PRIVACY POLICY
ADWOKAT-KAZMIERCZAK.PL
1. This document establishes the Privacy Policy for the adwokat-kazmierczak.pl website in order to determine the principles of processing personal data of website users. The scope of regulation contained in the Privacy Policy includes: specifying the manner, purpose and grounds for processing users’ personal data, necessity of processing, type, time of personal data processing, indicating the personal data administrator, users’ rights and entities to which users’ personal data are made available.
2. The personal data administrator who decides about the purposes and methods of the processing of users’ personal data is Joanna Kaźmierczak conducting business activity entered into the Central Register of Business Activity and Information under the name Kancelaria Adwokacka adw. Joanna Kaźmierczak with its registered office in Łódź at 15 Piramowicza Street, premises 17, using NIP number 7272691996, REGON number 365128160 and e-mail address: joanna.kazmierczak@adwokatura.pl.
3. The controller has not appointed a Data Protection Officer.
4. The administrator processes users’ personal data about the websites and web applications visited, information stored in cookies on the user’s terminal device and in the cache memory of that device, location data from the terminal device, user activity on the website, including data provided by the user when signing up for the newsletter (such as name, email address, etc.). Detailed information on the types of cookies used can be found in the Cookie Policy attached to this Privacy Policy.
5. The provision of personal data by the user is voluntary; however, the refusal to provide the necessary personal data makes it impossible to use the services provided by the site operator, in particular to browse the site, process and respond to a complaint or send a reply to an enquiry or request.
6. The controller processes personal data for the following purposes:
a. the performance of a contract providing for the possibility of getting acquainted with the adwokat-kazmierczak.pl website or using the newsletter service concluded with the user on the basis of the website’s regulations; the processing of the user’s personal data collected for this purpose takes place to the extent necessary for the performance of this contract, and the legal basis for its processing is Article 6(1)(b) RODO; the processing of personal data takes place for the duration of the necessary data storage in connection with the need to defend one’s rights or the rights of third parties, i.e. in principle for 6 years from the end of the year in which the performance of the service was completed,
b. to establish, assert or defend the claims of the controller, the data subject or a third party; the basis for the processing of personal data for this purpose is Article 6(1)(f) of the RODO and the controller’s legitimate interest is to enable legitimate subjects to assert their legitimate rights, to safeguard the efficiency of the administration of justice – for the time necessary to establish, assert or defend the rights of the controller, the client or the third party, i.e. generally for 6 years from the end of the year in which the damage was caused or the criminal act was committed,
c. to ensure the security of the services provided, to rectify errors, to prevent criminal acts; the basis for the processing of personal data for this purpose is Article 6(1)(f) of the RODO, and the controller’s legitimate interest is to pursue the security of the services it provides – until an effective objection is lodged,
d. marketing and statistical purposes, in particular to promote and improve the controller’s own services, to adapt them to the needs and convenience of users, to present content, to maintain technical support of the services, to measure the performance of content, services or promotions, to analyse statistics or data; the basis for processing personal data for this purpose is Article 6(1)(f) RODO, while the controller’s legitimate interest is to be able to optimise, keep statistics and market itself – until an effective objection is raised,
e. to formulate and respond to the user’s complaint, enquiry or request to the controller; the legal basis for the processing is Article 6(1)(b) RODO if the complaint, enquiry or request is for the purpose of entering into a contract, or Article 6(1)(c) RODO in conjunction with Articles 15-22 RODO or Article 6(1)(f) RODO in other cases – until the user’s complaint, enquiry or request is formulated and responded to, or for 5 years after the execution or response if the complaint, enquiry or request concerns subjective rights,
f. storing information on or accessing a terminal device; the legal basis for processing personal data for this purpose in this situation is Article 6(1)(a) of the RODO – until you withdraw your consent,
g. the fulfilment of public law obligations, in particular those under tax law and accounting regulations; the basis for processing personal data for this purpose in such a situation is Article 6(1)(c) RODO – for 5 years from the end of the calendar year in which the event giving rise to the tax obligation occurred,
h. the performance of obligations or the handling of proceedings adjudicated by state authorities (public prosecutor’s office, law enforcement authorities, offices, courts, etc.); the basis for processing personal data for this purpose is Article 6(1)(c) of the RODO – until such time as the obligation is performed or the obligations are fulfilled or the rights are exercised in the course of the proceedings in which the need to process users’ personal data has arisen.
7. If the legal basis for the processing of the user’s personal data is the legitimate interest of the controller, a balancing test is carried out between the legitimate interest and the user’s rights. A user’s objection to the processing of personal data may be assessed as ineffective if it would relate to the core purposes and functions of the service.
8. Service users whose personal data is not processed on the basis of consent are entitled to:
a. access to personal data, including the right to obtain a copy of the data,
b. request rectification or completion of data,
c. request the deletion of data (right to be forgotten),
d. to request the restriction of the processing of personal data,
e. the transfer of personal data if it was collected in connection with a service contract,
f. to lodge a complaint with the supervisory authority for the protection of personal data; this function is performed by the President of the Office for the Protection of Personal Data,
g. to object to the processing of your personal data or to direct marketing, including profiling, where your personal data is processed on the basis of a legitimate interest of the controller; the successful lodging of an objection will result in your personal data no longer being processed, unless a valid and legitimate basis for the processing still exists; once an objection has been lodged, your personal data will not be processed for the purposes of your own marketing.
9. However, service users whose personal data is processed on the basis of consent have the right to withdraw their consent and to request the transfer of their personal data. The withdrawal of consent shall not affect the lawfulness of data processing undertaken on the basis of the user’s previously given consent.
10. In the event of a request for rectification, erasure or restriction of the processing of personal data by the user, the controller will notify the recipients of the data, unless this requires disproportionate effort or proves impossible.
11. Users’ personal data may be transferred to processors on the basis of a contract concluded between the controller and the processor in order to perform services for the controller. The recipients of the user’s personal data acting as processors are, in particular, entities providing the following services: postal, courier, IT, marketing, maintenance, payment, access to e-mail and applications, etc.
12. Users’ personal data may also be made available to state authorities that are called upon to deal with disputes, handle official matters and law enforcement authorities, as well as to entities that are entitled to inspect files or electronic records held at a court of law or other state authorities on the basis of statutory authorisation.
13. Users’ personal data may be transferred to recipients located outside the European Economic Area, i.e. in third countries, if this proves necessary for the provision of services to the user or for the conclusion and performance of a contract between the service provider and the user, or if the user gives prior consent to the processing of personal data for marketing purposes by these entities. Irrespective of the circumstances justifying the transfer of personal data outside the EEA, the controller shall assess the risks arising from the provision of personal data and the degree of safeguards and guarantees applied by recipients of the data in third countries. For example, the recipient of personal data may be Google or Facebook, which are based outside the EEA.
14. In all matters related to the processing of personal data, in particular exercising your rights, you should contact us by sending a message to the following e-mail address: joanna.kazmierczak@adwokatura.pl or by regular mail: Kancelaria Adwokacka adw. Joanna Kaźmierczak ul. Piramowicza 15 lok. 17, 90-254 Łódź.
15. The privacy policy may be updated. If changes are made, a message will be displayed in a dialog box on the home page of the website, which will be available for an appropriate amount of time before and after the changes are made. The window will contain a reference to the Privacy Policy, which will reflect the changes made. The Privacy Policy was last updated on 19 June 2024.
Version in force from 19.06.2024