Privacy Policy
PTM Soft
The Privacy Policy describes the rules for our processing of information about you, including personal data and cookies.
The following Privacy Policy specifies the rules for storing and accessing data on the Devices of Users using the Website for the purposes of providing services electronically by the Administrator, as well as the rules for collecting and processing Users’ personal data, which they provide personally and voluntarily using the tools available on the Website.
The following Privacy Policy is an integral part of the Terms of Service, which defines the rules, rights, and obligations of Users using the Website.
§1 Definitions
Website – the “ptmsoft.pl” website operating at https://ptmsoft.pl/
External Website – websites of partners, service providers, or service recipients cooperating with the Administrator
Website/Data Administrator – The Website Administrator and Data Administrator (hereinafter referred to as the Administrator) is “PRZEMYSŁAW TOMECKI PTM SOFT,” operating at the following address: Więckowice, ul. Kasztanowa 78, 32-082 Bolechowice, with the Tax Identification Number (NIP): 679-28-46-140, providing services electronically via the Website.
User – a natural person for whom the Administrator provides services electronically via the Website.
Device – an electronic device with software through which the User accesses the Website.
Cookies – text data collected in the form of files placed on the User’s Device.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Personal data – information relating to an identified or identifiable natural person (“data subject”); An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Processing means an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction; Restriction of processing – means marking stored personal data for the purpose of limiting their future processing.
Profiling – means any form of automated processing of personal data that involves the use of personal data to evaluate certain personal aspects of an individual, in particular to analyze or predict aspects relating to that individual’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Consent – means the voluntary, specific, informed, and unambiguous expression of the data subject’s will by which the data subject, in the form of a declaration or a clear affirmative action, consents to the processing of personal data concerning them.
Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal data transmitted, stored, or otherwise processed.
Pseudonymization – means the processing of personal data in such a way that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and covered by the Technical and organizational measures that prevent their assignment to an identified or identifiable natural person.
Anonymization – Data anonymization is an irreversible data operation that destroys/overwrites “personal data,” preventing the identification or association of a given record with a specific user or natural person.
Information in forms
The website collects information voluntarily provided by the user.
The website may save information about connection parameters (time stamp, IP address).
The website may save information to facilitate linking the data in the form with the email address of the user completing the form. In such a case, the user’s email address appears within the URL of the page containing the form.
The data provided in the form is not shared with third parties except with the user’s consent.
The data provided in the form is processed for the purpose resulting from the function of the specific form, for example, to process a service request or contact sales.
The data provided in the forms may be transferred to entities technically performing certain services – in particular, this applies to the transfer of information about the holder of a registered domain to entities operating internet domains, or entities with which the Website Operator cooperates in this regard.
§2 Data Protection Inspector
Pursuant to Article 37 of the GDPR, the Controller has not appointed a Data Protection Officer.
In matters concerning data processing, including personal data, please contact the Controller directly.
§3 Types of Cookies
- Internal Cookies – files placed and read from the User’s Device by the Website’s IT system.
- External Cookies – files placed and read from the User’s Device by the IT systems of external Services. Scripts from external Services that may place Cookies on User’s Devices have been intentionally placed on the Website through scripts and services provided and installed on the Website.
- Session Cookies – files placed and read from the User’s Device by the Website during a single session of a given Device. After the session ends, the files are deleted from the User’s Device.
- Persistent Cookies – files placed and read from the User’s Device by the Website until they are manually deleted. These files are not deleted automatically after the Device session ends, unless the User’s Device is configured to delete Cookies after the Device session ends.
§4 Data storage security
Mechanisms for storing and reading cookies – The mechanisms for storing, reading, and exchanging data between cookies stored on the User’s Device and the Website are implemented through built-in web browser mechanisms and do not allow for the downloading of other data from the User’s Device or data from other websites the User has visited, including personal data or confidential information. Transferring viruses, Trojan horses, and other worms to the User’s Device is also practically impossible.
Internal Cookies – Cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that may threaten the security of personal data or the security of the Device used by the User.
External Cookies – The Administrator takes all possible measures to verify and select the website’s partners with the security of Users in mind. The Administrator selects well-known, large partners with global public trust for cooperation. However, the Administrator does not have full control over the content of cookies from external partners. The Administrator is not responsible for the security of cookies, their content, or the licensed use of Scripts installed on the website, originating from external websites, to the extent permitted by law. A list of partners is provided later in this Privacy Policy.
