Privacy Policy

The following Privacy Policy outlines the rules for saving and accessing data on Users’ Devices using the Service for electronic service provision by the Administrator and the rules for collecting and processing Users’ personal data, which they have provided voluntarily through tools available in the Service.

This document has been machine-translated from Polish.

§1 Definitions

  • Service – the website operating under the address cezaryborowski.com
  • External Service – websites of partners, service providers, or recipients cooperating with the Administrator
  • Service Owner – the owner of the Service is Cezary Borowski, not conducting business activity.
  • Service / Data Administrator – The Administrator of the Service and Data (hereinafter referred to as the Administrator) is the company “NOLIA” Ilona Wesołowska, operating at the address: ul. Żydowska 17/193, 05-825 Grodzisk Mazowiecki, with a tax identification number (NIP): 5291739013, providing electronic services via the Service based on an agreement with the Owner.
  • User – a natural person to whom the Administrator provides services electronically via the Service.
  • Device – an electronic device with software through which the User gains access to the Service
  • Cookies – text data collected in the form of files placed on the User’s Device
  • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals concerning the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Personal Data – means information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person
  • Processing – means an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction;
  • Restriction of processing – means marking stored personal data to limit their processing in the future
  • Profiling – means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements
  • Consent – the consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by which they, by a statement or by clear affirmative action, signify agreement to the processing of personal data relating to them
  • Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed
  • Pseudonymization – means the processing of personal data in such a manner that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person
  • Anonymization – Data anonymization is an irreversible process that destroys or overwrites personal data in a way that prevents identification or linking of a specific record to an individual or natural person.

§2 Data Protection Officer

Pursuant to Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer. For matters related to data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

Due to the nature of the file, the Service distinguishes:

  • Internal Cookies – files placed and read from the User’s Device by the Service’s IT system
  • External Cookies – files placed and read from the User’s Device by IT systems of external Services. Scripts from external Services that may place Cookies on the User’s Device have been deliberately included in the Service through scripts and services provided and installed in the Service
  • Session Cookies – files placed and read from the User’s Device by the Service during a single session of that Device. After the session ends, the files are deleted from the User’s Device.
  • Persistent Cookies – files placed and read from the User’s Device by the Service until they are manually deleted. The files are not automatically deleted after the session ends unless the User’s Device configuration is set to delete Cookie files after the session ends.

Due to the function performed by the Cookie file, the Service distinguishes:

  • Essential Cookies – are crucial for the basic functions of the website, and the website will not function as intended without them. These cookies do not store any personally identifiable information.
  • Functional Cookies – help perform certain functionalities like sharing website content on social media platforms, gathering feedback, and other third-party features.
  • Analytical Cookies – are used to understand how users interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
  • Performance Cookies – are used to understand and analyze the key performance metrics of the website, helping to provide a better user experience for visitors.
  • Advertising Cookies – are used to deliver personalized advertisements to users based on the pages they visited before and to analyze the effectiveness of the advertising campaign.

§4 Data Storage Security

  • Cookie Storage and Reading Mechanisms – The mechanisms for storing, reading, and exchanging data between the Cookies saved on the User’s Device and the Service are implemented through built-in web browser mechanisms and do not allow for retrieving other data from the User’s Device or data from other websites visited by the User, including personal data or confidential information. Transferring viruses, trojans, or other worms to the User’s Device is also practically impossible.
  • Internal Cookies – The cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that could threaten the security of personal data or the security of the User’s Device.
  • External Cookies – The Administrator takes all possible measures to verify and select partners for the Service in terms of User safety. The Administrator cooperates with well-known, large partners with global social trust. However, the Administrator does not have full control over the content of Cookies originating from external partners. The Administrator is not responsible for the security of Cookies, their content, or their use by external services installed on the Service, as far as the law allows. The list of partners is included later in this Privacy Policy.
  • Cookie Control
  • User Risks – The Administrator applies all possible technical measures to ensure the security of data stored in Cookies. However, it should be noted that ensuring the security of these data depends on both parties, including the User’s activities. The Administrator is not responsible for the interception of this data, impersonation of the User’s session, or deletion as a result of conscious or unconscious User activity, viruses, trojans, and other spyware that may or may not have infected the User’s Device. Users should follow internet safety guidelines to protect themselves from these threats.
  • Personal Data Storage – The Administrator ensures that all possible efforts are made to ensure that the personal data voluntarily provided by Users is secure, access to it is limited, and handled in accordance with its intended use and processing purposes. The Administrator also ensures that all possible efforts are made to secure the data held against loss by applying appropriate physical and organizational safeguards.
  • Password Storage – The Administrator declares that passwords are stored in an encrypted form using the latest standards and guidelines in this area. Decryption of passwords provided in the Service’s login accounts is practically impossible.

