Privacy and Cookie Policy

Personal Data Controller:

  • Name: Enetecs Sp. z o.o.
  • Address: Puszkarska 7K, 30-644 Kraków, Poland
  • Contact e-mail: gdpr@enetecs.com

 

This Privacy and Cookie Policy (“Policy”) sets out the rules for the processing and protection of personal data and other information related to users of the website available at: www.enetecs.com (“Website”).

The Controller places particular importance on respecting the privacy of users visiting the Website. As an entity processing personal data, the Controller fulfills all obligations arising from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”), as well as other applicable national legislation.

 

Purpose of Data Processing

 

The Controller processes personal data of Website users for the following purposes:

  1. Handling inquiries submitted via the contact form
  2. Presenting an offer or other information related to the Controller’s business activities
  3. Pursuing the Controller’s legitimate interests
  4. Fulfilling legal obligations imposed on the Controller
  5. With separate consent, also for marketing purposes

 

Types of Data Collected

 

The Website collects information voluntarily provided by the user, including personal data if submitted. In particular:

  • First and last name
  • E-mail address
  • Phone number (optional)
  • Company name (optional)
  • Message content

 

The Website may automatically record information about:

  • Connection parameters (timestamp, IP address)
  • User behavior on the website (in anonymized form)
  • User’s device and browser

 

Certified Security Systems

 

Enetecs Sp. z o.o. has implemented advanced security systems certified by TÜV NORD to ensure the highest level of protection for personal data and other information processed through the Website. The implemented systems include:

  1. Information Security Management System compliant with ISO/IEC 27001
  2. Security incident management procedures
  3. Regular security audits
  4. Data encryption and secure transmission (SSL certificate)
  5. Access control and multi-factor authentication
  6. Ongoing staff training in data protection

 

Data Protection Measures

 

The Controller applies the following data protection measures:

  1. All areas involving login and the entry of personal data are protected at the transmission layer (SSL certificate). This ensures that personal data and login credentials entered on the site are encrypted on the user’s device and can only be read by the destination server.
  2. The Controller regularly changes administrative passwords.
  3. The Controller performs regular updates of software used for personal data processing, particularly frequent updates of software components.
  4. Access to personal data is granted only to authorized employees or collaborators of the Controller who have been trained in data protection.
  5. The Controller uses technical and organizational measures appropriate to the risks and categories of protected data.

 

Hosting

 

The Website is hosted on the Controller’s server located in the OVH.net data center,
which provides a professional technical infrastructure compliant with the requirements of the GDPR
and other data protection regulations.

 

User Rights

 

In accordance with the GDPR, users have the following rights regarding the processing of their personal data:

  1. Right of access – the right to obtain information on whether the Controller processes the user’s personal data and to access those data
  2. Right to rectification – the right to request the correction of inaccurate personal data or the completion of incomplete data
  3. Right to erasure (“right to be forgotten”) – the right to request the deletion of personal data in specific circumstances
  4. Right to restrict processing – the right to request the restriction of personal data processing in specific situations
  5. Right to data portability – the right to receive personal data provided to the Controller in a structured, commonly used format and to transmit those data to another controller
  6. Right to object – the right to object to the processing of personal data based on the Controller’s legitimate interests, including profiling
  7. Right to withdraw consent – the right to withdraw consent to data processing at any time, without affecting the lawfulness of processing carried out prior to withdrawal

 

To exercise the above rights, please contact the Controller via e-mail at: gdpr@enetecs.com.

 

If you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.

 

Transfer of Personal Data

 

The Controller may transfer users’ personal data to the following categories of recipients:

  1. Entities processing data on behalf of the Controller – providers of hosting, IT, marketing, accounting, or other services who process data for the purpose of delivering services to the Controller
  2. Entities authorized under legal regulations – public authorities or other entities entitled to request access to or receive personal data based on applicable legal provisions

 

The Controller ensures that any data transfers are carried out with appropriate safeguards and that all entities processing data on the Controller’s behalf guarantee the use of adequate protective and security measures required by law.

 

Personal data are not transferred to third countries within the meaning of data protection regulations, i.e., outside the European Economic Area.

 

Data Retention Period

 

Users’ personal data are retained by the Controller no longer than necessary to fulfill the purposes for which they are processed:

  1. Data related to handling inquiries – for the period necessary to respond and maintain further correspondence, but no longer than 3 years from the last contact
  2. Data processed for marketing purposes – no longer than 3 years from the last contact
  3. Data processed based on legal obligations – for the period required by relevant legal regulations (e.g., tax or accounting laws)

 

Cookie Information

 

What are cookies?

 

Cookies are IT data, particularly text files, stored on the end device of the Website user and intended for use on the Website’s pages. Cookies typically contain the name of the website from which they originate, the duration of storage on the end device, and a unique identifier.

 

Types of cookies used

 

The Website uses two main types of cookies:

  • Session cookies – temporary files stored on the user’s end device until they log out, leave the website, or close the web browser
  • Persistent cookies – files stored on the user’s end device for the period specified in the cookie parameters or until manually deleted by the user

 

The Website may use the following types of cookies:

  • Essential for the proper functioning of the Website
  • Used to ensure security
  • Used to collect information about how the Website is used
  • Used to remember user preferences
  • Used to deliver advertising content tailored to the user’s interests

 

Purposes of using cookies

 

Cookies are used for the following purposes:

  1. Maintaining the Website user’s session (after logging in), so the user does not have to re-enter their login and password on every subpage
  2. Achieving the purposes specified under the section “Marketing Techniques”
  3. Customizing Website content to user preferences and optimizing the user experience

 

Marketing Techniques

 

The Controller uses statistical traffic analysis on the Website through Google Analytics (Google Inc., USA). The Controller does not transmit personal data to the service provider, only anonymized information. This service relies on cookies stored on the user’s end device. Users can view and manage their preferences collected by the Google advertising network using the tool available at: https://www.google.com/ads/preferences/

 

Managing Cookies

 

Web browsing software (internet browsers) typically allows cookies to be stored on the user’s end device by default. Website users can change these settings at any time. Internet browsers allow users to delete cookies or automatically block them. Detailed instructions can be found in the help section or documentation of your browser.

 

To manage your cookie settings, select the browser you use and follow the relevant instructions:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

 

Mobile devices:

  • Android
  • Safari (iOS)
  • Windows Phone

Restricting the use of cookies may affect certain functionalities available on the Website.

 

Changes to the Privacy and Cookie Policy

 

The Controller reserves the right to make changes to this Policy, which may result from legal requirements, operational needs of the Website, or technological developments. Any changes will be announced through the Website. Updated versions of the Policy will be published on the Website.

Contact

Any questions related to personal data processing or the use of cookies can be directed to the following e-mail address: gdpr@enetecs.com.

Last updated: 04/04/2025