- General information
This policy applies to the website, which operates at the url: www.qkcitroenclassics.com
The website operator and personal data administrator is: Michał Kurlej Bognesvegen 8, 6016 Alesund
The operator’s e-mail contact address: firstname.lastname@example.org
The operator is the administrator of your personal data in relation to the information provided voluntarily on the website.
The website uses personal data for the following purposes:
Handling inquiries via the form
The website receives information about users and their behavior in the following way:
Through data that is voluntarily provided in forms, which are entered into the operator’s systems.
By storing cookie files in end devices (so-called „cookies”).
- Selected methods of data protection used by the operator
The places for logging in and entering personal data are protected in the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
Personal data stored in the database is encrypted in such a way that only the operator holding the key can read it. Thanks to this, the data is protected in case the database is stolen from the server.
User passwords are stored in a hash form. The hash function works in one direction – it is not possible to reverse the operation, which is now a modern standard in storing user passwords.
The website uses two-factor authentication, which is an additional form of protection for logging into the website.
The operator periodically changes its administrative passwords.
To minimize the risk of unauthorized access to data, the operator uses complex passwords containing lower and upper case letters, numbers and special characters, not shorter than 8 characters.
The website is hosted (technically maintained) on the operator’s server: another company
- Your rights and additional information about the use of data
In some situations, the administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the administrator. This applies to such groups of recipients:
persons authorized by us, employees and affiliated companies who must have access to personal data in order to perform their duties,
companies that handle SMS messages,
companies that the administrator collaborates with in their own marketing,
law firms and debt collection,
Your personal data processed by the administrator no longer than is necessary to carry out related activities specified in separate regulations (e.g. on accounting). In the case of marketing data, the data is not processed for more than 3 years.
You have the right to request it from the administrator:
access to your personal data,
and data portability.
You have the right to object to the processing specified in point 3.3 c) to the processing of personal data to carry out the legitimate interests pursued by the administrator, including profiling, while the right to object cannot be exercised if there is a valid legally justified basis for the processing of your interests, rights and freedoms, in particular to establish, investigate or defend claims.
The administrator’s actions can be appealed to the president of the personal information office, ul. Stawki 2, 00-193 Warsaw.
Providing personal data is voluntary but necessary to operate the website.
In relation to you, measures consisting of automated decision-making may be implemented, including profiling in order to offer services under the concluded contract and for the purpose of carrying out direct marketing by the administrator.
Personal data is transferred from third countries in accordance with the provisions on the protection of personal data. This means that we send them outside the EU.
- Information in the forms
The website collects information voluntarily provided by the user, including personal data, if provided.
The website may store information about connection parameters (time stamp, IP address).
In some cases, the website may store information that facilitates the linking of data in the form with the e-mail address of the user who fills in the form. In this case, the user’s email address appears on the URL of the page containing the form.
The data provided in the form is processed for the purpose resulting from the function of a particular form, for example to process service request or commercial contact, servant registration, etc. Each time the context and description of the form clearly informs what it is used for.
- Administrator logs
Information about users’ behavior on the website can be logged. This data is used to administer the website.
- Relevant marketing techniques
The operator uses remarketing techniques that allow advertising messages to be tailored to the user’s behavior on the website, which may give the illusion that the data personal data about the user is used to track him, but in practice no personal data is transferred from the operator to the advertising operators. The technological prerequisite for such activities is that cookies are activated.
The operator uses a solution that studies user behavior by creating heat maps and recording behavior on the website. This information is anonymised before it is sent to the service provider so that it does not know which natural person it concerns. In particular, passwords and other personal data are not recorded.
The operator uses a solution that automates the operation of the website in relation to users, for example, which can send an email to the user after visiting a certain sub-page, provided that he has agreed to receive commercial correspondence from the operator.
The operator may use profiling in accordance with the provisions on the protection of personal data
- Information about cookies
Cookie files (so-called „cookies”) are IT data, especially text files, which are stored on the website user’s end device and are intended for the use of the website’s pages. Cookies usually contain the name of the website they come from, the storage time on the end device and a unique number.
The entity that places cookies on the website user’s end device and accesses them is the website operator.
Cookies are used for the following purposes:
maintain the website’s user session (after login), thanks to which the user does not need to enter the login and password on each subpage of the website;
achieve the objectives described above in the „Important Marketing Techniques” section;
The website uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the user’s end device until they log out, leave the website or switch off the software (browser). Persistent cookies are stored on the user’s end device for the time specified in the cookie parameters, or until they are deleted by the user.
Website browsing software (browser) usually allows cookies to be stored on the user’s end device by default. Website users can change their settings in this regard. The browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this topic can be found in the help or documentation in the browser.
Cookies placed on the end device of the website user can also be used by entities that cooperate with the website operator, in particular the following companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
- Manage cookies – how do you express and withdraw consent in practice? If the user does not wish to receive cookies, he can change his browser settings. We reserve the right that deactivating cookies that are necessary for authentication processes, security, maintenance of user preferences, may make it difficult, and in extreme cases may prevent the use of websites.
To manage cookie settings, select the browser you use from the list below and follow the instructions: