Privacy policy and cookies

This Privacy Policy explains how we collect, use, and protect the personal data provided to us and
outlines the rights of individuals whose data we process.

§1 Introduction

  1. The administrator of personal data collected via the website www.connectedrealities.eu (hereinafter referred to as the “Service”) is Connected Realities sp. z o.o., headquartered in Łódź, Poland, at Henryka Sienkiewicza 85/87, Unit 8, 90-057 Łódź. The company is registered in the National Court Register (KRS) maintained by the District Court for Łódź-Śródmieście, 20th Commercial Division, under KRS number: 0000838860, VAT ID (NIP): 7252299114, REGON: 386028924 (hereinafter referred to as the “Administrator”). The Administrator also has a registered branch office in Warsaw, located at Ludwika Rydygiera 8, 01-793 Warsaw.
  2. The Administrator respects the privacy of all individuals who visit our website (hereinafter referred to as “Users”) at www.connectedrealities.eu (the “Service”).
  3. The Administrator commits to maintaining the confidentiality of data collected during the use of the Service by its Users.

§2 Data processing principles

  1. The personal data of Service Users will be processed in accordance with the applicable law, including:
    • The Personal Data Protection Act of May 10, 2018 (Journal of Laws of 2018, item 1000),
    • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or GDPR).

§3 Purposes and operations of data processing

  1. The Administrator collects data from individuals who, for example, register on the Service using dedicated contact forms, subscribe to newsletters, download e-books, etc.
  2. The personal data of Service Users will be processed for the following purposes:
    • To provide services through the Service and for the purposes indicated in relevant forms, including but not limited to:
      • Subscribing to updates and receiving commercial information (e.g., newsletters, industry reports, e-books), as well as personalizing transmitted information, including data analysis and profiling for marketing purposes.
      • Submitting contact inquiries.
      • Requesting offers.
      • Distributing publications or materials.
    • Monitoring and enforcing compliance with the Service’s terms of use.
    • Administering and managing the Service.
    • Aggregating data for analysis to improve Service performance.
    • Communicating with Users, including for marketing activities, and other purposes compliant with applicable law, as required to perform a contract or for the direct marketing of the Administrator’s services, based on Article 6 (1) (b) and (f) GDPR.
  3. Depending on the method of using the Service, the User may be asked to provide a smaller or larger scope of information, including personal data, necessary to fulfill their requests or demands.
  4. When using services provided through the Service, the User may be asked to provide contact details, including name, company details, email address, and phone number.
  5. The Administrator will process the personal data provided by the User for direct marketing purposes as long as it is necessary to fulfill the User’s request or demand, unless the User objects to the processing of their personal data for this purpose.
  6. Providing personal data is voluntary but necessary to receive certain services, such as marketing information in the form of newsletters or e-book downloads.
  7. Depending on the User’s decision expressed when filling out the appropriate form, the provided personal data, particularly email addresses and phone numbers, may be used to send commercial information under the Act on Providing Electronic Services of July 18, 2002 (Journal of Laws of 2017, item 1219 – consolidated text, as amended) and the Telecommunications Law of July 16, 2004 (Journal of Laws of 2017, item 1907 – consolidated text, as amended).
  8. The Administrator has entered into a hosting agreement with home.pl S.A., which includes the processing of personal data entered by Users into relevant contact forms (e.g., name, surname, address, email address). The Administrator may share such data with this service provider.
  9. The hosting company will process the personal data of Service Users on behalf of and to the extent specified by the Administrator for the duration of the hosting agreement. The hosting company is obligated to comply with all the principles outlined in this Privacy Policy.
  10. Marketing communications and newsletters aim to tailor the content to the User’s business and professional preferences. No automated decision-making is conducted as defined in Article 22 of GDPR. Instead, business and professional preference analysis is used to optimize marketing communication and services offered by the Administrator.
  11. The Administrator uses MailChimp to automate newsletters and e-book distribution. By subscribing to an e-book or consenting to receive marketing communications, the User agrees to transfer their data to MailChimp, in accordance with its Privacy Policy and Terms. MailChimp is certified under the EU-U.S. Privacy Shield Framework and complies with GDPR.

§4 Sharing personal data

  1. The Administrator does not collect personal data for the purpose of transferring or selling it to external entities.
  2. Personal and operational data of Users may be disclosed to external entities, such as:
    • external organizations providing applications, functionalities, or data processing or IT services (e.g., providers of information technology, cloud-based software, identity management services, hosting and website management, data analysis, backup creation, security, etc.);
    • law enforcement authorities, regulatory bodies, other governmental authorities, or third parties, if the requirement to disclose data arises from applicable legal regulations.

§5 User rights

The Service User is entitled to the following rights.