§5 Purposes for which Cookies are used

  • Facilitate and improve access to the Service
  • Personalize the Service for Users
  • Marketing, Remarketing in external services
  • Ad serving
  • Compiling statistics (users, number of visits, types of devices, connection, etc.)
  • Serving multimedia services

§6 Purposes of processing personal data

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:
    • Newsletter service (including sending advertising content with consent)
    • Commenting/liking posts in the Service without the need to register
    • Sharing information about content posted on the Service in social networks or other websites.
  • Communication between the Administrator and Users concerning the Service and data protection
  • Ensuring the Administrator’s legitimate interests

Data about Users collected anonymously and automatically is processed for one of the following purposes:

  • Conducting statistics
  • Remarketing
  • Serving ads tailored to Users’ preferences
  • Ensuring the Administrator’s legitimate interests

§7 External Service Cookies

The Administrator uses javascript scripts and web components from partners in the Service, which may place their cookies on the User’s Device. Remember that in your browser settings, you can decide which cookies from specific websites are allowed. Below is a list of partners or their services implemented in the Service that may place cookies:

Services provided by third parties are beyond the control of the Administrator. These entities may change their terms of service, privacy policies, purposes for processing data, and how they use cookies at any time.

§8 Types of data collected

The Service collects data about Users. Some data is collected automatically and anonymously, while other data is personal and provided voluntarily by Users when signing up for specific services offered by the Service.

Anonymous data collected automatically:

  • IP address
  • Browser type
  • Screen resolution
  • Approximate location
  • Pages opened on the Service
  • Time spent on a given subpage of the Service
  • Type of operating system
  • Previous subpage address
  • Referring site address
  • Browser language
  • Internet connection speed
  • Internet service provider
  • Demographic data (age, gender)

Data collected when sending a contact form

  • First name / last name / pseudonym
  • Company name
  • Email address
  • Phone number
  • IP address (collected automatically)

Data collected when signing up for the Newsletter

  • Email address
  • IP address (collected automatically)

Data collected when adding a comment

  • First name / last name / pseudonym
  • Email address
  • IP address (collected automatically)

Some data (without identifying data) may be stored in cookies. Some data (without identifying data) may be passed to a statistical service provider.

§9 Access to personal data by third parties

In principle, the only recipient of personal data provided by Users is the Administrator. Data collected within the services provided is not passed on or resold to third parties.

Access to the data (usually based on a data processing agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for running the Service, such as:

  • Hosting companies providing hosting or related services for the Administrator
  • Companies through which the Newsletter service is provided
  • Companies intermediating online payments for goods or services offered within the Service (in case of purchasing transactions in the Service)
  • Companies responsible for managing the Administrator’s accounting (in case of purchasing transactions in the Service)
  • Companies responsible for delivering physical products to the User (postal / courier services in case of purchasing transactions in the Service)

Entrusting personal data processing – Newsletter

The Administrator uses a third-party service, Mailerlite, to implement the Newsletter service electronically. Data entered into the newsletter sign-up form is passed on, stored, and processed in the external service provider’s system.

We inform you that the mentioned partner may modify the indicated privacy policy without the Administrator’s consent.

Entrusting personal data processing – Hosting, VPS, or Dedicated Servers

The Administrator, to run the Service, uses external hosting, VPS, or dedicated server providers – LH.pl Sp. z o.o. All data collected and processed in the Service is stored and processed in the provider’s infrastructure located in Poland. Access to this data may occur due to maintenance work carried out by the provider’s staff. Access to this data is regulated by the agreement between the Administrator and the Service Provider.

Transferring personal data – Accounting Services

In case of transactions, some personal data of individuals or personal data of individuals conducting business activity are transferred to the entity providing accounting services for the Administrator, “PITU CITU” Katarzyna Chojnacka. The storage and transfer of data are governed by the Accounting Act and the agreement between the Administrator and the Service Provider.

§10 How personal data is processed

Personal data voluntarily provided by Users:

  • Personal data will not be transferred outside the European Union unless it is published as a result of the User’s individual action (e.g., posting a comment or entry), which will make the data available to anyone visiting the Service.
  • Personal data will not be used for automated decision-making (profiling).
  • Personal data will not be resold to third parties.

