Privacy Policy

PRIVACY POLICY AND COOKIES POLICY

By using the website www.revactiv.com and the online store www.revactiv.com, you accept the following terms of the Privacy Policy and Cookies Policy.

As a User, please familiarize yourself with its provisions. The following table of contents will help you do so. It informs you how I care for User data, how I process it, to whom I entrust it, and many other important issues related to personal data. 

CONTENTS

TABLE OF CONTENTS 1

§1 GENERAL PROVISIONS 2

§2 DEFINITIONS 5

§3 PERSONAL DATA AND PRINCIPLES OF THEIR PROCESSING 6

WHO IS THE CONTROLLER OF THE USER'S PERSONAL DATA? 6

IS PROVIDING DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING IT? 6

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA PROVIDED WHILE USING THE WEBSITE? 7

RECRUITMENT 11

HOW IS DATA COLLECTED? 13

WHAT ARE USER RIGHTS? 14

CAN A USER WITHDRAW THEIR CONSENT? 16

DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES? 16

HOW LONG DO WE STORE USER DATA? 18

LINKS TO OTHER SITES 19

SOCIAL MEDIA ACTIVITIES – FACEBOOK 20

SOCIAL MEDIA ACTIVITIES – INSTAGRAM 21

SOCIAL MEDIA ACTIVITY – LINKEDIN 25

SOCIAL MEDIA ACTIVITY – YOU TUBE 27

DATA SECURITY 28

WHO CAN BE THE RECIPIENTS OF PERSONAL DATA? 29

HAVE WE APPOINTED A DATA PROTECTION OFFICER? 31

DO WE PROFILE USER DATA? 31

§4 FORMS 32

§5 DISCLAIMER AND COPYRIGHT 38

§6 TECHNOLOGIES 39

§7 COOKIE POLICY 40

§8 COOKIE CONSENT 49

§9 SERVER LOGS 49

§1 GENERAL PROVISIONS

This Privacy Policy and Cookie Policy defines the principles of processing and protecting personal data provided by Users and Cookies, as well as other technologies appearing on the website www.revactiv.com and in the online store under the name www.revactiv.com

The administrator of the website and personal data provided within it is REV ACTIV ALICJA MOSKALIK, ul. Leszczyńska 127, 61-417 Poznań, NIP 7792520249, conducting business activity under the name REV ACTIV ALICJA MOSKALIK, at ul. Leszczyńska 127, 61-417 Poznań, NIP: 7792520249 in accordance with the document generated from the Central Registration and Information on Business system

I care about the security of personal data and the privacy of Site Users. I am pleased that you have visited my Site. 

In case of any doubts regarding the provisions of this Privacy Policy and Cookies Policy, please contact the Administrator via e-mail: revactiv@gmail.com

The Administrator reserves the right to make changes to the privacy policy, and each User is obligated to be familiar with the current privacy policy. Changes may be due to: the development of internet technology, changes in generally applicable law, or the development of the Website through, for example, the Administrator's use of new tools. The date of publication of the current Privacy Policy is listed at the bottom of the page.

§2 DEFINITIONS

Administrator – REV ACTIV ALICJA MOSKALIK, ul. Leszczyńska 127, 61-417 Poznań, NIP 7792520249

User – any entity staying on the website and using it.

Website and/or Online Store – the website and online store located at www.revactiv.com.

User Account or Account – a User account set up on the online platform of the Online Store, enabling access to purchased training courses and products in accordance with the Store Regulations, which the User is obliged to accept when registering the Account.

Form or Forms – places on the Website that enable the User to enter personal data for the purposes indicated therein, e.g. for the purpose of sending a newsletter, placing an order, or contacting the User. 

Newsletter – means a free service provided electronically by the Administrator to the User by sending e-mails through which the Administrator informs about events, services, products, and other items important from the Administrator's point of view and/or for the purposes of pursuing the Administrator's legitimate purpose, which is direct marketing, including sending marketing and commercial content with the User's consent. Detailed information on sending the Newsletter can be found later in this privacy policy. 

GDPR – means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal Data Protection Act – the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws of 2018, item 1000, as amended).

Act on the provision of services by electronic means – Act of 18 July 2002 on the provision of services by electronic means (Journal of Laws of 2020, item 344, as amended).

Telecommunications Law Act – the Act of 16 July 2004, Telecommunications Law (Journal of Laws of 2021, item 576, as amended). 

§3 PERSONAL DATA AND RULES OF THEIR PROCESSING

WHO IS THE CONTROLLER OF THE USER'S PERSONAL DATA?

The administrator of the User's personal data is REV ACTIV ALICJA MOSKALIK, ul. Leszczyńska 127, 61-417 Poznań, NIP 7792520249 .

IS PROVIDING DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING IT?

Providing data is voluntary, however, failure to provide certain information, generally marked as mandatory on the Administrator's websites, will result in the inability to provide a given service and achieve a specific purpose or take specific actions.

The User's provision of optional data or excess data that the Controller does not need to process is based on the User's decision, and processing is then based on the premise set out in Article 6, paragraph 1, letter a of the GDPR (consent). The User consents to the processing of this data and to the anonymization of data that the Controller does not require or wish to process, but that the User has nevertheless provided to the Controller.

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA PROVIDED WHILE USING THE WEBSITE?

