General information
- This privacy policy sets out the rights and obligations of the User and security, as well as the rules for the collection, processing and use of personal data obtained from you through the website maintained at the domain www.ultimo.pl.
- The controller of data processed in connection with leaving data on the website, is Ultimo S.A. with its registered office in Wrocław at ul. Szczytnicka 11 (hereinafter referred to as Ultimo or the Data Administrator). Contact details of the data protection officer: inspektor.danych@ultimo.pl.
- Ultimo makes every effort to ensure that your privacy is respected and that the personal information provided is protected when using the website.
- The Data Controller, when processing data, is guided by the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of individuals, with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/WE (GDPR).
- The website available at the domain address: www.ultimo.pl is referred to in this Privacy Policy as the "Website".
- The terminal device from which you connect to the Website, such as a PC, tablet or telephone, is referred to as the "device".
- Persons using the Website are referred to as "Users".
- Cookies are files sent to the User's computer or other device while browsing the Website. Cookies remember the User's preferences, which allows the quality of the Service and of the search results, the accuracy of the information displayed, the creation of viewer statistics and the tracking of User preferences to be improved. Cookies do not change the configuration of the device or software installed on the User's device.
For what purposes and on what basis do we process data?
On the Website, we process Users' personal data for the following purposes:
- to enable the Website to be used, pursuant to Art. 6, point 1 letter b) of the GDPR;
- to inform about changes in the operation of the Website, pursuant to Art. 6, point 1 f of the GDPR;
- improvement of the Website's operation, pursuant to Art. 6, point 1 f of the GDPR;
- statistical studies and performing analytical tests for internal purposes, based on Art. 6, point 1 f of the GDPR;
- to detect cases of the unauthorised use of services, in order to determine liability, pursuant to Art. 6, point 1 f of the GDPR;
- to determine, defend and pursue claims, pursuant to Art. 6, point 1 f of the GDPR;
- to implement the contact ordered, via forms, ordering a telephone conversation or chatting in accordance with Art. 6, point 1 letter a of the GDPR.
What personal data do we use?
- Users can browse the Website without having to provide their personal data or registration. Some functions, such as chatting, may require data to be provided and some data may be collected automatically via cookies.
- Once a User has connected to the Website, information about the numbers -including the IP address or MSISDN number- and the type of device and software on the device used by the User, will appear in the Website's system logs.
- In order to make a telephone call through the available CallPage service, as ordered, the Controller will ask the User to provide the phone number and accept the statement/conditions which will appear in the CallPage service window.
- If the User wants to be contacted via the contact form, Ultimo will ask for the following: name, surname, e-mail address, telephone number, city and customer number.
- In order for the User to use the LiveChat service, Ultimo asks the User to read and accept the consent content available in the LiveChat window.
How do we use the data?
Ultimo will use the data collected:
- to correspond with the address provided by the User;
- to provide services and secure service appropriate to the User;
- for statistical purposes, in an anonymous form;
- to accept and consider the reservations and queries of Users;
- to adapt, measure and improve the Website's services.
How long do we retain personal data for?
The period of storage of personal data depends on the purpose for which it was processed, that is to say, that it is based on the consent given until revocation thereof, unless Ultimo has other legal bases for further processing. Telephone numbers will be stored for the period necessary to make the contact ordered and, in the case of contacting a person who is under some obligation to Ultimo, it will be stored until such data is made available to him by the creditor.
Cookies
Types of Cookies used
- Cookies used by the Data Controller are safe for the User's device. In particular, it is impossible to transfer viruses or other unwanted or malicious software, to a User's device by this channel. These files allow the User’s software to be identified, adapting the Website to each User individually.
- The Controller uses two types of cookies:
- Session cookies: files which are stored on the User's device and which remain there until the end of the browser session. The information stored is then deleted from the device. The mechanism involved in the use of session cookies does not allow any personal or confidential data to be downloaded from the User's device;
- Permanent cookies: these are stored on the User's device and remain there until they are deleted. Ending a browser session or turning the device off does not delete them from the User's device. The mechanism involved in the use of permanent cookies does not allow any personal or confidential data to be downloaded from the User's device.
