Privacy policy

Atmoterm SA > Privacy policy

This privacy policy sets out the rules for the processing of personal data obtained through the internet services: www.atmoterm.comwww.atmoterm.plwww.cwt.opole.plwww.ekostrateg.comwww.ekowiedza.com.

Atmoterm S.A. from the beginning of its operation on the market takes care of your personal data, however from May 25, 2018 REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) is valid. Therefore, we have an obligation not only to take care of, but also to explain how your personal data is processed in the pages of our services.

Atmoterm S.A. collects personal data only for designated, legitimate purposes, processes it in accordance with the law and does not subject to further processing which would be unlawful. Personal data is collected only in an adequate and necessary range in relation to the purposes for which they are processed.

Atmoterm S.A. does not process specific categories of personal data. We do our best to protect personal data against unauthorized access by third parties and in this respect we use organizational and technical security measures at a high level. Atmoterm S.A. does not share personal data with any unauthorized entities, in accordance with the applicable legal provisions in this regard.

Administrator of personal data

Administrator of personal data of users from websites: www.atmoterm.comwww.atmoterm.plwww.cwt.opole.plwww.ekostrateg.comwww.ekowiedza.com, within the meaning of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, is Atmoterm S.A. with headquarters in Opole, Langowskiego 4, 45-031 Opole, entered into the Register of Entrepreneurs of the National Court in the District Court in Opole, 8th Commercial Department of the Court Register under number: 0000064312, Tax number: 7540339496, National Business Registry Number: 530600238, e-mail: office@atmoterm.pl.

Sources of personal data processing by Atmoterm S.A.

By using our websites, your personal data is collected and further processed for purposes related to the implementation of individual functionalities of a specific website. Depending on the type of services you will use, where you leave personal data, we inform you each time about the correct processing goals.

However, knowing the capabilities of our websites, we can indicate the following purposes of personal data processing:

  • the use of dedicated users’ services available at: www.atmoterm.pl;
  • using the ekostrateg.com and Ekowiedza platforms;
  • carrying out the necessary identity and security checks;
  • improving the quality of products, services, communication with website users;
  • continuity of service guarantee;
  • providing products and services;
  • subscription of content available for website users;
  • submitting a request for an offer, product order, service;
  • submitting a contact inquiry;
  • use of online applications or tools;
  • recruitment of employees;
  • software upgrade.

Providing personal data is always voluntary in these cases. The user’s activity in the services, including his personal data, is recorded in system logs, a special computer program used to store a chronological record containing information about events and activities regarding the IT system used to provide services by the administrator. Information collected in logs is processed primarily for purposes related to the provision of services. The administrator also processes these data for technical, administrative purposes, for the purposes of ensuring the security and management of the IT system, as well as for analytical and statistical purposes.

Automatic sources of personal data

  • IP address – while browsing the content of the websites, information about how they are used by users and their IP addresses are automatically collected based on the analysis of access logs, e.g. browser type, operating system type, date and time of visits, number of connections, number of subpages opened, content viewed. The IP number is the number assigned to the user’s computer when connecting to the internet, which allows communication between the computer and the server. The IP addresses of visitors of the website can be registered to ensure the security of the IT system and for diagnostic purposes. This information can also be used in a collective form to analyse internet trends and evaluate the operation of websites.
  • Cookies – they are placed by our websites on your computer or device connected to the internet during each visit to our sites, which allows our websites to remember your computer or device and is used to achieve specific goals. More on this topic and how we use cookies, you can find in cookies policy.
  • Google Analytics – Atmoterm S.A., while running the company’s activity in the sphere of the virtual, uses Google Analytics, analysing internet services. The information collected automatically is used to manage the services, to test users’ behaviour on the services and for statistical purposes, e.g. obtaining data about the region from which the call was made, date and time of connection, source and number of connections, number of service subpages opened or to personalization of the content of the website subpages. This information is not linked to the personal data of the website user and is not used to determine its identity. More information at: https://policies.google.com/privacy/update?hl=en. In order to give users using our services more options to choose how their personal data is collected using Google Analytics tool, Google has developed a browser plug-in that blocks Google Analytics. The add-on communicates with the Google Analytics JavaScript protocol (ga.js) to provide information that site visit data should not be sent to Google Analytics. The browser plug-in that blocks Google Analytics does not block the transfer of personal data to the websites themselves.
  • Google Ads – through this platform we measure the effectiveness of advertising our services and optimization of our ads appearing there using conversion tracking and remarketing. These are the tools thanks to which we learn what happened after the customer’s interaction with the advertisement – whether the action we have determined as valuable was ended. This allows us to optimize the promotional activities we run within the Google Ads platform. With the use of tools we see what keywords, ads, ad groups and campaigns most effectively attract valuable customer activities, we know our return on investment in advertising and make well-thought-out decisions related to advertising expenditure, we automatically optimize campaigns for our goals business, we see how many customers interact with our ads on one device or browser, and convert to another.

