Privacy and cookie policy

This Privacy Policy is an expression of our concern for the rights of website visitors and users of the services offered through it. It also fulfills the information obligation arising from Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119, 4.05.2016, p. 1) (hereinafter referred to as the GDPR).

The website owner places particular importance on respecting the privacy of its users. Data collected through the website is specially protected and secured against unauthorized access. The privacy policy is made available to all interested parties. The website is open.

The website owner assures that its primary goal is to provide users of the website with privacy protection at a level at least equivalent to the requirements of applicable law, in particular the provisions of the GDPR and the Act of 18 July 2002 on the provision of services by electronic means.

The website owner may collect personal data and other data. Depending on their nature, this data is collected automatically or as a result of the actions of visitors to the website.

Anyone using the website in any way accepts all the terms and conditions contained in this Privacy Policy. The website owner reserves the right to make changes to this document.

  • General information, cookies
  • The owner and operator of the website is 8COLOR SERVICES SP. Z O.O. with its registered office in Warsaw, address: ul. J. Zaruby 9, 02-796 Warsaw, entered into the Register of Entrepreneurs of the National Court Register, maintained by the District Court in Warsaw, Commercial Division of the National Court Register, under KRS number: 0000780209, Tax Identification Number (NIP): 9512481898, National Business Registry Number (REGON): 38300260500000. In accordance with the provisions of the GDPR, the owner of the website is also the Controller of the Personal Data of website users (the "Controller").
  • As part of its activities, the Administrator uses cookies to monitor and analyze website traffic and conduct remarketing activities. However, as part of these activities, the Administrator does not process personal data within the meaning of the GDPR.
  • The website performs the functions of obtaining information about website users and their behavior in the following manner:
    • the website automatically collects information contained in cookies.
    • through data voluntarily entered by website users in forms available on the website.
    • through automatic collection of web server logs by the hosting operator.
  • Cookies are computer data, specifically text files, that are stored on the website user's end device and are intended for use with the website. Cookies typically contain the name of the website they originate from, the duration of their storage on the device, and a unique number.
  • During a visit to the website, user data may be automatically collected, relating to the user's visit to the website, including, among other things, IP address, browser type, domain name, number of page views, operating system type, visits, screen resolution, number of screen colors, website addresses from which the website was accessed, and duration of use. This data is not personal data and does not allow for the identification of the user.
  • The website may contain links to other websites. The website owner is not responsible for the privacy practices of these websites. The website owner also encourages users to familiarize themselves with the privacy policies of these websites. This Privacy Policy does not apply to other websites.
  • The entity that places cookies on the website user's end device and obtains access to them is the website owner.
  • Cookies are used for the following purposes:
    • adapting the content of the website's pages to the user's preferences and optimizing the use of websites; in particular, these files allow the user's device to be recognized and the website to be displayed appropriately, tailored to their individual needs,
    • creating statistics that help us understand how website users use websites, which allows us to improve their structure and content,
    • maintaining the website user's session (after logging in), so that the user does not have to re-enter their login and password on each subpage of the website.
  • The following types of cookies are used within the website:
    • "essential" cookies, enabling the use of services available within the website, e.g., authentication cookies,
    • Cookies used to ensure security, e.g., to detect abuse,
    • "Performance" cookies, used to obtain information about how website users use the website,
    • "Advertising" cookies, which enable the delivery of advertising content to website users that is more tailored to their interests,
    • "Functional" cookies, which enable the website user to "remember" the settings selected by the website user and customize the website to the user, e.g., in terms of the selected language.
  • The website uses two basic types of cookies: "session cookies" and "persistent cookies." "Session cookies" are temporary files stored on the user's end device until the user leaves the website, logs out, or disables the software (web browser). "Persistent cookies" are stored on the user's end device for the time specified in the cookie parameters or until the user deletes them.
  • In most cases, web browsing software allows cookies to be stored on the user's end device by default. Website users have the option to change their cookie settings at any time. These settings can be changed in the web browser (software) options, for example, to prevent automatic cookie handling or to require the user to be notified whenever cookies are placed on their device. Detailed information about the possibilities and methods of handling cookies is available in the web browser settings.
  • Restrictions on the use of cookies may affect some of the functionalities available on the website.
  • Cookies placed on the website user's end device may also be used by advertisers and partners cooperating with the website owner.
  • Processing of personal data, information about forms
  • Personal data of website users may be processed by the Administrator:
    • if the website user consents to this in the forms provided on the website, in order to take the actions to which these forms refer (Article 6, paragraph 1, letter a of the GDPR) or
      • when processing is necessary for the performance of a contract to which the website user is a party (Article 6, paragraph 1, letter b of the GDPR), in the event that the website enables the conclusion of a contract between the Administrator and the website user.
      • The website processes personal data that is only voluntarily provided by website users. The Administrator processes website users' personal data only to the extent necessary for the purposes specified in point 1(a) and (b) above and for the period necessary to achieve those purposes, or until the website user withdraws consent. Failure to provide data by the website user may, in some situations, result in the inability to achieve the purposes for which data provision is required.
      • The following personal data of the website user may be collected within the forms provided on the website or for the purpose of executing contracts concluded on the website: first name, last name, address, email address, telephone number, login, and password.
      • Data contained in forms provided to the Administrator by a user of the website may be transferred by the Administrator to third parties cooperating with the Administrator in connection with the implementation of the purposes specified in point 1(a) and (b) above.
      • Data provided in forms posted on the website are processed for purposes resulting from the function of a specific form. Furthermore, they may also be used by the Administrator for archival and statistical purposes. The data subject's consent is expressed by checking the appropriate box in the form.
