Privacy Policy and Cookies Policy
GDPR is the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons in relation to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
For the needs of the activities of Agnieszka Kieliszek-Korczyńska, let’s adopt a few definitions:
Personal Data – information about an identified or identifiable natural person based on identifiers such as name and surname, as well as one or several specific factors defining the physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, location data, identification number, and information collected through cookies and similar technologies; personal data in the meaning of Art. 4(1) of the GDPR.
EEA – European Economic Area – a free trade zone and common market encompassing the countries of the European Union and the European Free Trade Association, excluding Switzerland.
Account – a User account established in the Service, which allows access to purchased products or services.
Cookies – commonly referred to as cookies – data information stored in the form of text and numeric files that are placed on the User’s end devices. Such end devices can be, for example, a mobile phone, laptop, or tablet. The basic types of cookies are:
The use of cookies other than essential cookies and the processing of personal data in connection with the use of these cookies depends on obtaining the User’s consent. This consent may be withdrawn at any time. Withdrawal of consent does not affect the legality of the processing carried out on the basis of consent before its withdrawal.
Privacy Policy – this document.
Service – the website located at www.kieliszekkorczynska.pl and all its subpages.
Information Society Service – any service normally provided for a fee, at a distance, electronically, and at the individual request of the service recipient. In Poland, the information society service is defined as a service provided electronically; a service in the meaning of Art. 1(1)(b) of the Directive of the European Parliament and of the Council (EU) 2015/1535.
Act on the Provision of Electronic Services – the Act of July 18, 2002, on the provision of electronic services (Journal of Laws No. 144, item 1204, as amended).
Telecommunications Law – the Act of July 16, 2004, on telecommunications law (Journal of Laws No. 171, item 1800, as amended).
Any entity, whether a natural person or a legal entity. You must be at least 16 years old to independently consent to the processing of personal data. A User under the age of 16 must obtain the consent of a legal guardian in order to receive information society services
Współ-administratorami Twoich danych osobowych są:
Co-administration is related to my use of social media platforms. The Service also employs social media plugins that direct users to social media portals
Based on consent (Article 6(1)(a) of the GDPR):
Due to the necessity of entering into and/or performing a contract or taking action at the request of the data subject (Article 6(1)(b) of the GDPR):
Due to the necessity of fulfilling legal obligations of the Controller (Article 6(1)(c) of the GDPR):
Based on the legitimate interests of the Controller (Article 6(1)(f) of the GDPR):
You have the following rights regarding your personal data:
Please note that your rights are not absolute and do not apply to all data processing activities. To exercise your rights, simply inform the Administrator, and we will resolve the issue. Just write to: biuro@kieliszekkorczynska.pl, specifying the problem.
In connection with the provision of services, personal data will be disclosed to external entities, including, in particular, suppliers responsible for the management of IT systems, marketing agencies (in the scope of marketing services), and entities affiliated with the Administrator.
The main data recipients include:
In cases where consent is obtained from you, your data may also be shared with other entities for their own purposes, including marketing purposes.
As the Administrator, I reserve the right to disclose selected information about the User to competent authorities or third parties who request such information, based on an appropriate legal basis and in accordance with applicable law.
Since some entities collaborating with me are based outside the EEA, and therefore are considered “third countries” under the GDPR, I, as the Administrator, ensure that these entities have committed to providing an adequate level of personal data protection.
I only transfer personal data outside the EEA when necessary, mainly in cases of using services from internationally operating entities. In such cases, service providers may have branches or subsidiaries within the EEA. Additionally, legal mechanisms are employed to ensure an appropriate level of protection, primarily compliance mechanisms (e.g., binding corporate rules approved by the relevant supervisory authority, international certification standards) or standard contractual clauses as defined by the European Commission, as provided in Article 46 of the GDPR. This decision applies to third countries covered by an adequacy decision. Personal data may also be transferred outside the EEA based on the User’s consent. More information on the rules for transferring data outside the EEA can be found here.
