Privacy and cookie policy
for websites operating in the domain effectglass.eu
(hereinafter also referred to as “Privacy Policy”)

Effect Glass S.A. with its registered office in Kielce, as an entity managing websites operating in the domain “effectglass.eu” (hereinafter also referred to as “Effect Glass”), would like to inform you that it attaches particular importance to compliance with the regulations of personal data protection.

Our target is to ensure the security and protection of your personal data in accordance with the law, including (in particular) the Regulation of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data,  and repealing  Directive No. 95/46/EC (General Data Protection Regulation) – hereinafter also referred to as “GDPR”.

This Privacy is applicable to:
- Processing of personal data in connection with the use of the website: effectglass.eu by the user, including the use of services made available via this website (electronically),
- Processing of personal data in connection with complaints concerning the use of the website effectglass.eu by the user.

I. Personal data protection

What is personal data?
Personal data is all information about a natural person identified or identifiable via one or more specific factors that determine physical, physiological, genetic, mental, economic, cultural or society identity, including image, voice recording, location data, contact data, information contained in correspondence, information collected via recording equipment or other similar technology.

Personal data administrator.
We inform you that the controller of your personal data is:

Effect Glass S.A.
with its registered office in Kielce, Hauke-Bosaka 2 Street, 25-214 Kielce, phone: + 48 413482070, e-mail recepcja@effectglass.eu

Effect Glass S. A. publishes links to other websites on websites that operate in the domains: effectglass.eu. Effect Glass S.A. encourages all users to familiarise themselves with the regulations concerning the processing of their personal data and the principles related to cookies in force on websites, to which they are directed with the use of links on websites operated by Effect Glass S.A.


What can personal data be processed in connection with the use of the website?
The processing of your personal data in connection with your use of the website can take place, especially:

  • In connection with a complaint concerning the use of the website – personal data is required to submit and process a complaint,
  • Thanks to the provision of your personal data, Effect Glass S.A. can answer your questions,
  • In connection with the provision of personal data provided to Effect Glass S.A. via the recruitment form available on the following website: https://praca.effector.pl/ which is the subsite of Effect Glass S. A.,
  • In connection with saving data that may constitute personal data in system logs, i.e. software that saves and records actions and events connected with the functioning of the website. System logs of the website store: time of entering the website, IP, browser’s “user agent” and URL. This data is processed solely for the purpose of providing the user with access to the content of the website, as well as for administrative and technical purposes, including in order to ensure the security of the IT system,
  • In connection with the use of Google Analytics. Google Analytics is a tool used to conduct network analyzes - Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google”). Data collected with the use of this tool is used for analytical and statistical purposes in the scope of using the website and for the purposes of optimizing the use of the website by the user. Google Analytics takes advantage of cookies that are stored on your computer. Cookies enable an analysis of your use of the website. Google uses data from Google Analytics to provide measurement service of Google Analytics. Identifiers, e.g. cookies and application instance identifiers, are used to measure interactions of users with clients’ websites or applications. On the other hand, IP addresses are used to protect Google Analytics and inform clients where their users come from. Furthermore, Google may transfer this information to third parties as required by law or if third parties process this data on behalf of Google. IP address (sent through your browser in connection with the use of Google Analytics) is not linked to other Google’s data. By changing settings of your browser, you can prevent the storage of cookies. Additionally, you can prevent Google from recording data connected with the use of the website generated by cookies (including IP address) and processing this data by downloading and installation of the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout?hl=pl
    or https://chrome.google.com/webstore/detail/google-analytics-opt- out/fllaoiicoieclibmefodhfapmkghcbnh?hl=en
  • Within the framework of using Google Analytics, we also connect information about the activity of users on the website with the use of tags. Tags are small pieces of website’s code that enable (inter alia) measurement of traffic and behavior of users, connecting information on the effectiveness of on-line advertising and social media channel, using remarketing and targeting, as well as testing and improving the website.
  • In connection with the use of cookies other than Google Analytics cookies. Cookies are small text files containing data saved at the time of visiting the website. They are stored on users’ terminal equipment (e.g. computers). Cookies are intended for the use of websites. You can find more information about cookies in the section “Use of cookies on the website”.

Purpose and legal basis for the processing of personal data.

