1. Definitions
1.1. Administrator or Cyfrowy Polsat - Cyfrowy Polsat S.A. ul. Łubinowa 4a, 03-878 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, under KRS number 0000010078, NIP 796 18 10 732, having share capital in the amount of PLN 25,581,840.64 (paid in full)
1.2. Personal data - all information about a natural or legal person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including - if they allow identification of the User - device IP, location data , Internet ID and information collected through cookies and other similar technologies.
1.3. Privacy Policy - this privacy policy.
1.4. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Protection Regulation data).
1.5. Website - the website run by the Administrator at the following addresses: www.studialubinowa.pl, www.studiac Cyfrpolsat.pl, www.lubinowastudios.eu and www.cyfrowypolsatstudios.eu.
1.6. User - any natural person visiting the Website or using one or several services or functionalities of the Website.
1.7. Trusted Partner - an entity with which the Administrator cooperates, providing marketing content tailored to the User or intermediary in providing such content.
2. Data processing in connection with the use of the website
2.1. The Privacy Policy describes the rules for the use of cookies or other similar technologies and the processing of personal data collected while using the Website by the User.
2.2. In connection with the User's use of the Website, the Administrator collects his data to the extent necessary to provide individual services offered, as well as information about the User's activity on the Website, including the device's IP, location data, internet identifier and information collected via cookies and other similar technologies. Cookies and similar technologies are not used to identify the User and the User's identity is not determined on their basis. Cookies and similar technologies in a situation where they do not automatically allow the identification of a natural person, only in combination with other unique identifiers or other information enabling the identification of that natural person may constitute personal data.
2.3. Using the Website is possible without the need to create an account by the User. In this case, using the Website does not require providing personal data in the registration form. The processed data includes information on the use of the Website.
2.4. With the User's consent, Trusted Partners who use cookies or similar technologies to collect and process personal data to personalize content may have access to information about the use of the Website.
2.5. As part of the Website, it will be possible to use the functionalities offered by social networks, e.g. commenting on articles or sharing them (Facebook). In such cases, the Website, at the User's request, will download from the User's account on the social network information necessary to perform the activities.
2.6. With the User's consent, Trusted Partners who use cookies or similar technologies to collect and process personal data to personalize content may have access to information about the use of the Website.
3. COOKIES AND SIMILAR TECHNOLOGIES
3.1. In connection with the use of the Website, cookies or similar technologies are used to provide the User with access to the Website, improve its operation, profiling and displaying content tailored to the User's needs.
3.2. Cookies are small text files saved on the User's telecommunications terminal device (computer, telephone, tablet, etc.) while using the Website, allowing to save and read information that the Administrator and other entities providing services to it (e.g. analytical and Statistical) or Trusted Partners use for various purposes, which can be divided into the categories described below.
3.3. Cookies-like technologies include Local Storage and Session Storatege Local Storage is the browser's memory area in which data is saved. Local Storage differs from cookies in that the data stored in it are only available for the browser - the server cannot read them. In the case of Local Storage after closing the browser, the data is not deleted after closing the browser. Session Storage is the equivalent
3.4. For simplicity, cookies and similar technologies will be collectively referred to as "cookies".
3.5. We use two types of cookies or similar technologies because of their lifetime:
3.5.1. session - files stored on the User's device until the User logs out or leaves the Website;
3.5.2. permanent - files stored on the User's device until they are deleted by the User or until the cookie file expires within the time limit specified in the cookie file specification.
3.6. The administrator and other entities providing services to him (e.g. analytical and statistical) or Trusted Partners use cookies for various purposes, which can be divided into the following categories.
