Privacy Policy
for Clients and Users of www.remoteworkadvocate.com
I. Data of the Personal Data Administrator
We kindly inform you that the administrator of your personal data is Inter Human Nadia Harris-Kosior, ul. Jarosława Dąbrowskiego 81/35, 35-040 Rzeszów, Regon 383049995 and using the number 5170267667, hereinafter referred to as the "Administrator". Contact with the Administrator regarding the protection of personal data is possible at the following e-mail address: [email protected]
II. Purposes and grounds for processing personal data
In order to provide services in accordance with the scope of our activity, the Administrator processes your personal data - for various purposes, but always in accordance with the law. Below you will find the specified purposes of personal data processing along with legal grounds.
In order to provide services, we process such personal data as:
In order to send you by e-mail marketing and commercial information from the Administrator, we process such personal data as:
- e-mail adress
- first name and last name
- phone number
Legal basis: Art. 6 par. 1 lit. a GDPR, which allows the processing of personal data on the basis of voluntary consent.
In order to consider a complaint, we process such personal data as:
- first name and last name
- e-mail address
- order number
- possibly a mailing address
- possibly bank account number - if the money is refunded
Legal basis: Art. 6 par. 1 lit. b GDPR, i.e. processing is necessary to perform the contract to which you are a party.
For analytical purposes, i.e. researching and analyzing activity on the website www.remoteworkadvocate.com, we process such personal data as:
- date and time of visit to the site
- type of operating system
- approximate location
- the type of web browser used to view the website
- time spent on the site
- visited subpages
Legal basis: Art. 6 par. 1 lit. f of the GDPR, which allows the processing of personal data, if in this way the Administrator pursues his legitimate interest (in this case, the Administrator's interest is to learn about the activity of customers on the website).
In order to administer the www.remoteworkadvocate.com website, we process such personal data as:
- IP address,
- server date and time,
- information about the web browser,
- operating system information
- this data is automatically saved in the so-called server logs, each time a website belonging to the Administrator is used. The administration of the website without the use of a server and without this automatic recording would not be possible.
Legal basis: Art. 6 par. 1 lit. f of the GDPR, which allows the processing of personal data, if in this way the Administrator pursues his legitimate interest (in this case, the Administrator's interest is the administration of the website).
In order to create registers and records related to the GDPR, including, for example, a register of customers who objected or exercised the right to limit the processing of their data in accordance with the GDPR, we process such personal data as:
- first name and last name
- e-mail address
- telephone number, if provided
This data is processed primarily because the GDPR imposes numerous documentation obligations on the Administrator to demonstrate compliance of processing processes with the law and the possibility of demonstrating such compliance (in order to implement one of the basic principles of the GDPR, i.e. accountability). In addition, if you object, for example, to the processing of personal data for marketing purposes, the Administrator must know who not to use direct marketing because he does not want it.
Legal basis: Art. 6 par. 1 lit. c GDPR, which allows the processing of personal data, if such processing is necessary for the Administrator to fulfill its obligations under the law;
In order to administer the www.remoteworkadvocate.com website, we process such personal data as:
- IP address,
- server date and time,
- information about the web browser,
- operating system information
- this data is automatically saved in the so-called server logs, each time a website belonging to the Administrator is used. The administration of the website without the use of a server and without this automatic recording would not be possible.
Legal basis: Art. 6 par. 1 lit. f of the GDPR, which allows the processing of personal data, if in this way the Administrator pursues his legitimate interest (in this case, the Administrator's interest is the administration of the website).
In order to create registers and records related to the GDPR, including, for example, a register of customers who objected or exercised the right to limit the processing of their data in accordance with the GDPR, we process such personal data as:
- first name and last name
- e-mail address
- telephone number, if provided
This data is processed primarily because the GDPR imposes numerous documentation obligations on the Administrator to demonstrate compliance of processing processes with the law and the possibility of demonstrating such compliance (in order to implement one of the basic principles of the GDPR, i.e. accountability). In addition, if you object, for example, to the processing of personal data for marketing purposes, the Administrator must know who not to use direct marketing because he does not want it.
Legal basis: Art. 6 par. 1 lit. c GDPR, which allows the processing of personal data, if such processing is necessary for the Administrator to fulfill its obligations under the law;
Article 6 par. 1 lit. f of the GDPR, which allows the processing of personal data, if in this way the Administrator pursues his legitimate interest (in this case, the Administrator's interest is to have knowledge about persons who exercise their rights under the GDPR).
In order to issue an invoice and fulfill other obligations resulting from the provisions of the tax law, such as e.g. storing accounting documentation for 5 years, we process such personal data as:
- first name and last name
- business
- address of residence or registered office
- TIN number
Legal basis: Art. 6 par. 1 lit. c GDPR in connection with the regulations contained in the Act of September 29, 1994 on accounting.
For archival and evidence purposes, we process such personal data as:
- first name and last name
- e-mail address
- phone number
Legal basis: Art. 6 par. 1 lit. f of the GDPR, which allows the processing of personal data, if in this way the Administrator pursues his legitimate interest (in this case, the Administrator's interest is to have personal data that will prove certain facts related to the provision of services, e.g. when an authority requests it).
In order to use cookies on the website, we process such text information.
Legal basis: Art. 6 par. 1 lit. a of the GDPR, which allows the processing of personal data on the basis of voluntarily granted consent (when you first visit the website, you will be asked for consent to the use of cookies).
III. Cookies
1. The administrator on his website, like other entities, uses the so-called cookies. cookies, i.e. short text information, saved on a computer, telephone, tablet or other user device. They can be read by our system, as well as by systems belonging to other entities whose services we use (e.g. Facebook, Google).
2. Cookies perform many functions on the website, most often useful, which we will try to describe below (if the information is insufficient, please contact us):
- ensuring security - cookies are used to authenticate users and prevent unauthorized use of the customer panel. Therefore, they are used to protect the user's personal data against access by unauthorized persons;
- impact on the processes and efficiency of using the website - cookies are used to make the website work efficiently and to use the functions available on it, which is possible, among others, by remembering settings between subsequent visits to the website. Thanks to them, you can efficiently navigate the website and individual subpages;
- session state - cookies often store information about how visitors use the website, e.g. which subpages they most often display. They also make it possible to identify errors displayed on some subpages. Cookies used to save the so-called "session state" therefore help to improve services and enhance the browsing experience;
- maintaining the session state - if the client logs in to his panel, cookies allow the session to be maintained. This means that after switching to another subpage, you do not have to re-enter your login and password each time, which is conducive to the comfort of using the website;
- creating statistics - cookies are used to analyze how users use the website (how many open the website, how long they stay on it, which content arouses the greatest interest, etc.). This allows you to constantly improve the website and adapt its operation to the preferences of users. In order to track activity and create statistics, we use Google tools, such as Google Analytics; in addition to reporting site usage statistics, the Google Analytics pixel may also be used, together with some of the cookies described above, to help show you more relevant content across Google services (e.g. Google Search) and across the web;
- using social functions - on the website we have the so-called Facebook pixel, which allows you to like our fanpage on this website while using the website. However, for this to be possible, we must use cookies provided by Facebook.
3. Importantly, many cookies are anonymized for us - without additional information, based on them we are unable to identify your identity.
4. Your web browser by default allows the use of cookies on your device, therefore, upon your first visit, please agree to the use of cookies. However, if you do not wish to use cookies when browsing the website, you can change the settings in your web browser - completely block the automatic handling of cookies or request notification each time cookies are placed on your device. You can change the settings at any time.
5. While respecting the autonomy of all people using the website, we feel obliged to warn you that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, e.g. in the form of the need to log in to each subpage, longer loading period website downtime, restrictions on the use of functionalities, restrictions on liking the page on Facebook, etc.
IV. Right to withdraw consent
1. If the processing of personal data is based on consent, you can withdraw this consent at any time - at your discretion.
2. If you would like to withdraw your consent to the processing of personal data, all you need to do is:
send an email directly to the Administrator at [email protected]
3. If the processing of your personal data was based on consent, its withdrawal does not make the processing of personal data illegal until then. In other words, until the consent is withdrawn, we have the right to process your personal data and its withdrawal does not affect the lawfulness of the existing processing.
V. The requirement to provide personal data
1. Providing any personal data is voluntary and depends on your decision. However, in some cases, providing certain personal data is necessary to meet your expectations regarding the use of services, events or information sent electronically.
2. To use information sent electronically, it is necessary to provide - name and e-mail address, without this we are unable to send information.
3. In order for you to participate in paid events and initiatives organized by the Administrator, it is necessary to provide your name, surname, e-mail address, company name and address and NIP number - without this we are not able to issue an accounting document which is the basis for to attend the event.
4. In order for you to participate in unpaid events and initiatives organized by the Administrator, it is necessary to provide your name, surname, e-mail address - without this we are not able to inform you about updates related to the event.
5. In order for you to be able to use the services provided by the Administrator electronically, it is necessary to provide your name, surname, e-mail address, name and address and NIP number - without this we are not able to issue an accounting document which is the basis for using above services.
6. To be able to contact you with your name and e-mail address, it is necessary to provide - without this we are unable to answer your inquiry.
VI. Automated decision making and profiling
We kindly inform you that we do not make automated decision-making, including based on profiling. The content of the inquiry, which is sent via the contact form, is not evaluated by the IT system. The proposed price of the service is in no way the result of an assessment made by any IT system.
VII. Recipients of personal data
1. Like most entrepreneurs, in our business we use the help of other entities, which often involves the need to provide personal data. Therefore, if necessary, we transfer your personal data to lawyers cooperating with us who provide services, companies that support quick payments, an accounting company, a hosting company, a company responsible for sending text messages, as well as an insurance company (if necessary repairing the damage).
2. In addition, it may happen that, for example, on the basis of an appropriate legal provision or a decision of a competent authority, we will also have to transfer your personal data to other entities, whether public or private. Therefore, it is extremely difficult for us to predict who may submit a request to provide personal data. However, for our part, we assure you that we analyze each case of a request to provide personal data very carefully and thoroughly, so as not to inadvertently provide information to an unauthorized person.