  1. Right of access to personal data. The Service User has the right to obtain information from the Administrator regarding the processing of their personal data. The User also has the right to access this personal data, receive a copy of the data, and obtain the information specified in Article 15 (1) of the GDPR.
  2. Right to rectification of personal data. The Service User has the right to request that the Administrator promptly correct any inaccurate personal data. The User also has the right to request the completion of incomplete personal data.
  3. Right to erasure of personal data. At any time, the Service User has the right to request that the Administrator promptly delete their personal data. Data processing up to the moment the User withdraws consent remains lawful. Personal data will be deleted:
    • when the personal data is no longer necessary for the purposes for which it was collected or processed;
    • when the Service User objects to the processing of their personal data, and the Administrator has no overriding legitimate grounds for processing;
    • when the Administrator has unlawfully processed the User’s personal data and is legally required to delete it;
    • when the Service User withdraws their consent on which the processing is based, and there is no other legal basis for the processing.
  4. Right to restriction of personal data processing. The Service User has the right to request that the Administrator restrict the processing of their personal data in the following cases:
    • if the Service User disputes the accuracy of their personal data processed by the Administrator;
    • if the Administrator processes the User’s personal data unlawfully, and the User opposes its deletion, requesting instead a restriction of its use;
    • if the Administrator no longer needs the User’s personal data for processing purposes, but the data is required by the User for establishing, exercising, or defending legal claims;
    • if the Service User has objected to the processing of their personal data by the Administrator.
  5. Right to data portability. The Service User has the right to receive their personal data from the Administrator or authorize the Administrator to transfer the User’s personal data to another administrator in a structured, commonly used format, provided that such transfer is technically feasible.
  6. Right to lodge a complaint with a supervisory authority. If the Service User believes that the processing of their personal data violates the law, they have the right to file a complaint with the supervisory authority, specifically the President of the Personal Data Protection Office.
  7. To exercise these rights, Users can contact the Administrator via email at office@connectedrealities.eu, specifying the justification and details of their request. For example, if requesting data deletion or changes, the User should provide the new email address to be used for the newsletter service. Requests will be addressed without undue delay, no later than 30 days from the date of receipt.

§6 Use of cookies

  1. Subject to obtaining the User’s consent, the Administrator may store certain information on the User’s device using cookies.
  2. Cookies are used, among other things, to remember certain User preferences and support the Administrator in improving the Service.
  3. Two main types of cookies are used in the Service:
    • Session cookies: These are temporary files stored on the User’s device until they log out, leave the Service, or close the web browser.
    • Persistent cookies: These are stored on the User’s device for the time specified in the cookie parameters or until deleted by the User.
  4. In many cases, web browsing software (internet browsers) allows cookies to be stored by default on the User’s device. Service Users can change their cookie settings at any time. These settings can typically be modified to block the automatic handling of cookies in the browser or to inform the User whenever cookies are placed on their device. Detailed information about managing cookies is available in the settings of the web browsing software.
  5. The User may express their consent to the use of cookies, as described above, via the settings of the software installed on their telecommunications device or by configuring the Service. To disable or restrict the use of cookies, the User can change their browser settings. However, doing so may result in the improper functioning or loss of access to some parts of the Service.
  6. The Service uses the following types of cookies:
    • Essential cookies: These enable the use of services available within the Service, such as authentication cookies used for services requiring login.
    • Security cookies: These are used to ensure security, for example, to detect misuse of authentication mechanisms within the Service.
    • Performance cookies: These collect information about how Users interact with the Service’s pages.
    • Functional cookies: These enable the “remembering” of User-selected settings and interface personalization, such as the selected language or region, font size, and website appearance.
    • Advertising cookies: These make it possible to deliver advertising content more tailored to the User’s interests.
    • Analytical cookies: These collect information about how the website is used, such as pages visited by the User and any error messages. These cookies do not collect information that identifies the User; instead, the data collected is aggregated and anonymized. Analytical cookies help improve the Service’s functionality.
  7. The Administrator informs that restrictions on the use of cookies may impact some functionalities available on the Service’s pages.
  8. More information about cookies can be found in the “Help” section of the User’s web browser menu.

§7 Risks related to service use

  1. The User should be aware that data transmitted over public telecommunications networks between their device and the Service is not entirely secure. The Administrator cannot guarantee full protection and security of such data during communication with the Service. Nevertheless, the Administrator assures that appropriate measures will be taken to secure data transmitted electronically, particularly personal data provided by the User through electronic forms.
  2. The Service may contain links to third-party websites or services. These third-party links may be associated with their own electronic services and privacy policies, which the User agrees to adhere to upon clicking the link and leaving the Service.

§8 Changes to the privacy policy

This Privacy Policy may be updated periodically. Changes will be published on the Service.

§9 Contact

For any questions regarding the processing of personal data, Users can contact the Administrator
at office@connectedrealities.eu.