The User's personal data on the Administrator's Website may be processed for the following purposes and on the following legal bases:

  1. performing a service or performing a concluded contract, sending an offer (e.g. advertising) at the User’s request – pursuant to Article 6(1)(b) of the GDPR (necessity to conclude and/or perform a contract or taking action at the User’s request);
  2. issuing an invoice, bill and fulfilling other obligations arising from the provisions of tax law in the case of placing orders in the Online Store or other products and services - pursuant to Article 6 paragraph 1 letter c of the GDPR (obligation arising from the provisions of law);
  3. granting a discount or informing about promotions and interesting offers of the Controller or entities recommended by him – pursuant to Article 6 paragraph 1 letter a of the GDPR (consent);
  4. 4. storing unpaid orders - pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller);
  5. consideration of complaints or claims related to the contract – pursuant to Article 6(1)(b) of the GDPR (necessity to conclude and/or perform the contract) and pursuant to Article 6(1)(c) of the GDPR (obligation arising from legal provisions);
  6. establishing, pursuing or defending against claims – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller);
  7. telephone contact in matters related to the provision of the service – pursuant to Article 6(1)(b) of the GDPR (necessity to conclude and/or perform the contract);
  8. telephone contact for the purpose of presenting an offer and direct marketing – pursuant to Article 6(1)(a) of the GDPR (consent) and pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller), if you are already a client of the Controller;
  9. creating registers related to the GDPR and other provisions – pursuant to Article 6(1)(c) of the GDPR (obligation resulting from legal provisions) and Article 6(1)(f) of the GDPR (legitimate interest of the controller);
  10. archival and evidentiary purposes, for the purpose of securing information that may be used to prove facts – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller);
  11. analytical, consisting, among others, in the analysis of data collected automatically when using the website, including cookies, e.g. Google Analytics cookies, Facebook Pixel - pursuant to Article 6 paragraph 1 letter f of the GDPR (legitimate interest of the controller);
  12. use of cookies on the Website and its subpages – pursuant to Article 6(1)(a) of the GDPR (consent);
  13. managing the Website and the Controller’s websites on other platforms – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller);
  14. satisfaction surveys regarding the services offered – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller),
  15. the User posting an opinion on the services provided by the Administrator – pursuant to Article 6(1)(a) of the GDPR (consent),
  16. for the Controller's internal administrative purposes related to managing contact with the User , which is the legitimate interest of the Data Controller pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller),
  17. for the purpose of sending the newsletter – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller in processing data for direct marketing purposes) and pursuant to the Act on the provision of electronic services (consent),
  18. in order to tailor the content displayed on the Controller’s websites to individual needs and to continuously improve the quality of the services offered – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the Controller),
  19. for the purpose of direct marketing of own products or services or recommended third-party products to the User – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller),
  20. in order to operate the fanpage under the name REV ACTIV on Facebook and Instagram and to interact with users – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller) and Article 6(1)(a) of the GDPR (consent). 
  21. in order to operate the fanpage called revactiv on Instagram and TikTok and to interact with users – pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller) and Article 6(1)(a) of the GDPR (consent).
  22. 22. for the purpose of targeting advertising in social media and on websites, such as Facebook Leads Ads or Facebook Custom Audience, YouTube, and remarketing – pursuant to Article 6(1)(a) of the GDPR (consent) and Article 6(1)(f) of the GDPR (legitimate interest of the controller) consisting in the promotion and advertising of the Controller's services through remarketing directed to persons subscribed to mailings or visitors to a given website),
  23. in order to store comments on the Website – pursuant to Article 6(1)(a) of the GDPR (consent).
  24. for the purpose of recruitment – pursuant to Article 6(1)(b) of the GDPR (contract), Article 6(1)(a) of the GDPR and Article 9(2)(a) (consent) and pursuant to Article 6(1)(f) of the GDPR (legitimate interest of the controller). 

The User's provision of optional data or excess data that the Controller does not need to process is based on the User's decision, and processing is then based on the premise set out in Article 6, paragraph 1, letter a of the GDPR (consent). The User consents to the processing of this data and to the anonymization of data that the Controller does not require or wish to process, but that the User has nevertheless provided to the Controller.

HOW IS DATA COLLECTED?

Only data that the user provides is collected and processed (except – in certain situations – data collected automatically using cookies and login data, as described below). 

During a visit to the website, data relating to the visit itself is automatically collected, such as the user's IP address, domain name, browser type, operating system type, etc. (login data). This automatically collected data may be used to analyze user behavior on the website, gather demographic data about users, or personalize the website content to improve it. However, this data is processed solely for the purposes of website administration, ensuring efficient hosting, or targeting marketing content, and is not associated with individual user data. You can read more about cookies later in this policy. 

Data may also be collected for the purpose of completing forms on the Website, as discussed later in the privacy policy. 

Information society services 

The Administrator does not collect data from children. Users must be at least 16 years of age to consent to the processing of their personal data for the purpose of providing information society services, including for marketing purposes, or obtain the consent of their legal guardian (e.g., a parent). 

If the User is under 16 years of age, he/she should not use the Website and the website www.revactiv.com.

The Administrator is entitled to make reasonable efforts to verify whether the user meets the age requirement referred to above or whether the person having parental authority or guardianship over a User under 16 years of age has given or approved such consent. 

