1. General information
- This policy applies to the website operating at: www.cycommsec.pl and www.securityalliance.io (hereinafter: “the Website”).
- The operator of the Website and, at the same time, the personal data controller in relation to data processed within the Website is: Cycommsec Sp. z o.o. ul. Orzycka 4/156 02-695 Warsaw, e-mail address: firstname.lastname@example.org (hereinafter jointly: “Operator” or “Controller”).
- The Website uses personal data for the following purposes: (i) running a newsletter, (ii) online chatting, (iii) handling requests sent using the contact form, (iv) providing requested services, (v) presenting an offer or information.
- The Website performs functions of obtaining information about users and their behaviour through data that was voluntarily entered in the contact forms and by saving cookies on end devices.
2. Selected data protection methods used by the Operator
- The login and personal data entry areas are protected within the data transmission layer (SSL certificate). This ensures that personal and login data entered on the Website is encrypted on the user’s computer and can only be read on the target server.
- User passwords are stored in an encrypted (hashed) form. The hash function works unidirectionally – its action cannot be reversed, which is the modern standard for storing user passwords. For this purpose, CycommSec uses strong hash functions, i.e. functions from the SHA-2 family.
- The Operator regularly changes the administrative passwords for the systems.
- The Operator shall make regular backups for data protection purposes.
- An essential element of data protection is the regular updating of all software used by the Operator to process personal data, which particularly includes regular updates of programming components.
- The Website is hosted (technically maintained) on the servers of the Operator: http://home.pl/
4. Your rights and additional information regarding data usage
- If it is necessary to execute the contract concluded with you or to fulfil the obligations of the Controller, the Controller will in some cases pass your personal data to other recipients. This applies to the following recipient groups: (i) persons authorised by us, employees and co-workers who need access to personal data in order to carry out their duties, (ii) the hosting company, (iii) email marketing companies, (iv) companies handling text messages, (v) companies that work with the Controller on the Controller’s own marketing.
- Your personal data will not be processed by the Controller longer than it is necessary for the performance of the activities related to them set out in separate regulations (e.g. on accounting). Marketing data will not be processed for longer than 3 years. After this time period, the data will be deleted from the Operator’s systems.
- You have the right to demand from the Controller: (i) access to personal data concerning you, (ii) rectification, (iii) erasure, (iv) restriction of processing, and (v) data portability. Furthermore, you have the right to object to the processing of your personal data for the purposes of pursuing the legitimate interests by the Controller, including profiling, whereby the right to object will not be exercisable, if there are legitimate legal grounds for the processing which override your interests, rights and freedoms, in particular the establishment, exercise or defence of legal claims.
- You have the right to file a complaint about the actions of the Controller to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
- Providing your data is voluntary, however, it is necessary to use the Website.
- In order to provide services under a concluded contract or for the purpose of direct marketing, activities involving automated decision-making, including profiling, may be undertaken in relation to you.
- Personal data is not transferred to third countries as defined by data protection laws. This means that it is not sent outside of the European Union.
5. Information included in the forms
- The Website collects information that was voluntarily provided by the user, including personal data if provided.
- The Website may save information about the connection parameters (time stamp, IP address).
- In some cases, the Website may save information to help associate the data on the form with the e-mail address of the user completing the form. In this case, the e-mail address of the user appears within the URL of the page containing the form.
- Data provided on the form is processed for the purpose resulting from the function of a particular form, e.g. for the purpose of processing a service request, commercial contact, service registration and more. The context and the description of the form always inform clearly about its function.
6. Controller logs
- Information about user activity on the Website may be subject to logging-in. Such data is used to administer the website.
7. Relevant marketing techniques
- The Operator uses a solution that automates the operation of the Website with respect to users, e.g. it may send an e-mail to a user who has visited a particular subpage, provided that they have given their consent to receive commercial correspondence from the Operator.
8. Information about cookies
- Cookie files (the so-called “cookies”) are IT data, in particular text files, which are stored in the Website user’s end device and are intended for the use of the Website. Cookies usually contain the name of the website from which they originate, their storage time on the end device and a unique number.
- The entity placing cookies on the Website user’s end device and accessing them is the Website operator.
- Cookies are used for the following purposes:
- maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on each subpage of the Website,;
- achieving the objectives set out above under “Relevant marketing techniques”.
- The Website uses two main cookie types: session cookies and persistent cookies. Session cookies are temporary files that are stored on the user’s end device until they log out, leave the website or disable the software (web browser). Persistent cookies are stored on the user’s end device for the time specified in the cookie file parameters or until the user deletes them.
- Most web browsing softwares (web browsers) allow storing cookies on the user’s end device by default. Website users may change that in the settings. Web browsers allow you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided in the help or documentation of the web browser.
- Cookies placed on the end device of the Website user may also be used by entities cooperating with the Website operator, in particular by: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA), Twitter (Twitter Inc. with its registered office in the USA).
9. Managing cookies – how to enable and disable cookies?
- If you do not wish to receive cookies, you can change your browser settings. Please note that disabling cookies that are essential for authentication, security and maintaining user preferences can make it difficult, and in extreme cases impossible, to use a website.
- To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:
- Mobile devices: