1. General Information

1. This policy applies to the website operating at: pilchconsulting.com
2. The administrator of personal data of users of the website operating at pilchconsulting.com is Pilch Consulting, operating within Ekoway Sp. z o.o., with its registered office at ul. Krakowska, 32-050 Skawina, NIP: 6793122906.
3. Contact email address of the operator: contact@pilchconsulting.com
4. The operator is the Controller of your personal data with respect to data provided voluntarily on the website.
5. The website uses personal data for the following purposes:
   • Handling inquiries via the contact form
6. The website collects information about users and their behavior in the following ways:
   1. Through voluntarily entered data in forms, which are entered into the Operator’s systems.
   2. By storing cookie files in end-user devices (so-called “cookies”).

2. Selected Data Protection Methods Used by the Operator

1. Login and data entry areas are protected in the transmission layer (SSL certificate). This ensures that personal and login data entered on the site are encrypted on the user’s computer and can only be read on the target server.
2. To protect data, the Operator regularly creates backup copies.
3. An essential element of data protection is the regular updating of all software used by the Operator to process personal data, which specifically means regular updates of programming components.

3. Hosting

1. The website is hosted (technically maintained) on servers of: hitme.net.pl
2. To ensure technical reliability, the hosting company maintains server-level logs. These may include:
   • resources identified by URL addresses (requested page or file addresses),
   • time of request arrival,
   • time of response sent,
   • client station name – identification performed via the HTTP protocol,
   • error information encountered during the HTTP transaction,
   • URL address of the page previously visited by the user (referer link),
   • user browser information,
   • IP address information,
   • diagnostic information related to service ordering via website forms,
   • information related to handling emails sent to and from the Operator.

4. Your Rights and Additional Information on Data Usage

1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if necessary for contract performance or legal obligations. This applies to the following groups of recipients:
   • authorized employees and associates who use the data to fulfill the website’s purpose,
   • companies providing marketing services to the Administrator.
2. Your personal data will be processed no longer than necessary to perform related tasks, as specified by separate regulations (e.g., accounting laws). Marketing-related data will not be processed for more than 3 years.
3. You have the right to request from the Administrator:
   • access to your personal data,
   • correction,
   • deletion,
   • restriction of processing,
   • data portability.
4. You have the right to object to processing as outlined in 3.2 regarding the processing of personal data for legitimate interests pursued by the Administrator, including profiling. However, this right cannot be exercised if there are legally valid grounds for processing that override your interests, rights, and freedoms, especially for the establishment, exercise, or defense of legal claims.
5. You have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.
6. Providing personal data is voluntary but necessary to use the services of the website.
7. You may be subject to automated decision-making, including profiling, for the purpose of service delivery under a contract or for direct marketing by the Administrator.
8. Personal data is not transferred to third countries within the meaning of data protection regulations. This means we do not send data outside the European Union.

5. Information in Forms

1. The website collects data provided voluntarily by the user, including personal data, if provided.
2. The website may save information about connection parameters (timestamp, IP address).
3. In some cases, the website may save information facilitating the linking of form data with the user’s email address. In such cases, the user’s email address appears in the URL of the page containing the form.
4. Data provided in the form are processed for the purpose indicated by the specific form (e.g., handling a service request, commercial contact, service registration, etc.). The context and description of each form clearly indicate its function.

6. Administrator Logs

1. Information about user behavior on the website may be subject to logging. These data are used for site administration purposes.

7. Key Marketing Techniques

1. The Operator uses Google Analytics (Google Inc., USA) to analyze site traffic. No personal data is transferred to the service provider—only anonymized data. The service uses cookies stored on the user’s end device. Users can view and edit preferences collected by Google’s advertising network at: https://www.google.com/ads/preferences/
2. The Operator uses remarketing techniques to match advertising messages to user behavior, which may create the impression that personal data is being used for tracking, although no personal data is actually transferred to advertising operators. These actions require cookies to be enabled.
3. The Operator uses Facebook Pixel. This allows Facebook (Facebook Inc., USA) to identify that a registered user is visiting the site. Facebook operates on the data it already controls; no additional personal data is shared by the Operator. This service uses cookies on the user’s device.
4. The Operator uses services that analyze user behavior through heatmaps and session recordings. These are anonymized before being sent to the service provider, ensuring they are not linked to any identifiable person. Passwords and other personal data are not recorded.
5. The Operator uses tools that automate website functionality for users, such as sending emails after visiting certain pages, provided the user has agreed to receive marketing messages.
6. The Operator may use profiling as defined under data protection laws.

8. Cookie Files Information

1. The website uses cookies.
2. Cookies are data files, primarily text files, stored on the end user’s device, used to navigate the website. They typically contain the website name, storage duration, and a unique identifier.
3. The entity placing cookies on the user’s device and accessing them is the website Operator.
4. Cookies are used for the following purposes:
   1. Maintaining user sessions (after login), so the user does not have to re-enter login and password on every page;
   2. Fulfilling the purposes outlined above in “Key Marketing Techniques”;
5. The site uses two main types of cookies: “session” cookies and “persistent” cookies. Session cookies are temporary and stored until logout, leaving the site, or closing the browser. Persistent cookies remain on the device for the time specified in their parameters or until deleted by the user.
6. Web browsers usually allow cookies by default. Users can change their browser settings to disable cookies. Instructions can be found in the help section of the browser.
7. Limiting cookies may affect some functionalities of the website.
8. Cookies may also be used by partners cooperating with the website operator, including: Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).

9. Cookie Management – How to Give and Withdraw Consent in Practice?

1. If the user does not wish to receive cookies, browser settings can be changed. Disabling necessary cookies may hinder or, in extreme cases, prevent the use of the website.
2. To manage cookie settings, choose your browser from the list below and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

   Mobile devices:

   • Android
   • Safari (iOS)
   • Windows Phone