VIII. Transfer of personal data to third countries
1. We kindly inform you that in connection with the use of the services offered, organized events and initiatives, your personal data may be transferred by us outside the European Economic Area. Like most entrepreneurs, we use various popular services and technologies offered by entities such as Facebook, Microsoft, Google or Zendesk. These companies are based outside the European Union, and therefore, in the light of the provisions of the GDPR, they are treated as third countries.
2. The GDPR introduces certain restrictions on the transfer of personal data to third countries, because since European regulations do not apply there in principle, the protection of personal data of European Union citizens may unfortunately be insufficient. Therefore, each personal data controller is obliged to identify the legal basis for such transfer.
3. For our part, we assure you that when using services and technologies, we transfer personal data only to entities from the United States and only to those that have joined the Privacy Shield program, based on the European Commission's executive decision of July 12, 2016 - more on this the topic can be read on the website of the European Commission available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_pl. Entities that have joined the Privacy Shield program guarantee that they will comply with high standards in the field of personal data protection that apply in the European Union, therefore the use of their services and offered technologies in the processing of personal data is lawful.
4. At any time, we will provide you with additional explanations regarding the transfer of personal data, in particular when this issue raises your concerns.
5. You have the right to obtain a copy of your personal data transferred to a third country at any time.
IX. The period of personal data processing
1. In accordance with applicable law, we do not process your personal data "indefinitely", but for the time needed to achieve the set goal. After this period, your personal data will be irreversibly deleted or destroyed.
2. In a situation where we do not need to perform other operations on your personal data than storing them (e.g. when we store the content of the order for the purpose of defending against claims), we additionally protect it by pseudonymisation until it is permanently deleted or destroyed. Pseudonymization consists in encrypting personal data or a set of personal data in such a way that they cannot be read without an additional key, and therefore such information becomes completely useless to an unauthorized person.
3. Regarding the individual periods of personal data processing, we kindly inform you that we process personal data for the period1:
duration of the contract - in relation to personal data processed in order to conclude and perform the contract;
limitation of claims - in relation to personal data processed to establish, pursue or defend claims (the length of the period depends on whether both parties are entrepreneurs or not)
12 months - in relation to personal data that was collected when requesting services, and at the same time there was no immediate conclusion of the contract
5 years - in relation to personal data related to the fulfillment of obligations under tax law
until the consent is withdrawn or the purpose of processing is achieved - in relation to personal data processed on the basis of consent
until the effective objection or achievement of the purpose of processing - in relation to personal data processed on the basis of the legitimate interest of the Companies or for marketing purposes
until they become outdated or lose their usefulness, but no longer than for 5 years - in relation to personal data processed mainly for analytical purposes, the use of cookies and website administration.
4. Periods in years are counted from the end of the year in which we started processing personal data in order to improve the process of removing or destroying personal data. Separate calculation of the deadline for each event would involve significant organizational and technical difficulties, as well as significant financial outlay, therefore setting a single date for removing or destroying personal data allows us to manage this process more efficiently. Of course, if you exercise your right to be forgotten, such situations are considered individually.
5. An additional year related to the processing of personal data collected for the purposes of performing the contract is dictated by the fact that you may hypothetically submit a claim just before the expiry of the limitation period, the request may be delivered with a significant delay or you may incorrectly specify the limitation period of your claims.
X. Rights of data subjects
1.We kindly inform you that you have the right to:
- access to your personal data;
- rectification of personal data;
- deletion of personal data;
- restrictions on the processing of personal data;
- objection to the processing of personal data;
- transfer of personal data.
2. We respect your rights under the provisions on the protection of personal data and try to facilitate their implementation to the highest possible extent.
3. We point out that the above-mentioned rights are not absolute, and therefore in some situations we may lawfully refuse you to fulfill them. However, if we refuse to comply with the request, it is only after a thorough analysis and only if the refusal to comply with the request is necessary.
4. Regarding the right to object, we explain that you have the right to object to the processing of personal data at any time on the basis of the legitimate interest of the Personal Data Administrator (these are listed in point III) in connection with your particular situation. However, you must remember that, in accordance with the regulations, we may refuse to accept the objection if we demonstrate that:
there are legitimate grounds for processing that override your interests, rights and freedoms, or
there are grounds for establishing, pursuing or defending claims.
5. In addition, you may object to the processing of your personal data for marketing purposes at any time. In such a situation, after receiving the objection, we will stop processing for this purpose.
6. You can exercise your rights by:
- sending an e-mail directly to the Administrator at h[email protected] or
- clicking on the link in the e-mail, attached at the end of the e-mail or
XI. Right to lodge a complaint
If you believe that your personal data is processed contrary to applicable law, you may lodge a complaint with the President of the Office for Personal Data Protection.
XII. Final Provisions
1. To the extent not covered by this Privacy Policy, the provisions on the protection of personal data shall apply.
2. You will be notified by e-mail about any changes made to this Privacy Policy.
3. This Privacy Policy is effective from December 31, 2022 and its original and binding language version is Polish (here).