Privacy policy

Atmoterm SA > Privacy policy

This privacy policy sets out the rules for the processing of personal data obtained through the internet services: www.atmoterm.comwww.atmoterm.plwww.cwt.opole.plwww.ekostrateg.comwww.ekowiedza.com.

Atmoterm S.A. from the beginning of its operation on the market takes care of your personal data, however from May 25, 2018 REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) is valid. Therefore, we have an obligation not only to take care of, but also to explain how your personal data is processed in the pages of our services.

Atmoterm S.A. collects personal data only for designated, legitimate purposes, processes them lawfully and does not subject them to further processing which would be unlawful. Personal data are collected only to the extent that is adequate and necessary in relation to the purposes for which they are processed.

Atmoterm S.A. does not process specific categories of personal data. We do our best to protect personal data against unauthorized access by third parties and in this regard we use high-level organizational and technical security measures. Atmoterm S.A. does not share personal data with any unauthorized entities, in accordance with the applicable legal provisions in this regard.

Administrator of personal data

Administrator of personal data of users of websites: www.atmoterm.comwww.atmoterm.plwww.cwt.opole.plwww.ekostrateg.comwww.ekowiedza.com, within the meaning of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, is Atmoterm S.A. with headquarters in Opole, ul. Langowskiego 4, 45-031 Opole, entered into the Register of Entrepreneurs of the National Court in the District Court in Opole, VIII Commercial Department of the Court Register,  National Court Register: 0000064312, Tax number: 7540339496, National Business Registry Number: 530600238, e-mail: rodo@atmoterm.pl.

Sources of personal data processing by Atmoterm S.A.

By using our websites, your personal data is collected and further processed for purposes related to the functionality of a specific website. Depending on the type of services you will use, where you leave your personal data, we inform you each time about the relevant processing purposes.

However, knowing the capabilities of our websites, we can indicate the following purposes of personal data processing:

  • the use of dedicated users’ services available at: www.atmoterm.pl;
  • using the ekostrateg.com and Ekowiedza platforms;
  • carrying out the necessary identity and security checks;
  • improving the quality of products, services, communication with users of the website;
  • guarantee of continuity of service;
  • providing products and services;
  • subscription of content available for website users;
  • submitting a request for an offer, product order, service;
  • submitting a contact inquiry;
  • use of online applications or tools;
  • recruitment of employees;
  • software upgrade.

Providing personal data is always voluntary in these cases. The user’s activities on the websites, including his personal data, are recorded in system logs, a special computer program used to keep a chronological record containing information about events and activities regarding the IT system used to provide services by the administrator. Information collected in logs is processed primarily for purposes related to the provision of services. The administrator also processes these data for technical, administrative, security and IT system management purposes, as well as for analytical and statistical purposes.

Automatic sources of personal data

  • IP address – while browsing the content of the websites, based on analysis of access logs, information about how they are used by users and their IP addresses are automatically collected, e.g. browser type, operating system type, date and time of visits, number of connections, number of subpages opened, content viewed. The IP number is a number assigned to the user’s computer when connecting to the internet, which allows communication between the computer and the server. The IP addresses of visitors of the website may be registered to ensure the security of the IT system and for diagnostic purposes. This information may also be used in a collective form to analyse internet trends and evaluate the performance of websites.
  • Cookies – they are placed by our websites on your computer or device connected to the internet during each time you visit our websites, allowing our websites to remember your computer or device and serve a specific purpose. More information about this and how we use cookies you can find in our cookies policy.
  • Google Analytics – Atmoterm S.A. uses Google Analytics, which analyzes internet services. The information collected automatically is used to manage the services, study users’ behaviour on the services and for statistical purposes, e.g. obtaining data about the region from which the connection was made, date and time of connection, source and number of connections, number of service subpages opened or personalization of the content of the websites. This information is not associated with the personal data of users of the websites and is not used to establish their identity. More information at: https://policies.google.com/privacy/update?hl=en. In order to give users of our websites more choices about how their personal data is collected by the Google Analytics tool, Google has developed a browser plug-in that blocks Google Analytics. The plug-in communicates with the Google Analytics JavaScript protocol (ga.js) to provide information that data on sites visits should not be sent to Google Analytics. The browser plug-in that blocks Google Analytics does not block the transfer of personal data to the websites themselves.
  • Google Ads – through this platform we measure the effectiveness of advertising our services and optimization of our ads appearing there using conversion tracking and remarketing. These are the tools thanks to which we learn what happened after the customer’s interaction with the advertisement – whether the action we have determined as valuable was ended. This allows us to optimize the promotional activities we run within the Google Ads platform. With the use of tools we see what keywords, ads, ad groups and campaigns most effectively attract valuable customer activities, we know our return on investment in advertising and make well-thought-out decisions related to advertising expenditure, we automatically optimize campaigns for our goals business, we see how many customers interact with our ads on one device or browser, and convert to another.