WHAT ARE USER RIGHTS?

The User has the rights set out in Articles 15-21 of the GDPR at any time, i.e.: 

  • the right to access the content of his data, 
  • the right to data portability, 
  • the right to correct data,
  • the right to rectify data, 
  • the right to delete data if there are no grounds for their processing,
  • the right to limit processing if it was carried out incorrectly or without legal basis, 
  • the right to object to data processing based on the legitimate interest of the controller, 
  • the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (under the principles set out in the Personal Data Protection Act), if he or she considers that the processing of his or her data is inconsistent with the currently applicable data protection laws. 
  • the right to be forgotten if further processing is not provided for by the currently applicable law.

The Administrator notes that these rights are not absolute and do not apply to all processing of the User's personal data. This applies, for example, to the right to obtain a copy of the data. This right must not adversely affect the rights and freedoms of others, such as copyright or professional secrecy. For information on the limitations of User rights, please refer to the GDPR. 

However, the user always has the right to lodge a complaint with the supervisory authority. 

To exercise their rights, the User may contact the Controller by email at revactiv@gmail.com or by mail at the Controller's business address, if provided in this privacy policy, specifying the scope of their request. A response will be provided no later than 30 days from the date of receipt of the request and its justification, unless an extension of this period is justified in accordance with the GDPR. 

CAN A USER WITHDRAW CONSENT?

 If the User has consented to a specific activity, such consent may be withdrawn at any time, which will result in the removal of the email address from the Administrator's mailing list and the cessation of the indicated activities (in the case of subscription based on consent). Withdrawal of consent does not affect the processing of data based on consent before its withdrawal. 

In some cases, data may not be completely deleted and will be retained for the purpose of defending against possible claims for a period of time in accordance with the provisions of the Civil Code or, for example, to fulfil legal obligations imposed on the Controller.

Each time, the Administrator will respond to the User's request, appropriately justifying further actions resulting from legal obligations. 

DO WE TRANSFER USER DATA TO THIRD COUNTRIES?

User data may be transferred outside the European Union – to third countries.

Due to the fact that the Controller uses external service providers, such as Meta Platforms Ireland Limited (Facebook and its subsidiaries), hereinafter referred to as Meta or Facebook, Google, Microsoft, etc., User data may be transferred to the United States of America (USA) in connection with its storage on US servers (in whole or in part). Google and Facebook apply compliance mechanisms provided for by the GDPR (e.g., certificates) or standard contractual clauses in relation to their services. Data will only be transferred to recipients who guarantee the highest level of data protection and security, including through:   

  1. cooperation with entities processing personal data in countries for which an appropriate decision of the European Commission has been issued, 
  2. the use of standard contractual clauses issued by the European Commission (as is the case with Google, for example), 
  3. application of binding corporate rules approved by the relevant supervisory authority, 

or those to which the User has consented.

Detailed information is available in the privacy policies of each service provider, available on their websites. For example:

Google Ireland Limited      : https://policies.google.com/privacy?hl=pl

Meta Platforms Ireland Limited    .: https://www.facebook.com/privacy/explanation

UAB MailerLite: https://www.mailerlite.com/legal/privacy-policy

Currently, services offered by Google and Meta are primarily provided by entities located in the European Union. However, you should always review the privacy policies of these providers for the most up-to-date information regarding personal data protection. MailerLite may store some data in the United States or use service providers from that country, but the data is primarily processed in the European Union. 

HOW LONG DO WE STORE USER DATA?

User data will be stored by the Administrator for the duration of the implementation of individual services/achievement of goals and:

  1. for the period of service provision and cooperation, as well as for the limitation period for claims in accordance with legal provisions – in relation to data provided by contractors and customers or Users,
  2. for the period of talks and negotiations preceding the conclusion of the contract or the provision of the service – in relation to the data provided in the request for quotation,
  3. for the period required by law, including tax law – in relation to personal data related to the fulfillment of obligations arising from applicable provisions,
  4. until an effective objection is lodged pursuant to Article 21 of the GDPR – in relation to personal data processed on the basis of the legitimate interest of the controller, including for direct marketing purposes,
  5. until consent is withdrawn or the purpose of processing, or the business purpose, is achieved – in relation to personal data processed on the basis of consent. After consent is withdrawn, the data may still be processed to defend against potential claims in accordance with the limitation period for such claims or a (shorter) period indicated to the User,
  6. until they become outdated or no longer useful – in relation to personal data processed mainly for analytical and statistical purposes, the use of cookies and the administration of the Administrator's Websites,
  7. for a maximum period of 3 years in the case of persons who unsubscribed from the newsletter in order to defend against possible claims (e.g. information on the date of subscription and date of unsubscribing from the newsletter, the number of newsletters received, actions taken and activity related to the messages received), or after a period of 1 year of no activity by a given subscriber, e.g. not opening any message from the Controller.

Data retention periods indicated in years are calculated at the end of each year in which data processing commenced. This is intended to streamline data processing and management.

Detailed periods of personal data processing relating to individual processing activities can be found in the Controller's register of processing activities. 

LINKS TO OTHER SITES

The Website may contain links to other websites. These will open in a new browser window or within the same window. The Administrator is not responsible for the content provided by these websites. Users are required to familiarize themselves with the privacy policies or terms and conditions of these websites.