Social applications Facebook, Twitter, YouTube, LinkedIn

  • Facebook and Twitter are the administrators of their users’ personal data and process them based on their own regulations. When you interact with us via Facebook or Twitter (likes or watching websites, reactions to posts, shares or retweets, comments, private messages), the administrator of your personal data becomes in addition to Facebook or Twitter, also Atmoterm S.A. Data, such as name and surname or nickname, image, public profile and other information provided in messages or comments, we process based on our legitimate interest, in order to respond to comments and messages, to maintain relationships with people interacting with us, and also to analyse the effectiveness of communication. In principle, we do not connect your interaction with us on Facebook with information that you provide to us in a different way (e.g. by e-mail), unless something else arises from the circumstances (e.g. you wrote a private message to us on Facebook, in which you have provided an e-mail address asking for contact). We do not give your personal data to anyone. You should keep in mind that Facebook and Twitter as portal administrators have access to all information about you. More information on the Facebook and Twitter privacy policy at: https://www.facebook.com/about/privacy/update, https://twitter.com/privacy.
  • Atmoterm S.A uses YouTube, where through videos we share information about our company’s operations with you. For all of these videos, “enhanced data protection mode” is used, which means that no data about you as users is uploaded to YouTube if you are not playing videos. Only when the video is played, data is transferred, i.e. YouTube receives information that you have opened the relevant subpage on our website. This is done regardless of whether YouTube provides a user account through which you are logged in or if you do not have a user account. If you are logged in to Google, your personal data are assigned directly to your account. If you do not wish to be assigned to a YouTube profile, please log out before activating the button. YouTube saves your personal data as a user’s profile and uses it for advertising purposes, market research and to shape its website as needed. Such analysis is carried out primarily (also for not logged in users) in order to present ads tailored to the needs, as well as to inform other users of the social network about your activity on our websites. You have the right to object to the creation of such user profiles, but you must contact YouTube to take advantage of this right. For more information on the purpose and scope of personal data collection and processing by YouTube, please refer to: https://policies.google.com/privacy/update?hl=en.
  • Our services use the services of LinkedIn’s social network. Every time our websites receive a request for access from the LinkedIn add-in, the application will ask you to download personal data from LinkedIn. Through this process, LinkedIn is informed which site of our sites is visited. By clicking the “LinkedIn Recommendation” button, after logging into your LinkedIn account, you can combine the content from our websites with your LinkedIn profile. This allows LinkedIn to connect your visit to our sites with your LinkedIn account. We have no control over the personal data that LinkedIn collects, as well as the scope of data collected by LinkedIn. Details of LinkedIn’s collection of personal data, as well as the rights in this regard and browser settings options can be found in LinkedIn privacy policy.

