Privacy Policy

PRIVACY AND COOKIES POLICY

Version 3 dated 7.04.2022.

  1. General principles of our adopted Privacy Policy
    1. TimeTo Ltd. attaches particular importance to the privacy and security of personal information of users of the website operated at https://affpact.com and other ADO services (hereinafter: the Service). In this regard, we are guided in particular by the principles arising from the following laws and regulations issued pursuant to them:
      1. Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: RODO);
      2. The Act of May 10, 2018 on the Protection of Personal Data (Journal of Laws of 2018, item 1000, hereinafter: PDPA);
      3. Act of July 18, 2002 on the provision of services by electronic means (Journal of Laws 2017, item 1219, hereinafter: UŚUD);
      4. Act of July 16, 2004. - Telecommunications Law (Journal of Laws No. 171, item 1800, as amended, hereinafter: Pr.tel).
    2. The administrator of personal data of persons using the Service is TimeTo Sp. z o.o., based in Gliwice at 10 Dunikowskiego St., 44-100, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Gliwice, 10th Economic Department of the National Court Register under the number 0000673031, NIP 6312669532.
    3. The privacy policy specifies, among other things:
      1. The scope and manner of our processing of the personal data of the users of the Website (hereinafter also referred to as: Customer),
      2. The ability to access this data,
      3. The way these data are used,
      4. Policy on the use of cookies on the Website.
  2. Ways to collect user data
    1. We are committed to making our services best suited to your situation and to making it easier for you to contact us. To this end, we collect a variety of data about you. However, we only collect and process data that you provide to us yourself (with the exception - in certain situations - of data collected automatically through cookies and login data, as discussed below).
    2. In accordance with the usual practice of most Web sites, we store HTTP requests directed to our servers. The resources viewed are identified by URLs. The exact list of information stored in Web server log files is as follows:
      1. The public IP address of the computer from which the request came (this can be directly the user's computer);
      2. The name of the client station - identification implemented by the http protocol if possible;
      3. time of arrival of inquiry;
      4. The first line of the http request;
      5. http response code;
      6. The number of bytes sent by the server;
      7. URL address of the page previously visited by the user (referer link) - in the event that the passage to the ADO Site occurred through a link (affiliation);
      8. information about the user's browser;
      9. information about errors that occurred in the execution of http transactions.
    3. The basis for the processing of the User's personal data is the User's consent to the processing of his/her personal data. Consent may be given by the User only voluntarily, by filling in the appropriate contact form, on the Administrator's services or in another way, i.e. by the option to send a statement to an e-mail or subscribe to a newsletter. The data provided in the form are processed for the purposes specified in the consent, i.e.
      1. Consent to the processing of personal data for marketing purposes of the Administrator , including profiling of the Customer;
      2. Consent to receive commercial information and offers from the Administrator;
      3. Consent to share the Customer's e-mail address with the Administrator's business partners in order to receive commercial information from them about new offers, promotions, services;
      4. Consent to receive the newsletter;
      5. Consent to the processing of the Customer's telephone number, for direct marketing purposes.
    4. The consent given by the User for the processing of his/her personal data is completely voluntary, informed, open and confirmed by the User. The Administrator applies an opt-in policy for obtaining consents, which means that only by checking the checkbox does the User give the indicated consent.
    5. Personal data is also processed on the basis of Article 6(1)(f) of the RODO for contact purposes unrelated to the Administrator's offering of services on behalf of itself or its Business Partners, to respond to inquiries, as well as for archiving and statistical purposes, which is the Administrator's legitimate interest.
    6. In connection with the processing of personal data, the User has the right to:
      1. Request from the Administrator access to your personal data,
      2. Request the Administrator to rectify your personal data,
      3. request the Administrator to delete your personal data,
      4. Request the Administrator to restrict the processing of your personal data,
      5. The right to withdraw consent to the processing of personal data at any time, which, however, does not affect the processing of personal data between consent and withdrawal,
      6. transfer of your personal data,
      7. lodge a complaint to the supervisory authority - the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw.
      8. If your personal data is processed under Article 6(1)(f) of the RODO, you have the right to object to the processing of your personal data.
