Privacy Policy

The following Privacy Policy defines the rules for saving and accessing data on Users' Devices using the Service for the purpose of providing services electronically by the Administrator and the rules for collecting and processing personal data of Users, which have been provided by them personally and voluntarily through the tools available in the Service.

The following Privacy Policy is an integral part of the Regulations of the Service, which defines the rules, rights, and obligations of Users using the Service.

§1 Definitions

• Service - the website "westpomeranianapps.com" operating at the address https://www.westpomeranianapps.com

• External service - websites of partners, service providers, or service recipients cooperating with the Administrator

• Service / Data Administrator - The Administrator of the Service and the Data Administrator (hereinafter referred to as the Administrator) is the company "IT Tomasz Paluszkiewicz", based at: Srebrna 10, 70-704, Szczecin, Poland, with the assigned tax identification number (NIP): 9552307586, providing services electronically via the Service

• User - a natural person for whom the Administrator provides services electronically via the Service.

• Device - an electronic device together with the software, through which the User gains access to the Service

• Cookies - text data collected in the form of files placed on the User's Device

• GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (general data protection regulation)

• Personal data - means information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors characteristic of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

• Processing - means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, combination, restriction, erasure, or destruction;

• Restriction of processing - means the marking of stored personal data with the aim of limiting their processing in the future

• Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning the performance of that natural person, their economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

• Consent - the data subject's consent means the data subject's voluntary, specific, informed, and unambiguous indication of their wishes, by which the data subject, by a statement or a clear affirmative action, agrees to the processing of personal data concerning them

• Personal data breach - means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data transmitted, stored, or otherwise processed

• Pseudonymization - means the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to prevent attribution to an identified or identifiable natural person

• Anonymization - Data anonymization is an irreversible process of operations on data that destroys / overwrites "personal data" making identification, or linking a given record to a specific user or natural person impossible.

§2 Data Protection Officer

Based on Art. 37 GDPR, the Administrator has not appointed a Data Protection Officer.

For matters related to data processing, including personal data, please contact the Administrator directly.

§3 Types of Cookies

• Internal cookies - files placed and read from the User's Device by the Service's IT system

• External cookies - files placed and read from the User's Device by the IT systems of external Services. Scripts from external Services that may place Cookies on Users' Devices have been consciously placed in the Service through scripts and services provided and installed in the Service

• Session cookies - files placed and read from the User's Device by the Service or external Services during a single session of the given Device. After the session ends, the files are deleted from the User's Device.

• Persistent cookies - files placed and read from the User's Device by the Service or external Services until they are manually deleted. The files are not automatically deleted after the Device session ends unless the User's Device settings are set to delete Cookie files at the end of the Device session.

§4 Data Storage Security

• Mechanisms for storing and reading Cookie files - The mechanisms for storing, reading, and exchanging data between Cookie files saved on the User's Device and the Service are carried out through the built-in mechanisms of web browsers and do not allow for the retrieval of other data from the User's Device or data from other websites that the User has visited, including personal data or confidential information. It is also practically impossible to transfer viruses, trojan horses, and other worms to the User's Device.

• Internal cookies - the Cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content, or information that may threaten the security of personal data or the security of the Device used by the User.

• External cookies - the Administrator takes all possible actions to verify and select service partners in terms of User security. The Administrator selects well-known, large partners with global social trust for cooperation. However, it does not have full control over the content of Cookie files from external partners. The Administrator is not responsible for the security of Cookie files from external partners, their content, and licensed use by the installed Scripts from external Services, to the extent permitted by law. A list of partners is provided in the further part of the Privacy Policy.

• Control of Cookie files

  • The User can change the settings for saving, deleting, and accessing data of saved Cookie files by any website at any time.

  • Information on how to disable Cookie files in the most popular computer browsers is available at: how to disable cookies or from one of the indicated providers:

    • Managing cookie files in the Chrome browser
    • Managing cookie files in the Opera browser
    • Managing cookie files in the FireFox browser
    • Managing cookie files in the Edge browser
    • Managing cookie files in the Safari browser
    • Managing cookie files in the Internet Explorer 11 browser

  • The User can delete all Cookie files saved so far using the tools of the User's Device, through which the User uses the Services of the Service.