Personal data provided by users

  • Telephone communication and correspondence – in case you contact us by phone or e-mail, we collect all the information that you decide to provide during a conversation or during correspondence with our employees or representatives. The data of people we contact via e-mail, by phone, via text messages or by post, we process based on a legitimate interest, in order to handle correspondence, for purposes resulting from the content of communication or in order to make contact in the future. These details may include your name, address, e-mail address, telephone number and any other information contained in the message. Providing this data is voluntary. We process personal data for archiving purposes and for the purpose of managing relationships that we delete or anonymize as soon as the case is closed.
  • ekostrateg.com website user account – users’ personal data is collected in order to create an individual account and manage this account. In the case of registration of an account on the website, the user gives their first and last name, e-mail address, the name of the province of the organization’s seat, the place of residence of the resident, and determines their profile by selecting: marshal’s office, voivodship inspectorate for environmental protection, town or commune, university, entrepreneur, resident. When registering an account on the website, the user independently sets a login and an individual password to access their account. Personal data is provided on a voluntary basis, in connection with concluded sales contracts or provision of services via our website, however not providing the data indicated in the registration form will prevent the registration and setting up of the user’s account, and in the case of placing an order without registration user accounts, will prevent the submission and execution of the order. Website administrator provides users with a secure and encrypted connection when sending personal data and logging in to the user’s account on the website. We use an SSL certificate to increase the security of personal data sent to us. In the event of losing the password to access the website you can generate a new password. For this purpose, you should use the available system options on our website by providing an e-mail address. In response you will receive an e-mail. Using the instructions provided for this purpose you will be able to generate a new access password. In case of any difficulties related to the operation of access to our platform, please contact us: office@atmoterm.pl, and we will solve your problem immediately so that the use of our website is friendly and safe.
  • Contact form – as part of our services, we provide the opportunity to contact us using electronic contact forms. Using the form requires providing personal data necessary to contact the user and to answer the inquiry. Personal data is processed in order to identify the sender and handle its inquiry sent by the shared contact form and for analytical and statistical purposes, where the legal basis for processing is a legitimate interest of the administrator, consisting in keeping statistics of queries submitted by users through the services to improve their functionality.
  • Newsletter – users who have provided their e-mail address for this purpose, the website administrator provides the newsletter service. Providing personal data is required to provide the newsletter service, and failure to do so results in the inability to send it. Personal data is processed in order to provide the newsletter service – the legal basis for processing is the necessity of processing to perform the contract. In the case of marketing content to the user as part of the newsletter the legal basis for processing personal data, including profiling, is a legitimate interest of the administrator in connection with the expressed consent for receiving the newsletter. For analytical and statistical purposes the legal basis of the processing personal data is a justified interest of the administrator consisting in analyzing the users’ activity in the services, in order to improve the functionalities. To determine, investigate or defend against claims the legal basis of the processing personal data is the administrator’s legitimate interest.
  • Job offfers – in response to job offers posted on our services, the transfer of personal data (e.g. in a CV or resume) takes place only to the extent specified in the labor law. Therefore, information should not be given more widely. If the uploaded applications contain additional data, they will not be used or included in the recruitment process. Personal data provided in the recruitment process is processed in order to perform obligations under the law related to the employment process, including in particular the Labor Code. The legal basis for processing is the legal obligation of the administrator in order to conduct the recruitment process for data not required by law the right to determine or assert any claims or defend against such claims, where the legal basis for the processing is the legitimate interest of a given administrator.
  • Customer management system – Atmoterm S.A. processes data of business contacts (current and future customers and/or natural persons associated with them) with the help of proprietary customer relationship management systems. Collection of personal contact details and their entry into the system is initiated by an employee of Atmoterm S.A. Personal data includes name, employer name, contact person, phone number, e-mail address and other business contact details. In addition, the Atmoterm S.A. system can collect personal data from the e-mail system (name and surname of the sender, first name and surname of the recipient, date and time) and calendar (name and surname and name of the organizer, name and surname of participants, day and time of the event) regarding the interaction between employees of Atmoterm S.A. and contacts or third parties. Customers’ personal data may be disclosed to users of the system and used by them to obtain information about an account, customer or services that they may be interested in. Personal data may be used for purpose of customer service, sharing personal data with employees of Atmoterm S.A., to provide services and offer new services, inform about the service, identify clients with similar needs, analyze market trends, relationship maps or sales opportunities. The processing of data of our business contacts is based on our legitimate interest as the administrator or consent, if such consent has been requested from the data subject. Our legitimate interest of personal data administrator is related to the direct marketing of our services or the transmission of information which we think the recipients will be interested in. Personal data will be stored in the Atmoterm S.A. system for the period necessary for the purposes set out above, i.e. for the duration of our business relationship or for the period required for documenting and pursuing claims.

We also recommend that you read the cookies policy. This way you will learn more about the sources of personal data processing and their purposes.

Sharing personal data

We may transfer personal data of website users and our clients to other entities that will process them, in particular entities operating postal or courier services, banks, in the event of settlements, state authorities or other entities authorized under the law, in order to comply with our duties (Tax Office, National Labour Inspectorate, Social Insurance Institution), entities enabling us to perform remote payment operations, entities supporting us in our operations on behalf of our clients, in particular suppliers of external systems supporting our operations. We may disclose your personal data to law enforcement authorities, supervisory bodies, public authorities, entities performing public tasks or acting on behalf of public authorities and other third parties. The disclosure of such data takes place in connection with the performance of legal obligations.

Access your personal data and your rights

All persons whose data we process have the right to access their data, the right to obtain a copy of the data, as well as the right to demand rectification and, in certain cases, to remove or limit their processing. Persons whose data we process on the basis of our legitimate interest may object, stating that they do not wish us to use their data in this way. If we process personal data in order to perform an agreement consisting in sending pre-ordered materials (e.g. newsletter), you can opt out at any time. Other contracts may be terminated on the terms set out in law or in the contract itself. If we process personal data based on your consent, you can withdraw it at any time. When we process data on the basis of a contract or consent, the persons whose data we process are also entitled to request the transfer of their data.