Cookie Control
The User may, at any time, independently change the settings for saving, deleting, and accessing cookie data from any website.
Information on how to disable cookies in the most popular computer browsers is available at: how to disable cookies or from one of the indicated providers:
Managing cookies in Chrome
Managing cookies in Opera
Managing cookies in FireFox
Managing cookies in Edge
Managing cookies in Safari
Managing cookies in Internet Explorer 11
The User may delete any previously saved cookies at any time using the tools of the User’s Device through which the User uses the Website’s services.
User-Side Threats – The Administrator employs all possible technical measures to ensure the security of data stored in Cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User’s activity. The Administrator is not responsible for the interception of this data, impersonation of a User session, or its deletion, as a result of the User’s conscious or unconscious activity, or for viruses, Trojan horses, or other spyware that may have infected or infected the User’s Device. To protect themselves against these threats, Users should adhere to the principles of safe internet use.
Personal Data Storage – The Administrator ensures that every effort is made to ensure that the personal data voluntarily entered by Users is secure, that access to it is limited, and that it is processed in accordance with its intended purpose and the purposes of processing. The Administrator also ensures that every effort is made to protect its data against loss by implementing appropriate physical and organizational security measures.
§5 Purposes for which cookies are used
Improving and facilitating access to the Website
Personalizing the Website for Users
Enabling Login to the Website
Marketing, Remarketing on External Websites
Advertising Services
Affiliate Services
Statistics (users, number of visits, device types, connection, etc.)
Providing Multimedia Services
Providing Social Media Services
§6 Purposes of personal data processing
Personal data voluntarily provided by Users is processed for one of the following purposes:
- Provision of electronic services:
- Registration and maintenance of the User account within the Service and related functionalities
- Services enabling the sharing of content published in the Service on social media platforms or other websites
- Communication between the Administrator and Users regarding matters related to the Service and data protection
- Ensuring the legitimate interests of the Administrator
Data about Users collected anonymously and automatically is processed for one of the following purposes:
- Statistical analysis
- Remarketing
- Serving advertisements tailored to Users’ preferences
- Management of affiliate programs
- Ensuring the legitimate interests of the Administrator
§7 Cookies of external websites
§8 Types of data collected
The Service collects data about Users. Some data is collected automatically and anonymously, while some personal data is voluntarily provided by Users when registering for specific services offered by the Service.
Anonymous data collected automatically:
- IP address
- Browser type
- Screen resolution
- Approximate location
- Opened subpages of the Service
- Time spent on a specific subpage of the Service
- Operating system type
- Address of the previous subpage
- Referring website address
- Browser language
- Internet connection speed
- Internet service provider
Data collected during registration:
- First name / last name / username
- Email address
- Phone number
Data collected when subscribing to the Newsletter service:
- Email address
Data collected when adding a comment:
- First name and last name / username
- Email address
- Website address
- IP address (collected automatically)
Some data (excluding personally identifiable information) may be stored in cookies. Some data (excluding personally identifiable information) may be transferred to statistical service providers.
§9 Access to personal data by third parties
As a general rule, the only recipient of personal data provided by Users is the Administrator. Data collected within the scope of provided services is not shared or resold to third parties.
Access to data (most often based on a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for operating the Service, such as:
- Hosting companies providing hosting or related services to the Administrator
Entrusting the processing of personal data – hosting, VPS, or dedicated server services
For the purpose of operating the Service, the Administrator uses an external provider of hosting, VPS, or dedicated server services. All data collected and processed within the Service is stored and processed within the provider’s infrastructure located in Poland. Access to the data may be possible as a result of maintenance work carried out by the provider’s personnel. Access to such data is governed by an agreement concluded between the Administrator and the service provider.
§10 Method of processing personal data
Personal data voluntarily provided by Users:
- Personal data will not be transferred outside the European Union, unless it has been made public as a result of the User’s individual actions (e.g. posting a comment or entry), in which case the data becomes accessible to any visitor of the Service.
- Personal data will not be used for automated decision-making (profiling).
- Personal data will not be resold to third parties.
Anonymous data (excluding personal data) collected automatically:
- Anonymous data (excluding personal data) will be transferred outside the European Union.
