As part of the IMS Capital Group, we are always guided by the good of our Partners and we protect their interests on every possible level. We value your privacy, therefore, in order to provide you with proper protection, we have implemented the necessary technological solutions and organisational mechanisms. Nevertheless, we encourage you to read the following information regarding the operation of the website http://imssensory.com/ and the processing of personal data in connection with the sale of goods and the provision of services to you.
Management Board of IMS S.A.
IMS S.A., with its registered office in Warsaw, warrants that its primary objective is to provide people using its services, including the website available at the domain address: http://imssensory.com/ (hereinafter: “Website”) with privacy protection at a level at least corresponding to the requirements set by applicable law, in particular the Act of 18 July 2002 on the provision of electronic services, the Act of 10 May 2018 on the protection of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
I.General information, cookies
1. The owner and operator of the Website and the controller of the personal data being processed is IMS S.A. with its registered office in Warsaw (address of the registered office: ul. Puławska 366, 02-819 Warsaw), entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 13th Commercial Division of the National Court Register (KRS) under KRS number 0000278240, Business Statistical No. (REGON) 016452416, Tax ID No. (NIP) 5252201663, with share capital in the amount of PLN 669,997.98 (paid in full), hereinafter referred to as the “Controller”.
2. Contact with the Controller in all matters related to the functioning of the Website and the processing and protection of personal data by it is possible via traditional mail (address above), electronic mail (email address: email@example.com) or a form available on the website http://imssensory.com/.
3. Personal data shall be used only within the scope of consents granted by users or for a legally justified purpose and for the purpose of implementing contracts concluded between users and IMS S.A. with its registered office in Warsaw. The Controller applies the policy of minimalism, collecting and processing only data that is necessary for the proper operation of the Website, performance of contracts concluded and performance of obligations arising from legal provisions, for the time necessary to achieve these purposes. It should also be borne in mind that, although this data has been provided voluntarily, its processing is necessary for the proper provision of services and performance of legally imposed obligations.
5. The Website performs the functions of obtaining information about the Website users in the following way: a) by automatically collecting information that is contained in cookies;
b) through data entered voluntarily by the Website users, in forms available on the Website;
c) by automatically collecting the web server logs by the hosting operator.
6. Cookie files contain data, text files in particular, that are stored in the device of the Website user and are intended for using the pages of the Website. Cookies usually contain the name of the website from which they originate, their storage time on the end user device, as well as a unique number.
7. During the visit to the Website, data of the Website users may be collected automatically, regarding a given user’s visit to the Website and including, among others, IP address, type of web browser, domain name, number of page views, type of operating system, visit, screen resolution, number of display colours, addresses of the websites from which the Website was entered, duration of use of the Website. The Website does not collect, in particular, data such as name, surname, mailing address, telephone number or e-mail address as well as sensitive data.
9. The entity placing cookies on the Website user’s device and accessing them is the Controller.
10. Cookies are used to create statistics that help to understand how the Website users use the pages, which allows improving their structure and content.
11. The Website uses the following types of cookies:
a) “necessary” cookies, enabling the use of services available on the Website, such as authentication cookies;
b) cookies used to ensure security, e.g. used to detect abuse;
c) “performance” cookies, used to obtain information about the way users use the pages of the Website;
d) “functional” cookies, enabling “remembering” the settings selected by the User and adjusting the Website to the user, for example, in the scope of the selected language.
12. Two basic types of cookies are used on the Website: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored in the device until the user leaves the website, logs out or closes the software (web browser). “Persistent” cookies are stored on the user’s device for a time period specified in the parameters of the cookies or until they are deleted by the user.
13. In the majority of cases, the software used to browse websites allows cookies to be stored in the user’s device by default. The Website users have the option to change their cookie settings at any time. These settings can be changed in the options of the web browser (software), among other things, in a way that will prevent the automatic handling of cookies or force sending information to the user whenever cookies are stored in the user’s device. Detailed information on the possibility and ways of handling cookies are available in the settings of the web browser.
II. Processing of personal data, information about forms
1. Personal data collected by the Controller are processed in particular on the basis of the Act of 10 May 2018 on the protection of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
2. The Website processes personal data that is voluntarily provided by the Website user.
3. The following personal data of the user may be collected as part of the contact forms available on the Website: name and surname, e-mail address, contact telephone number. Sensitive data provided by the user in the contact form shall be subject to immediate removal.