Social applications Facebook, Twitter, YouTube, LinkedIn

  • Facebook and Twitter are the administrators of their users’ personal data and process them based on their own regulations. When you interact with us via Facebook or Twitter (likes or watching websites, reactions to posts, shares or retweets, comments, private messages), the administrator of your personal data becomes in addition to Facebook or Twitter, also Atmoterm S.A. Data, such as name and surname or nickname, image, public profile and other information provided in messages or comments, we process based on our legitimate interest, in order to respond to comments and messages, to maintain relationships with people interacting with us, and also to analyse the effectiveness of communication. In principle, we do not connect your interaction with us on Facebook with information that you provide to us in a different way (e.g. by e-mail), unless something else arises from the circumstances (e.g. you wrote a private message to us on Facebook, in which you have provided an e-mail address asking for contact). We do not give your personal data to anyone. You should keep in mind that Facebook and Twitter as portal administrators have access to all information about you. More information on the Facebook and Twitter privacy policy at: https://www.facebook.com/about/privacy/update, https://twitter.com/privacy.
  • Atmoterm S.A uses YouTube, where through videos we share information about our company’s operations with you. For all of these videos, “enhanced data protection mode” is used, which means that no data about you as users is uploaded to YouTube if you are not playing videos. Only when the video is played, data is transferred, i.e. YouTube receives information that you have opened the relevant subpage on our website. This is done regardless of whether YouTube provides a user account through which you are logged in or if you do not have a user account. If you are logged in to Google, your personal data are assigned directly to your account. If you do not wish to be assigned to a YouTube profile, please log out before activating the button. YouTube saves your personal data as a user’s profile and uses it for advertising purposes, market research and to shape its website as needed. Such analysis is carried out primarily (also for not logged in users) in order to present ads tailored to the needs, as well as to inform other users of the social network about your activity on our websites. You have the right to object to the creation of such user profiles, but you must contact YouTube to take advantage of this right. For more information on the purpose and scope of personal data collection and processing by YouTube, please refer to: https://policies.google.com/privacy/update?hl=en.
  • Our webistes use the services of social network LinkedIn. Every time our websites receive a access request from the LinkedIn add-on, the application will ask you to download your personal data from LinkedIn. Through this process, LinkedIn is informed which site of our sites is visited. By clicking the “LinkedIn Recommendation” button, after logging into your LinkedIn account, you can link content from our websites to your LinkedIn profile. This allows LinkedIn to link your visit to our sites with your LinkedIn account. We have no control over the personal data that LinkedIn collects, as well as the scope of data collected by LinkedIn. Details of LinkedIn’s collection of personal data, as well as your rights in this regard and browser settings options can be found in LinkedIn’s privacy policy.

