and cookies of the Architype website
ARCHITYPE Limited Liability Company, with its registered office in Warsaw at 18 Jana Dantyszka str., 02-054, Warsaw, recorded in the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw, 12th Commercial Division of the National Court Register under the KRS number: 0000864024, NIP: 7010999871, REGON: 387277517, hereinafter referred to as the "Company".
The Architype website strives to respect privacy and protect personal information provided while using the website, and takes all necessary actions to ensure this.
The use of services provided by the Company requires the processing of personal data, therefore we take the issue of security and privacy protection very seriously.
This document also provides a list of the technologies used that are associated with the processing of personal data, which may include browser memory management, geolocation, or pixel tags.
Additionally, we provide information on our cookies policy, including the conditions for storing information or accessing information that is already stored on the end-users' telecommunications equipment. For the purpose of this policy, an end-user is defined as a natural person or entity using a publicly available telecommunications service or requesting the provision of such a service for their own needs.
To ensure the confidentiality of our clients, Administrator makes every effort to act with due diligence. This includes implementing the standards and principles resulting from commonly applicable laws and regulations, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC; the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2016, item 1030, as amended), as well as the Telecommunications Law of 16 July 2004 (Journal of Laws of 2016, item 1489, as amended).
In particular, reasonable efforts are made to ensure that Clients' personal data:
- processed in accordance with the law,
- collected in accordance with law for specified purposes outlined in this document,
- not processed in a way that is incompatible with the purposes mentioned above,
- accurate and appropriate for the intended processing purposes,
- appropriately protected against access by unauthorized persons, destruction, disclosure, or unlawful use,
- kept in a form that allows identification of the persons to whom they relate for no longer than necessary to achieve the processing purpose.
Personal Data Administrator
ARCHITYPE Limited Liability Company, with its registered office at 18 Jana Dantyszka str., 02-054 Warsaw, is the Administrator responsible for processing personal data on the website. You can contact the Administrator by telephone at +48 728 895 084, via email at firstname.lastname@example.org, or by mail at the address of the Administrator's registered office.
Data Provided by Clients
The data provided by clients includes their name, e-mail address, and other information submitted by the client in a message sent through the form on the website. The purpose of collecting the above data is to conduct a preliminary analysis of the question presented and to contact the client to inform them of the findings and present commercial information with their consent.
If the client has given their consent (by subscribing to the newsletter), the e-mail address provided by the client may be used for marketing purposes by the Administrator. In this case, the legal basis for processing is: Art. 6 para. 1 p. (a) GDPR - the person whose data is being processed has given consent to the processing of personal data, and Art. 6 para. 1 p. (f) GDPR - the Administrator's legitimate interest in sending the client information on promotions, discounts, products and services provided by the Administrator.
Data collected through the form is collected in accordance with the principle of data minimization, taking into account the applicable laws, i.e. it is adequate, relevant and limited to what is necessary for the purposes for which it is processed.
Legal basis for processing personal data
The Administrator is authorized to process personal data when one or more of the following conditions are met: the data subject has given consent to the processing of their personal data for one or more specified purposes; processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract; processing is necessary for compliance with a legal obligation to which the Administrator is subject; or processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, in particular where the data subject is a child.
The processing of personal data by the Administrator is only carried out if at least one of the grounds listed in § 6 of the Privacy and Cookies Policy, which outlines the scope of the data processed by the Administrator, applies.
The personal data of the Customer will not be processed after the use of the service is completed, except in cases where further use of the data is possible, such as:
- necessary for settling the service and pursuing claims for payment for the use of the service,
- necessary for advertising, market research, and analysis of Customers' behaviors and preferences with the aim of improving the quality of services provided by the Administrator, with the Customer's consent,
- necessary to clarify the circumstances of unauthorized use of the service,
- allowed to be processed under separate laws or agreements.
