1. General Information
This policy applies to the website operating at the following URL: wisene.pl.
The operator of the website and the Data Controller is:
WISENE Sp. z o.o.
ul. Taneczna 27, 02‑829 Warsaw
KRS: 0000359637
NIP: 9512312279
BDO: 000109216
The operator’s contact email address: edward.antoszkiewicz@wisene.com
The operator is the Controller of your personal data with respect to data voluntarily provided on the website.
The website uses personal data for the following purposes:
- fulfillment of ordered services
The website performs the function of collecting information about users and their behavior in the following ways:
- through data voluntarily entered in forms, which are entered into the operator’s systems,
- by storing cookies on end devices.
2. Selected Data Protection Methods Used by the Operator
Login areas and personal data entry points are protected at the transmission layer (SSL certificate). As a result, personal data and login credentials entered on the website are encrypted on the user’s computer and can only be read on the destination server.
Personal data stored in the database are encrypted in such a way that only the operator holding the key can read them. This protects the data in the event of database theft from the server.
User passwords are stored in hashed form. The hashing function works one‑way—it is not possible to reverse its operation, which is the current standard for password storage.
The operator periodically changes its administrative passwords.
To minimize the risk of unauthorized access to data, the operator uses complex passwords containing lowercase and uppercase letters, numbers, and special characters, no shorter than 8 characters.
Two‑factor authentication is used on the website, which provides an additional form of login protection.
An important element of data protection is the regular updating of all software used by the operator to process personal data (in particular, regular updates of programming components).
To protect data, the operator regularly performs security backups.
3. Hosting
The website is hosted (technically maintained) on the server of the operator: home.pl.
The hosting company maintains server‑level logs to ensure technical reliability. The following may be recorded:
- resources identified by URL (addresses of requested resources—pages, files),
- time of query arrival,
- time of response transmission,
- client station name—identification performed by the HTTP protocol,
- information about errors that occurred during HTTP transaction execution,
- URL of the page previously visited by the user (referrer link)—in case access to the website occurred through a link,
- information about the user’s browser,
- information about the IP address,
- diagnostic information related to the process of self‑ordering services through recorders on the website,
- information related to handling email directed to the operator and sent by the operator.
4. Your Rights and Additional Information on How Data Is Used
In certain situations, the Controller has the right to transfer your personal data to other recipients if this is necessary to perform the contract concluded with you or to fulfill obligations incumbent on the Controller. This applies to the following groups of recipients:
- hosting company (on the basis of entrustment),
- postal operators,
- companies providing marketing services on behalf of the Controller.
Your personal data are processed by the Controller no longer than is necessary to perform the activities associated with them as specified by separate regulations (e.g., on accounting). With respect to marketing data, data will not be processed for longer than 3 years.
You have the right to request from the Controller:
- access to your personal data,
- their rectification,
- deletion,
- restriction of processing,
- data portability.
You have the right to object to the processing indicated in section 3.3(c) with respect to the processing of personal data for the purpose of performing legitimate interests pursued by the Controller, including profiling, although the right to object may not be exercised in the event of valid legally justified grounds for processing that override your interests, rights, and freedoms, in particular the establishment, pursuit, or defense of claims.
You may file a complaint against the Controller’s actions with the President of the Personal Data Protection Office:
ul. Stawki 2, 00‑193 Warsaw.
Providing personal data is voluntary, but necessary for the operation of the website.
Actions involving automated decision‑making, including profiling, may be taken with respect to you in order to provide services under the concluded contract and for the purpose of direct marketing by the Controller.
Personal data are transferred to third countries within the meaning of personal data protection regulations. This means that we transfer them outside the European Union.
5. Information in Forms
The website collects information voluntarily provided by the user, including personal data, if provided.
The website may record information about connection parameters (time stamp, IP address).
In some cases, the website may record information facilitating the association of data in the form with the email address of the user completing the form. In such a case, the user’s email address appears within the URL of the page containing the form.
Data provided in the form are processed for the purpose arising from the function of the specific form, e.g., to process a service request or business contact, register services, etc. In each case, the context and description of the form clearly indicate what the form is for.
6. Administrator Logs
Information about user behavior on the website may be logged. These data are used for website administration purposes.
7. Important Marketing Techniques
The operator uses statistical analysis of website traffic through Google Analytics (Google Inc. based in the USA). The operator does not transfer personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s end device.
With respect to information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
The operator uses the Facebook pixel. This technology allows Facebook (Facebook Inc. based in the USA) to know that a person registered on it is using the website. This is based on data for which Facebook itself is the controller. The operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.
The operator uses remarketing techniques that allow advertising messages to be tailored to user behavior on the website, which may create the illusion that the user’s personal data are being used to track them, but in practice no personal data are transferred from the operator to advertising operators. The technological condition for such actions is enabled cookie support.
The operator uses a solution that examines user behavior by creating heat maps and recording behavior on the website. This information is anonymized before being sent to the service operator, so they do not know which individual it relates to. In particular, entered passwords and other personal data are not recorded.
The operator uses a solution that automates the operation of the website with respect to users, e.g., it may send an email to the user after visiting a specific subpage, provided they have consented to receiving commercial correspondence from the operator.
The operator may use profiling within the meaning of personal data protection regulations.
8. Information About Cookies
The website uses cookies.
Cookies are IT data, in particular text files, that are stored on the user’s end device and are intended for use on the website’s pages. Cookies typically contain the name of the website from which they originate, the time they are stored on the end device, and a unique number.
The entity placing cookies on the user’s end device and accessing them is the website operator.
Cookies are used for the following purposes:
- maintaining the user session on the website (after logging in), so that the user does not have to re‑enter their login and password on each subpage of the website,
- achieving the purposes specified above in the “Important Marketing Techniques” section.
Two basic types of cookies are used on the website:
- “session cookies”,
- “persistent cookies”.
Session cookies are temporary files that are stored on the user’s end device until they log out, leave the website, or close the software (web browser).
Persistent cookies are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.
Web browsing software (web browser) typically allows cookies to be stored on the user’s end device by default. Website users can change settings in this regard. The web browser allows cookies to be deleted. It is also possible to automatically block cookies. Detailed information on this is contained in the help or documentation of the web browser.
Restrictions on the use of cookies may affect some functionalities available on the website’s pages.
Cookies placed on the user’s end device may also be used by entities cooperating with the website operator, in particular this applies to companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
9. Managing Cookies—How to Give and Withdraw Consent in Practice?
If the user does not wish to receive cookies, they can change their browser settings. We note that disabling cookies necessary for authentication processes, security, and maintaining user preferences may hinder, and in extreme cases prevent, the use of www pages.
To manage cookie settings, select the web browser you are using from the list below and follow the instructions:
- Edge
- Internet Explorer
- Chrome
- Safari
- Firefox
- Opera
Mobile devices:
- Android
- Safari (iOS)
- Windows Phone