Privacy

1) GENERAL PROVISIONS
  1. This Privacy Policy is for information only, which does not mean that no obligation arises for the Website’s Users hereunder. It lays down, above all, the rules whereby personal data is processed by the Website’s Administrator, including the framework, objectives, and scope of personal data processing and the rights of data subjects, as well as providing information on cookies and analytical tools used on the Website.

  2. Data collected via the Website is administered by URLZS.COM

    Contact Us, hereinafter referred to as the Administrator, who is also the Website Provider.

  3. Personal data submitted on the Website is processed by the Administrator in accordance with applicable laws, in particular the Regulation (EC) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the GDPR or GDPR Regulation. The official wording of the GDPR Regulation is available from:

  4. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679.

  5. Using the Website is voluntary. The provision of personal data by the Website user is also voluntary, save for two exceptions: (1) Contracting with the Administrator: failure to provide the personal details required for the signing and performance of the Electronic Services Contract with the Administrator in the cases and to the extent specified on the Website and in the Website Regulations and this Privacy Policy makes it impossible to sign such a contract. In such an event, submission of personal data is a contractual requirement, and if the data subject to is willing to sign a contract with the Administrator, the Administrator is obligated to provide all the required details. In each case, the scope of the data required for the signing of a contract is specified beforehand on the Website and in the Website Regulations; (2) Administrator’s statutory obligations: submission of personal data is statutorily required under generally applicable regulations whereby the Administrator is obligated to process personal data (e.g. as part of its tax or accounting obligations) and failure to submit the same makes it impossible for them to meet such obligations.

  6. The Administrator takes utmost care to protect the interests of the persons whose personal data the Administrator processes, in particular the Administrator is responsible for making sure that data gathered by it: (1) is processed in accordance with applicable laws; (2) is gathered for specific legitimate purposes and is not further processed for any other purpose whatsoever; (3) is substantially correct and adequate for the purposes such data is processed for; (4) is stored in a form that enables to identify data subjects for no longer than it may be necessary for achieving the purpose of its processing; and (5) is processed, using appropriate technical or organizational means, so as to properly ensure the safety of personal data, including protection of such data against any unallowable or illegitimate processing or inadvertent loss, destruction, or damage.

  7. Considering the nature, scope, context, and purposes of data processing and the risk, however likely and imminent, of violating any right or freedom of natural persons, the Administrator implements appropriate technical and organizational measures to make data processing compliant with this regulation and be able to prove it. If needed, such measures are reviewed and updated. The Administrator takes technical measures to prevent unauthorized persons from intercepting or altering any personal data that is transmitted electronically.

  8. All words, expressions, and acronyms used throughout this Privacy Policy and starting with a capital letter (e.g. User, Online Store, Electronic Service) should be deemed as defined in the Website Regulations available on the Website.

2) DATA PROCESSING FRAMEWORK
  1. The URLZS.COM Administrator is entitled to process personal data if and insofar as at least one of the following conditions is fulfilled: (1) the data subject to has consented to his or her personal data being processed for one or more purposes; (2) data processing is necessary to perform the contract which the data subject to is party to or to take any measures at the request of the data subject to prior to signing the contract; (3) data processing is necessary to comply with the legal obligation imposed on the Administrator; or (4) data processing is necessary for the purposes determined by the legitimate interests pursued by the Administrator or any third party, save where such interests are overshadowed by the interests or fundamental rights and freedoms of the eligible data subject, especially if such a person is a child.

  2. Processing of personal data by the URLZS.COM is, in each case, contingent on the existence of at least one of the prerequisites indicated in 2.1 hereof. A specific framework for the Administrator’s processing of Website Users’ personal data is laid down in the next clause hereof, namely with regard to a specific purpose of data processing by the Administrator.

3) PURPOSES, BASIS, AND DURATION SCOPE OF DATA PROCESSING ON THE WEBSITE
  • 1. The purpose, basis, and duration of the processing of personal data by the Administrator, as well as recipients of such data, are, in each case, determined by what a User or the Administrator does on the Website.

