PRIVACY POLICY
WWW.PROVENTY.COM
We strive to ensure that the use of our services is fully satisfying and helpful. We train employees and develop products to improve the quality of services provided. We do not require additional fees for using that website – it’s completely free. If you have any comments at any stage of your cooperation with us, please let us know.
This document aims to provide information on how we handle your personal data. Here you will also find information about the possibility of exercising your rights under the provisions on personal data protection.
§ 1.
Definitions
Personal Data Controller – Proventy is the Personal Data Controller of the Website Users. We obtain your data in connection with the use of our Website;
Cookies – are IT data, in particular text files, which are stored on the User’s end device and are intended for using the Website;
Personal data – means information about an identified or identifiable natural person („data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier;
Civil Code – Act of April 23, 1964, Civil Code (consolidated text: Journal of Laws of 2023, item 1610, as amended);
Server Logs – information about some User behaviors subject to logging in the server layer;
Offline – performing activities in direct contact with the customer (traditional channel);
Proventy or Service Provider – Malgorzata Blachuta, running a business under the name Proventy Malgorzata Blachuta based in Cracow, Jakuba Bojki 14/54, NIP: 6881248357, REGON: 526179492;
Privacy Policy – a document constituting an integral part of the Regulations, specifying the rules for collecting, processing, storing and protecting the User’s personal data, the function and purpose of the software introduced into the IT system used by the User and the risks associated with the use of the Service;
Profiling – means any form of automated processing of personal data, which involves the use of personal data to evaluate certain personal factors of a natural person, in particular to analyze or predict aspects regarding the work results of this natural person, his or her economic situation, health, personal preferences, interests , reliability, behavior, location or movement;
Regulations – a document specifying the rules for the use of services by Users within the Website and the conditions for the provision of services by the Service Provider to Users, available here;
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Regulation on data protection), which applies from 25 May 2018;
Website – an internet portal located at the following internet address: www.proventy.com. The Website is an internet platform constituting a compilation of various types of internet services, enabling Users to use the Website’s resources relating to the insurance market, as well as providing other services to Users electronically;
User – a natural person with full legal capacity, a legal person or an organizational unit without legal personality, which is granted legal capacity by law, using the resources and Services made available Offline or on the Website.
§ 2.
General provisions
This Privacy Policy defines the rights and obligations of persons using the Website and provides information to the Service Provider regarding the protection of Personal Data.
Users’ personal data are processed in accordance with the GDPR and other currently applicable provisions of the law on the protection of personal data, i.e. throughout the period of processing of specific data.
§ 3.
Terms of Use
In order to use the Services, each User consents to the processing of their Personal Data to the extent and under the terms set out in the Privacy Policy.
§ 4.
Information about the Personal Data Controller
Users’ personal data are processed by the Service Provider, i.e. by the Personal Data Controller.
In all matters related to the processing of Personal Data, you can contact the Personal Data Controller:
-
- by post to the above-mentioned correspondence address;
- via e-mail sent to: contact@proventy.com.
§ 5.
Obligation to provide Personal Data
All information about Users collected by the Service Provider (including: Offline and via the Website) is provided voluntarily. However, it may happen that without providing specific Personal Data, the Service Provider will not be able to provide specific Services or Services to the full extent. The User will then be informed about each such situation of providing Personal Data.
§ 6.
Purpose, legal basis, processing time of Personal Data
The Personal Data Controller takes special care to protect the interests of data subjects (Users), and in particular ensures that the data collected are:
-
- processed lawfully, fairly and in a transparent manner for the data subject;
- collected for specific, explicit and legitimate purposes and not further processed in a way that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- correct and updated if necessary;
- stored in a form enabling identification of the data subject for no longer than necessary for the purposes for which the data are processed;
- processed in a way that ensures appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures.