      • If the website has such functionalities, by checking the appropriate box in the registration form, the website user may refuse or consent to receiving commercial information via electronic means of communication, in accordance with the Act of 18 July 2002 on the provision of services by electronic means (Journal of Laws of 2002, No. 144, item 1024, as amended). If the website user has consented to receiving commercial information via electronic means of communication, they have the right to withdraw such consent at any time. The right to withdraw consent to receive commercial information is exercised by sending an appropriate request by email to the website owner, along with the website user's name and surname.
      • The data provided in the forms may be transferred to entities that technically implement certain services - in particular, this concerns the transfer of information about the holder of a registered domain to entities that are operators of an Internet domain (in particular the Scientific and Academic Computer Network j.b.r. - NASK), payment processing services or other entities with which the Controller cooperates in this respect.
      • The personal data of website users is stored in a database in which technical and organizational measures are implemented to ensure the protection of processed data in accordance with the requirements specified in the applicable regulations.
      • To prevent re-registration of individuals whose participation in the website was terminated due to unauthorized use of the website's services, the Administrator may refuse to delete the personal data necessary to block the possibility of re-registration. The legal basis for this refusal is Article 19 paragraph 2 item 3 in conjunction with Article 21 paragraph 1 of the Act of 18 July 2002 on the provision of electronic services (consolidated text of 15 October 2013, Journal of Laws of 2013, item 1422). The Administrator may also refuse to delete the personal data of website users in other cases provided for by law.
      • In cases provided for by law, the Administrator may disclose some of the personal data of website users to third parties for purposes related to the protection of third-party rights.
      • The Administrator reserves the right to send all website users e-mails notifying them of important changes to the website and changes to this Privacy Policy. The Administrator may send e-mails of a commercial nature, especially advertisements and other commercial content, provided the website user has consented. Advertisements and other commercial content may also be attached to incoming and outgoing e-mails from the system account.
  • Website users' rights regarding their personal data.
    • Pursuant to Articles 15–22 of the GDPR, every website user has the following rights:
      • Right of access to data (Article 15 GDPR)
    • The data subject is entitled to obtain confirmation from the Controller as to whether personal data concerning them are being processed and, if so, is entitled to access to such data. Pursuant to Article 15, the Controller shall provide the data subject with a copy of the personal data being processed.
      • The right to rectification (Article 16 of the GDPR)
    • The data subject has the right to request the Controller to immediately rectify any inaccurate personal data concerning them.
      • The right to erasure (“the right to be forgotten”) (Article 17 GDPR)
    • The data subject has the right to request that the Controller immediately delete their personal data, and the Controller is obligated to delete their personal data without undue delay if one of the following circumstances occurs:
      • personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
      • the data subject has withdrawn the consent on which the processing is based
      • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing
      • Right to restriction of processing (Article 18 GDPR)
    • The data subject has the right to request that the Controller restrict processing in the following cases:
      • When data is incorrect – in time to correct it
        • The data subject has objected to processing pursuant to Article 21(1) of the GDPR – pending determination of whether the legitimate grounds on the part of the Controller override the data subject's grounds for objection.
        • The processing is unlawful and the data subject objects to the deletion of the personal data, requesting instead that their use be restricted.
        • Right to data portability (Article 20 GDPR)
    • The data subject has the right to receive the personal data concerning them that they have provided to the Controller in a structured, commonly used, and machine-readable format, and has the right to transmit this personal data to another controller without hindrance from the Controller to which the personal data have been provided. The data subject has the right to request that the Controller transmit the personal data directly to another controller, where technically feasible. The right referred to in this section must not adversely affect the rights and freedoms of others.
      • Right to object (Article 21 GDPR)
        • If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing purposes, including profiling, to the extent that the processing is related to such direct marketing.
        • The above rights of website users may be exercised for a fee in cases where applicable law so provides.
        • In the event of a breach of the above rights or if the website user determines that their personal data is being processed by the Administrator in violation of applicable law, the website user has the right to lodge a complaint with the supervisory authority.
          • Server logs
          • As is common practice with most websites, the website operator stores HTTP requests sent to the website operator's server (information about certain website user behavior is logged at the server level). The resources being viewed are identified by their URLs. The detailed information stored in the www server log files is as follows:
          • the public IP address of the computer from which the request came,
          • Client station name – identification performed via the HTTP protocol, if possible,
          • website username provided during the authorization process (login),
          • time of arrival of the request,
          • http response code,
          • the number of bytes sent by the server,
          • URL address of the page previously visited by the user of the website (referrer link) – if the website was accessed via a link,
          • information about the website user's web browser,
          • information about errors that occurred during the execution of the http transaction.
        • The above data is not associated with specific individuals browsing the pages available on the website. To ensure the highest possible quality of the service, the website operator occasionally analyzes log files to determine which pages are visited most frequently, which web browsers are used, whether the structure of the pages contains any errors, etc.
          • The logs collected by the operator are stored indefinitely as auxiliary material for the proper administration of the website. The information contained therein will not be disclosed to any entities other than the operator or entities affiliated with the operator personally, financially, or contractually. Based on the information contained in these files, statistics can be generated to assist in the administration of the website. The summaries containing such statistics do not contain any identifying features of website visitors.

visa mastercard