• Threats on the User's side - The Administrator uses all possible technical measures to ensure the security of data placed in Cookie files. However, it should be noted that ensuring the security of this data depends on both parties, including the User's activity. The Administrator is not responsible for the interception of this data, impersonation of the User's session, or its deletion, as a result of the intentional or unintentional activity of the User, viruses, trojan horses, and other spyware software that may have infected or is infecting the User's Device. Users should follow the safe internet usage guidelines to protect themselves against these threats.

• Storage of personal data - The Administrator ensures that it makes every effort to process personal data voluntarily provided by Users securely, that access to them is limited and carried out in accordance with their intended purpose and processing objectives. The Administrator also ensures that it takes all necessary measures to secure the data held against loss, by using appropriate physical and organizational safeguards.

§5 Purposes for which Cookies are used

The Service uses only necessary cookies, which are essential for the proper functioning of the site. These files do not collect personal data or information that allows identifying the user.

§6 Purposes of processing personal data

Personal data voluntarily provided by Users is processed for one of the following purposes:

• Providing electronic services:
  • Newsletter services (including sending advertising content with consent)
• Communication between the Administrator and Users regarding the Service and data protection
• Ensuring the Administrator's legitimate interest

Data about Users collected anonymously and automatically are processed for one of the following purposes:

• Ensuring the Administrator's legitimate interest

§7 Cookies of external Services

The Administrator uses javascript scripts and web components of partners in the Service, who may place their own cookies on the User's Device. Remember that in your browser settings, you can decide which cookies are allowed to be used by individual websites. Below is a list of partners or their services implemented in the Service, which may place cookies:

• Multimedia services:
  • YouTube
• Newsletter services:
  • Formspree

Services provided by third parties are beyond the Administrator's control. These entities may change their terms of service, privacy policies, data processing purposes, and cookie usage methods at any time.

§8 Types of collected data

The Service collects data about Users. Some data is collected automatically and anonymously, and some data is personal data voluntarily provided by Users when signing up for specific services offered by the Service.

Automatically collected anonymous data:

• IP Address
• Browser type
• Screen resolution
• Approximate location
• Opened subpages of the service
• Time spent on the respective subpage of the service
• Operating system type
• Address of the previous subpage
• Referring page address
• Browser language
• Internet connection speed
• Internet service provider

Data collected during registration:

• First name / last name / nickname
• Email address
• Phone number
• IP address (automatically collected)

Data collected when signing up for the Newsletter service

• First name / last name / nickname
• Email address
• IP address (automatically collected)

Data collected when adding a comment

• First and last name / nickname
• Email address
• Website address
• IP address (automatically collected)

§9 Access to personal data by third parties

As a rule, the only recipient of personal data provided by Users is the Administrator. Data collected as part of the services provided are not transferred or sold to third parties.

Access to data (usually based on a Data processing entrustment agreement) may be held by entities responsible for maintaining the infrastructure and services necessary for running the service, such as:

• Hosting companies providing hosting or related services for the Administrator
• Companies through which the Newsletter service is provided

Entrusting the processing of personal data - Newsletter

In order to provide the Newsletter service, the Administrator uses the services of a third-party entity - the service Mailerlite, . Data entered in the newsletter signup form are transferred, stored, and processed in the external service of this provider.

Please note that the specified partner may modify the specified privacy policy without the Administrator's consent.

Entrusting the processing of personal data - Hosting, VPS, or Dedicated Server Services

In order to run the service, the Administrator uses the services of an external hosting, VPS, or Dedicated Server provider - SeoHost sp. z o.o.. All data collected and processed in the service are stored and processed within the infrastructure of the service provider located within the European Union. There is a possibility of access to the data due to maintenance work carried out by the service provider's personnel. Access to this data is regulated by the contract concluded between the Administrator and the Service Provider.

§10 Method of processing personal data

Personal data voluntarily provided by Users:

• Personal data will not be transferred outside the European Union, unless they have been published as a result of the User's individual action (e.g., entering a comment or entry), which will make the data available to anyone visiting the service.
• Personal data will not be used for automated decision-making (profiling).
• Personal data will not be sold to third parties.

Automatically collected anonymous data (without personal data):

• Anonymous data (without personal data) will not be transferred outside the European Union.
• Anonymous data (without personal data) will not be used for automated decision-making (profiling).
• Anonymous data (without personal data) will not be sold to third parties.