Data obtained in this way are processed on the basis of Article 6 of the European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
The data Administrator does not use "profiling," which means a form of automated processing of personal data that involves using personal data to evaluate certain personal factors of an individual, especially for analyzing or predicting aspects related to personal preferences and interests. The Administrator does not make automated decisions in individual cases based on profiling, does not make decisions that may be based solely on automated processing, including profiling, and would have a significant impact on the person whose data it concerns.
Regardless, personal data may be processed if it is necessary to fulfill legally justified purposes pursued by us or data recipients, and processing does not violate the rights and freedoms of the person whose data it concerns. Legitimate purposes include direct marketing of our products or services, as well as pursuing claims for our business activity. Data obtained in this way are processed on the basis of Article 6 of the European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
In other cases, the Administrator requests voluntary consent for the processing of personal data. This consent is given by checking the control field ("checkbox") and a statement expressing consent to the processing of personal data. The data obtained in this way are processed based on Article 6 of the European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such and repealing Directive 95/46/EC, or Article 18 p. 4 of the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2016, item 1030, as amended).
Collections, their scope and purposes of personal data processing
The Administrator processes customers' personal data in systematic collections defined by their processing purposes. The data is processed to the extent necessary to fulfill the established purpose. The list below outlines the collections, scope, and purposes of data processing.
|Scope of processed data
|Purpose of processing
|Collection of personal data of customers using the Company's website.
|Enabling the use of the website's functionalities.
|Collection of personal data of customers who have entered into a sales agreement.
|Entering into and fulfilling a contract with customers.
|Collection of personal data of customers who have filed complaints with the Company.
|Conducting proceedings related to a complaint.
|Collection of personal data of customers who have consented to receiving newsletters and commercial information.
|Sending newsletters and commercial information.
|Collection of personal data of customers using contact forms, including product inquiry forms.
|Enabling contact with customers interested in the offered products or services.
Providing answers to questions received by the Administrator.
|Collection of personal data of persons corresponding with the Administrator.
|Providing commercial, organizational, or technical information to customers by the Administrator.
Data Processing Outsourcing and Sharing
The Administrator may outsource customers' personal data to other entities such as hosting providers, accounting or legal services, payment operators, or other entities that cooperate to provide services properly. The outsourcing of personal data always takes place based on a written data processing outsourcing agreement. The current list of entities to whom we entrust data processing is constantly available to all customers. To access it, simply contact the Administrator with a request, for example, by sending an email. The legal basis for the outsourcing of personal data is Article 28 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
The Administrator may transfer processed data outside the European Economic Area. Data protection laws in these countries may provide less protection than the legal provisions applicable in the Republic of Poland. Therefore, if such data is transferred, the Administrator takes special care to ensure compliance with the processing conditions set out in this document. One form of this care is the use of standard contractual clauses approved by the European Commission, including those compliant with the EU-US Privacy Shield.
The Administrator does not disclose the collected data to third parties, except in situations where it is required by the universally applicable law, i.e. at the request of an authorized body or court.
In connection with the processing of personal data, individuals whose personal data is being processed have certain rights related to this. The possibility of exercising the following rights depends on the legal basis for processing of personal data:
1. Article 15 of the GDPR - right of access to personal data: The person whose data is being processed is entitled to obtain confirmation from us as to whether personal data concerning them is being processed. If this is the case, they are entitled to access them and to obtain additional information (e.g. purposes, categories, recipients, retention, rights, source).
2. Article 16 of the GDPR - right to rectification: The person whose data is being processed has the right to request immediate rectification of their personal data that is inaccurate. Taking into account the purposes of the processing, they have the right to request completion of incomplete personal data, including by providing additional statements.
3. Article 17 of the GDPR - right to erasure (‘right to be forgotten’): The person whose data is being processed has the right to request immediate erasure of their personal data. We are then obliged to delete personal data without undue delay if one of the following circumstances arises:
- Consent to the processing of personal data has been withdrawn and there is no other legal basis for processing.
- The person has effectively objected to the processing.
- Personal data has been processed unlawfully.
- Personal data must be deleted in order to comply with a legal obligation.
- Data has been collected in connection with the offering of information society services.
4. Article 18 of the GDPR - right to restriction of processing of personal data by the Controller, subject to the cases referred to in Article 18 (2) of the GDPR:
The person whose data is concerned has the right to demand that we limit the processing in the following cases:
- The person whose data is concerned questions the accuracy of personal data - for a period that allows us to verify the accuracy of this data;
- Processing is unlawful, and the person whose data is concerned objects to the deletion of personal data, requesting instead that their use be restricted;
- We no longer need personal data for processing purposes, but they are needed by the person whose data is concerned to establish, investigate, or defend against claims;
- The person whose data is concerned has objected to processing under Art. 21 (1) of the GDPR - until it has been determined whether the legally justified grounds on our part as the Administrator are superior to the grounds for objection of the person whose data is concerned.
5. Art. 20 of the GDPR - right to data portability: The person whose data is concerned has the right to receive the personal data concerning them, which they have provided to the Administrator in a structured, commonly used and machine-readable format, and has the right to transmit those data to another Administrator without hindrance from the Administrator to whom the personal data have been provided, if:
- the processing is based on consent pursuant to p. (a) of Art. 6 (1) or p. (a) of Art. 9 (2) (or on a contract pursuant to p. (b) of Art. 6 (1); and
- the processing is carried out by automated means.
When exercising the right to data portability, the person whose data is concerned has the right to demand that the personal data be transmitted by the Administrator directly to another Administrator, where technically feasible.
6. Art. 21 of the GDPR - right to object to processing of personal data. The person whose data is concerned has the right to object, at any time, on grounds relating to their particular situation, to the processing of personal data concerning them based on p. (f) of Art. 6 (1) (legitimate interests pursued by the controller). We are then no longer allowed to process that personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the person whose data is concerned, or for the establishment, exercise or defense of legal claims.
In addition, individuals whose personal data is being processed have the right to lodge a complaint with the President of the Personal Data Protection Office if they believe that the processing of their personal data violates the provisions of the GDPR or other applicable regulations.
The Administrator may provide system functionalities enabling the exercise of these rights. In the case of a desire to exercise the mentioned rights, please contact us according to the instruction included in § 21 of this Privacy and Cookies Policy.
Server logs are internal event logs of the website server that automatically record page requests made by clients using the website. System logs contain the client's page request, IP address, browser type, browser language, date and time of the request, and at least one cookie file that can uniquely identify the client's browser.
The data collected in system logs are used by us indefinitely, solely for the purpose of administering the website. They are not shared with third parties, except as described in this document.
When providing services to Clients, the Administrator may automatically use the cache of the browser, application or device of the Client. This usage involves storing data in the browser memory installed on the Client's device. Local storage allows for data to be stored between sessions, i.e., between subsequent sessions of the Client. The purpose of using the cache is to speed up the use of the website by eliminating situations where the same data would be repeatedly downloaded from the website, thereby burdening the Client's internet connection.
The Administrator or third parties, through cookies they administer, may use geolocation functionality, which involves collecting and processing information about the location of the Client. In this regard, the following data may be processed: IP address, GPS sensor, Wi-Fi point or cellular network base stations.
The Administrator or third parties through files cookies administered by them, may use the functionality of pixel tags. These are elements published in digital content that allow recording information, for example, about the activity of the Client on the Store's website.
Cookies - introduction
During the provision of services to Customers, the Administrator uses professional technologies for collecting and storing information, such as cookies. Cookies contain information necessary for the proper use of the website. They are commonly used small files containing a string of characters that are sent and stored on the end device (such as a computer, laptop, tablet, smartphone) used by the Customer during visits to the website. This information is sent to the clipboard of the used browser, which sends it back on subsequent entries to the website. They usually contain the name of the website they come from, the time they are stored on the end device, and a unique number. External entities listed in § 17 of this Privacy and Cookies Policy may also have access to data from cookies.
