Logiskill

PRIVACY AND COOKIES POLICY

This document sets out the rules for processing personal data and using cookies within the Logiskill website available at: https://logiskill.you2.pl/, hereinafter referred to as the “Website”.

The Website is informational, educational and contact-oriented. In particular, the Website may be used to present the Logiskill project, provide information about educational materials, courses, training modules, contact forms, sign-ups for project updates, and communication with persons interested in the offer or cooperation.

§1. PERSONAL DATA CONTROLLER

The controller of personal data processed within the Website is ToDoor Sp. z o.o. with its registered office in Rzeszów.

Controller’s identification details:
ToDoor Sp. z o.o.
address: ul. Stanisława Moniuszki 11, 35-015 Rzeszów, Poland
KRS: 0001022757
NIP: 8133894621
REGON: 52463317100000

The Controller may be contacted:
e-mail: info@todoor.pl
phone: +48 608 065 716

If a separate e-mail address for the Logiskill project is launched in the future, e.g. contact@logiskill.pl or a similar address, it may be indicated on the Website as an additional contact channel.

§2. LEGAL BASES FOR DATA PROCESSING

When processing personal data, the Controller acts in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, commonly known as the GDPR.

Personal data may be processed on the following legal bases:

Article 6(1)(a) GDPR — where the data subject has given consent to the processing of personal data, for example to receive a newsletter, marketing information or to use certain cookies;

Article 6(1)(b) GDPR — where processing is necessary for the performance of a contract or to take steps prior to entering into a contract, for example to respond to an enquiry regarding an offer, course, training, cooperation or participation in the project;

Article 6(1)(c) GDPR — where processing is necessary for compliance with a legal obligation to which the Controller is subject, for example tax, accounting or archiving obligations;

Article 6(1)(f) GDPR — where processing is necessary for the purposes of the legitimate interests pursued by the Controller, for example handling correspondence, pursuing claims, defending against claims, ensuring Website security, conducting basic statistical analysis or direct marketing of the Controller’s own services.

§3. PURPOSES OF DATA PROCESSING

The Controller may process personal data for the following purposes:

  1. Handling contact enquiries

If a user contacts the Controller via a contact form, e-mail, phone or another communication channel, the Controller may process data such as first name, surname, e-mail address, phone number, message content and other data voluntarily provided by the user.

The data are processed in order to respond, conduct correspondence, prepare information about the project, training, cooperation or offer.

The legal basis for processing is Article 6(1)(b) GDPR if the contact concerns taking steps prior to entering into a contract, or Article 6(1)(f) GDPR if the basis is the Controller’s legitimate interest in handling correspondence and communicating with users.

  1. Delivery of services, projects, courses or cooperation

If a user expresses interest in participating in a project, training, course, pilot programme, consultation or another form of cooperation, the Controller may process data necessary to organise and carry out such activities.

Such data may include in particular: first name, surname, e-mail address, phone number, company or organisation, position, communication language, information about training needs, participant status, selected educational programme or scope of cooperation.

The legal basis for processing is Article 6(1)(b) GDPR and, with respect to legal obligations such as accounting or tax obligations, Article 6(1)(c) GDPR.

  1. Newsletter and project updates

If the Website enables users to subscribe to a newsletter, mailing list or updates concerning the Logiskill project, the Controller may process the data provided in the subscription form, in particular the e-mail address and, optionally, first name.

The newsletter may contain educational, organisational, project-related, marketing or commercial information concerning Logiskill, the Controller’s services, educational materials, events, recruitment, courses or cooperation.

The legal basis for processing data for this purpose is the user’s consent, i.e. Article 6(1)(a) GDPR, or the Controller’s legitimate interest, i.e. Article 6(1)(f) GDPR, where the communication is addressed to persons with whom the Controller already has a business or contact relationship and such contact is permitted by law.

The user may unsubscribe from the newsletter or marketing information at any time.

  1. Direct marketing

The Controller may process personal data for the purpose of direct marketing of its own services, projects and initiatives, in particular to present information about Logiskill, courses, educational materials, training services, B2B cooperation or similar activities.

The legal basis for processing is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest in promoting its own activities. If the law requires consent for a specific communication channel, for example sending commercial information by electronic means, the Controller will obtain such consent.

  1. Website analytics and statistics

The Controller may use analytics tools to examine how users use the Website, traffic sources, popularity of subpages, effectiveness of promotional activities and to improve the Website’s content and usability.