SOCIAL MEDIA ACTIVITIES – FACEBOOK

The Administrator administers the User's data on the fanpage under the name REV ACTIV on Facebook (hereinafter referred to as the Fanpage). 

The User's personal data provided on the Fanpage will be processed for the purpose of administering and managing the Fanpage, communicating with the User, interacting with them, sending marketing content to the User and creating the Fanpage community.

The basis for their processing is the User's consent and the Administrator's legitimate interest in interacting with Users and Followers of the Fanpage. The User voluntarily decides to like/follow the Fanpage.

The rules governing the Fanpage are established by the Administrator, however, the rules for staying on the Facebook social networking site result from Facebook's regulations. 

The User may unfollow the Fanpage at any time. However, the Administrator will not then display any content to the User from  from the Administrator and related to the Fanpage. 

The Administrator sees the User's personal data, such as their name, surname, and general information that the User posts publicly on their profiles. Other personal data is processed by the Facebook social network and in accordance with its terms and conditions. 

The User's personal data will be processed for the duration of the Fanpage's operation/existence based on the consent expressed by liking/clicking "Follow" the Fanpage or interacting, e.g. leaving a comment, sending a message, and for the purpose of pursuing the legitimate interests of the Administrator, i.e. marketing of own products or services or defense against claims. 

The User's personal data may be shared with other data recipients, such as Facebook, cooperating advertising agencies or other subcontractors operating the Administrator's Fanpage, IT services, or virtual assistants, if contact occurs outside of Facebook. 

Other User rights are described in this Privacy Policy.

User data may be transferred to third countries in accordance with Facebook's regulations.

These data may also be profiled, which helps to better personalize the advertising offer addressed to the User.  However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

Facebook privacy policy:

https://www.facebook.com/privacy/explanation

 

SOCIAL MEDIA ACTIVITIES – INSTAGRAM

The Administrator manages the User's data on the profile page under the name revactiv available at the URL: https://www.instagram.com/revactiv/  on Instagram (hereinafter referred to as the Profile). 

The User's personal data provided in the Profile will be processed for the purpose of administering and managing the Profile, communicating with the User, interacting with them, sending marketing content to the User and creating a Profile community.

The basis for their processing is the User's consent and the Administrator's legitimate interest in interacting with Users and Profile Followers. The User voluntarily decides to like/follow the Profile.

The rules governing the Profile are established by the Administrator, however, the rules for staying on the Instagram social networking site result from the Instagram regulations. 

The User may unfollow the Profile at any time. However, the Administrator will not then display any content to the User from  from the Administrator and related to the Profile. 

The Administrator sees the User's personal data, such as their name, surname, and general information that the User posts publicly on their profiles. Other personal data is processed by the Instagram social network and in accordance with its terms and conditions. 

The User's personal data will be processed for the duration of the Profile's operation/existence based on the consent expressed by liking/clicking "Follow" the Profile or interacting, e.g. leaving a comment, sending a message, and for the purpose of pursuing the legitimate interests of the Administrator, i.e. marketing of own products or services or defense against claims. 

The User's personal data may be shared with other data recipients, such as cooperating advertising agencies or other subcontractors servicing the Administrator's Profile, IT services, or virtual assistants, if contact occurs outside of Instagram. 

Other User rights are described in this Privacy Policy.

User data may be transferred to third countries in accordance with Instagram's terms and conditions.

This data may also be profiled, which helps to better personalize advertising offered to the User. However, it will not be processed in an automated manner within the meaning of the GDPR (which would negatively impact the User's rights and freedoms).

Instagram Privacy Policy:

https://help.instagram.com/519522125107875

SOCIAL MEDIA ACTIVITY – TIK TOK

The Administrator manages the User's data on the profile page under the name revactvi available at the URL: https://www.tiktok.com/@revactiv on the TikTok website (hereinafter referred to as the Profile). 

The User's personal data provided on the Profile on the Tik Tok website will be processed for the purposes of administering and managing the account, communicating with the User, interacting with them, sending marketing content to the User and creating a community.

The basis for their processing is the User's consent and the Administrator's legitimate interest in interacting with Users and Profile Followers on Tik Tok. The User voluntarily decides to like content/follow a Tik Tok account.

The rules governing the Profile on the Tik Tok website are established by the Administrator, however, the rules of staying on the Tik Tok social networking site result from the Tik Tok regulations. 

The User may unfollow the Administrator's Tik Tok Profile at any time. However, the Administrator will then no longer display to the User any content from the Administrator related to the Profile. 

The Administrator sees the User's personal data, such as their name, surname, and general information that the User posts publicly on their profiles. The processing of other personal data is performed by the Tik Tok social network and in accordance with the terms and conditions set forth in its regulations. 

Tik Tok and the Administrator have the status of Joint Controllers in the scope of activities related to the implementation of common economic goals within the framework of personal data processing, including the use of the Tik Tok portal plug-in on the Website, and the processing of data of persons visiting the Profile.

The User's personal data will be processed for the duration of the Tik Tok account's operation/existence based on consent expressed by liking the content/clicking "Follow" or interacting, e.g. leaving a comment, sending a message, and for the purpose of pursuing the legitimate interests of the Administrator, i.e. marketing of own products or services or defense against claims. 