For Google Inc., the collected data does not allow the identification of a specific individual, and more information about the privacy standards of the tool is available at the link: google.com/intl/pl/policies/privacy/partners/. Additionally, you can opt out of Google Analytics tracking using this link: https://tools.google.com/dlpage/gaoptout. For Meta Inc., the collected data generally does not allow the identification of a specific individual, and more information about the tool’s privacy standards is available at: https://developers.facebook.com/docs/privacy/. For Vimeo, Inc., the collected data generally does not allow the identification of a specific individual, and more information about the privacy standards of the tool is available at: https://vimeo.com/privacy. For LinkedIn Corporation, the collected data generally does not allow the identification of a specific individual, and more information about the privacy standards of the tool is available at: https://www.linkedin.com/legal/privacy-policy/. For MailerLite Limited, the collected data generally does not allow the identification of a specific individual, and more information about the privacy standards of the tool is available at: https://www.mailerlite.com/legal/privacy-policy.
The duration for which I will process personal data depends on the legal basis for its processing. I inform you that:
Please note that providing personal data is voluntary. However, failure to provide personal data may result in the inability to use certain functionalities of the Service, access specific content, or make it impossible to perform a service or fulfill an order.
As the Administrator, I analyze the personal data of newsletter subscribers, including their history of opening and viewing the newsletter, browsing history on the Service, transaction history within the Service, and activity history on social media profiles on platforms such as Facebook and LinkedIn. This analysis is conducted in an automated manner based on the principles offered by data service providers. However, the analysis of data does not have legal effects or significantly impact your situation, including your rights or freedoms.
The purpose of processing data in an automated manner is to understand Users’ preferences in order to tailor the new space missions I create, which involve delivering new content, offers, or messages based on the aggregated preferences of Users.
Celem przetwarzania danych w sposób zautomatyzowany jest poznanie preferencji Użytkowników w celu dostosowania tworzonych przeze mnie nowych misji kosmicznych, które polegają na dostarczaniu nowych treści, ofert lub komunikatów do preferencji zbiorczych Użytkowników.
I would like to inform you that “cookies” are used on the Service. Cookies are utilized to provide Users with electronic services and to improve the quality of these services, ensure the proper functioning of the Service, enhance navigation, remember cookie preferences, ensure security, manage the Service, conduct statistical and analytical research, serve marketing purposes, connect with social media platforms, and ensure the proper operation of the online store.
Upon your first visit to the Service, a notification regarding the use of cookies will be displayed, including the types of cookies used, along with a request for consent to utilize specific cookies.
By accepting cookies, information from the service provider will be stored in the memory of the device you are using, such as a tablet, computer, or phone, which you cannot control.
However, you have the option to manage cookies:
Managing Cookies on First Visit: On your first visit to the Service, a notification about the use of cookies, including their types, will be displayed. Within this notification, you have the option to consent to selected cookies.
Deleting Cookies from Your Device: You can remove cookies from your device. To do this, you should clear your browsing history in your browser. This will delete all cookies from all visited pages. Please be aware that doing this may result in the loss of saved information (e.g., login data).
Preventing Cookie Storage: You can always change your browser settings to refuse requests for cookie installation. However, before deciding to change your settings, please note that cookies are designed for your convenience while using the website. Disabling cookies may cause improper display of the website in your browser.
Incognito Mode: You have the option to use the incognito mode offered by web browsers. In this case, cookies will be deleted upon closing the browser.
Other Devices: If you use a different end device, computer profile, or web browser, you will need to redefine your cookie preferences.
Disabling or limiting cookie support may lead to difficulties in using the Service or limit its functionality.
I would like to inform you that I use the following tools and functionalities:
As the Administrator, I provide the option to contact me using an electronic contact form available on the Service. Using the form is not mandatory. To use the form, the User is required to provide their name and email address. This information is necessary for providing a response to your inquiry. Users may also provide additional information to facilitate contact or the handling of the inquiry. Providing personal data marked as mandatory fields is required for accepting and processing the inquiry. Failure to provide this data will result in the inability to use the contact form or process the inquiry. Providing the remaining personal data is voluntary.
On the website, you can find links to social media platforms where information about us and our activities is posted. We are both the data controllers as the owners of the social media account and the owners of the respective social media platforms.