The data may include in particular information about the device, browser, approximate location, source of visit, time spent on the Website, visited subpages and interactions with Website elements.

To the extent that analytics tools use cookies or similar technologies that are not necessary for the operation of the Website, the legal basis for their use is the user’s consent.

  1. Ensuring Website security

From the moment a user enters the Website, the Controller may process technical data necessary to ensure Website security, such as:

  • IP address of the device,
  • type and version of the browser,
  • type of operating system,
  • date and time of the request,
  • address of the visited page,
  • URL of the referring page,
  • error information,
  • data stored in server logs.

The legal basis for processing is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest in ensuring Website security, protecting against abuse, attacks, spam, unauthorised access attempts, and pursuing or defending against claims.

  1. Pursuing claims and defending against claims

The Controller may process personal data for the purpose of establishing, pursuing or defending against claims.

The legal basis for processing is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest in protecting its rights.

§4. SCOPE OF PROCESSED DATA

The scope of processed data depends on how the user uses the Website.

The Controller may process in particular:

  • first name and surname,
  • e-mail address,
  • phone number,
  • company or organisation name,
  • position or function,
  • content of the message sent to the Controller,
  • information concerning interest in the project, training, course or cooperation,
  • data necessary for settlements, if a contract is concluded,
  • IP address,
  • data concerning the device, browser and activity on the Website,
  • data stored in cookies or similar technologies.

Providing data is voluntary, but in some cases necessary to use a specific functionality, for example to send a contact form, receive a response, subscribe to a newsletter or participate in the project.

§5. DATA RETENTION PERIOD

Personal data will be stored for the period necessary to achieve the purpose for which they were collected.

In particular:

  • data processed to handle an enquiry will be stored for the period of correspondence and then for the time necessary to secure possible claims;
  • data processed for the performance of a contract will be stored for the duration of the contract and then for the period required by law or until the expiry of limitation periods for claims;
  • data processed on the basis of consent will be stored until consent is withdrawn, unless there is another legal basis for further processing;
  • data processed for accounting and tax purposes will be stored for the period required by applicable law;
  • data processed for security purposes, including server logs, will be stored for the period necessary to ensure security and protection against claims;
  • data processed for direct marketing purposes will be stored until an effective objection is raised or consent is withdrawn, if consent was the basis for communication.

§6. DATA RECIPIENTS

Personal data may be transferred to entities whose services are used by the Controller in connection with operating the Website and carrying out its activities.

Data recipients may include in particular:

  • hosting and technical infrastructure providers,
  • IT service providers,
  • e-mail service providers,
  • contact form tool providers,
  • newsletter or communication automation tool providers,
  • analytics and advertising tool providers,
  • accounting service providers,
  • legal, advisory or debt collection service providers,
  • entities authorised to receive data under applicable law.

Data may be transferred only to the extent necessary to achieve a given purpose and on the basis of appropriate agreements or legal provisions.

§7. TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

Some service providers used by the Controller may be based outside the European Economic Area, in particular in the United States.

In such cases, data transfers are carried out using mechanisms provided for under the GDPR, in particular:

an adequacy decision of the European Commission, including under the EU–US Data Privacy Framework, if the provider is certified under that programme;

standard contractual clauses adopted by the European Commission;

other safeguards required by law.

§8. RIGHTS OF DATA SUBJECTS

The data subject has the following rights:

  • right of access to data,
  • right to obtain a copy of data,
  • right to rectification of data,
  • right to erasure of data,
  • right to restriction of processing,
  • right to data portability,
  • right to object to data processing,
  • right to withdraw consent at any time, where data are processed on the basis of consent,
  • right to lodge a complaint with a supervisory authority.

Withdrawal of consent does not affect the lawfulness of processing carried out before consent was withdrawn.

Requests concerning the exercise of rights may be sent to the Controller at: info@todoor.pl.

The data subject also has the right to lodge a complaint with the President of the Personal Data Protection Office.

Contact details of the Polish supervisory authority:
President of the Personal Data Protection Office
ul. Stanisława Moniuszki 1A
00-014 Warsaw
Poland
phone: +48 22 531 03 00
e-mail: kancelaria@uodo.gov.pl

§9. RIGHT TO OBJECT

If data are processed on the basis of Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest, the data subject has the right to object to the processing of data on grounds relating to their particular situation.

