Facebook

Click here and check out our full offer!

Privacy Policy

1. Who is the Data Controller?

The Data Controller is Maria Sieńko conducting business under the name Maryland Maria Sieńko, NIP: 5472015141, REGON: 240835368, address: ul. A. Grottgera 16/15, 43-300 Bielsko-Biała, Poland.
You can contact the Data Controller via email at: biuro@h2h.expert

2. For What Purpose Do We Collect Your Data and How Long Do We Store It?

We may process your personal data for the following purposes:

  1. Communication with You, including responses to inquiries sent via contact form, email, etc. Data is processed based on the legitimate interest of the Controller in communicating with users of the website (Art. 6(1)(f) GDPR).
    Your data will be processed until you object or until the business purpose no longer applies. Providing this data is voluntary but necessary for communication.

Data may also be archived for internal purposes based on the Controller’s legitimate interest (Art. 6(1)(f) GDPR) until an objection is raised or the business purpose expires.

  1. Contract Conclusion and execution of the contract (placing orders)
  2. Establishing, defending, and pursuing claims
  3. Fulfilling the Controller’s legal obligations (e.g., tax and archival obligations)

Data necessary for contract conclusion and execution of the contract is processed during the term of the contract and for exercising rights arising from it (e.g., warranty rights) (Art. 6(1)(b) and (f) GDPR). The provision of this data is voluntary, but necessary for the conclusion and execution of the contract.

Additional data provided for improving the execution of the contract will be processed until you object or the business purpose ceases, based on the legitimate interest of serving Customers (Art. 6(1)(f) GDPR).

After this period, the data will be processed for the period of the statute of limitations for claims based on the legitimate interest of the Controller to defend against claims, as well as to establish and pursue claims (Art. 6(1)(f) GDPR).

If the data is necessary for the fulfillment of legal obligations incumbent on the Controller (such as issuing and storing invoices) – the data will be processed for this purpose for no longer than 6 years (archiving obligations regarding accounting documents), unless a longer period is required by law (Art. 6(1)(c) GDPR).

Data may be archived for internal and statistical purposes until you object or the business purpose ceases, based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR).

  1. Providing Marketing Information (including sending newsletters and information about services, products, promotions, free content using other tools, e.g., chatbot, telephone).

Data is processed based on the legitimate interest of the Controller in marketing their products and services (Art. 6(1)(f) GDPR). Your data will be processed until you object or until the business purpose expires—whichever comes first. Providing data is voluntary but necessary for receiving marketing/commercial information.

Consent is required for commercial and telephone communication under Article 10 of the Act on the Provision of Electronic Services. You can withdraw your consent at any time by clicking the link in the email footer or by contacting us using the address stated above.

  1. Administration and management of the website and groups on social media platforms (including Facebook (Meta), Instagram, LinkedIn) in the case of data processing on social media platforms, including communication with you and directing marketing content to you. 

This data will only be processed if you decide to like the page/join the group/select the “Follow” option or otherwise leave your data on the platform managed by me, e.g. by posting or commenting. The data will be processed for the duration of the page/group or until you object, which can be done by unclicking the “Like,” “Follow,” deleting a comment/post, or in any other manner provided for on the platform/page, or by contacting us. Please note that the rules relating to the website/fan page/group are set by the Controller, while the rules for using the social media platform on which the website/fan page/group is located are set by the entity managing those platforms.

  1. Analytical and Statistical Purposes

Data processed for analytical and statistical purposes, consisting in particular of the analysis of data obtained automatically when using the website, including cookies, is processed on the basis of the Controller’s legitimate interest in adapting the content of the Website to the User’s preferences and optimizing the use of the Website; creating statistics, which help to understand how Users use the Website, enabling its structure and content to be improved (Article 6(1)(f) of the GDPR). The data may also be archived for internal and statistical purposes until you object or the business purpose based on the Controller’s legitimate interest ceases to exist (Article 6(1)(f) of the GDPR). 

  1. Comment Posting

With regard to the data visible on our Website in the comments section, this data is processed by us for the purpose of administering and operating the Website and communicating with you based on the legitimate interest of the Controller (Article 6(1)(f)) for the time necessary to achieve the business objectives or until you object.

  1. Promotion and Marketing

When you provide us with your data, in particular in the form of feedback on a product or service, including image data, this data will be processed on the basis of the Controller’s legitimate interest in marketing the Controller’s services and products and improving their quality. This data will be processed for the time necessary to achieve the business objectives or until you object. Providing your data is voluntary.

  1. Processing Sensitive Data

Sensitive data is collected for the purpose of executing the contract and its proper implementation based on your informed and voluntary consent (Article 9(2)(a) of the GDPR) – until the business purpose ceases to exist or consent is withdrawn. Providing data is voluntary, but necessary for the proper execution of the contract. 

  1. Recruitment

The data may be processed for the time necessary for the recruitment process and conclusion of the contract (Article 6(1)(b) and 6(1)(c) of the GDPR), and in the case of additional data provided voluntarily – based on your consent; for future recruitment purposes – based on your consent, for a maximum period of 3 years (this period is counted from the end of the year in which the application was received). Providing personal data is voluntary, but providing certain data may be necessary for the recruitment process and for concluding a contract. Not providing this data will result in the inability to perform the above-mentioned activities.

 

3. To Whom May We Transfer Your Data?

We only share your data with third parties when it is necessary to fulfill the purposes outlined in §2 and only to the extent required. As a rule, we collect and process only the data you have voluntarily provided, with the exception of data collected automatically (cookies). More information about cookies is available in §7.