Legal basis for processing cookies
Cookies are processed on the basis of Art. 173 of the Act of 16 July 2004 Telecommunications Law (Journal of Laws of 2016, item 1489, as amended).
For clients using services provided electronically through the website, the Administrator requests voluntary consent to the processing of cookies by storing information or accessing information already stored on their telecommunications end devices.
Consent to the processing of cookies is given in particular by using a button containing a statement of consent to the processing of cookies or confirming that the user has read and accepted the terms. This consent may be withdrawn at any time, free of charge and as described in the section on cookie management.
Cookies used by the Administrator
Cookies are commonly used small files containing a string of characters that are sent and stored on the end device (such as a computer, laptop, tablet, smartphone) used during visits to the website. This information is sent to the memory of the used browser, which sends it back on subsequent entries to the website. The Administrator can categorize cookies using three methods of division.
In terms of the purposes of using cookies, we distinguish the following categories:
- necessary cookies - these cookies enable the proper functioning of the website and its functionalities, such as authentication or security cookies.
- functional cookies - cookies that allow the customer's selected settings to be remembered and tailored to their needs and preferences, such as language, font size, or website appearance.
- business cookies - this category includes advertising cookies. They allow advertisements displayed on the website or outside it to be customized to the customer's preferences.
In terms of their validity period, we distinguish two categories of cookies:
- session cookies - existing until the end of the customer's session,
- persistent cookies - existing after the customer's session has ended.
In terms of distinguishing the entity administering cookies, we distinguish:
- Administrator cookies,
- third-party cookies.
The Administrator's cookies allow for recognition of the Client's device and display of the Company's website tailored to their individual expectations, making it easier and more enjoyable to use its functionality. By saving these cookies on the Client's device, it is possible to, for example, remember login data, maintain a session after logging in, remember selected goods or services, or customize to the Client's preferences, such as content layout, language, or colour.
- Google Adwords - they allow for conducting and evaluating the quality of advertising campaigns carried out using the Google Adwords service,
- Google Analytics - they allow for evaluating the quality of advertising campaigns carried out using the Google Adwords service, as well as for researching the behavior and traffic of clients and preparing traffic statistics,
- Google Maps - they allow for storing information about the client, which enables the use of map functionalities available as part of the Google Maps service. Google Inc. can track the location of the client,
- YouTube - they allow for storing information about the client, which enables the use of functionalities of the YouTube service. Google Inc. can track the client's video playback.
The use of third-party cookies is subject to the privacy and cookies policy applied by these entities. We recommend that you familiarize yourself with the principles of personal data processing and privacy policies of the entities that most frequently and extensively process our data:
- Facebook Cookies Policy
Managing cookies and other information
Most browsers allow cookies and other information to be placed on the end device by default. If the customer does not agree to the storage of these cookies, it is necessary to change the settings of the web browser accordingly. It is possible to disable them for all connections from a given browser or for a specific website, as well as to delete them. The method of managing files depends on the software used. Current file management policies can be found in the settings of the web browser used.
To manage cookie settings, select the internet browser / system from the list below and follow the instructions:
Current file management policies in browsers not listed above can be found in the settings of the web browser used.
Users can access and edit their preference information collected by the Google advertising network using the Google Ads Preferences tool. Instructions for managing cookies on a mobile phone can be found in the phone's user manual.
Consenting to the processing of cookies is voluntary. However, it should be noted that restricting their use may result in difficulty or inability to access certain website functionalities.
Links to other websites or software
Changes to the Privacy and Cookies Policy
The Administrator has the authority to modify this Privacy and Cookies Policy. If any changes are made, the updated version will be posted in this location by the Administrator.
Contact and Reporting
The Administrator strives to process Customers' personal data and cookies according to the highest standards. In case of any identified threats or breaches, please contact us immediately using the following details:
+48 22 602 20 22
18 Jana Dantyszka str.
We are happy to receive any feedback. For any questions, requests or concerns related to the processing of personal data or cookies, please contact us.