  • 2. As part of the Website’s management, the Administrator may process personal data for the following purposes, based on the prerequisites and within the timings specified in the table below.

Purpose of Data Prosessing Legal Basis for Data Processing Data Storage Duration
Performing the Electronics Services Contract or taking measures at the request of the data subject prior to signing such a contract Article 6 clause 1 letter b) of the GDPR Regulation (contract performance). Data processing is needed to perform the contract to which the data subject is a party or take any action prior to signing the contract. Data is stored for as long as it is necessary for the execution, termination or other expiration of the Purchase or Electronic Services Contract.
Direct marketing Article 6 clause 1 letter f) of the GDPR Regulation (legitimate interests of the administrator) – data processing is necessary to pursue the Administrator’s legitimate interests by taking care of the Administrator’s and the Website’s interests and good Data is stored for as long as the Administrator pursues a legitimate interest, but not longer than until the validity of any claims against the data subject in connection with the Administrator’s business activity expires under an applicable statute of limitations. The validity term is stipulated by applicable laws, in particular the Civil Code (the basic validity term for business-related and sales claims is three years and two
reputation and promoting the sale of Products years, respectively). The Administrator must not process any data for direct marketing if it is effectively opposed by the data subject.
Marketing Article 6 clause 1 letter a) of the GDPR Regulation (consent) – the data subject has consented to their personal data being used by the Administrator for marketing purposes Data is processed until the data subject withdraws their consent to the data being used for this purpose.
Bookkeeping Article 6 clause 1 letter c) of the GDPR Regulation in connection with article 86 § 1 of the Tax Code of January 17, 2017 (Journal of Laws of 2017, item 201) – data processing is necessary to meet the Administrator’s legal obligation. Data is stored for as long as it is required under applicable laws that obligate the Administrator to keep tax books (until a tax liability expires under an applicable statute of limitations unless prescribed otherwise by tax laws).
Determining, asserting, or defending any claims raised by or against the Administrator Article 6 clause 1 letter f) of the GDPR Regulation (legitimate interests of the administrator) – data processing is necessary to pursue the Administrator’s legitimate interests by identifying, asserting and defending claims raised by or against the Administrator. Data is stored for as long as the Administrator pursues a legitimate interest, but not longer than until the validity of any claims against the Administrator expires under an applicable statute of limitations (the basic validity term for claims against the Administrator is six years).
Use and maintenance of the Website Article 6 clause 1 letter f) of the GDPR Regulation (legitimate interests of the administrator) – data processing is necessary to pursue the Administrator’s legitimate interests by running and maintaining the Website Data is stored for as long as the Administrator pursues a legitimate interest, but not longer than until the validity of any claims against the data subject in connection with the Administrator’s business activity expires under an applicable statute of limitations. The validity term is stipulated by applicable laws, in particular, the Civil Code (the basic validity term for business-related claims is three years.
Website’s statistics and traffic analysis Article 6 clause 1 letter f) of the GDPR Regulation (legitimate interests of URLZS.COM) – data processing is necessary to pursue the Administrator’s legitimate interests by keeping the Website’s statistics and analyzing the Website’s traffic to improve the Website’s performance and increase the sale of Products. Data is stored for as long as the URLZS.COM pursues a legitimate interest, but not longer than until the validity of any claims against the data subject in connection with the Administrator’s business activity expires under an applicable statute of limitations. The validity term is stipulated by applicable laws, in particular the Civil Code (the basic validity term for business-related claims is three years.
4) DATA RECIPIENTS ON THE WEBSITE
  • To ensure the proper functioning of the Website, including the performance of its Contracts, the Administrator has to use external services (such as third-party software). URLZS.COM uses only services provided by such data processors who can properly guarantee that appropriate technical and organizational measures are implemented to ensure the compliance of data processing with the requirements of the GDPR Regulation and protect the rights of the data subjects.