The User's personal data may be shared with other data recipients, such as the Tik Tok portal, cooperating advertising agencies or other subcontractors servicing the Administrator's Tik Tok account, IT services, virtual assistants, if contact occurs outside the Tik Tok portal. 

Other User rights are described in this privacy policy.

User data may be transferred to third countries outside the European Economic Area in accordance with Tik Tok's terms and conditions. Tik Tok uses compliance mechanisms in the form of standard contractual clauses adopted by the European Commission.

When using the Tik Tok portal, data will not be profiled and will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

The Administrator recommends that you read the privacy policy of the Tik Tok portal:

https://www.tiktok.com/legal/privacy-policy?lang=pl

DATA SECURITY 

Users' personal data are stored and protected with due diligence, in accordance with the Administrator's implemented internal procedures. The Administrator processes User information using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular personal data protection regulations. These measures are primarily intended to protect Users' personal data from unauthorized access. 

In particular, only authorized persons who are obliged to keep such data confidential or entities entrusted with the processing of personal data on the basis of a separate data processing agreement have access to Users' personal data.

At the same time, the User should exercise due diligence in securing his/her personal data transmitted via the Internet, in particular not to disclose his/her login details to third parties, use anti-virus protection and update the software. 

WHO CAN BE THE RECIPIENTS OF PERSONAL DATA?

The Administrator informs that it uses the services of external entities. Entities entrusted with the processing of personal data (such as courier companies, electronic payment intermediaries, accounting companies, and newsletter companies) guarantee the use of appropriate personal data protection and security measures required by law, in particular the GDPR.

The Administrator informs the User that he entrusts the processing of personal data to, among others, the following entities:

  1. home.pl – to store personal data on the server,
  2. home.pl – to create landing pages and collect leads,
  3. Accounting Services Office "Buchalter" Sp. K. – for the purpose of issuing accounting documents,
  4. PayPro SA – to operate the payment system and electronic transactions,
  5. Google.pl – to use Google services, including e-mail,
  6. home.pl – for the purpose of operating the domain and mail server,
  7. other contractors or subcontractors engaged in technical or administrative support or to provide legal assistance to the Controller and its clients, e.g. accounting, IT, graphic design, copywriting assistance, debt collection companies, lawyers, etc.

Personal data may also be made available to other recipients, including offices such as the tax office, in order to fulfill legal and tax obligations related to settlements and accounting.

Entities that process personal data, such as the Controller, ensure compliance with European standards in the field of personal data protection, including standards set by legal acts and decisions of the European Commission, and apply compliance mechanisms also when transferring data outside the EEA, among others in the form of standard contractual clauses adopted by the European Commission Decision 2021/915 of 4 June 2021 on standard contractual clauses between controllers and processors pursuant to Article 28(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council and Article 29(7) of Regulation (EU) 2018/1725 of the European Parliament and of the Council https://eur-lex.europa.eu/legal-content/PL/TXT/PDF/?uri=CELEX:32021D0915&from=PL . 

HAVE WE APPOINTED A DATA PROTECTION OFFICER?

The Personal Data Controller hereby informs that he has not appointed a Personal Data Protection Officer (DPO) and performs his duties related to the processing of personal data independently.

The User acknowledges that his or her personal data may be transferred to authorized state authorities in connection with proceedings conducted by them, at their request and after fulfilling the conditions confirming the necessity of obtaining such data from the Administrator.

DO WE PROFILE USER DATA?

The User's personal data will not be used for automated decision-making that affects the User's rights, obligations or freedoms within the meaning of the GDPR. 

As part of the website and tracking technologies, User data may be profiled, which helps to better personalize the company's offerings to the User (primarily through behavioral advertising). However, this should not have any impact on the User's legal situation, in particular the terms of the contracts they have concluded or intend to enter into. It may only help to better tailor content and targeted advertising to the User's interests. The information used is anonymous and is not associated with personal data provided by the User, for example, during the purchase process. It results from statistical data, such as gender, age, interests, approximate location, and behavior on the Website. 

Every User has the right to object to profiling if it would have a negative impact on the User's rights and obligations.

If you want to learn more about behavioral advertising, click here: https://www.youronlinechoices.com/pl/o-reklamie-behawioralnej

§4 FORMS

The Administrator uses the following types of forms within the Website:

  1. Contact form – allows you to send a message to the Administrator and contact him electronically.  Personal data in the form of name, surname, e-mail address and data provided in the content of the message are processed by the Administrator in accordance with this Privacy Policy in order to contact the User.

After contact with you ends, your data may be archived, which is the Controller's legitimate interest. The Controller is unable to specify the exact period of archiving, and therefore the deletion of messages. However, the maximum period will not exceed the limitation periods for claims arising from legal provisions. 

  1. The system's comment form allows you to leave comments. All data in the comment form is provided voluntarily by the user if they wish to leave a comment. By submitting a comment, they consent to the processing of this data. These include: first name, last name, and email address. Some data marked as mandatory must be entered. 

Providing an email address is mandatory and is used solely for spam prevention and/or displaying the User's avatar. It is not shared with third parties.

The Administrator is not responsible for the content of comments posted by readers of the Website and blog. The Administrator reserves the right to refrain from posting comments that are spammy, offensive, contain vulgar or offensive phrases, illegal content, or contain any links to other websites posted without his consent. 