4. The data contained in the forms, provided to the Controller by the Website user, is not made available to third parties otherwise than with the consent of the user, excluding the possibility of transferring it to other entities forming the IMS Capital Group (in particular, IMS events Sp.z o.o. with its registered office in Warsaw, IMS r&d Sp. z o.o. with its registered office in Kraków and Mood Factory Sp. z o.o. with its registered office in Warsaw), their subcontractors or when such an obligation arises from the generally applicable provisions of law.
5. The data indicated in the form is processed for the purpose resulting from the function of a specific form, e.g. for the purpose of contacting the Controller or for marketing purposes related to own products and services and products and services of entities associated with the Controller (IMS Capital Group), as well as for archival and statistical purposes. The consent of the data subject is expressed by selecting the appropriate window in the contact form (so-called “checkbox”) or by e-mail.
6. The Website users and the entities that are a party to a commercial contract concluded with the Controller (for the provision of services or the sale of goods) have, in particular, the right to:
a) obtain access to the personal data provided. At the user’s request, the Controller shall prepare a summary of the processed data in a structured form of a computer file in one of the commonly used formats;
b) request the transfer of personal data to another controller, its modification, rectification, supplementation or complete deletion. The Controller shall reply to each request promptly, within the time prescribed by law for each of these activities;
c) request limiting the scope of processing. For example: if the user has consented to the processing of data in order to submit a commercial offer electronically, he or she may at any time revoke this consent, while still using the Controller’s services based on a previously concluded contract or conducting communication via e-mail. Granting consent and withdrawal thereof is not formalised – it can take place both in writing and via, inter alia, e-mail;
d) submit to the Controller an objection to the processing of personal data;
e) submit a complaint to the supervisory authority (President of the Office for Personal Data Protection) regarding the processing of personal data.
7. Data provided in the contact forms on the Website may be transferred to entities technically performing certain services, in particular, it concerns the transfer of information about the owner of a registered domain to the entities that are the web domain operators or other entities with whom the Controller cooperates in this or similar scope.
8. Users’ personal data is stored in a database in which technical and organisational measures ensuring protection of data processed comply with the requirements set out in the provisions on the protection of personal data.
9. In cases provided for by law, the Controller may share some of the personal data of the Website users with third parties for purposes related to the protection of third parties’ rights, in particular, for the protection of copyrights, provided that this takes place at the written request of such person. The entity submitting the request is obliged to prove the fact of violation of its rights, in particular to demonstrate the fact that it is entitled to copyrights to the work. There must also be a suspicion of violation of the rights of the applicant. The Controller may also share the collected personal data with the consent of the Website user or at the request of state authorities authorised by law. The mail addressed to the Controller is archived and may in some cases be used for purposes of proof.
10. Users’ personal data is not subject to profiling by the Controller, i.e. automated processing enabling the customisation of the presented content to specific groups of recipients (in this way, for example, advertising materials are selected on social networks).
III. Server logs
1. In accordance with the established practice of most websites, the Controller stores http queries directed to the Website server (information about certain behaviours of the Website users are subject to logging in the server layer). The browsed resources are identified by URL addresses. The exact list of information stored in the web server log files is as follows:
a) the public IP address of the computer from which the query came;
b) name of the client station – identification performed by the http protocol (if possible);
c) username provided in the authorisation process (login);
d) time of arrival of the query;
e) http response code;
f) number of bytes sent by the server;
g) URL address of the website previously visited by the Website user (referer link) – in the case when the Website was accessed via a link;
h) information about the user’s web browser;
i) information about errors that occurred during the execution of the http transaction.
The above data is not associated with specific people browsing the pages available on the Website. In order to ensure the highest quality of the Website, the Controller occasionally analyses log files in order to determine which pages on the Website are visited most often, which web browsers are used, whether the page structure does not contain errors, etc.
2. Logs collected by the Controller are stored as auxiliary material for the time allowing proper administration of the Website. Information contained in logs shall not be disclosed to any other entities, with the exception of entities related to the Controller personally, in capital or contractually, or in the event that such an obligation arises from the provisions of law. On the basis of the information contained in these files, statistics may be generated to support the administration of the Website. The summaries presenting such statistics shall not contain features identifying visitors to the Website.