3.6.1. Required cookies, necessary to use the website:
a) cookies with data entered by the User (session ID) for the duration of the session (user input cookies);
b) authentication cookies used for services that require authentication for the duration of the session (authentication cookies);
c) cookies used to ensure security, e.g. used to detect fraud in the field of authentication (user centric security cookies);
d) session cookies of multimedia players (e.g. flash player cookies), for the duration of the session (multimedia player session cookies);
3.6.2. Functional cookies that facilitate the use of the website:
a) persistent cookies used to personalize the User interface for the duration of the session or a little longer (user interface customization cookies),
b) cookies used to monitor website traffic, i.e. data analytics - these are files used to analyze the way the User uses the Website, to create statistics and reports on the operation of the Website.
c) cookies used to log into the Website using social networking sites.
3.6.3. Marketing cookies, allowing the delivery of advertising content - the Administrator and his Trusted Partners also use cookies for marketing purposes, including in connection with targeting behavioral advertising to Users.
3.7. The use of cookies and personal data collected through them for marketing purposes of Trusted Partners requires the consent of the User. This consent may be withdrawn at any time.
3.8. The User may at any time change the settings of cookies or similar technologies by changing the privacy settings in the browser or application or changing the settings of his account on the Website, provided that this change may result in lack of access to some of the Website's functions.
3.9. Changing privacy settings is possible by selecting the appropriate option in the browser or application settings. For the most popular web browsers, the User can independently manage privacy settings, including cookies, in particular by accepting cookies, changing cookie settings and blocking or deleting cookies. The way and scope of changes to privacy settings depends on the type or version of the browser or application used by the User. Detailed information on changes in privacy settings are available on the websites of these providers:
• in the Chrome browser
• in the Firefox browser
• in Internet Explorer
• in the Microsoft Edge browser
• in the Opera browser
• in the Safari browser
4. Purposes and legal basis for data processing on the website
The administrator processes Users' personal data in order to:
4.1. providing access to the website - pursuant to art. 6 clause 1 letter b GDPR;
4.2. performing obligations arising from legal provisions - pursuant to art. 6 clause 1 lit. c GDPR;
4.3. implementation of the following legally justified interests of the Administrator or a third party - pursuant to art. 6 clause 1 letter f GDPR:
4.3.1. own marketing, including profiling, in particular presenting behavioral advertising, displaying marketing content on the Website to the User or sending notifications to selected Users about interesting offers or content by means of electronic communication, in particular by e-mail, provided that the User has given appropriate consent, as well as conducting other types of marketing activities, e.g. satisfaction surveys.
4.3.2. detection and elimination of fraud;
4.3.3. internal purposes related to the provision of services and business activities, including evidence, analytical and statistical purposes.
4.4. The User's personal data will be processed with his consent for marketing purposes of Trusted Partners, in particular related to the presentation of behavioral advertising - pursuant to art. 6 clause 1 lit. and GDPR.
4.5. The implementation of the above objectives causes that the Administrator in some cases uses profiling. This means that thanks to the automatic processing
5. Period of personal data processing
5.1. Personal data will be processed for the period of: , administrative and criminal ones requiring data processing, and in the case of consent until the purpose of consent is met or its withdrawal, whichever comes first.
5.2. The user can independently delete cookies from his device. In order to clean the User's end device (computer, phone, tablet, etc.) from cookies, the browser's cache and cookies should be deleted. The process of clearing the cache and cookies should be done in your browser settings. Settings may vary depending on the browser and its version. For more information on the options available in individual browsers, see section 4.10. Deleting cookies will result in deleting Website settings.