§11 Legal bases for processing personal data

The Service collects and processes Users' data based on:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (general data protection regulation)
  • art. 6 sec. 1 lit. a
    the data subject has given consent to the processing of their personal data for one or more specific purposes
  • art. 6 sec. 1 lit. b
    processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  • art. 6 sec. 1 lit. f
    processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
• Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
• Act of 16 July 2004 Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
• Act of 4 February 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)

§12 Storage period of personal data

Personal data voluntarily provided by Users:

As a rule, the indicated personal data is stored only for the duration of the Service provision within the Service by the Administrator. They are deleted or anonymized within 30 days from the end of the service provision (e.g., deletion of the registered user account, unsubscribing from the Newsletter, etc.)

Exceptions are situations that require securing legally justified purposes for further processing of this data by the Administrator. In such a case, the Administrator will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the event of a violation or suspicion of violation of the service regulations by the User

Automatically collected anonymous data (without personal data):

Anonymous statistical data, not constituting personal data, are stored by the Administrator for the purpose of conducting service statistics for an indefinite period

§13 Users' rights related to the processing of personal data

The Service collects and processes Users' data based on:

• The right to access personal data
  Users have the right to obtain confirmation from the Administrator as to whether or not personal data concerning them are being processed, and if so, to access their personal data and the following information: purposes of the processing, categories of personal data concerned, recipients or categories of recipients to whom the personal data have been or will be disclosed, and the envisaged period for which the personal data will be stored.

• The right to rectification of personal data
  Users have the right to request the Administrator to rectify inaccurate personal data concerning them without undue delay, and taking into account the purposes of the processing, to have incomplete personal data completed, including by means of providing a supplementary statement.

• The right to erasure of personal data
  Users have the right to request the Administrator to delete personal data concerning them without undue delay, and the Administrator has the obligation to delete personal data without undue delay where one of the following grounds applies: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing, the data subject objects to the processing and there are no overriding legitimate grounds for the processing, the personal data have been unlawfully processed, the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

• The right to restriction of processing of personal data
  Users have the right to request the Administrator to restrict processing of personal data where one of the following applies: the data subject contests the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data, the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead, the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims, the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.

• The right to data portability
  Users have the right to receive the personal data concerning them, which they have provided to the Administrator, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance from the Administrator to which the personal data have been provided, where the processing is based on consent or on a contract and is carried out by automated means.

• The right to object to the processing of personal data
  Users have the right to object at any time to processing of personal data concerning them, on grounds relating to their particular situation, including profiling based on those provisions. The Administrator shall no longer process the personal data unless the Administrator demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.

• The right to lodge a complaint
  Users have the right to lodge a complaint with a supervisory authority competent for the protection of personal data.

§14 Contact with the Administrator

Contacting the Administrator can be done in one of the following ways

• Postal address - IT Tomasz Paluszkiewicz, Srebrna 10, 70-704, Szczecin, Poland

• Email address - contact@westpomeranianapps.com

• Phone call - +48 537 846 482

• Contact form - available at: https://www.westpomeranianapps.com/contact

§15 Service Requirements

• Limiting the saving and access to Cookie files on the User's Device may cause improper functioning of some Service features.

• The Administrator is not responsible for improperly functioning Service features if the User restricts in any way the possibility of saving and reading Cookie files.

§16 External links

In the Service - in articles, posts, entries, or comments by Users, there may be links to external websites, with which the Service owner does not cooperate. These links and the pages or files indicated by them may be dangerous for your Device or pose a threat to the security of your data. The Administrator is not responsible for the content outside the Service.

§17 Changes to the Privacy Policy

• The Administrator reserves the right to change this Privacy Policy at any time without the obligation to inform Users about it in the scope of using and processing anonymous data or using Cookies.

• The Administrator reserves the right to change this Privacy Policy regarding the processing of Personal Data, of which it will inform Users with user accounts or subscribed to the newsletter service, by e-mail within 7 days from the change of provisions. Further use of the services means acceptance of the introduced changes to the Privacy Policy. If the User does not agree with the introduced changes, they are obliged to delete their account from the Service or unsubscribe from the Newsletter service.

• Introduced changes to the Privacy Policy will be published on this subpage of the Service.

• Introduced changes come into force upon their publication.