It is important to us that the implementation of your rights regarding the personal data processed by us is as simple as possible. However, as a administrator, we need to be sure that we will not disclose your data to unauthorized persons. Therefore, if we have doubts about the fact that a person who, for example, asks for access to data or requests their removal, is actually the person whose data we process, we can ask for additional information.

If you feel that your rights have been violated, you can file a complaint to the President of the Office for Personal Data Protection – contact details are available at: https://www.uodo.gov.pl/en. However, if you notice a problem, please also inform us at the e-mail address: office@atmoterm.pl. We strive to best protect your rights. If we make a mistake, we will want to fix it as soon as possible.

The right to information

If you have questions about whether and how we process your personal data, please contact us using the contact form or by sending an e-mail to: office@atmoterm.pl.

The right to access and update personal data

You always have access to your personal data on your service account. You can edit the personal data provided to us and update it. If we have obtained your personal data in a different way, contact us to exercise the right of access via the contact form or write to us: office@atmoterm.pl requesting access to your data, we will inform you what kind of data we process and update it at your request.

The right to delete personal data

If you want us to stop processing your personal data, you can submit such a request to the e-mail address: office@atmoterm.pl. Remember, however, that this is not an absolute right and we may refuse to delete your personal data about which we have a legal basis for their further processing, e.g. fulfillment of legal obligation, pursuing claims or defending against claims that may be directed against us.

The right to request a personal data restriction

You have the right to request a restriction to the processing if you question the accuracy of your data, when the processing of data is illegal and you do not want to exercise the right to delete data when it is no longer necessary for the purposes for which it was collected or used, but are needed by the user to establish, investigate or defend claims, and also when you objected to their processing, while considering its legal basis. In case you want to use this right, write to us at the e-mail address: office@atmoterm.pl.

The right to object

The user has the right at any time to object to the processing of his personal data if Atmoterm S.A. processes data based on its legitimate interest, for example, marketing of its own services and products, conducting statistics, user satisfaction surveys. For this purpose, contact us by e-mail at: office@atmoterm.pl.

The right to withdraw consent

If you have given us permission to process your personal data, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of the processing personal data which was carried out on the basis of consent before its withdrawal. To realize this right, write to us: office@atmoterm.pl.

The right to transfer personal data

In implementing this right, we will provide you or a third party identified by you with your personal information in a structured, commonly-used, machine-readable format. Remember that you are entitled to this right only in relation to personal data processed on the basis of consent or the condition for performance of the contract you have entered into with us, and the processing itself takes place in an automated manner (in information systems). If you want to use the right to transfer personal data, write to us at the e-mail address: office@atmoterm.pl.

Taking care of the proper implementation of your rights, the application or request will be recognized immediately. In any case, you should receive a message from us not later than within 30 days. During this period we will give you an answer or inform you about the extension of the deadline and explain the reasons. If we have doubts as to whether you are making a specific request, we may ask a few more questions to verify your identity.

The period of storage of personal data

The period of personal data processing by the administrator depends on the type of service provided and the purpose of the processing. The personal data is processed by the time the service is provided or the order is processed, until the consent is withdrawn or effective opposition to the processing is filed in cases where the legal basis for processing is the administrator’s legitimate interest. The personal data processing period may be extended if the processing is necessary to establish, investigate or defend against any claims, and after this period only in the case and to the extent that the law will require it. After the processing period, the personal data is irreversibly deleted or anonymized.

Security of personal data

The administrator declares that he will endeavor to provide the user with a high level of security in the use of the services by applying appropriate administrative, technical and physical personal data security against their accidental or unlawful destruction, loss or unauthorized disclosure. The administrator, taking into account the state of technical knowledge, the cost of implementation and the nature, scope, context and purposes of processing and the risk of violating the rights or freedoms of individuals with different probability of occurrence and threat severity, implements appropriate technical and organizational measures to ensure a degree of security corresponding to this risk.

Unfortunately, no way to transfer data over the internet is completely safe. Although the administrator makes efforts to secure the transferred personal data, it cannot guarantee the full security of transmission over the internet. Therefore, all events affecting the security of information transfer, including, for example, the suspicion of sharing files containing viruses and other files of a similar nature, should be reported to the following e-mail address: office@atmoterm.pl.

Change of privacy policy

In the interest of the proper application of your right to privacy, we reserve that the content of this privacy policy may be updated or changed if necessary. We encourage you to read this policy regularly to find out how Atmoterm S.A. protects personal data that it processes.