  1. Order form in the Store – When placing an order in the Administrator’s online store, you must provide certain data in accordance with the rules contained in the sales regulations in order to fulfill the order, fulfill the legal obligations imposed on the Administrator, settle accounts, process claims, for statistical and archival purposes, as well as for direct marketing towards customers, which is the legitimate interest of the Administrator. 

These primarily include: first name, last name, company name, Tax Identification Number (NIP), residential address or company headquarters, delivery address (if applicable), and email address. If you already have a user account in the store, simply enter your login (or email address) and password, log in to your account, and then complete the next steps related to your order. 

The Administrator stores data for the duration of the order or service, and after its completion for the period necessary to protect against claims. In addition, for the period specified by law, such as tax law (including the invoice retention period). 

  1. Complaint and withdrawal form in the REV ACTIV online store – If you use the Administrator's services or products, you can file a complaint or withdraw from the concluded contract. To this end, the Administrator allows you to complete the complaint and withdrawal forms attached to the sales terms and conditions. You can also do this without completing the form, provided you provide the required information. 

The required data in this case is: first name, last name or user name, home address or company address (if the order was placed on behalf of the company), e-mail address, telephone number (if applicable), bank account number (if a refund is necessary). 

Providing your data is voluntary, but necessary to process your complaint in accordance with applicable law and our sales regulations. Your data will be stored for the purpose of handling complaints/withdrawal procedures.  and for archival purposes and defense against claims. 

  1. Registration form for creating a User account in the online store – the User has the option of creating an account in the online store and for this purpose should complete the appropriate registration and provide the following data: name, surname, e-mail address, home address, company headquarters address, Tax Identification Number, and then password. 

Account creation is conducted according to the terms and conditions set out in the sales regulations and is a service provided electronically. Rules for maintaining the account and its possible deletion are set forth in the regulations. 

Data marked as such is mandatory, and without providing it, you will not be able to create a user account. Providing other data is voluntary. 

The Administrator may entrust the processing of personal data to third parties without the User's separate consent (based on an entrustment agreement). Data obtained from forms may not be transferred to third parties.

 If the User uses the services of external providers, such as Google or Disquis, he or she should read their privacy policies, available from the providers of these services on their websites.

§5 DISCLAIMER AND COPYRIGHT

  1. The content presented on the Website does not constitute advice or specialist guidance (e.g., educational) and does not address specific factual circumstances. If the User wishes to obtain assistance in a specific matter, they should contact a person authorized to provide such advice or the Administrator using the contact details provided. The Administrator is not responsible for the use of the content contained on the Website or for any actions or omissions taken based on it. 
  2. All content posted on the Website is subject to copyright of specific individuals and/or the Administrator (e.g., photos, text, other materials, etc.). The Administrator does not consent to the copying of this content, in whole or in part, without his express prior consent. 
  3. The Administrator hereby informs the User that any dissemination of content provided by the Administrator constitutes a violation of the law and may result in civil or criminal liability. The Administrator may also seek appropriate compensation for material or immaterial losses in accordance with applicable law.
  4. The Administrator is not responsible for the use of materials available on the website in an unlawful manner.
  5. The content on the Website is current as of the date of its posting, unless otherwise indicated. 

§6 TECHNOLOGIES

In order to use the Administrator's website, it is necessary to have:

  1. Devices with Internet access
  2. An active email inbox that receives emails
  3. A web browser that allows you to display websites
  4. Software enabling reading of content in the presented formats, e.g. pdf, video, mp3, mp4.

§7 COOKIE POLICY

  1. Like most websites, the Administrator's Page uses so-called tracking technologies, i.e. cookies, which enable the website to be improved to meet the needs of its visitors.
  2. The website does not automatically collect any information, except for information contained in cookies.
  3. Cookies are IT data, small text files that are stored on your end device, e.g. computer, tablet, smartphone, when you use my Website.
  4. These may be first-party cookies (originating directly from my website) and third-party cookies (originating from websites other than my website).
  5. Cookies allow me to tailor the content of my website to the individual needs of the user and other users visiting it. They also enable the creation of statistics that show how users use the site and how they navigate it. This allows me to improve my website, its content, structure, and appearance.
  6. The Administrator uses the following third-party cookies on the Website:
  1. Facebook Conversion Pixel and ads created through Facebook's Facebook Ads (Facebook Custom Audiences) portal – to manage Facebook ads and conduct remarketing activities, which is the Administrator's legitimate interest. The Administrator may also target advertising content to the User through Facebook.      as part of contact advertising.   

The Facebook Pixel tool is provided by    Meta Platforms Ireland Limited      . and her      Affiliated companies. This analytical tool helps measure the effectiveness of advertising, shows what actions Website Users take, and helps reach specific groups of people (Facebook Ads, Facebook Insights). The Administrator can also direct advertising content to Users via Facebook as part of lead advertising.   

The administrator may also conduct remarketing  pursuant to Article 6 paragraph 1 letter f of the GDPR (the legitimate interest of the administrator, consisting in the promotion and advertising of services directed to persons who have agreed to the sending of offers (or persons similar to them or to users who have liked the Fanpage) in such a way that the provided e-mail addresses are uploaded to the marketing tool offered by      Meta Platforms Ireland Limited, the so-called ad manager, and then they are directed to ads created by the Administrator or authorized persons through the Administrator's advertising account, provided that these persons are also users of the Facebook platform (they have an account there). Each time, this data is deleted after the end of the advertising campaign. In the case of another advertising campaign, an updated contact database is uploaded to the tool. Detailed information about so-called custom audiences, the principles of data hashing and processing of this data can be found in the Facebook privacy policy at the following links: https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com/legal/terms/dataprocessing, and the Administrator recommends that each User familiarize themselves with these principles. 