  • URLZS.COM provides the collected personal data only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this privacy policy.

  • URLZS.COM does not disclose data in each case and to all the recipients or recipient categories specified in the Privacy Policy; the Administrator discloses data only if it is necessary to pursue a specific purpose of data processing and only insofar as it is necessary to achieve such a purpose.

  • Personal data of Website Users can be disclosed to the following recipients or recipient categories:

    • Service Providers who supply the Administrator with the technical, IT, and organizational solutions needed by the Administrator to carry on its business activity, including the Website and consequently Electronic Services (in particular suppliers of the software used to run the Website, e-mail providers). The Administrator discloses the User’s personal data to a selected supplier only if and insofar it is necessary to achieve a specific purpose of the data processing hereunder.

    • Electronic or card payment processors – for Users who select electronic or card payments on the Website, the Administrator provides the User’s personal data to the selected payment processor who processes such payments on the Website on behalf of the Administrator insofar as such data may be required for the payment to be made by the User.

    • Providers of social media plugins, scripts, and other similar tools integrated with the Store to enable the visitor’s browser to retrieve content from the providers of such plugins (e.g. to publish links on social portals from the Website) and, for this purpose, to transfer to the providers the visitor’s personal data, including

      • I. Facebook Ireland Ltd. – on the Store’s website, the Administrator uses Facebook social plugins (e.g. the Share button) and therefore gathers and forwards the personal data of the Store’s users to Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) as set forth on and in accordance with the privacy statement available from https://www.facebook.com/about/privacy/ (such data relates to the user’s activity on the Store’s website, including information on their device, visited pages, purchases, displayed ads, and use of services, regardless of whether or not the user has a Facebook account and is logged into Facebook).

      • II. Google Ireland Ltd. (reCAPTCHA plugin) – on the Store’s website, the Administrator uses the reCAPTCHA antispam system and therefore gathers and forwards the personal data of the Store’s users to Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) as set forth on and in accordance with the privacy statement available from https://policies.google.com/privacy (such data relates to the user’s IP address and activity on the Store’s website, including the visiting duration and behaviour), regardless of whether or not the user has a Google account and is logged into this account.

      • III. Twitter International Company – on the Store’s website, the Administrator uses Twitter social plugins (e.g. the Share button) and therefore gathers and forwards the personal data of the Store’s users to Twitter International Company (One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland) as set forth on and in accordance with the privacy statement available from https://twitter.com/en/privacy (such data relates to the user’s activity on the Store’s website, including information on their device, visited pages, purchases, displayed ads, and use of services, regardless of whether or not the user has a Twitter account and is logged into Twitter.

5) DATA PROFILING ON THE WEBSITE
  • The GDPR Regulation obligates URLZS.COM to inform about automated decision-making, including data profiling as defined in article 22 clauses 1 and 4 of the GDPR Regulation, and provide, at least in such cases, significant information on its decision-making rules, as well as on the significance and projected consequences of such data processing for the data subject. Accordingly, in this clause of the Privacy Policy, URLZS.COM provides information on possible data profiling.

  • URLZS.COM may use data profiling for the purpose of direct marketing, but the Administrator’s decisions based thereon do not apply to the possibility of subscribing to Electronic Services on the Website.

  • Data profiling on the Website involves automatic analysis or forecasting of a person’s behaviour on the Website, e.g. when such a person visits a specific page of the Website or by analyzing the history of the actions taken by such a person on the Website so far. Such data profiling is possible if the Administrator is in possession of an individual’s personal data that can be used, e.g. to send him or her a newsletter informing about new products.

  • 4. The data subject is entitled to object decisions based on automated data processing, including data profiling, and entail legal effects for such a person, or similarly have a substantial impact thereon.

6) RIGHTS OF THE DATA SUBJECT
  1. Right to access, rectify, limit, delete or move – the data subject has the right to request URLZS.COM to provide him or her with access to his or her personal data, to rectify or delete such data (“the right to be forgotten”), to limit or object the processing thereof, as well as to have his or her data moved. Details of how such rights can be exercised are provided in articles 15-21 of the GDPR Regulation.