If data are processed for direct marketing purposes, the data subject may object at any time. Once such an objection is raised, the data will no longer be processed for this purpose.

§10. AUTOMATED DECISION-MAKING AND PROFILING

The Controller does not make decisions concerning users based solely on automated processing that would produce legal effects concerning them or similarly significantly affect them.

However, the Controller may use analytics or advertising tools that may include basic marketing profiling, for example matching advertising content or analysing interest in specific Website subpages.

Such activities are carried out in accordance with applicable law and, where required, on the basis of the user’s consent, in particular consent to analytics or advertising cookies.

§11. COOKIES — GENERAL INFORMATION

The Website uses cookies and similar technologies.

Cookies are small files stored on the user’s device when using a website. These files may be read by the Website or by third parties whose tools are used on the Website.

Cookies may be used in particular to:

  • ensure the proper functioning of the Website,
  • remember user settings,
  • handle forms,
  • ensure security,
  • conduct statistics and analytics,
  • measure the effectiveness of promotional activities,
  • display or measure advertisements,
  • improve the quality and usability of the Website.

§12. TYPES OF COOKIES

The following types of cookies may be used on the Website:

  1. Necessary cookies

These are required for the proper functioning of the Website. They may be used, among others, to ensure security, handle forms, remember cookie consents or maintain basic website functions.

These cookies may be used without the user’s consent because they are necessary to provide the electronic service.

  1. Analytics cookies

These help the Controller understand how users use the Website, which content is most frequently visited and how the Website can be improved.

These cookies are used on the basis of the user’s consent, where applicable law requires such consent.

  1. Marketing or advertising cookies

These may be used to measure campaign effectiveness, remarketing or presenting advertising content tailored to the user’s interests.

These cookies are used on the basis of the user’s consent.

  1. Session and persistent cookies

Session cookies are stored until the browser is closed.

Persistent cookies are stored for a specific period or until deleted by the user.

§13. THIRD-PARTY COOKIES

The Website may use tools provided by third parties, in particular:

  • Google Analytics or similar analytics tools,
  • Google Ads or similar advertising tools,
  • Google Tag Manager,
  • tools for handling forms,
  • tools for sending newsletters,
  • tools for embedding external content, such as maps, videos, forms or educational materials.

The use of third-party tools may involve the use of cookies by those third parties. Detailed information on data processing rules applied by such entities can be found in their own privacy policies.

If the Website does not yet use some of the indicated tools, these provisions should be understood as applying only to technologies actually implemented.

§14. COOKIE CONSENT AND MANAGING SETTINGS

Except for necessary cookies, the use of cookies is based on the user’s consent.

The user may consent to the use of individual categories of cookies through a cookie banner or settings available on the Website.

The user may change cookie settings or withdraw consent at any time.

The user may also manage cookies through their web browser settings. Restricting or disabling cookies may, however, affect the operation of some Website functions.

§15. CACHE MEMORY AND SIMILAR TECHNOLOGIES

The Website may use browser cache, local storage or similar technologies to speed up the website, remember user settings, improve security and increase user convenience.

Data stored in local storage may be retained between subsequent visits to the Website unless the user deletes them or changes browser settings.

§16. LINKS TO OTHER WEBSITES

The Website may contain links to other websites, tools, educational platforms, forms, external materials or social media services.

The Controller is not responsible for the privacy rules applicable on external websites and platforms. Before using such websites, the user should read their privacy policies.

§17. SOCIAL MEDIA

The Controller may maintain profiles of the Logiskill project or ToDoor on social media platforms, such as LinkedIn, Facebook, Instagram, YouTube or other platforms.

If the user interacts with such profiles, for example follows a profile, comments on a post, sends a message or reacts to content, the user’s data may be processed both by the Controller and by the operator of the relevant social media platform.

The scope and rules of data processing by social media platform operators are set out in their own terms and privacy policies.

§18. CHANGES TO THE PRIVACY POLICY

The Controller may amend this Privacy Policy, in particular in the event of:

  • changes in applicable law,
  • changes to Website functionality,
  • implementation of new analytics, marketing or technical tools,
  • changes to the Controller’s data,
  • changes in the manner of personal data processing.

The new version of the Privacy Policy will be published on the Website.

§19. EFFECTIVE DATE

This Privacy Policy is effective from the date of its publication on the Website.