    7. In order to exercise the above rights, please send an email to the following address brakzgody@affpact.com, containing the following data: e-mail address or telephone number and the content of the request, e.g. deletion of data or its modification - in this case you should indicate the new e-mail address to which the newsletter service is to be provided.
  3. Profiling
    1. In the process of providing services, we make decisions in an automated manner on the basis of the data we have about you, including the data you provide in the form and stored in the web server log files. Based on this information, we assign you a personal profile relevant to our ability to offer you the services provided by TimeTo Ltd . These decisions are made automatically on the basis of web monitoring developed by us. Decisions made automatically affect the selection of products offered to you and notifications sent to you.
    2. Profiling means the processing of personal data by using your personal data to evaluate some of your characteristics, in particular to analyze your economic situation, preferences, interests and location. We profile you for the purposes related to our business activities, i.e. offering you products and providing you with notifications regarding price changes of these products.
    3. Automated decision-making for direct marketing of the Administrator's services and also the services and products of the Administrator's business partners is necessary for the proper conduct of the Administrator's business. Automated decision-making for the marketing purposes mentioned above is made only on the basis of your consent.
    4. If you do not agree with our assessment made in the above manner, you may report the above, in the form referred to in Section. 2.6 above.
  4. The scope of data collected about you through the Service and how it is used
    1. The scope of data processing depends on the scope of consent given by the User, and, as stipulated, in order to fully implement the service the User should give all consents.
    2. In the case of granting consent for the processing of personal data, the user should provide data that will enable him/her to be identified and contacted, i.e. at least first name, last name, e-mail address and telephone number. At the stage of filling out the contact form, the Administrator does not require other personal data.
    3. In the case of certain products and services, it may become necessary to provide a more detailed range of personal data. In this case, the purposes of processing will be indicated during the User's telephone conversation with the Administrator's consultant, or at the same time with the corresponding form used to register the relevant personal data by the User.
    4. The Administrator hereby informs you that it uses the following technologies to track your activities on the Site:
      1. Conversion pixel of Facebook, Twitter, Google, LinkedIn, Pinterest, go.co.uk - for the purpose of managing ads on the aforementioned services of the Administrator and conducting marketing, remarketing and retargeting activities.
    5. The administrator collects the data provided by the user in order to present the user with an offer of financial products (in particular, credits and loans, products aimed at debt restructuring, insurance and investment products). Accordingly, the customer's personal data may be used in particular for the following purposes:
      1. Verification of the User's identity, including through a telephone call;
      2. to present an offer of a specific product or service of an ADO business partner;
      3. To establish contact with the User directly by ADO's business partner;
      4. The realization of the rights of data subjects;
      5. marketing activities, including through electronic communication means, including analysis of user behavior and needs, market analysis;
      6. sending newsletters or sending SMS messages, or sending a statement, with appropriate consent;
      7. Create user databases;
      8. to improve our offerings and the content of the Service;
      9. for other purposes as specified in this privacy policy.
    6. The administrator may, under the terms of Article 28 RODO, entrust their processing to third parties without your separate consent.
    7. The User acknowledges that his/her personal data may also be transferred to authorized state authorities in connection with their proceedings, at their request and upon fulfillment of the prerequisites confirming the necessity of obtaining such data from the Administrator.
  5. Rules governing the use of cookies
    1. Your use of the Website may involve the recording and storage of so-called "cookies" on your computer (or other device enabling access to the Website, such as a smartphone). Cookies are text-number files which enable the use of various functions of websites, e.g. they collect information on how a given website is used, enable recording of user's session status or allow to adjust and optimize displayed content to the user's preferences.
    2. The Service uses two main types of cookies: "session" (session cookies) and "permanent" (persistent cookies). "Session" cookies are temporary files that are stored on the User's terminal equipment until the User logs out, leaves the website or shuts down the software (web browser). "Permanent" cookies are stored on the user's end device for the time specified in the parameters of the cookies or until they are deleted by the user.