Personal data is processed by the Controller (Effect Glass S.A.):


a. To provide services – based on the premise of conclusion and performance of the contract for the provision of electronic services [Article 6 section 1 letter b) of the GDPR], in connection with Articles 18 and 19 of the Act on the provision of electronic services – provision of data for this purpose is voluntary, but necessary for the adequate provision of services via electronic means,

b. To answer questions asked by users,– based on the premise of conclusion and performance of the contract for the provision of electronic services [Article 6 section 1 letter b) of the GDPR] or based on the legitime interest of the personal data controller [Article 6 section 1 letter f) of the GDPR] - provision of data for this purpose is voluntary, but necessary to answer the question,


c. To deal with complaints - based on the premise of conclusion and performance of the contract for the provision of electronic services [Article 6 section 1 letter b) of the GDPR], in connection with Article 18 of the Act on the provision of electronic services - provision of data for this purpose is voluntary, but necessary for the adequate provision of services or based on the legitime interest of the personal data controller [Article 6 section 1 letter f) of the GDPR] - provision of data for this purpose is voluntary, but necessary to deal with the complaint,


d. For analytical and statistical purposes in the use of the website and for the purpose of optimizing the use of the website by the user - based on the legitime interest of the personal data controller [Article 6 section 1 letter f) of the GDPR] - provision of data for this purpose is voluntary, but necessary for analytical and statistical purposes and for optimizing the use of the website (it is the legitimate interest of the personal data controller).

e. To conduct the recruitment process:
- Based on the law and their provision is necessary to take part in the recruitment process (this applies to personal data indicated in the Labour Code – inter alia, your name and surname, professional experience, contact data, education); processing takes place as a part of the legal obligation incumbent of the Data Controller – pursuant to Article 6 section 1 letter c) of the General Data Protection Regulation (GDPR);
- Based on your voluntary consent to the processing of personal data that has not been identified in the Labor Code or other legal provisions (this applies, among others, to the following data: your image, interests), which were presented in your recruitment application, including CV, covering letter; provision of additional personal data does not affect the possibility of participating in the recruitment process and it does not cause any unfavorable treatment during the recruitment process; the processing takes place on the basis of Article 6 section 1 letter a) of the GDPR;

f. To conduct future recruitment processes in the event of consent to the processing of data for this purpose; the legal basis for the processing of your personal data as a part of future recruitments is Article 6 section 1 letter a) of the GDPR.

With whom do we share your personal data?
Within the limits determined by law, we may transfer your personal data to the following entities:
- Entities providing support or entities providing the Controller with IT systems, recruitment services, financial tools, entrepreneurs providing software delivery or maintenance services used to operate or manage websites, including tools for the analysis and construction of statistics concerning the use of website for our advisors, including legal advisers,
- Bodies and entities authorized to process this data on the basis of legal provisions.

 

Do we take advantage of the automated decision making?
Within the framework of the website, we do not use automated decision making (including profiling) within the meaning of Article 22 of the GDPR. If we decide to use such processes in the future, we will inform you about it.

 

Is data transferred to countries outside the EEA?
As a rule, personal data is not transferred outside the European Economic Area (EEA), with the exception of transfers that may take place in connection with the use of Google Analytics. However, in the case of Google Analytics, information about your use of the website is usually sent to Google’s servers in countries belonging to the European Economic Area in order to anonymize the IP address to exclude the possibility of associating it with a specific person. After anonymization, the shortened IP address is transferred to the Google server in the United States and stored there. The full IP address is transferred to the Google server in the United States and store there only in exceptional cases.

Simultaneously, we always make sure that the third country or recipient from this country guarantees the necessary level of data protection before transmitting personal data, in particular by:


a) Cooperation with entities, who process personal data in countries for which an adequate decision of the European Commission has been issued,


b) Use of standard contractual clauses issued by the European Commission,


c) Use of binding corporate regulations approved by the competent supervisory authority.


d) In the event of transferring data to the USA – cooperation with entities, who participate in the Privacy Shield program, approved by the Commission Implementing Decision (EU) No. 2016/1250 of 12 July 2016 on the adequacy of protection provided by the EU-US Privacy Shield (a list of US entities participating in this program is available at the following website: https://www.privacyshield.gov/list).

Google is a participant of the Privacy Shield.

Period of storage of personal data.
Period of personal data processing depends on the type of provided service and the purpose of processing.

In the case of data processing for the purpose of providing services, the data will be processed for the period of providing the service, and then (maximally) until time limitation of possible claims.

In the case of data processing in order to answer users’ questions submitted via contact forms available on the website, the data will be processed for the time necessary to answer the user’s question, and then (maximally) until time limitation of possible claims.