Anonymous data (without personal data) collected automatically:

  • Anonymous data (without personal data) will be transferred outside the European Union.
  • Anonymous data (without personal data) may be used for automated decision-making (profiling). Profiling anonymous data (without personal data) does not have legal consequences or similarly significantly affect the person whose data is subject to automated decision-making.
  • Anonymous data (without personal data) will not be resold to third parties.

§11 Legal basis for processing personal data

The Service collects and processes Users’ data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals concerning the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
    • art. 6 para. 1 point a The data subject has given consent to the processing of their personal data for one or more specific purposes
    • art. 6 para. 1 point b Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject before entering into a contract
    • art. 6 para. 1 point f Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
  • The Act of 10 May 2018 on the Protection of Personal Data (Dz.U. 2018 poz. 1000)
  • The Act of 16 July 2004 – Telecommunications Law (Dz.U. 2004 nr 171 poz. 1800)
  • The Act of 4 February 1994 on Copyright and Related Rights (Dz.U. 1994 Nr 24 poz. 83)

§12 Duration of personal data processing

Personal data voluntarily provided by Users:

As a rule, the specified personal data is stored only for the duration of the service provision within the Service by the Administrator. It is deleted or anonymized within 30 days from the termination of service provision (e.g., deleting a registered user account, unsubscribing from the Newsletter, etc.).

An exception is a situation that requires securing the legitimate purposes of further processing of this data by the Administrator. In such a case, the Administrator will retain the specified data from the time of the User’s request for deletion, for no longer than 3 years, in the case of a violation or suspected violation of the Service’s terms by the User.

Anonymous data (without personal data) collected automatically:

Anonymous statistical data that does not constitute personal data is stored by the Administrator for statistical purposes for an indefinite period.

§13 User rights related to the processing of personal data

The Service collects and processes Users’ data based on:

  • Right of access to personal data Users have the right to access their personal data, executed upon request submitted to the Administrator.
  • Right to rectification of personal data Users have the right to request the Administrator to immediately rectify personal data that is incorrect or to complete incomplete personal data, executed upon request submitted to the Administrator.
  • Right to erasure of personal data Users have the right to request the Administrator to immediately erase personal data, executed upon request submitted to the Administrator. In the case of user accounts, the erasure of data involves anonymizing data that allows the identification of the User. The Administrator reserves the right to withhold the request for data erasure to protect the Administrator’s legitimate interest (e.g., if the User has violated the Service’s Terms of Use or the data was obtained as a result of ongoing correspondence). In the case of the Newsletter service, the User can independently delete their personal data using the link provided in each email sent.
  • Right to restrict the processing of personal data Users have the right to restrict the processing of personal data in cases specified in Art. 18 of the GDPR, including questioning the accuracy of personal data, executed upon request submitted to the Administrator.
  • Right to data portability Users have the right to obtain personal data concerning them from the Administrator in a structured, commonly used, machine-readable format, executed upon request submitted to the Administrator.
  • Right to object to the processing of personal data Users have the right to object to the processing of their personal data in cases specified in Art. 21 of the GDPR, executed upon request submitted to the Administrator.
  • Right to lodge a complaint Users have the right to lodge a complaint with a supervisory authority responsible for personal data protection.

§14 Contact with the Administrator

You can contact the Administrator in one of the following ways:

  • Postal address – “NOLIA” Ilona Wesołowska, ul. Żydowska 17/193, 05-825 Grodzisk Mazowiecki
  • Email address – hello@ezpage.eu
  • Telephone contact – +48 579 957 324

§15 Service Requirements

  • Restricting the ability to save and access cookies on the User’s Device may result in incorrect operation of some features of the Service.
  • The Administrator is not responsible for the incorrect operation of Service functions if the User restricts the ability to save and read cookies in any way.

§16 External Links

Within the Service – articles, posts, entries, or User comments – there may be links to external sites with which the Service Owner does not cooperate. These links and the sites or files pointed to may be dangerous to your Device or pose a threat to your data security. The Administrator is not responsible for the content located outside the Service.

§17 Changes to the Privacy Policy

  • The Administrator reserves the right to change this Privacy Policy at any time without notifying Users regarding the use of anonymous data or the use of cookies.
  • The Administrator reserves the right to change this Privacy Policy regarding the processing of Personal Data. Users with user accounts or who have signed up for the newsletter will be informed by email within 7 days of the changes. Continued use of the services constitutes acknowledgment and acceptance of the changes to the Privacy Policy. If a User disagrees with the changes, they must delete their account from the Service or unsubscribe from the Newsletter.
  • Changes to the Privacy Policy will be published on this subpage of the Service.
  • Changes take effect upon publication.