Personal data provided by users

  • Telephone communication and correspondence – in case you contact us by phone or e-mail, we collect every information that you decide to provide during a conversation or during correspondence with our employees or representatives. We process the data of those we contact by e-mail, by phone, by text messages or by letter on the basis of legitimate interest, in order to handle correspondence, for purposes resulting from the content of communication or for future contact. This data may include your name, address, e-mail address, telephone number and any other information contained in your message. Providing this data is voluntary. We process personal data for archiving purposes and for the purpose of managing relationships, which we delete or anonymize as soon as the case is closed.
  • ekostrateg.com website user account – users’ personal data is collected in order to create an individual account and manage this account. In the case of registration of an account on the website, the user gives their first and last name, e-mail address, the name of the province of the organization’s seat, the place of residence of the resident, and determines their profile by selecting: marshal’s office, voivodship inspectorate for environmental protection, town or commune, university, entrepreneur, resident. When registering an account on the website, the user independently sets a login and an individual password to access their account. Personal data is provided on a voluntary basis, in connection with concluded sales contracts or provision of services via our website, however not providing the data indicated in the registration form will prevent the registration and setting up of the user’s account, and in the case of placing an order without registration user accounts, will prevent the submission and execution of the order. Website administrator provides users with a secure and encrypted connection when sending personal data and logging in to the user’s account on the website. We use an SSL certificate to increase the security of personal data sent to us. In the event of losing the password to access the website you can generate a new password. For this purpose, you should use the available system options on our website by providing an e-mail address. In response you will receive an e-mail. Using the instructions provided for this purpose you will be able to generate a new access password. In case of any difficulties related to the operation of access to our platform, please contact us at: rodo@atmoterm.pl, and we will solve your problem immediately so that the use of our website is friendly and safe.
  • Contact form – as part of our services, we provide the possibility to contact us via an electronic contact forms. The use of the form requires providing personal data necessary to contact the user and respond to the inquiry. Personal data is processed for the purpose of identifying the sender and handling his query sent via the contact form and for analytical and statistical purposes, where the legal basis for processing is the administrator’s legitimate interest in keeping statistics of queries submitted by users via the services in order to improve their functionality.
  • Newsletter – users who have provided their e-mail address for this purpose, the website administrator provides the newsletter service. Providing personal data is required to provide the newsletter service, and failure to do so results in the inability to send it. Personal data is processed in order to provide the newsletter service – the legal basis for processing is the necessity of processing to perform the contract. In the case of marketing content to the user as part of the newsletter the legal basis for processing personal data, including profiling, is a legitimate interest of the administrator in connection with the expressed consent for receiving the newsletter. For analytical and statistical purposes the legal basis of the processing personal data is a justified interest of the administrator consisting in analyzing the users’ activity in the services, in order to improve the functionalities. To determine, investigate or defend against claims the legal basis of the processing personal data is the administrator’s legitimate interest.
  • Job offfers – in response to job offers posted on our services, the transfer of personal data (e.g. in a CV or resume) takes place only to the extent specified in the labor law. Therefore, information should not be given more widely. If the uploaded applications contain additional data, they will not be used or included in the recruitment process. Personal data provided in the recruitment process is processed in order to perform obligations under the law related to the employment process, including in particular the Labor Code. The legal basis for processing is the legal obligation of the administrator in order to conduct the recruitment process for data not required by law the right to determine or assert any claims or defend against such claims, where the legal basis for the processing is the legitimate interest of a given administrator.
  • Customer management system – Atmoterm S.A. processes data of business contacts (current and future customers and/or natural persons associated with them) with the help of proprietary customer relationship management systems. Collection of personal contact details and their entry into the system is initiated by an employee of Atmoterm S.A. Personal data includes name, employer name, contact person, phone number, e-mail address and other business contact details. In addition, the Atmoterm S.A. system can collect personal data from the e-mail system (name and surname of the sender, first name and surname of the recipient, date and time) and calendar (name and surname and name of the organizer, name and surname of participants, day and time of the event) regarding the interaction between employees of Atmoterm S.A. and contacts or third parties. Customers’ personal data may be disclosed to users of the system and used by them to obtain information about an account, customer or services that they may be interested in. Personal data may be used for purpose of customer service, sharing personal data with employees of Atmoterm S.A., to provide services and offer new services, inform about the service, identify clients with similar needs, analyze market trends, relationship maps or sales opportunities. The processing of data of our business contacts is based on our legitimate interest as the administrator or consent, if such consent has been requested from the data subject. Our legitimate interest of personal data administrator is related to the direct marketing of our services or the transmission of information which we think the recipients will be interested in. Personal data will be stored in the Atmoterm S.A. system for the period necessary for the purposes set out above, i.e. for the duration of our business relationship or for the period required for documenting and pursuing claims.

We also recommend that you read the cookies policy. This will tell you more about the sources of personal data processing and their purposes.

Sharing personal data

We may disclose personal data of websites users and our customers to other entities that will process them, in particular to entities operating postal or courier services, banks, in the event of settlements, state authorities or other entities authorized by law to fulfill our obligations (Tax Office, National Labour Inspectorate, Social Insurance Institution), entities enabling us to perform remote payment operations, entities supporting us in our activity on behalf of our customers, in particular providers of external systems supporting our activity. We may share your personal data with law enforcement authorities, supervisory authorities, public authorities, entities performing public tasks or acting on behalf of public authorities and other third parties. The disclosure of such data takes place in connection with the performance of legal obligations.

Access your personal data and your rights

All persons whose data we process have the right to access their data, the right to obtain a copy of their data, as well as the right to request rectification and, in certain cases, erasure or restriction of processing. Persons whose data we process on the basis of our legitimate interest may object, by stating that they do not wish us to use their data in this way. If we process your personal data in order to perform an agreement consisting in sending pre-ordered materials (e.g. newsletter), you can opt out at any time. Other contracts may be terminated on the terms of the law or the contract itself. Where we process personal data on the basis of on your consent, you may withdraw it at any time. When we process data on the basis of a contract or consent, the persons whose data we process also have the right to request the transfer of their data.