The information collected through the use of the Facebook Pixel is anonymous and does not identify the user. It displays general user data: location, age, gender, and interests. Facebook may combine this information with information the user provides through their Facebook account and then use it for its own purposes. 

The Administrator recommends that you familiarize yourself with the details related to the use of the Facebook Pixel tool and, if necessary, ask the tool provider questions, as well as manage your privacy settings on Facebook. More information can be found at the following link: https://www.facebook.com/privacy/explanation. You can opt out of cookies at any time.  cookies responsible for displaying remarketing ads, e.g. on https://www.facebook.com/help/1075880512458213/. 

By using the website, the user consents to the installation of the indicated cookie on his/her end device. 

  1. Embedded Google Analytics code – for the analysis of website statistics. Google Analytics uses its own cookies to analyze the actions and behavior of website users. These cookies store information, such as which website brought the user to the current page. They help improve the website.
  2. This tool is used under an agreement with Google Ireland Limited and is provided by Google LLC. Actions undertaken in connection with the use of the Google Analytics code are based on the Controller's legitimate interest in creating and using statistics, which then enables the Controller to improve its services and optimize the Website.

When using the Google Analytics tool, the Administrator does not process any User data that would enable his or her identification. 

The Administrator recommends that you familiarize yourself with the details related to the use of the Google Analytics tool, the possibility of disabling the tracking code and, if necessary, ask the provider of this tool any questions at the following link: https://support.google.com/analytics#topic=3544906 . 

  1. Web push notifications from the browser level – in order to better communicate with the User and to provide him/her with valuable content or offers faster, the Administrator allows you to consent to receiving web push notifications from the User's browser level. 

To consent to receiving web push notifications, the User should select the "display notifications" or other similar option in the message sent by his/her web browser (each browser may name this option differently). 

Consent to receiving these notifications may be withdrawn at any time by changing the User's web browser settings. The Administrator does not process any personal data of Users using web push notifications. Users are identified solely based on information stored by their web browsers, to which the Administrator has no access.

  1. Plugins directing to social media , e.g. Facebook, Instagram, TikTok

After clicking on a given plug-in icon, the user is redirected to the website of the external provider, in this case the owner of the given social networking site, e.g., Facebook. They can then click "Like" or "Share" to like the Administrator's Facebook fan page or directly share its content (post, article, video, etc.). 

The Administrator recommends reviewing Facebook's privacy policy before creating an account on this site. The Administrator has no influence on the data processed by Facebook. From the moment the User clicks on the social media plugin button, personal data is processed by the social media platform, e.g., Facebook, which becomes the controller and determines the purposes and scope of their processing. Cookies left by the Facebook plugin (or other third parties) may also be installed on the User's device after entering the Site and then associated with data collected on Facebook. By using the Site, the User accepts this fact. The Administrator has no influence on the processing of data by third parties in this manner. 

The above tips should also apply to the operation of: 

Facebook – fanpage located at the URL: https://www.facebook.com/revactiv, 

Profile on the social networking site Instagram, located at the URL: https://www.instagram.com/revactiv/

  1. Tools for assessing the effectiveness of Google Ads advertising campaigns – in order to conduct advertising and remarketing campaigns, which is the legitimate interest of the Controller.

The Administrator does not collect any data that would allow for the identification of the User's personal data. The Administrator recommends reviewing Google's privacy policy to learn more about how these features work and how to disable them from the User's browser.

  1. Cookies used to recover abandoned shopping carts and User activity on the online store website,

in order to send advertising communication to the User related to the unfinished order, which is a legitimate interest of the Administrator. 

  1. Content from portals and websites of external providers,

The Administrator may embed content from third-party portals, services, blogs, and other websites on the Website. In particular, this may include videos from YouTube or Vimeo, and audio recordings from SoundCloud.

These third parties may record certain data about the content playbacks made by the User.

If you don't want this to happen, log out of the website (if you have an account there and are logged in) before visiting my Website or refrain from viewing the content on the Website. You can also change your browser settings to block certain content from being displayed to you from certain websites.

By playing recordings available on SoundCloud, you are using the services provided by SoundCloud, which is an independent entity providing services to Users electronically. Details regarding the processing of personal data by SoundCloud are provided in the privacy policy of that website:  https://soundcloud.com/pages/privacy and cookie policy: https://soundcloud.com/pages/cookies , as well as terms and conditions: https://soundcloud.com/terms-of-use .

YouTube

YouTube is operated by Google Ireland Limited and allows you to play videos located on the Administrator's websites. YouTube may save cookies on your device about video playbacks and assign them to your YouTube account if you are logged in. 

By using recordings posted on YouTube, the User is using services provided electronically by Google Ireland Limited. Details regarding the processing of personal data by YouTube are provided in the Privacy Policy and Terms of Service of that website:  https://policies.google.com/privacy and https://www.youtube.com/t/terms .