In the case of personal data processing for the purpose of processing a complaint, the data will be processed until the complaint is considered, and then (maximally) until time limitation of possible claims.

Data saved in cookies is stored for a time corresponding to the life cycle of cookies (saved on the user’s device). These periods were indicated in the section “Use of cookies on the website”.

Storage time for data collected by Google Analytics is 26 months.

 

You have the following rights.
According to the GDPR, you have the following rights:


1) Right to access the processed data – on this basis, the data subject is entitled to obtain information from the Data Controller about the processing of personal data – including about the purpose of processing, categories of processed personal data, legal basis for processing, planned period of processing and recipients, who receive this data – as well as to obtain a copy of personal data that is processed by the Data Controller,


2) Right to rectify data – on this basis, the data subject has the right to ask the Data Controller to rectify his or her incorrect personal data or supplement his or her incomplete personal data,


3) Right to delete data – on this basis, the data subject has the right to request an immediate deletion of his or her personal data in the event that personal data is no longer necessary to achieve the purposes, for which it was collected of if the data subject has withdrawn consent (being the only legal basis for processing) – this does not affect the lawfulness of processing made before the withdrawal of consent,


4) Right to limit processing – on this basis, the data subject has the right to ask the Data Controller to limit the processing, if:
- There is a probability of irregularities concerning personal data (until the Data Controller verifies their correctness),
- Processing is unlawful, and the data subject opposes the deletion of personal data (demanding the limitation of its use),
- The purpose of the processing of personal data by the Data Controller has ceased, but this data is necessary for the data subject to determine, pursue or defend claims,
- The data subject has objected to the processing of his or her personal data.


5) Right to transfer data – on this basis, the data subject (and the user, whose data is processed in an automated manner based on the consent of the person or the concluded contract) has the right to request the Data Controller to provide (in a commonly used readable format) his or her data or send this data to another controller (if there are technical possibilities in this respect),


6) Right to withdraw consent – if the processing is conducted on the basis of a consent, the consent may be withdrawn by the data subject at any time (however, this does not affect the lawfulness of the processing conducted prior to the withdrawal of consent),


7) Right to object – on this basis, the data subject has the right to object the processing of his or her data (conducted on the justified purpose of the Data Controller). The objection should include a justification, unless the Data Controller demonstrates the existence of overriding grounds for processing. However, if the objection concerns the processing of personal data for marketing purposes, there is no need to justify the objection. The Controller must comply with the objection.

In order to exercise your rights resulting from the provisions on the protection of personal data, you can contact the Controller:
a) In writing – to the correspondence address: Hauke-Bosaka 2 Street, 25-214 Kielce,
b) orally – phone number: + 48 41 348 20 70, or to the protocol at the seat of the company: Hauke-Bosaka 2 Street, 25-214 Kielce, or
c) by e-mail – to the e-mail address:recepcja@effectglass.eu or ochronadanychosobowych@effectglass.eu .

The right to lodge a complaint with a supervisory authority.
If the processing of personal data violates the provisions of the GDPR or other generally applicable provisions concerning the protection of personal data, the data subject may lodge a complaint with the President of the Office for Personal Data Protection.

 

II. Use of cookies on the website

In order to ensure the right functioning of the website and the provision of services at the highest possible level, the website uses the so-called cookies.
Cookies are small text files containing data saved at the time of visiting the website. They are stored on users’ terminal equipment (e.g. computers). Cookies are intended for the use of websites.

The website uses the following cookies:
- „persistent” – i.e. files that remain on the user’s device for the time specified in the cookie parameters or until they are manually removed by the user,
- „session” – i.e. temporary files that remain on the user’s device until the user logs out of the website or turns off the software (browser).

The website uses own cookies and third-party cookies – in connection with the use of Google Analytics.

The website takes advantage of the following types of cookies:

 

Cookie name

Cookie type

Standard cookie storage period

Use

_gat lub _dc_gtm_{property-id}

persistent

1 minute

Google Analytics file: it is used to limit the frequency of requests. If the Controller uses Google Tag Manager service, the cookie name will be changed to: _dc_gtm_{property-id}

_gid

persistent

1 day

Google Analytics: it is used to distinguish users and sessions.

_ga

persistent

2 years

Google Analytics file:  it is used to distinguish users and sessions.

_gcl_au

persistent

26 months

Google Ads file: it is used to examine conversion of users.

