1. General information

1. 1. This policy applies to the Website operating at: emedway.pl.
   2. The Website operator and the Data Controller is: Medway Sp. z o.o., Inflancka 25, 61-132 Poznań
   3. Operator’s e-mail address: info@emedway.pl
   4. The Operator is the Controller of your personal data in relation to data provided on a voluntary basis on the Website.
   5. The Website uses personal data for the following purposes:
      1. Having online chats
      2. Handling requests sent using the form
      3. Presenting the offer or information
   6. The Website obtains information about users and their behaviour as follows:
      1. By data voluntarily provided in the forms, which are entered into the Operator’s systems.
      2. By recording cookies in end devices (the so-called “cookies”).

   2. Selected methods of data protection applied by the Operator

   1. The places where personal data is logged and entered are protected in the transmission layer (SSL certificate). Thanks to this, personal data and login details entered on the website are encrypted on the user’s computer and can only be read on the host server.
   2. The Operator changes its administrative passwords on a periodic basis.
   3. Updating all software used by the Operator to process personal data, which in particular means regular updates to programming components, on a regular basis, is an important element of data protection.

   3. Hosting

   1. The Website is hosted (technically maintained) on the servers of the following operator: dhosting.
   2. In order to ensure technical reliability, the hosting company maintains logs at the server level. The following information can be saved:
      1. resources specified in the URL (addresses of requested resources – pages, files),
      2. time of the request,
      3. time of sending the response,
      4. name of the client’s station – identification provided by the HTTP protocol,
      5. information on errors that occurred while implementing HTTP transactions,
      6. URL of the page previously visited by the user (referer link) – if the link was used to redirect the user to the Website,
      7. information about the user’s browser,
      8. information on the IP address,
      9. diagnostic information related to the process of self-ordering services via loggers on the website,
      10. information related to handling e-mails sent to the Operator and sent by the Operator.

   4. Your rights and additional information on how to use data

   1. In some situations, the Controller has the right to transfer your personal data to other recipients if this is necessary for performing an agreement concluded with you or for fulfilling the Controller’s obligations. This applies to the following groups of recipients:
      1. entrusted hosting company
      2. online chat service providers
      3. authorised employees and associates who use the data for the purpose of performing the purpose of the website
      4. companies providing marketing services to the Controller
   2. Your personal data is processed by the Controller no longer than it is necessary to perform the related activities specified in separate regulations (e.g. regulations on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
   3. You have the right to request from the Controller:
      1. access to your personal data concerning you,
      2. rectification of it,
      3. erasure of it,
      4. restriction of processing,
      5. and data portability.
   4. You have the right to object to the processing indicated in point 3.2 in relation to the processing of personal data in order to perform legitimate interests pursued by the Controller, including profiling; however, the right to object will not be exercised if there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
   5. You have the right to lodge a complaint about the Controller’s activities to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
   6. Providing personal data is voluntary, but necessary for the operation of the Website.
   7. Activities consisting of automated decision-making, including profiling for the purpose of providing services under the agreement concluded and for the purposes of the Controller’s direct marketing, may be undertaken towards you.
   8. Personal data is not transferred to third countries within the meaning of the provisions on personal data protection. This means that we do not send it outside the European Union.

   5. Information in forms

   1. The Website collects information provided voluntarily by the user, including personal data, if provided.
   2. The Website can save information on the connection parameters (time stamp, IP address).
   3. The Website may, in some cases, save the information facilitating the link between the data in the form and the e-mail address of the user who fills in the form. In such a case, the user’s e-mail address will appear inside the URL of the website containing the form.
   4. The data provided in the form is processed for the purpose resulting from the function of a given form, for instance, in order to process a service request or contact you in commercial matters, register services, etc. Each time, the context and the description of the form clearly indicate what they serve.

   6. Operator’s logs

   1. Information on users’ behaviour on the Website may be subject to logging. This data is used to administer the Website.

   7. Relevant marketing techniques

   2. The operator uses statistical analysis of the traffic on the website through Google Analytics (Google Inc. with its registered office in the USA). The operator does not transfer personal data to the operator; only anonymised information is transferred. The service is based on the use of cookies on the user’s end device. Within the scope of information on user’s preferences collected by the Google advertising network, the user can view and edit the information resulting from cookies using the following tool: https://www.google.com/ads/preferences/
   3. The operator uses remarketing techniques, allowing them to adjust advertising messages to the user’s behaviour on the website, which may make an impression that the user’s personal data is used to track the user, but in practice there is no transfer of any personal data from the Operator to advertising operators. From a technological point of view, such activities may only be taken if cookies are enabled.
   4. The operator uses the Facebook pixel. This technology means that Facebook (Facebook Inc. with its registered office in the USA) knows that the person registered in it uses the Website. In this case, it relies on the data for which it is the controller itself; the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.
   5. The Operator uses a solution that automates the operation of the Website with regard to users, e.g. capable of sending an e-mail to the user after a specific subpage has been visited, provided that they have agreed to receive commercial correspondence from the Operator.

   8. Information on cookies

   1. The Website uses cookies.
   2. Cookies are IT data, in particular text files, which are stored on the end device of the Website User and are intended for use on the Website pages. Cookies usually contain the name of the website from which they come, their storage time on the end device and a unique number.
   3. The entity placing cookies on the end device of the Website User and accessing them is the Website Operator.
   4. Cookies are used for the following purposes:
      1. maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on each page of the Website;
      2. implementing the objectives specified in the “Relevant marketing techniques” section above;
   5. The Website uses two basic types of cookies: “session cookies” and “persistent cookies”. Session cookies are temporary files stored on the User’s end device until they log out, leave the website or disable the software (web browser). Persistent cookies are stored on the User’s end device for a period specified in the parameters of cookies or until they are removed by the User.
   6. Web browsing software (web browser) usually allows cookies to be stored on the User’s end device by default. Website Users may change the settings in this respect. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this topic can be found in the help section or the documentation of the web browser.
   7. Restrictions on the use of cookies may affect certain functionalities available on the pages of the Website.
   8. Cookies placed on the end device of the Website User may also be used by entities cooperating with the Website Operator, in particular, the following companies: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA), Twitter (Twitter Inc. with its registered office in the USA).

   9. Managing cookies – how to express and withdraw consent in practice?

   1. If you do not want to receive cookies, you can change your browser settings. We reserve that if you disable cookies necessary for authentication processes, security and maintaining user preferences, this may hinder or, in extreme cases, prevent you from using websites.
   2. In order to manage cookies, select the web browser you use from the list below and follow the instructions:
      – Edge
      – Internet Explorer
      – Chrome
      – Safari
      – Firefox
      – Opera
      Mobile devices:
      – Android
      – Safari (iOS)
      – Windows Phone
   3. This policy template has been generated free of charge for information purposes based on our knowledge, industry practices and laws in force as of 2018-08-14. We recommend checking the policy template before using it on the website. The template is based on the situations most commonly occurring on websites, but it may not reflect the full and precise specificity of your website. Read the generated document carefully and, if necessary, adapt it to your situation or seek legal advice. We do not take responsibility for the consequences of using this document since only you have to know whether all the information contained therein is true. Please also note that the Privacy Policy, even the best one, is just one of the concerns about the personal data and privacy of the users on the website.