We are committed to making it as easy as possible for you to exercise your rights regarding the personal data we process. However, as a administrator, we need to be sure that we will not disclose your data to unauthorized persons. Therefore, if we have doubts about the fact that a person who, for example, asks for access or requests deletion of data, is actually the person whose data we are processing, we may ask for additional information.

If you feel that your rights have been violated, you can file a complaint to the President of the Personal Data Protection Office – contact details are available at: https://www.uodo.gov.pl/en. However, if you notice a problem, please also inform us by e-mail at: rodo@atmoterm.pl. We try our best to protect your rights. If we make a mistake, we will try to fix it as soon as possible.

The right to information

If you have questions about whether and how we process your personal data, please contact us using the contact form or by sending an e-mail to: rodo@atmoterm.pl.

The right to access and update personal data

You always have access to your personal data in your service account. You can edit the personal data you have provided to us and update it. If we have obtained your personal data in a different way, contact us to exercise your right of access via the contact form or write to us at: rodo@atmoterm.pl to request access to your data, we will inform you what kind of data we process and update it at your request.

The right to delete personal data

If you would like us to stop processing your personal data, you can submit such a request by e-mail: rodo@atmoterm.pl. Please note however, that this is not an absolute right and we may refuse to delete your personal data for which we have a legal basis for further processing, e.g. fulfillment of legal obligation, assert or defend against claims that may be made against us.

The right to request restriction of personal data

You have the right to request restriction of processing when you question the accuracy of your data, when the processing is unlawful and you do not wish to exercise your right to delete data when they are no longer necessary for the purposes for which they were collected or used, but are needed by the user to establish, assert or defend claims, and when you have objected to their processing, taking into account the legal basis. If you wish to exercise this right, e-mail us at: rodo@atmoterm.pl.

The right to object

The user has the right to object at any time to the processing of his personal data if Atmoterm S.A. processes the data on the basis of his legitimate interest, for example marketing of its own services and products, conducting statistics, user satisfaction surveys. For this purpose, contact us by e-mail at: rodo@atmoterm.pl.

The right to withdraw consent

If you have given us consent to process your personal data, you have the right to withdraw it at any time. The withdrawal of consent does not affect the lawfulness of the processing personal data carried out on the basis of consent before its withdrawal. To exercise this right, write to us at: rodo@atmoterm.pl.

The right to transfer personal data

In exercising this right, we will provide you or a third party designated by you with your personal data in a structured, commonly used, machine-readable format. Please note that you have this right only in relation to personal data processed on the basis of consent or the condition for performance of the contract you have entered into with us, and the processing itself is carried out by automated manner (in IT systems). If you wish to exercise your right to transfer personal data, e-mail us at: rodo@atmoterm.pl.

In the interests of the proper exercise of your rights, your application or request will be dealt with immediately. In any case, you should receive a message from us not later than 30 days. Within this period we will give you an answer or inform you about the extension of the deadline and explain the reasons. If we have doubts that you are making a specific request, we may ask some additional questions to verify your identity.

The period of storage of personal data

The period of processing personal data by the administrator depends on the type of service provided and the purpose of the processing. The personal data is processed by the time the service is provided or the order is processed, until the consent is withdrawn or effective objection to processing is raised in cases where the legal basis for processing is the administrator’s legitimate interest. The period of processing personal data may be extended if the processing is necessary to establish, assert or defend against any claims, and thereafter only if and to the extent required by law. After the processing period, personal data are irreversibly deleted or anonymized.

Security of personal data

The administrator declares that he will endeavor to ensure the user with a high level of security for the use of the services by applying appropriate administrative, technical and physical safeguards to protect personal data against accidental or unlawful destruction, loss or unauthorized disclosure. The administrator, taking into account the state of technical knowledge, the cost of implementation and the nature, scope, context and purposes of processing and the risk of violating the rights or freedoms of persons with different probability of occurrence and threat severity, implements appropriate technical and organizational measures to ensure a degree of security corresponding to this risk.

Unfortunately, no method of data transmission over the internet is completely safe. Although the administrator endeavours to secure the transmitted personal data, he cannot guarantee full security of transmission over the internet. Therefore, any incidents affecting the security of data transmission, including, for example, the suspicion of sharing files containing viruses and other files of a similar nature, should be reported to the e-mail address: rodo@atmoterm.pl.

Change in privacy policy

In the interest of the proper application of your right to privacy, we stipulate that the content of this privacy policy may be updated or changed if necessary. We encourage you to review this policy regularly to find out how Atmoterm S.A. protects personal data that it processes.