- The User has the option of limiting or disabling the access of Cookies to his device. In such cases, using the Website will still be possible, except for those functions requiring cookies.
The purposes for which Cookies are used
The Controller uses- or may use- his own Cookies (Cookies placed by the Controller) for the following purposes:
- Website configuration:
- adapting the content of the Website pages to the User's preferences and optimising the use of Website pages;
- recognising the Website User's device and its location and displaying the website, tailored appropriately to his/her individual needs;
- remembering the settings selected by the User and personalising the User's interface, vis-à-vis language or region, as selected by the User;
- remembering the history of pages visited on the Website, in order to recommend content;
- font size, website appearance, etc.;
- the implementation of processes necessary for the full functionality of websites - i.e. adaptation of the content of the Website pages to the User's preferences and optimisation of the use of Website pages. In particular, these files allow us to understand the basic parameters of the User's device and display the web page tailored appropriately, to their individual needs;
- remembering the User's location, i.e. the correct configuration of selected Website functions, enabling, in particular, adjustment of the information provided to the User, taking into account his/her location;
- analysis, research and audience audit, i.e. creating anonymous statistics that help understand how Website Users use Website pages, thus allowing their structure and content to be improved;
- the provision of advertising services, i.e. the adaptation of advertising services and products, presented through the Website;
- ensure the safety and reliability of the Website.
The administrator of the service uses -or may use- External Cookies (Cookies placed by the Administrator's partners via the Website's website) for the following purposes:
- to present multimedia content on the Website's pages that are downloaded from an external website:
- www.youtube.com [Cookies administrator: Google Inc. based in the USA];
- collecting general and anonymous static data via analytical tools:
- Google Analytics [Cookies administrator: Google Inc. based in the USA];
- the use of interactive functions to promote the site on social networking sites:
- Facebook.com [Cookies administrator: Facebook Inc. with its registered office in the USA or Facebook Ireland with its registered office in Ireland],
- LinkedIn.com [Cookies administrator: LinkedIn Ireland Limited based in Ireland];
- using functions to facilitate communication through the Website, which are downloaded from an external website:
- LiveChat (Cookies administrator: LiveChat Inc. with headquarters in Boston or LiveChat Software with headquarters in Wrocław];
- CallPage (Cookies administrator: CallPage sp. z o.o. with headquarters in Krakow).
Possibilities of defining conditions for cookie storage and access of Cookies
- The User may independently -and at any time- change the Cookie settings, specify the conditions for storing them and accessing the User's device via Cookies. Changes to the settings mentioned in the previous sentence can be done by the User via browser settings or service configuration. In particular, these settings can be changed in such a way as to block the automatic handling of cookies in the web browser settings, or to inform the User whenever Cookies are placed on the User's device. Details regarding the possibilities and methods of managing cookie files are available in the software settings of the web browser.
- The User may delete Cookies at any time by using the features available in the web browser used by the User.
- Restricting the use of cookies may affect some of the functionalities available on the Website.
Do we transfer personal data outside the European Economic Area (EEA)?
We take care when choosing suppliers so that your personal data is not transferred outside the EEA.
What are your rights regarding the processing of personal data?
- The User has right of access to the content of his/her data, the right to rectify it, the right to delete it, the right to restrict its processing, the right to data portability, the right to object, the right to withdraw consent at any time, without affecting the lawfulness of any processing, performed on the basis of the consent given prior to the withdrawal of that consent.
- The scope of each of the rights and the situations in which they can be exercised are based in the legislation; which entitlement the User may use, will depend, for example, on the legal basis for the use, by Ultimo, of the User's data and the purpose for which any data is processed.
- The User may object to the processing of his/her data, including profiling, at any time. After accepting the application in such cases, Ultimo is obliged to stop processing data for this purpose.