    3. Cookies are sent and may be stored on your computer in a way that allows you to access them for the following purposes:
      1. to tailor the content posted on the Website to your individual preferences and needs (profiling, see above);
      2. Statistical information about activity on the Website (e.g., information about users' geographic location, frequency of use of our services, reports of interests and demographics) in order to better understand users' use of the Website and to improve its content, such as Google Analytics, Brand24.co.uk;
      3. Behavioral, contextual advertising and remarketing, such as Google AdWords, Google AdSense, advertising using affiliate marketing technology;
      4. Saving or using cookies does not cause any configuration changes to your computer or the software installed on that computer.
      5. The user has the ability to determine the conditions for storing or accessing cookies through the settings of the software installed in the telecommunications terminal device used by the user.
      6. Most web browsers allow cookies to be stored on the user's device by default. The user can block the option of storing cookies at any time or give permission for cookies to be stored on his/her computer by changing the settings in the web browser, advertising settings, mobile application advertising settings and any other available methods.
      7. Instructions for managing cookies are available at http://wszystkoociasteczkach.pl/ in Polish and on the website http://www.allaboutcookies.org/manage-cookies/ in English. However, disabling the storage of cookies may hinder the use of the Website, in particular by limiting or disabling certain features of the Website. Therefore, it is recommended that you consent to your browser's use of cookies.
      8. At the same time, we would like to inform you that if the user's browser accepts cookies, the user consents to the use of these cookies in accordance with the provisions of Polish law, in particular Article 173 of the Telecommunications Act. In particular, the content of cookies may be transferred to advertisers and partners cooperating with ADO with regard to services offered on the Website or advertised through it.
      9. The user can delete the installed cookies at any time by using the appropriate option in the browser he/she is using. If you browse the Website in browser incognito mode, all cookies installed during your visit to the Website are deleted by default when you close your browser. Please consult your browser software provider or the "help" section of your browser menu for details.
      10. Cookies are also placed in the Service User's phone and may also be used by advertisers and partners cooperating with the Service Operator.
  6. Data protection measures
    1. User information is processed by the Administrator with appropriate technical and organizational measures that meet the requirements of Polish law, in particular those indicated in the introduction of this Policy. These measures are primarily aimed at securing users' personal data from access by unauthorized persons. In particular, only authorized persons (employees and contractors of Timeto Sp. z o. o.), who are obliged to keep the data confidential, have access to users' personal data.
    2. The Administrator shall keep personal data until you withdraw your consent to the processing of personal data or for the time necessary for the purpose for which the consent was obtained, in particular for the duration of the performance of the service or the Agreement and for the time during which it is possible to assert claims in connection with the Company's activities, but no longer than for a period of 3 years from the date of obtaining your personal data.
    3. In addition, data may be retained for fraud and abuse prevention, statistical and archival purposes for a period of 10 years from the date of termination of the contract or the event giving rise to the need for such processing.
    4. At the same time, in order to ensure accountability, the Administrator will keep the data for the period of time during which the Administrator is required to retain the data or documents containing them for the purpose of documenting compliance with legal requirements, including allowing public authorities to audit their compliance.
    5. Your personal data will not be transferred outside the European Economic Area.
    6. Personal data may also be shared with IT, legal, auditing, accounting, bookkeeping, postal and courier service providers to the extent necessary to ensure proper provision of services, and with state authorities in connection with their proceedings under applicable law, as well as with entities to which we are obliged to make them available under applicable law.
  7. Policy Changes
    1. Expansion or change in the scope or content of the services we provide, as well as changes in legislation, may make it necessary to amend the Privacy Policy. In such a situation, we will inform you of the changes in the "Privacy Policy" tab. Along with the change in the version of the Privacy Policy, the date indicating the date of its implementation and the signature indicating the particular version of the Policy will appear. No change will adversely affect your fundamental right to control the data we process.
  8. Contacting the Service Administrator
    1. We make every effort to allow users to make any comments, suggestions, tips and objections to the data processing policy we have adopted. A customer service representative is responsible for contacting you. Please send any issues related to the content of this Policy to the following e-mail address: office@affpact.com.
    2. Fulfilling the regulation of Article 13(1)(b) of the RODO, the Administrator indicates that it has appointed a Data Protection Officer, whom interested Users may contact in writing at the Administrator's address or by email at: iod@affpact.com.