Privacy policy

1. Name and contact details of the responsible person

This privacy statement provides information about the processing of personal data on the firm’s website at the URL http://apzn.pl.

Person responsible:

APZ Nieruchomości sp. z o.o.
ul. Wysoka 9
61-850 Poznań

+48 530 416 416

biuro@apzn.pl
www.apzn.pl

Contact details of the data protection officer:

The data protection officer of the firm can be contacted at the above firm address and at biuro@apzn.pl

2. Scope and purpose of the processing of personal data

2.1 Calling up the website

When this website, www.apzn.pl, is accessed, data is automatically sent to the server of this website by the Internet browser used by the visitor and stored in a log file for a limited period of time. Until automatic deletion, the following data is stored without further input by the visitor:

  • IP address of the visitor’s terminal device
  • Date and time of access by the visitor
  • Name and URL of the page accessed by the visitor
  • Website from which the visitor accessed the firm’s website (so-called referrer URL)
  • Browser and operating system of the visitor’s terminal device as well as the name of the access provider used by the visitor.

The processing of these personal data is justified pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The firm has a legitimate interest in processing data for the purpose of:

  • to establish the connection to the website of the firm expeditiously
  • to enable a user-friendly application of the website
  • to recognise and guarantee the security and stability of the systems
  • to facilitate and improve the administration of the website

The processing is expressly not carried out for the purpose of gaining knowledge about the person of the visitor to the website.

2.2 Contact form

Visitors can submit messages to the firm via an online contact form on the website. In order to receive a reply, at least a valid e-mail address is required. All other information can be provided voluntarily by the person making the enquiry. By sending the message via the contact form, the visitor consents to the processing of the transmitted personal data. The data is processed exclusively for the purpose of handling and answering enquiries via the contact form. This is done on the basis of the voluntarily given consent pursuant to Art. 6 (1) sentence 1 a) GDPR. The personal data collected for the use of the contact form are automatically deleted as soon as the enquiry has been dealt with and there are no reasons for further storage (e.g. subsequent commissioning of our firm).

2.3 Newsletter

By subscribing to the newsletter, the visitor expressly agrees to the processing of the transmitted personal data. To register for the newsletter, the visitor only needs to enter an e-mail address. The legal basis for the processing of the visitor’s personal data for the purpose of sending newsletters is consent pursuant to Art. 6 (1) sentence 1 a) GDPR.

The visitor can unsubscribe from receiving future newsletters at any time. This can be done by using a special link at the end of the newsletter or by sending a corresponding message by e-mail to biuro@apzn.pl.

3. Transfer of data

Personal data will be transferred to third parties if:

  • the data subject has expressly consented to this in accordance with Art. 6 para. 1 sentence 1 letter a) GDPR
  • the transfer is necessary for the assertion, exercise or defence of legal claims pursuant to Art. 6 para. 1 sentence 1 letter f) GDPR and there is no reason to assume that the data subject has an overriding interest in the non-disclosure of his or her data that merits protection.
  • there is a legal requirement for the transfer of data pursuant to Art. 6 para. 1 sent. 1 lit. c) GDPR a legal obligation exists, and/or
  • this is necessary for the fulfilment of a contractual relationship with the data subject pursuant to Art. 6 para. 1 sentence 1 letter b) GDPR.

In other cases, personal data will not be disclosed to third parties.

4. Cookies

So-called cookies are used on the website. These are data packets that are exchanged between the server of the firm’s website and the visitor’s browser. These are stored by the respective devices used (PC, notebook, tablet, smartphone, etc.) when visiting the website. In this respect, cookies cannot cause any damage to the devices used. In particular, they do not contain viruses or other malware. In the cookies, information is stored that arises in connection with the specific end device used. The firm can therefore in no way obtain direct knowledge of the identity of the visitor to the website.

Cookies are mostly accepted according to the basic settings of the browsers. The browser settings can be configured in such a way that cookies are either not accepted on the devices used or that a special notice is given in each case before a new cookie is created. However, it should be noted that deactivating cookies may mean that not all functions of the website can be used in the best possible way.

The use of cookies serves to make the use of the web offer of the firm more comfortable. For example, session cookies can be used to track whether the visitor has already visited individual pages of the website. After leaving the website, these session cookies are automatically deleted.

Temporary cookies are used to improve user-friendliness. They are stored on the visitor’s device for a temporary period of time. When the website is visited again, it is automatically recognised that the visitor has already called up the page at an earlier time and which entries and settings were made at that time so that they do not have to be repeated.

Cookies are also used to analyse website visits for statistical purposes and for the purpose of improving the website. These cookies make it possible to automatically recognise on a new visit that the website has already been called up by the visitor before. In this case, the cookies are automatically deleted after a specified period of time.

The data processed by cookies is justified for the above-mentioned purposes in order to protect the legitimate interests of the firm pursuant to Article 6 (1) sentence 1 letter f) GDPR.

5. Your rights as a data subject

Insofar as your personal data is processed on the occasion of your visit to our website, you are entitled to the following rights as a “data subject” within the meaning of the GDPR:

5.1 Information

You can request information from us as to whether we are processing your personal data. There is no right to information if the provision of the requested information would violate the duty of confidentiality pursuant to § 57 StBerG or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding the above, there may be an obligation to provide the information if your interests outweigh the interest in secrecy, in particular taking into account imminent damage. The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or exclusively serves the purposes of data security or data protection control, provided that the provision of information would require a disproportionately high effort and the processing for other purposes is excluded by appropriate technical and organisational measures. Provided that the right to information is not excluded in your case and your personal data is processed by us, you can request information from us about the following:

  • Purposes of the processing
  • Categories of personal data processed by you
  • Recipients or categories of recipients to whom your personal data are disclosed, in particular in the case of recipients in third countries
  • if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining the storage period
  • the existence of a right to rectify, erase or restrict the processing of personal data concerning you or to object to such processing
  • the existence of a right of appeal to a data protection supervisory authority
  • if the personal data has not been collected from you as the data subject, the available information on the origin of the data
  • Where applicable, the existence of automated decision-making, including profiling, and meaningful information about the logic involved as well as the scope and intended effects of automated decision-making.
  • If applicable, in the case of transfer to recipients in third countries, unless there is a decision by the EU Commission on the adequacy of the level of protection pursuant to Article 45 (3) of the GDPR, information on which appropriate safeguards are provided for the protection of personal data pursuant to Article 46 (2) of the GDPR.