If necessary, your data may be transferred to entities with whom we cooperate in the implementation of the above-mentioned purposes, in particular to a hosting company, an IT company/website management entity, a company providing accounting and bookkeeping services, an invoicing software provider, a newsletter service provider, a cloud service provider, marketing service providers, administrative service providers, 

consulting service providers, subcontractors, lawyers, couriers or postal operators, training platforms, social media platforms, customer service platforms, appointment scheduling platforms, product or service sharing platforms, and other entities that support the Controller in achieving the purposes of processing.

As a rule, data will not be transferred outside the EEA (European Economic Area), except in the situations described below. In other cases, when data is transferred outside the EEA, it will be done based on your consent, standard contractual clauses, or other safeguards provided for in the GDPR after fulfilling, among other things, the information obligation. 

Services provided by Google or Facebook (META) are generally provided by entities based in the European Union. However, due to the global nature of these entities’ operations, your data may be transferred to the US in connection with its storage on US servers (in whole or in part). Regardless of this, Google and Facebook have implemented security measures provided for in the GDPR to protect personal data in accordance with the requirements of the GDPR through the use of standard contractual clauses.  More information about the data processing policies of the above-mentioned providers can be found in the privacy policies of each entity.

If necessary for the purpose of processing, your data may also be transferred outside the EEA to the following entities:

  • Asana, Inc., 1550 Bryant Street, 2nd Floor, San Francisco, California 94103, USA
  • Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
  • Zoom Video Communications, Inc., 55 Almaden Blvd Fl 6, San Jose, California 95113, USA


4. What Are Your Rights?

Under the GDPR, you have the right to:

  • Access your personal data
  • Rectify your personal data
  • Erase your personal data
  • Restrict the processing of your personal data
  • Object to the processing of your personal data
  •  Transfer your personal data
  • Withdraw your consent;  withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If you believe your personal data is being processed unlawfully, you have the right to file a complaint with the President of the Personal Data Protection Office. However, we encourage you to contact us first to clarify any concerns.

5. Is Your Data Subject to Profiling?

The Controller analyzes personal data in an automated manner using tools provided by software providers (e.g., statistics, history) only to the extent that it does not produce any legal effects on you or similarly significantly affect your situation, including your rights or freedoms. The purpose of automated data processing is to learn about Users’ preferences (more information on analysis is provided in the Cookies Policy section).

6. Applicable Law Regarding Personal Data

In matters not covered herein, the relevant legal regulations apply, including European law (especially GDPR).

7. Cookie Policy

The Website does not automatically collect any information, except for information contained in cookies. This data is collected in a way that prevents the identification of the User, so-called Anonymous Data.

Cookies are IT data, in particular text files, which are stored on the end device of the Website User and are intended for use on the Website. Cookies usually contain the name of the website from which they originate, their storage time on the end device, and a unique number.

Cookies are used to customize the content of the Website to the User’s preferences and to optimize the use of the Website; to compile statistics that help understand how Users use the Website, which allows for improving its structure and content.

You can modify your cookie settings yourself. In many cases, web browsers allow cookies to be stored on the User’s end device by default. Detailed information about the options and methods for handling cookies is available in the software (web browser) settings. Not agreeing to cookies may limit the functionality of some features on the Website. 

The Administrator uses technologies that track user activity on the website, such as:

– Facebook (Meta) Pixel provided by Meta Platforms Ireland Limited – for the purpose of managing advertisements on Meta and conducting remarketing activities; Facebook Pixel is a piece of code published on a website that allows you to reach your target audience based on data about people who have visited the website. As part of the Facebook Pixel feature, it is therefore possible to display published advertisements on Meta’s portal exclusively to users of the portal who have shown interest in products or services or have factors in common with the above-mentioned persons. This data is processed on the basis of the legitimate interest of the Controller (Article 6(1)(f) of the GDPR). Detailed information about Facebook Pixel can be found in Facebook (Meta) Privacy Policy. 

 

– Google tools, including Google Analytics provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data obtained through the use of the above-mentioned tools is used to analyze the statistics of the Website. Google Analytics uses its own cookies to analyze the activities and behavior of Website Users. These files are used to store information, such as the website from which the User came to the current website. They help to improve the Website; this data is processed on the basis of the Controller’s legitimate interest (Article 6(1)(f) of the GDPR). Detailed information about can be found on the page on the rules for using Google tools

8. Social Media Plugins

The Website uses plugins, widgets, and other social media tools provided by portals such as Facebook (Meta), Instagram, Google, YouTube, and LinkedIn. The rules for the personal data processing are described directly on the websites of the above-mentioned service providers.

9. Joint Controllership

Data processed for statistical purposes collected within the Facebook (Meta) platform is jointly controlled by the Controller and Meta Platforms Ireland Limited, with its registered office at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, hereinafter referred to as the Joint Controller. Detailed rules regarding joint data control, including information about your rights, are described in the Privacy Policy.

Data processed within the Lindeln platform is jointly controlled by the Controller and LinkedIn Ireland Unlimited Company, address: Legal Dept. (Privacy Policy and User Agreement), Wilton Place, Dublin 2, Ireland, hereinafter referred to as the Joint Controller. Detailed rules regarding joint data control, including information on your rights, are described in the Privacy Policy.

The Controller processes data based on the Controller’s legitimate interest in analyzing User activity and preferences, in order to improve the functionality and services provided. In matters relating to personal data, you can contact both the Controller and the Joint Controller.