The Service uses plugins that direct users to social media platforms like Facebook and LinkedIn. These plugins are marked with the logo of the respective social media service. Personal data is transmitted to the social media platforms only when you actively click the appropriate plugin button. After clicking the icon with the social media platform’s logo, your web browser will establish a connection with the servers of that social media platform, and you will be redirected to the external service provider’s page, which is the owner of that social media service. At the same time, your web browser will establish a direct connection with the servers of the selected social media platform. Using these features may involve the use of external cookies.
From the moment you click on a particular plugin, your personal data is processed on the respective social media platform, and the owner of that platform becomes a co-controller of your personal data. As Agnieszka Kieliszek-Korczyńska, I inform you that once you actively click the plugin button, I have no influence over the nature and scope of the personal data collected by the owner of the respective social media platform. Data is transmitted regardless of whether you have an account on the social media platform or whether you are logged in. If you are logged in to a specific social media platform (e.g., LinkedIn), the collected personal data will be directly associated with your account (profile) on that platform.
By subscribing to the newsletter, you provide me with your data in the form of your name and email address through the newsletter signup form. Providing this data is voluntary but necessary to subscribe to the newsletter. The legal basis for processing personal data is Article 6(1)(a) of the GDPR.
You can withdraw your consent at any time.
The full scope of your rights and obligations regarding personal data processing (in accordance with Article 13 of the GDPR) is included in the information clause in point 6 of the Privacy Policy.
If you give your consent and subscribe, your personal data such as your name and email address will be used to send you emails containing commercial content as well as any promotions and discount coupons.
The mailing system used for sending the newsletter tracks all activity and actions taken by each User related to the emails sent to them, including the date and time the message was opened, clicks on links included in the message, and the moment of unsubscribing, etc.
I use the MailerLite system to manage the list of email marketing subscribers and to send emails to subscribers. MailerLite is an external provider that may collect and process Users’ personal data using standard technologies to help me monitor and improve the newsletter. In connection with the services provided for sending the newsletter, I use cookies, unique identifiers, navigation signals, and similar tracking technologies.
I use the Google Analytics service for analytical purposes on the Service. A special tracking code has been installed in the code of the Service’s website that uses Google LLC cookies related to Google Analytics. Information about your use of the Service generated by the cookie is usually sent to a Google server in the USA and stored there. Google Analytics has been enhanced on the Service with the code “gat._anonymizelp();” to ensure anonymous recording of IP addresses (known as IP masking). With the anonymization of the IP address on the Service, the User’s IP address is shortened by Google LLC within the EEA. Only in exceptional cases is the full IP address sent to a Google LLC server in the USA and then shortened. In the context of Google Analytics, information is used such as: details about the operating system and web browser you are using; the subpages viewed within the Service; the time spent on the Service and its subpages; transitions between the subpages of the Service; the source from which you came to the Service.
I also use the Facebook Pixel service on the Service for marketing purposes, which enables tracking the effectiveness of Facebook ads for statistical and market research purposes, checking whether Users visiting the Service were redirected to the Service after clicking an ad on Facebook (known as “conversion”). A special tracking code has been installed on the website of the Service that uses Meta cookies related to the Meta Pixel service.
As the Administrator, I also use the statistical functions available on social media profiles, such as LinkedIn, provided by the owners of these platforms.
Your activity is recorded in system logs (a special computer program used to store a chronological record containing information about events and actions related to the information system used to provide services by Agnieszka Kieliszek-Korczyńska). Each request directed to the server is logged, which includes, among other things: the public IP address of the computer from which the request originated; the User’s name provided during the authentication process; the time the request was received; information about the User’s browser; language; access hours; the address of the page from which the User was redirected; and information about the web browser or information system the User is using. The above-mentioned data is not associated with specific individuals using the Service.
The information collected in the logs is primarily processed for purposes related to providing services. I also process it for technical and administrative purposes, to ensure the security of the information system and manage that system, as well as for analytical and statistical purposes. In this context, the legal basis for processing is the legitimate interest of the administrator (Article 6(1)(f) of the GDPR).
I continuously analyze whether your personal data is being processed securely. I also take necessary actions to ensure that subcontractors and other entities cooperating with me guarantee the implementation of appropriate security measures when acting on my behalf.
The policy is continuously reviewed and updated as necessary. I encourage you to regularly check the contents of this document for any updates.
The latest version of the Privacy Policy is published on the Service.
The current version of the Policy was adopted and is effective as of September 1, 2023