- In special situations, the User may, at any time, object to the processing of personal data by Ultimo, including profiling, if the basis for the use of the data is our legitimate interest or public interest. In such a situation, after examining the User's application, Ultimo will no longer be able to process personal data, opposed to on this basis, unless it demonstrates that there are valid and legitimate grounds for processing such data, which according to the law, is considered to prevail over the User's interests, rights and freedom, or there are grounds to establish, pursue or defend claims.
- The User may, at any time, withdraw the consent given to Ultimo; such a withdrawal will not affect the lawfulness of the use of his/her data given prior to the withdrawal of such consent.
- The User has the right to lodge a complaint to the President of the Office for Personal Data Protection if he considers that the processing of his personal data violates the law.
How do we secure personal data?
- Ultimo uses the technical and organisational measures necessary to protect data, as required by the law applicable regarding the protection of personal data, in particular, Ultimo protects Users' personal data against disclosure to unauthorised persons, loss or damage.
- Communication between the User and the Website server is encrypted. Data transmission security is ensured by using the TLS transmission protocol (Transport Layer Security v1.2 or higher). TLS consists in encrypting data before sending it from the User's browser and decrypting it, having securely reached the server operating the Website. The information sent from the Website server to the User is encrypted and then decrypted.
What are the obligations of the User?
The actions taken by Ultimo to protect your data may not be sufficient if you do not comply with the security rules yourself.
How can you exercise your rights?
The User has the following rights. He/she may request information about the content of the data stored and may also change, block and delete data, rectify errors, supplement or update data, as well as object to the processing of his/her personal data for marketing purposes. In order to do this, he/she should correspond with the following address: Ultimo S.A. based in Wrocław (50-382), ul. Szczytnicka 11, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Wrocław Fabryczna in Wrocław, VI Economic Department of the National Court Register under number 0000448234, Tax Reg. no. NIP 897-16-76-655, Statistical Reg. no. Regon: 932830007.
Google Analytics
- The website uses Google Analytics and its advertising functions, as provided by Google Inc. (head office address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). These services support the Administrator in analysing and improving the Website.
- Google Analytics, together with advertising functions, use Cookies to analyse how the Website is used.
- The data received is processed in an aggregated and anonymised manner; this means that it is impossible for anyone to be identified.
- Each User has the option to block the transmission of data from electronic devices to Google Analytics by downloading and installing a free, browser plug-in, available at: https://tools.google.com/dlpage/gaoptout.
- Detailed information on how the above service collects and processes data is available at: www.google.com/intl/pl/policies/privacy/partners/.
CallPage (arranging a phone call)
- The Website allows Users to use the CallPage service, through which the User can arrange a telephone conversation with an Ultimo operator.
- Users' data is protected, in accordance with the applicable law, by technical and electronic security measures, including encrypting connections with the websites on which the service is made available, using the SSL protocol and employing stringent procedures to prevent unauthorised persons from accessing Users' personal data.
- For the purposes of the CallPage service, the tool uses cookies, which are used only to personalise a specific User.
LiveChat
- The LiveChat service is aimed at enabling Website Users to contact Ultimo via the Internet, using an online channel, which is based on contact between the parties by sending alternate text messages.
- Users' data is protected in accordance with applicable law by technical and electronic security measures, including encrypting connections with websites on which the service is made available, using the SSL protocol and employing stringent procedures to prevent unauthorised persons from accessing Users' personal data.
- For the purposes of the LiveChat service, the tool uses cookies, which are used only to personalise a specific User.
Other Websites
As part of the Website service, links to other websites may appear periodically. Such websites operate independently of the Website service and are not supervised in any way by the Website. These websites may have their own privacy policies, which the Website Administrator recommends be read. The Website is not responsible for the rules handling the data of other websites.
Questions and reservations
The Website may introduce changes to this Policy. However, if the rules set out therein change significantly in an unfavourable manner, the Website will notify such changes on its home page, which will be visible for 30 days. The Website recommends that Users periodically verify the tab with this Policy in order to become familiar with any changes.