The Personal Data Controller processes Personal Data to the extent to which they were made available by a given natural person (including via forms posted on the Website), based on the User’s voluntary consent (Article 6(1)(a) of the GDPR), which, depending on its content, allows the processing of Users’ Personal Data, including:
-
- compare and present the service offer to the User;
- sharing Users’ Personal Data with selected third parties in order to present the best service offer;
- contact the User for purposes related to his inquiry (the method of contact depends on the contact details provided by the User: e-mail or telephone),
- handling complaints;
- enabling the use of other Services available on the Website;
- marketing of Services and products offered by the Service Provider and entities cooperating with them;
- providing the User with commercial information via electronic means of communication by the Personal Data Controller and entities cooperating with them.
In the event that the User has concluded an agreement for the provision of Services electronically on the basis of the relevant Regulations, the Personal Data Controller processes the Personal Data of such User in order to conclude and perform this agreement (Article 6(1)(b) of the GDPR).
Additionally, the Personal Data Controller processes Users’ Personal Data in order to defend against possible claims and to perform the Personal Data Controller’s obligations under the law (Article 6(1)(c) and (f) of the GDPR).
The Personal Data Controller stores Users’ Personal Data for the duration of the contract concluded with the User, and after its termination in order to pursue claims in connection with the performance of the contract and fulfill obligations arising from legal provisions, but no longer than for a period of 10 years from the date of completion of the contract.
Personal data provided by the User on the basis of consent is stored by the Personal Data Controller only until the User objects to their processing or until the consent to processing is withdrawn – unless applicable law requires a longer period of data storage.
§7.
Transfer of Personal Data to third parties
Access to the Personal Data processed by the Controller may also be available to: persons employed by the Personal Data Controller, entities organizing activities and marketing campaigns on his behalf, entities providing analytical, programming, telephone customer service, accounting and HR services – payroll, legal, tax, auditing, etc., postal and courier companies, cloud storage providers, providers of mailing and telecommunications services, and providers of e-mail services and other tools enabling communication with us.
§ 8.
Transferring Personal Data Abroad
The Personal Data Controller will not process Users’ personal data outside the European Economic Area (EU countries, Iceland, Norway and Liechtenstein), which has strict privacy protection regulations.
However, it may happen that data will be transferred outside the EEA by entities that process Personal Data on behalf of the Personal Data Controller, such as providers of e-mail, cloud storage, mailing services, etc. The Personal Data Controller will make every effort to ensure that such data flows take place in accordance with the law.
§9.
Rights of the User
The Personal Data Controller ensures that the User fulfills all rights arising from the GDPR, i.e. the right to obtain information about the content of processed data, the right to access Personal Data and the right to request their rectification, deletion, limitation of processing, transfer to another data controller, as well as the right object to automated data processing (Profiling).
Moreover, to the extent that consent is the basis for the processing of Personal Data, the User has the right to withdraw it at any time, which, however, will not affect the lawfulness of the processing carried out before its withdrawal.
The User also has the right to lodge a complaint with the supervisory authority responsible for the protection of personal data, i.e. the Personal Data Protection Office, Stawki 2, 00-193 Warsaw, tel. +48 (22) 531 03 00, kancelaria@uodo.gov.pl, hotline +48 606-950-000.
§ 10.
Types of communication
Depending on the contact details provided by the User (e-mail address and/or telephone number) and the consents accepted at the place of providing these data, the Personal Data Controller may contact the User, e.g. in connection with: handling a given Service, answering questions, complaints, research, obtaining opinions, own marketing of products and Services, sending information bulletins (newsletter), commercial information from the Personal Data Controller and, if the User gives additional consent, also commercial information from the Personal Data Controller’s partners. The basis for processing is the User’s voluntary consent, which he or she may withdraw at any time using a special link at the bottom of each message received from the Personal Data Controller. The data used to communicate with the User will be processed until the consent to receive messages is withdrawn. However, legal provisions may – in certain situations – require longer processing of data by the Personal Data Controller.
§ 11.
Cookies
In order to ensure the highest quality of Services and to adapt the Website to the needs of Users, the Personal Data Controller uses Cookies.
Cookies are small portions of information in the form of a short string of characters that are stored in the memory of the User’s device. Access to these files allows the Personal Data Controller to later identify the User’s device and adjust the website settings to it.
