearly inform what it is used for.

6. Administrator Logs

1. Information about user behavior on the website may be logged. These data are used for website administration.

7. Information About Cookies

1. The website uses cookies.
2. Cookies are IT data, particularly text files, which are stored on the user’s end device and are intended for using the website. Cookies usually contain the name of the website they originate from, the time they are stored on the end device, and a unique number.
3. The entity placing cookies on the user’s end device and accessing them is the website operator.
4. Cookies are used for the following purposes:

    

   1. maintaining the user’s session (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage;
   2. implementing the purposes specified above in the section “Important marketing techniques”.
5. The website uses two main types of cookies: “session cookies” and “persistent cookies”. Session cookies are temporary files stored on the user’s device until logging out, leaving the website or closing the browser. Persistent cookies are stored on the user’s device for the time specified in the cookie parameters or until they are deleted by the user.
6. Web browsing software (internet browser) usually allows cookies to be stored on the user’s device by default. Website users may change these settings. The internet browser allows cookies to be deleted. It is also possible to automatically block cookies. Detailed information can be found in the help or documentation of the internet browser.
7. Restrictions on the use of cookies may affect some functionalities available on the website.
8. Cookies placed on the user’s device may also be used by entities cooperating with the website operator, particularly companies such as: Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).

8. Managing Cookies – How to Give and Withdraw Consent in Practice?

1. If the user does not want to receive cookies, they may change their browser settings. Please note that disabling cookies necessary for authentication, security and maintaining user preferences may make it difficult, and in extreme cases impossible, to use the website.
2. To manage cookie settings, select the browser you are using from the list below and follow the instructions:

    

   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

   Mobile devices:

   • Android
   • Safari (iOS)
   • Windows Phone

“`