PRIVACY POLICY

PRIVACY POLICY
I. SCOPE
The Data Controller is Przedsiębiorstwo RANAL Spółka z ograniczoną odpowiedzialnością with its registered office in Rudniki (42-240), at ul. Łódzka 3, entered into the Register of Entrepreneurs kept by the District Court in Częstochowa, 17th Commercial Division of the National Court Register under KRS number 0000207262, NIP: 9491505658, REGON: 150391040.
The purpose of this Privacy Policy is to define the actions taken by the Data Controller regarding the protection of personal data processed via the website https://www.ranal.pl/ (hereinafter referred to as the "Service") and via social media portals (Facebook, LinkedIn).
Data is processed in accordance with applicable laws, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).
A User of the Service is any natural person using the Service via electronic devices.
The Service does not automatically collect any information, except for the information contained in cookies. Additional personal data (e.g., e-mail address) is collected only in places where the user, by filling out a form, has expressly consented to it.
II. PROCESSING OF PERSONAL DATA BY THE CONTROLLER, INCLUDING ACQUISITION AND STORAGE
COOKIES
The Service uses cookies. Cookies are IT data, in particular text files, stored on the Service User's terminal device and are intended for the use of the Service's websites. Cookies usually contain the name of the website from which they originate, the duration of their storage on the terminal device, and a unique number.
The following types of cookies are used within the Service:
Security cookies: used to detect authentication abuses within the service;
Performance cookies: enabling the collection of information on how the service's websites are used;
Functional cookies: allowing "remembering" user settings and personalizing the user interface (e.g., language, region, font size, website appearance);
Analytical cookies: used to monitor traffic on the website (data analytics), including cookies from Google Analytics [cookie controller: Google Inc. based in the USA].
Data is collected for the following purposes:
providing content collected in the Service to Users;
analytical and statistical purposes – the analysis of these statistics is anonymous;
remembering individual User settings and optimizing the use of the Service;
adjusting the content of the Sites to the User's terminal device;
obtaining aggregate, anonymous statistical data on how the Service is used to improve its structure and functionality;
improving security by controlling abuse in the process of using the Service.
As a rule, cookies do not constitute personal data. However, certain information stored in cookies (e.g., regarding preferences), especially in combination with other information about the website user, may be treated as personal data. Personal data collected using cookies may be processed only for the purpose of performing specific functions for the User as described above. Such data is secured in a way that prevents access by unauthorized persons.
The controller's right to store and access "cookies" results from the controller's legitimate interest or the implied consent expressed by the Service User. Implied consent is expressed by the User while configuring the web browser or a selected website (or service) and by entering the site regarding the storage of files necessary for the Service's functioning.
Two main types of cookies are used: "session cookies" (temporary files stored until logging out or closing the browser) and "persistent cookies" (stored for the time specified in the parameters or until deleted by the User).
Cookies placed on the User's terminal device may also be used by advertisers and partners cooperating with the Service operator. We recommend reading the privacy policies of these companies: Google Analytics Privacy Policy.
For information on user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
Managing cookies – how to block cookies or withdraw consent in practice?
The user can disable or restore the cookie collection option at any time. If the user does not want to receive cookies, they can change their browser settings. We reserve that disabling cookies necessary for authentication, security, or maintaining user preferences may make it difficult, and in extreme cases impossible, to use the websites. Instructions for popular browsers are available in the help section of each browser or at http://www.allaboutcookies.org/manage-cookies.
SOCIAL MEDIA
Data of users visiting the Controller's social media profiles (Facebook, LinkedIn) is processed only in connection with maintaining the profile, including informing about the Controller's activities.
CONTACT FORMS
The Service enables contact with the Controller using contact forms. The form requires providing personal data necessary for follow-up contact and answering the question. Data is processed for identification, handling the inquiry, and for analytical and statistical purposes. The basis for processing is the User's consent (Art. 6(1)(a) GDPR) unless there is a legitimate interest of the Data Controller in the form of direct marketing (Art. 6(1)(f) GDPR). Providing data is voluntary, but failure to do so may result in the inability to handle the inquiry.
 
RECRUITMENT
The Controller may conduct recruitment for new employees, interns, apprentices, contractors, and partners through the Website. Candidates' personal data will be processed for current and future recruitment purposes – based on Art. 6(1)(a) of the General Data Protection Regulation of 27 April 2016 and the Labour Code of 26 June 1974. Personal data will be stored for the duration of the current recruitment, but for no longer than 4 months. If the candidate gives additional voluntary consent for the processing of their personal data (name, surname, and contact details) for future recruitment purposes, such data will be processed for no longer than 12 months. Recipients of candidate data may include recruitment companies conducting hiring on behalf of the Data Controller. Candidates have the right to request access to their personal data, the right to rectification, erasure, or restriction of processing, the right to object to processing, the right to data portability, and the right to withdraw consent at any time.
III. USE OF COLLECTED DATA
The Data Controller processes (e.g., collects, stores, analyzes, etc.) personal data of Service Users for the following purposes:
Providing content collected in the Service to Users;
Analytical and statistical purposes (analysis of these statistics is anonymous);
Marketing purposes of the Data Controller (in the case of data provided in contact forms);
Sending commercial information to the User electronically to the provided e-mail address, including a newsletter with the latest information on works, campaigns, and offers, as well as using telecommunications terminal equipment for direct marketing purposes regarding the phone number provided by the User – based on the User's voluntary consent (legal basis: Art. 6(1)(a) GDPR);
Recruitment (in the case of data provided in contact forms).
Collected information includes: IP address, browser type, language, operating system type, ISP, time and date information, location, and information sent via the contact form (name, surname, e-mail address, message content, company name).
Personal data collected by the Data Controller is stored until the consent for processing is withdrawn. Decisions regarding Users' personal data will not be made in an automated manner.
IV. DATA SHARING
Data is shared with third parties only within legally permitted limits. The Controller may be obliged to provide information collected by the Service to authorized authorities based on lawful requests to the extent resulting from the request.
V. SECURITY
Only authorized persons have access to the data, and only to the extent necessary for their tasks. We ensure data security by using, among others, the secure communication encryption protocol (SSL).
VI. USER RIGHTS. CONTACT DETAILS OF THE DATA CONTROLLER.
The User has the right to access their data and the possibility to correct it, the right to restrict processing, the right to object to processing, data portability, and the right to withdraw consent without giving a reason by contacting Przedsiębiorstwo RANAL Spółka z ograniczoną odpowiedzialnością via e-mail: ranal@ranal.pl or by post: Przedsiębiorstwo RANAL Spółka z ograniczoną odpowiedzialnością, Rudniki (42-240), ul. Łódzka 3, with the note "Personal Data". The User has the right to lodge a complaint with the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych) as the supervisory authority.
VII. FINAL PROVISIONS
The Controller reserves the right to make changes to this Privacy Policy, which may be influenced by the development of internet technology, potential changes in data protection law, or the development of the website. We will inform about any changes in a visible and understandable manner.