The stored information does not introduce any configuration changes to the User’s device or software. They can be deleted at any time using the appropriate function of your web browser.
The Personal Data Controller divides Cookies into two types, taking into account their storage time: Cookies: „session cookies” and „persistent cookies”. „Session” cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). „Permanent” Cookies are stored on the User’s end device for the time specified in the Cookies parameters or until they are deleted by the User.
There are different types of cookies depending on how they are used. The website uses five types of cookies:
- Necessary cookies
Necessary cookies are files necessary for the proper functioning of the Website. They are used to ensure security, maintain the session of the User logging into the Website, and exchange data between platforms operating within the Website. These types of cookies are also used in the User authentication process and prevent abuse in this area. Without them, basic security mechanisms would cease to function and the Personal Data Controller would not be able to provide services to Users within the Website. These are mandatory cookies – you cannot deselect them. The website cannot function properly without these cookies.
- Cookies regarding preferences
Preference cookies enable the Website to remember information that changes the appearance or functioning of the website, e.g. the preferred language or the region in which the User is located.
- Statistical cookies
Statistical Cookies help the Website’s Personal Data Controller understand how different Users behave on the Website by collecting and reporting anonymous information.
- Marketing cookies
Marketing Cookies are used to track Users on the Website. The aim is to display advertisements that are relevant and interesting to individual Users and therefore more valuable to publishers and third-party advertisers.
- Unclassified cookies
Unclassified Cookies are files that are in the process of classification, along with the providers of individual cookies.
Based on the above rules and for the purposes mentioned, other mechanisms used by the Website also operate, such as local Storage, which works on principles analogous to permanent Cookies, but is able to store more information.
The Website may also contain scripts from trusted external partners, which may also store data on the User’s device in the scope of their marketing (advertising) activities. Cookies sent by these entities are intended to improve the effectiveness of presenting advertisements to the User that correspond to their online activity – third parties deliver advertising content to Users. Therefore, when visiting the Website, cookies from trusted external partners are also saved on the User’s computer or other device. In this way, for example, information about products viewed or purchased is collected. The storage mechanisms and principles used may differ from those provided for in this Privacy Policy. The User will find more information on this subject on the websites of individual Partners.
Managing and deleting Cookies varies depending on the browser used. Detailed information on this subject can be obtained using the Help function in your browser, also on the websites of individual software manufacturers, e.g.:
- Microsoft Edge: https://support.microsoft.com/pl-pl/topic/wy%C5%9Bwietlanie-plik%C3%B3w-cookie-w-przegl%C4%85darce-microsoft-edge-a7d95376-f2cd-8e4a-25dc-1de753474879,
- Chrome: https://support.google.com/chrome/answer/95647?hl=pl,
- Firefox: https://support.mozilla.org/pl/kb/ciasteczka,
- Safari: https://support.apple.com/pl-pl/guide/safari/sfri11471/mac,
- Opera: https://help.opera.com/pl/latest/web-preferences/#cookies.
Most browsers offer the option of accepting or rejecting all Cookies, accepting only certain types, or informing you each time a website tries to set them. The user can also easily delete cookies that have already been saved on the device by the browser. At any time, the User can check the status of his/her cookie consents and withdraw his/her consent in the Cookie Declaration available via the Website.
At the same time, we would like to inform you that disabling or limiting the use of Cookies may make it difficult or even impossible to use the Website and the Services provided therein.
§ 12.
Server Logs
Information about certain User behaviors is logged in the server layer. This data is used solely for the purpose of administering the Website and to ensure the most efficient operation of the hosting services provided.
Browsed resources are identified by URL addresses. In addition, the following may be recorded: the time of arrival of the query, the time of sending the response, the name of the client station – identification carried out by the HTTP protocol, information about errors that occurred during the HTTP transaction, the URL address of the page previously visited by the User (referrer link) – in the event that the transition the Website was accessed via a link, information about the User’s browser, and information about the IP address.
The above data is not associated with specific people browsing websites.
The above data is used only for server administration purposes.
This version of the Privacy Policy is effective from 01 January 2024.