  2. Right to withdraw the consent at any time – the person whose personal data is processed by URLZS.COM based on such a person’s consent (pursuant to article 6 clause 1 letter a) or Article 9 clause 2 letters a) of the GDPR Regulation) is entitled at any time to withdraw his or her consent, this not affecting the right to process such data based on the consent before it was withdrawn.

  3. Right to lodge a complaint with the supervisory authority – the person whose personal data is processed by URLZS.COM is entitled to lodge a complaint with the supervisory authority in the manner and mode prescribed in the GDPR Regulation and Polish laws, in particular the Personal Data Protection Act. In Poland, the supervisory authority is the Inspector General for Personal Data Protection.

  4. Right to make an objection – the person whose personal data is processed is entitled to raise at any time an objection against his or her data being processed subject to article 6 clause 1 letter e) (public interests or tasks) or f) (legitimate interests of the Administrator) due to reasons associated with his or her special situation, including data profiling under such legislation. In such an event,URLZS.COM may no longer process such personal data unless the Administrator proves that there are significant, legitimate reasons for data processing that are superior to the interests, rights, and freedoms of the data subject or those for determining, asserting, or defending any claim whatsoever.

  5. Right to object direct marketing – if personal data is processed for the purpose of direct marketing, the data subject is entitled to raise at any time an objection against his or her personal data being processed for the purpose of such marketing, including data profiling, insofar as the data processing is associated with such direct marketing.

  6. 6. As far as exercising the rights described in this clause of the Privacy Policy is concerned, URLZS.COM can be contacted in writing or by e-mail using the contact Us indicated first written above herein or the contact form available on the Website.

7) COOKIES ON THE WEBSITE AND ANALYTICS
  • Cookie files (cookies) are short info in the form of short text files sent by the server and saved on the Website visitor’s side (e.g. on the computer or laptop hard disk or the smartphone memory card, depending on what device the Website visitor uses). Details of the cookies and the history of how they were created can be found e.g. here: https://wikipedia.org/wiki/HTTP_cookie.

  • Cookies that may be sent by the Website can be divided into various types, according to the following criteria:

Depending Depending on how long they are Depending on the purpose they are used for:
on whom they come from: kept on the device of the Website’s visitor:
1) in-house (created by URLZS.COM) and 1) from session to session (kept until logout from the Website or the end of the browser session and 1) necessary (to ensure the proper functioning of the Website),
2) owned by third parties (other than URLZS.COM) 2) permanent (kept for a definite period of time defined by the parameters of each file or until manually removed) Depending on the purpose they are used for: 2) functional/preferred (to adapt the Website to the visitor’s preference),
3) analytical and performance-related (to gather information on the behavior of the Website’s user),
4) related to marketing, advertising and social media (to gather information on the Website’s visitor to display personalized ads to them and conduct other marketing activities, including on third-party websites such as social portals.
  • URLZS.COM may process the data contained in cookie files when users visit the Website for the following specific purposes:

Purposes for which URLZS.COM uses cookies
To identify Users as logged into the Website and show that To customize the Website content to reflect the User’s personal preferences (e.g. regarding preferred colours, font size, and layout) and streamline the use of the Website’s pages (cookies are To maintain anonymous statistics of how the Web To use remarketing, i.e. to review the behavioural features of the Website’s users by anonymously analyzing what they do (e.g. recurrent visits to specific pages, keywords, etc.) to create their profiles and provide them with customized ads even if they visit other websites covered by Google Ireland Ltd. and
they are loggedd in (cookies are necessary) functional/preferred) site is used (statistical cookies) Facebook Ireland Ltd. (marketing, advertising and social media cookies)
  • In the most popular browsers, you can check what kind of cookies (including their life and supplier) is being sent by the Website as follows:

In Chrome: In Firefox: In Internet Explorer:
(1) In the address bar, click the padlock icon on the left and (2) go to the Cookies tab. (1) In the address bar, click the shield icon on the left, (2) go to the Allowed or Blocked tab, (3) click the Cross-site tracking cookies, Social media trackers or Tracking content field. (1) Click the Tools menu, (2) go to the Internet Options tab, (3) go to the General tab, (4) go to the Settings tab and (5) click the Display files field.
In Opera: In Safari: Regardless of the browser, using tools available e.g. from:
In the address bar, click the padlock icon on the left and (2) go to the Cookies tab (1) Click the Preferences menu, (2) go to the Privacy tab and (3) click the Manage site data field. https://www.cookiemetrix.com/ or https://www.cookie-checker.com/
  • As a rule, most commercially available web browsers accept saving cookies by default. Everyone can decide how he or she is going to use cookie files by making appropriate settings in his or her browser. This means that it is possible e.g. to partially limit (e.g. to certain times) or completely disable cookie saving; in the last event, this might affect some of the Website’s functionalities (for instance, it may be impossible to follow the Purchase Order path through the Purchase Order Form as Products are not saved in the shopping cart during individual Ordering steps).

  • The cookie settings of the web browser are crucial to whether or not consent has been given for our Website to use cookie files; under the regulations, such consent can be given by making the relevant settings in the web browser. Details of how the cookie settings can be changed and how cookies can be removed from the most popular web browsers are available from the Help section of the relevant web browser and on the following pages (the only thing you need to do is to click the relevant link below):

  • URLZS.COM may use Google Analytics and Google Tag Manager provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The Google Analytics services help URLZS.COM keep statistics and analyze the traffic on the Website. The so gathered data is processed as part of the said services to generate statistics that help administer the Website and analyze its traffic. Google Tag Manager is a system designed to manage tags of other analytical and marketing tools, such as Google Analytics and Google AdWords. More information on Google Tag Manager is available from

    https://support.google.com/tagmanager/answer/6102821. Such data is collective. When using the services described above for its Website, URLZS.COM gathers data such as the sources and media from and by which Website visitors have been attracted, as well as how such visitors behave on the Website, what equipment and which web browsers they use to visit the Website, what are their IP address and domain, their geographical and demographic data (age, gender), and hobbies.

  • It is possible to easily disable the disclosure of information on what you do on the Website to Google Analytics; for this purpose, you should install, for example, a browser add-on available from Google Ireland Ltd. on:

    https://tools.google.com/dlpage/gaoptout.

  • It is possible to easily disable the disclosure of information on what you do on the Website to Google Analytics; for this purpose, you should install, for example, a browser add-on available from Google Ireland Ltd. on:

    https://tools.google.com/dlpage/gaoptout.

  • URLZS.COM may use the Pixel services provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) and Twitter International Company (One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland). The services help URLZS.COM measure the efficacy of ads and learn what visitors do on the Website, as well as display personalized ads. Details of how Facebook Pixel works can be found on:

    https://www.facebook.com/business/help/742478679120153?helpref=page_content, and how Twitter Pixel works like here: https://twitter.com/piksel

  • How Facebook and Twitter Pixel services work like can be adjusted by making the relevant advertising settings on your Facebook.com and Twitter.com profiles
  • The Administrator may provide the Service Recipient with the option of creating a tracking pixel (including Facebook, Twitter, Pinterest, Segment, Quora, Linkedin and Google Pixel) activated when the Internet user displays a short link of the Service Recipient. The pixel is loaded when a short link is clicked and only then is redirected to the landing page. These services help the Service Recipient to measure the effectiveness of advertisements and find out what activities visitors to their websites are taking, as well as display relevant advertisements to these people.

8) FINAL PROVISIONS

URLZS.COM may contain references to other websites. Whenever you visit other websites, we recommend making yourself familiar with the relevant privacy policies there. This Privacy Policy applies only to URLZS.COM.