6. User rights
6.1. In connection with the processing of personal data, the User has the following rights:
6.1.1. to correct the data - if an error crept during the data collection or if the data change, the User has the right to provide correct and current data, and the Administrator will correct or update it;
6.1.2. access to data - the User may exercise this right if he wants to know what data we process;
6.1.3. to delete data, also known as the "right to be forgotten" - if the User considers that the data are no longer necessary for the purposes for which they were collected, he has the right to request the Administrator to delete them;
6.1.4. to limit data processing - if the User has doubts as to whether the Administrator processes data correctly, he has the right to submit an application for restriction of processing;
6.1.5. to transfer data - the User may receive and transfer from the Administrator to another entity the data provided to the Administrator;
6.1.6. to object to the processing of data on the basis of the justified interest of the Administrator or a third party, including profiling, for reasons related to a particular situation, and to object to the processing of data for direct marketing purposes;
6.1.7. to withdraw consent at any time - the User has the right to withdraw his consent regarding data processing at any time and for any reason; the withdrawal of consent has no retroactive effect, i.e. the processing that took place until the consent was withdrawn remains fully valid and legal;
6.2. In order to consider the application for the implementation of the above rights, the Administrator is entitled to verify the User's identity, which prevents the disclosure of information about the User to unauthorized persons. In the case of Users who have not created an account on the Website, the Administrator cannot verify the User's identity, as the processed data relate only to information on the use of the Website, without information about the User's identity.
6.3. The User may submit a complaint regarding the processing of personal data to the supervisory body dealing with the protection of personal data. The President of the Office for Personal Data Protection is the supervisory authority in the Republic of Poland.
7. Data recipients and TRUSTED PARTNERS
7.1. Users' personal data may be transferred to the following categories of recipients: entities providing the Administrator with services necessary to achieve the purposes of processing, including IT suppliers, entities providing technical, organizational and consulting support, other subcontractors in the field of customer service, calculation of fees and payment services, marketing, integrators and entities providing additional services under premium-rate services, entities authorized under the law, companies from the Cyfrowy Polsat Group.
7.2. With the User's consent, Trusted Partners who use cookies or similar technologies to collect and process personal data to personalize content may have access to information about the use of the Website. Trusted Partners with whom the Administrator cooperates in connection with the use of their services or tools, including for personalizing the content and services offered on the Website, belonging to the following categories: advertisers, media houses, companies offering tools for managing advertising campaigns and website owners, in particular: Google, Facebook, Gemius. Trusted Partners may, among others analyze, collate and combine information from the Website with other information they possess, e.g. related to the User's use of their services or the User's activity on other websites. Information about the rules for processing of personal data by Trusted Partners and the use of cookies and other technologies are provided in the manner set by them, in particular in the documents of Trusted Partners describing the rules for the processing and protection of personal data.
8. Transfer of data outside the EEA
User's personal data may be transferred to international countries / organizations outside the European Economic Area, when these countries / organizations have been found, pursuant to the decisions of the European Commission, to provide an adequate level of protection of personal data to the level of protection applicable in the European Economic Area or provided that appropriate safeguards are applied, which may involve the use of binding corporate rules, standard data protection clauses adopted by the European Commission, standard data protection clauses adopted by the President of the Office for Personal Data Protection or contractual clauses admitted by the President of the Office for Personal Data Protection, and copies thereof can be obtained upon request submitted in the method indicated in item 10 below.
9. Security of personal data
9.1. The administrator conducts risk analysis on an ongoing basis to ensure that personal data are processed by him in a secure manner - first of all, ensuring that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks they perform . The administrator ensures that operations on personal data are recorded and carried out only by authorized employees and associates.
9.2. The Administrator takes all necessary actions so that its subcontractors and other cooperating entities guarantee the use of appropriate security measures whenever they process personal data on behalf of the Administrator.
10. Contact details
10.1. Requests, statements and all correspondence regarding personal data should be sent by phone to the Customer Service Center (tel. 22 212 72 22), in writing to the following address: Cyfrowy Polsat S.A. , ul. Łubinowa 4a, 03-878 Warsaw, by e-mail to the address kontakt@cyfrowypolsat.pl, as well as in writing or orally for the report at the Point of Sale (service).
10.2. The administrator has appointed a data protection officer who can be contacted: by phone at 022-426-19-30, electronically to the address iod@cyfrowypolsat.pl or in writing to the abovementioned address of the administrator's registered office with the note "Data Protection Officer".
11. Changes to the privacy policy
11.1. The Privacy Policy is reviewed on an ongoing basis and updated as necessary. The current version of the Privacy Policy has been adopted and is effective from 25/05/2018.