- Anonymous data (excluding personal data) may be used for automated decision-making (profiling). Profiling of anonymous data (excluding personal data) does not produce legal effects or similarly significantly affect the person to whom the data relates in the context of automated decision-making.
- Anonymous data (excluding personal data) will not be resold to third parties.
§11 Legal basis for personal data processing
The Service collects and processes User data on the basis of:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR):
- Article 6(1)(a)
The data subject has given consent to the processing of his or her personal data for one or more specific purposes - Article 6(1)(b)
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract - Article 6(1)(f)
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
- Article 6(1)(a)
- Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
- Act of 16 July 2004 Telecommunications Law (Journal of Laws 2004 No. 171, item 1800)
- Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)
§12 Period of personal data processing
Personal data provided voluntarily by Users:
As a general rule, the personal data indicated is stored only for the duration of the Service provided by the Administrator within the Website. It is deleted or anonymized within 30 days of the termination of the service (e.g., deletion of a registered user account, unsubscription from the Newsletter list, etc.).
An exception is a situation that requires the Administrator to secure legitimate purposes for further processing of this data. In such a situation, the Administrator will store the indicated data from the time the User requests its deletion, but no longer than 3 years in the event of a violation or suspected violation of the Website Terms and Conditions by the User.
Anonymous data (without personal data) collected automatically:
Anonymous statistical data, not constituting personal data, is stored by the Administrator for the purpose of maintaining website statistics for an indefinite period.
§13 User rights related to the processing of personal data
The Service collects and processes User data on the basis of:
- Right of access to personal data
Users have the right to obtain access to their personal data, exercised upon a request submitted to the Administrator. - Right to rectification of personal data
Users have the right to request the Administrator to promptly correct inaccurate personal data and/or complete incomplete personal data, exercised upon a request submitted to the Administrator. - Right to erasure of personal data
Users have the right to request the Administrator to promptly delete personal data, exercised upon a request submitted to the Administrator.
In the case of user accounts, deletion consists of anonymizing data enabling identification of the User. The Administrator reserves the right to suspend the execution of a deletion request in order to protect its legitimate interest (e.g. if the User has violated the Terms of Service or if the data was obtained as a result of correspondence).
In the case of the Newsletter service, the User may independently delete their personal data by using the unsubscribe link included in each email message. - Right to restriction of processing of personal data
Users have the right to restrict the processing of their personal data in cases specified in Article 18 GDPR, including when contesting the accuracy of personal data, exercised upon a request submitted to the Administrator. - Right to data portability
Users have the right to receive their personal data from the Administrator in a structured, commonly used, machine-readable format, exercised upon a request submitted to the Administrator. - Right to object to processing of personal data
Users have the right to object to the processing of their personal data in cases specified in Article 21 GDPR, exercised upon a request submitted to the Administrator. - Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority responsible for data protection.
§14 Contact to the Administrator
You can contact the Controller in one of the following ways:
Mailing address – PTM SOFT Quattro Business Park D – 4th floor (Ace of Space), Al. Generała Tadeusza Bora-Komorowskiego 25, 31-476 Kraków
Email address – kontakt@ptmsoft.pl
Telephone – +48 12 444 7837
Contact form – available at: https://ptmsoft.pl/kontakt/
§15 Service Requirements
Restricting the storage and access of cookies on the User’s Device may result in some Website features not functioning properly.
The Administrator is not responsible for any malfunctioning Website features if the User restricts the storage and access of cookies in any way.
§16 External links
The Website – articles, posts, entries, and User comments – may contain links to external websites with which the Website Owner has no cooperation. These links, and the pages or files linked to them, may be dangerous to your Device or pose a threat to the security of your data. The Administrator is not responsible for content located outside the Website.
§17 Changes to the Privacy Policy
- The Administrator reserves the right to freely modify this Privacy Policy without the need to inform Users, in relation to the use and processing of anonymous data or the use of cookies.
- The Administrator reserves the right to freely modify this Privacy Policy with regard to the processing of personal data. Users with accounts or subscribed to the newsletter will be informed of such changes via email within 7 days of the changes being introduced. Continued use of the services constitutes acknowledgement and acceptance of the updated Privacy Policy. If a User does not agree to the changes, they are required to delete their account or unsubscribe from the newsletter.
- Any changes to the Privacy Policy will be published on this page of the Service.
- The changes come into effect at the moment they are published.