5.2 Correction and completion

If you discover that we have incorrect personal data relating to you, you may request that we correct this incorrect data without delay. If your personal data is incomplete, you may request that we complete it.

5.3 Deletion

You have a right to erasure (“right to be forgotten”), unless the processing is necessary for the exercise of the right to freedom of expression, the right to information or for compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following reasons applies:

  • The personal data are no longer necessary for the purposes for which they were processed.
  • The justification for the processing was solely your consent, which you have withdrawn.
  • You have objected to the processing of your personal data which we have made public
  • You have objected to the processing of personal data that we have not made public and there are no overriding legitimate grounds for the processing
  • Your personal data has been processed unlawfully
  • The erasure of the personal data is necessary for compliance with a legal obligation to which we are subject

There is no entitlement to erasure if, in the case of lawful non-automated data processing, erasure is not possible or only possible with disproportionate effort due to the special nature of the storage and your interest in erasure is low. In this case, the restriction of processing takes the place of deletion.

5.4 Restriction of processing

You may request us to restrict processing if one of the following reasons applies:

  • You dispute the accuracy of the personal data. In this case, the restriction may be requested for the period of time that enables us to verify the accuracy of the data.
  • The processing is unlawful and you request the restriction of the use of your personal data instead of deletion.
  • Your personal data is no longer required by us for the purposes of processing, but you need it for the assertion, exercise or defence of legal claims
  • You have lodged an objection pursuant to Art. 21 (1) GDPR. Restriction of processing may be requested for as long as it is not yet clear whether our legitimate reasons outweigh your reasons.

Restriction of processing means that the personal data will only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. Before we lift the restriction, we have a duty to inform you.

5.5 Data portability

You have a right to data portability if the processing is based on your consent (Art. 6(1) sentence 1(a) or Art. 9(2)(a) GDPR) or on a contract to which you are a party and the processing is carried out with the help of automated procedures. The right to data portability in this case includes the following rights, provided that this does not affect the rights and freedoms of other persons: You may request us to provide you with the personal data you have provided to us in a structured, commonly used and machine-readable format. You have the right to transfer this data to another controller without hindrance on our part. Where technically feasible, you may request that we transfer your personal data directly to another controller.

5.6 Objection

Insofar as the processing is based on Art. 6 (1) sentence 1 letter e) GDPR (performance of a task in the public interest or in the exercise of official authority) or on Art. 6 (1) sentence 1 letter f) GDPR (legitimate interest of the controller or a third party), you have the right to object to the processing of personal data relating to you at any time on grounds relating to your particular situation. This also applies to profiling based on Art. 6 (1) sentence 1 e) or f) GDPR. After exercising the right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You may object at any time to the processing of personal data concerning you for direct marketing purposes. This also applies to profiling related to such direct marketing. After exercising this right of objection, we will no longer use the personal data concerned for direct marketing purposes.

You have the option of informally notifying our office of your objection by telephone, by e-mail or to our postal address listed at the beginning of this privacy policy.

5.7 Revocation of consent

You have the right to revoke your consent at any time with effect for the future. The revocation of consent can be communicated informally by telephone, by e-mail or to our postal address. The revocation does not affect the lawfulness of the data processing that was carried out on the basis of the consent until receipt of the revocation. After receipt of the revocation, the data processing, which was based exclusively on your consent, will be discontinued.

5.8 Complaint

If you believe that the processing of personal data concerning you is unlawful, you may lodge a complaint with a data protection supervisory authority competent for the place where you reside or work or for the place of the alleged infringement.

5.9 Status and updating of this data protection declaration

This Privacy Policy is current as of 22 May 2018. We reserve the right to update the Privacy Policy in due course to improve data protection and/or to adapt it to changes in government practice or case law.

6 External services

6.1 OpenStreetMap (with permission)

We use the OpenStreetMap (OSM) mapping service. The provider is the Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.

To ensure privacy on our website, OpenStreetMap is disabled when you first access our website. A direct connection to the OpenStreetMap servers is only established if you activate OpenStreetMap yourself (consent according to Art. 6 para. 1 lit. a GDPR). This ensures that your data is not transferred to OpenStreetMap when you access the website for the first time.

If you activate OpenStreetMap, your IP address and other information about your behaviour on this website will be transmitted to OSMF. OpenStreetMap may store cookies in your browser for this purpose. These are text files that are stored on your computer and enable an analysis of your use of the website. You can deactivate the use of cookies by making the appropriate settings in your browser. Please note, however, that in this case you may not be able to use the full functionality of this website.

In addition, your location may be recorded if you have allowed this in your device settings – e.g. on your mobile phone. The provider of this website has no influence on this data transmission. Details can be found in the OpenStreetMap privacy policy at the following link: https://wiki.osmfoundation.org/ wiki/ Privacy_Policy.

The use of OpenStreetMap is in the interest of an attractive presentation of our online offers and the easy finding of the places we indicate on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.