  1. Affiliate links and affiliate programs

The Administrator's Website may contain affiliate links to specific third-party products or services. This is a method of monetizing the content on the Website, which is generally provided free of charge. Clicking on a link will not incur any fees. If you navigate to a third-party website by clicking on an affiliate link and purchase a product, I may receive a commission. By using the Website, you consent to the use of cookies in this regard. 

The Website may also feature advertising windows featuring third-party products, as part of Google AdSense. The Administrator hereby declares that it has no influence on the content or appearance of these advertisements, which are determined by the provider's algorithm, in this case Google Ireland Limited.    You can modify your ad settings and personalization directly in your browser by visiting: https://adssettings.google.com/authenticated . 

  1. Yandex metrica analytical tool

This tool is used for analytical purposes, improving and optimizing the Administrator's Website and Online Store. It collects data related to User activity on the Website and navigation within the Website. This activity is then recorded in video format, and the Administrator can play it back to analyze User behavior (movements on the website, mouse clicks, time spent on the website, exits, and visits to individual subpages). As part of this activity, the Administrator does not obtain any information that would allow for your identification. For this purpose, the Website contains a special Yandex tracking code that uses Yandex cookies. You can disable it at any time by changing your browser settings. 

Yandex Metrica is represented by the European Union entity Yandex Oy, Moreenikatu 6, 04600 Mantsala, Finland. 

If the User wants to learn more about the privacy protection and processing of personal data by Yandex Metrica, the Administrator recommends reading the privacy policy here: https://yandex.com/legal/confidential/index.html .

  1. The Administrator once again recommends that you read the privacy policy of each of the providers of the above services in order to learn about the possibilities of making changes and settings that ensure the protection of the User's rights.
  2. The website uses two types of cookies: session cookies, which are deleted when you close your browser, log out or leave the website, and persistent cookies, which are stored on your end device, which allows your browser to be recognized the next time you visit the website, for the time specified in the cookie parameters or until you delete them.
  3. In many cases, web browsing software (web browser) allows cookies to be stored on the user's end device by default. Website users can change their cookie settings at any time. These settings can be changed, in particular, to block the automatic handling of cookies in the web browser settings or to notify the user each time they are placed on the device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.
  4. 10. The Administrator informs that restrictions on the use of cookies (disabling them, limiting them) may affect some functionalities available on the Website and hinder its operation. 
  5. 11.More information about cookies is available at      http://wszystkoociasteczkach.pl/ or in the "Help" section in the web browser menu.

§8 COOKIE CONSENT

When you first enter the Site You must consent to cookies or take other possible actions indicated in the message to continue using the Site's content. By using the Site, you consent to them.  If you do not wish to consent to this, please leave the Site. You can also always change your browser settings to disable or delete cookies. In the "help" section of  the necessary information is available in the User's browser. 

§9 SERVER LOGS

  1. Using the Website involves sending queries to the server on which the Website is stored.
  2. Every query sent to the server is recorded in server logs. The logs include, among other things, the User's IP address, server date and time, and information about the web browser and operating system used by the User.
  3. Logs are saved and stored on the server.
  4. Server logs are used to administer the Website, and their content is not disclosed to anyone other than persons and entities authorized to administer the server.
  5. The Administrator does not use server logs in any way to identify the User. 

Date of publication of the Privacy Policy: 02/08/2023

Last updated: 02/08/2023

COOKIES Policy

  1. The store does not automatically collect any information, except for information contained in cookies.
  2. Cookies (so-called "cookies") are computer data, specifically text files, stored on the Store User's end device and intended for use with the Store's websites. Cookies typically contain the name of the website they originate from, the duration of their storage on the end device, and a unique number.
  3. The entity that places cookies on the Store User's end device and obtains access to them is the Store operator.
  4. Cookies are used for the following purposes:
    • adapting the content of the Store's websites to the User's preferences and optimizing the use of websites; in particular, these files enable the Store User's device to be recognized and the website to be properly displayed, tailored to their individual needs;
    • creating statistics that help understand how Store Users use websites, which allows for the improvement of their structure and content;
  5. The Store uses two basic types of cookies: "session cookies" and "persistent cookies." "Session" cookies are temporary files that are stored on the User's end device until they leave the website or disable the software (web browser). "Persistent" cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.
  6. The following types of cookies are used within the Store:
    • “essential” cookies, enabling the use of services available within the Store, e.g. authentication cookies used for services that require authentication within the Store;
    • cookies used to ensure security, for example those used to detect authentication abuses within the Store;
    • “performance” cookies, enabling the collection of information on how the Store’s websites are used;
    • “functional” cookies, which enable “remembering” the settings selected by the User and personalizing the User interface, e.g. in terms of the selected language or region the User comes from, font size, website appearance, etc.;
    • “advertising” cookies, enabling the provision of advertising content to Users that is more tailored to their interests.
  7. In many cases, web browsing software (web browser) allows cookies to be stored on the user's end device by default. Store users can change their cookie settings at any time. These settings can be changed, in particular, to block the automatic handling of cookies in the web browser settings or to notify the user each time they are placed on the device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.
  8. The Store Operator informs that restrictions on the use of cookies may affect some functionalities available on the Store's websites.
  9. Cookies placed on the Store User's end device may also be used by advertisers and partners cooperating with the Store operator.
  10. More information about cookies is available at www.wszystkoociasteczkach.pl or in the "Help" section of the web browser menu.