PHPSESSID

session

until the end of the visit

The file recognizes the user’s session during the visit on the website.

csrf-cookie

persistent

2 hours

The file is used to protect the content of forms. The file is used only by the CMS system.

PRIMEO_SM_

KEY

session

until the end of the visit

The file is used to support the CMS user cache. The file is used only by the CMS system.

logout-cookie

session

30 minutes

The file is used to store a timestamp, after which the user logs off (inactivity). The file is used only by the CMS system.

tree-element-

 

persistent

7 days

The file recognizes recently opened nodes in the CMS menu.  The file is used only by the CMS system.

library-last-

folder-library

persistent

1 year

The file recognizes the last opened folder in the CMS library.  The file is used only by the CMS system.

primeo-user,

primeo-page-

user

persistent

7 days

The file recognizes the user, who takes advantage of the “remember me” button.  The file is used only by the CMS system.

primeo-col-left-

closed

persistent

1 year

The file recognizes the parameter of closing the left menu.  The file is used only by the CMS system.

csrf-cookie-

name

persistent

2 hours

The file is used to protect the content of forms.  The file is used only by the CMS system.

article-content-

element

session

1 minute

The file recognizes the last viewed category of articles.  The file is used only by the CMS system.

- product- content-element

session

1 minute

The file recognizes the last viewed category of products.  The file is used only by the CMS system.

lock-back-href

session

1 minute

The file recognizes the user’s URL visited by the user – blocking this address and the need to redirect the user to another address.

The file is used only by the CMS system.

{form-id}

session

1 minute

The file saves in its content the identifier of the form for the purposes of protection against the cross-site request forgery phenomenon.  The file is used only by the CMS system.

last_page,

primeo-page-

logged-in-back,

primeo-page-

logged-out-back

session

1 minute

Files enable to generate a link to log in again – depending on the reason of logging out.  The file is used only by the CMS system.

dp-cookies

persistent

360 days

The file specifies whether to display to the user a message with information about cookies.

The file is used only by the CMS system.

It applies to the website: praca.effector.pl

dp-popup

session

until the end of the visit

The file specifies whether to display the popup to user.  The file is used only by the CMS system.

It applies to the website: praca.effector.pl

popup-

show

persistent

7 days

The file specifies whether to display the popup to user.  The file is used only by the CMS system.

It applies to the website: praca.effector.pl

tawkuuid

persistent

 

The file is connected with an on-line chat.

It applies to the website: praca.effector.pl

TawkConnectio

nTime

session

until the end of the visit

The file is connected with an on-line chat.

It applies to the website: praca.effector.pl


Cookies are used on our website on the basis of the consent expressed in accordance with Article 173 of the Telecommunications Law, Article 18 section 4 of the Act on the provision of electronic services and based on the legitimate interest of the personal data controller, in the form of analytical purposes in the use of the website and for the optimization of the use of the websites by the user.

If the user decides that he or she is not happy with the use of cookies in our website, he or she can disable their use through the appropriate software’s configuration (especially browser’s settings).

 
Moreover, the user can change the scope of file’s use at any time. It is also possible for the user to delete cookies saved on the end device (at any time) by our website.

 
The majority of web browsers accept cookies by default – cookies can be saved on the user’s end device. However, as indicated above, the user can change his or her cookie settings. These settings can be changed in various ways, inter alia, the browser can completely block cookies or send a warning before saving the cookie to the user’s end device.

 
For simplicity, an exemplary method of how to disable cookies in selected web browsers is presented below:

- In Internet Explorer, select “Tools > Internet Options > Privacy” in the main menu, and set the slider to the highest position.
- In Mozilla Firefox, select "Tools> Options> Privacy" in the main menu, and then activate the Firefox program field: "will use user settings". Cookies are selected by checking - or not - "Accept cookies" field.
- In Google Chrome, select in the main menu "Settings> Options> For advanced". In the "Privacy”, click the "Content settings" button and select "Block all”.
- In Opera, select in the main menu “Tool > Preferences > Advanced”. Cookies are selected by checking - or not - "Cookies" field.
- In Safari, select “Accept cookies”, and then select “Never”.
Detailed information can be found on the websites of manufacturers.

However, we would like to point out that restriction in the use of cookies may affect some of the functionalities available on our website.

This Privacy Policy is verified on an ongoing basis and updated (as necessary) in order to reflect any changes in the processing of personal data or use of cookies.

This Privacy Policy applies from 25 May 2018.