PRIVACY POLICY AND USE OF COOKIES
ARDEA CONSULTING Limited Liability Company with headquarters in Warsaw, further referred to as "Policy".

ARDEA CONSULTING a limited liability company with headquarters in Warsaw, in the interests of security of obtaining and processing of personal data, Users applies appropriate technological and organizational solutions preventing interference with Users' privacy by third parties.

The Administrator declares commitment to proper security management of personal data in the Company and declares that he will make every effort to ensure the security of personal data protection, taking into account applicable law, including:
1. Regulation (EU) of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (hereinafter 'the Regulation') ;
2. the Act of August 29, 1997 on the Protection of Personal Data;
3. the Act of 18 July 2002 on the provision of electronic services;
4. The Act of 16 July 2004 on Telecommunications Law.

This Policy is a collection of information about the rights of Users, in connection with the acquisition of personal data and their processing by the Administrator, and the rules used by the Company in the protection of personal data, including collected via online platforms operated by the Administrator.

I. THE PERSONAL DATA ADMINISTRATOR.
The administrator of Personal Data is a company under the name ARDEA CONSULTING Spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw (00-870), ul. Wronia 45 lok. 14, entered in the register of entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Department under the number KRS 0000543131, Tax Identification Number: 5272729781, Regon: 360790463 (hereinafter referred to as: "Company" or "Administrator").

II. PURPOSE AND SCOPE OF DATA COLLECTION. STORAGE PERIOD.
1. The Company limits the collection and processing of personal data to the minimum necessary to perform the User's instructions. The collection of personal data takes place in connection with:
a. performance of a contract to which the User is a party, or to take action at the User's request, prior to the conclusion of the contract (Article 6 paragraph 1 b of the General Council Regulation (EU) and the EP on the protection of personal data).
b. agreeing to receive commercial information about products or services provided by the current and future partners of the Administrator;
c. when contacting the Administrator using the tools available on the website at www.ardeakredyty.pl;
d. automatically via cookies.
2. The collection of personal data is carried out in order to:
a. performance of a contract to which the User is a party, or to take action at the User's request, prior to the conclusion of the contract;
b. performance of other User's instructions;
c. sending commercial information after obtaining the User's prior consent;
d. improving the operations of the Company;
e. running a website at www.ardeakredyty.pl.
f. assessing the quality and satisfaction of the services provided by the Administrator;
g. fulfill the legal obligations incumbent on the Administrator.
3. The Administrator may, due to the subject of the contract and other elements thereof, process the following personal data: name and surname; entrepreneur's business; e-mail address; contact phone number and other necessary information.
4. Personal data shall be kept for no longer than it is necessary to achieve the purposes for which it was collected and for the period necessary to fulfill the legal obligations of the Administrator. Thus, personal data is kept until:
a. it is necessary to perform the contract;
b. the applicable law requires the personal data to be stored by the Administrator;
c. personal data are required to protect and defend the rights or property of the Administrator.
5. After the retention periods, personal data will be deleted or anonymized.
 

III. BASIS OF DATA PROCESSING.
1. The basis for the processing of personal data is:
a. conclusion and performance of the contract according to the instructions of the User;
b. consent: for example in the field of sending marketing communication to an email address for marketing purposes;
c. fulfillment of the legal obligation incumbent on the Administrator;
d. fulfillment of legally justified purposes carried out by the Administrator, e.g. direct marketing of the Administrator's own products or services.

IV. RIGHTS.
1. In accordance with applicable regulations, including the Regulation, the User whose data is related to:
a. the right to access the personal data of that person, including obtaining copies of the data to be processed, also in electronic form;
b. the right to bring in:
- opposition to the processing of this person's data for direct marketing purposes;
- reasoned objection to the processing of the personal data of that person under the legitimate interests of the Company, for reasons related to the special situation of that person;
c. the right to express and withdraw consents to:
- processing of that person's data, in order to receive commercial communication, including e-mail received by e-mail;
d. the right to rectify (correct) personal data of that person, if the data in the Administrator's possession is inaccurate or incomplete;
e. the right to delete the data of that person, if this data is no longer necessary for the purposes for which it was collected, and the Company has no grounds to process it, e.g. on the basis of consent or legal obligation;
f. the right to transfer own data made available to the Company;
g. the right to limit the processing of that person's data in cases arising from law.
2. Withdrawal of consent or other instructions resulting from the rights may be made by phone, via e-mail or at the registered office of the Company. Contact details are indicated in §VII below.
3. The Company, after receiving the instructions referred to in para. 2 above, it will immediately take action to consider or fulfill the request.

V. DISCLOSURE OF PERSONAL DATA.
1. Personal data may be disclosed:
a. entities owned by ANG Spółdzielnia with its registered office in Warsaw at ul. Dziekońskiego 1 and ANG Biznes S.A. with headquarters in Warsaw at ul. Dziekońskiego 1, and other entities that provide products or services to Users through or on behalf of the Administrator, ancillary services provider to the activities of the Administrator, an IT service provider; accounting services providers; providers of e-mail marketing services, entities conducting postal or courier activities, institutions dealing in debt recovery and their proxies;
b. other partners of the Administrator, when it is necessary to provide services by the Administrator;
c. professional advisers acting on the basis of authorization;
d. to companies or other entities, if it results from the User's instruction or after obtaining the prior consent of that person;
e. to all state authorities, offices, institutions, enforcement authorities, courts or other third parties, to the extent necessary to fulfill the legal obligation incumbent on the Administrator or serving to protect the rights of the Administrator or third parties.
2. Before disclosing personal data to third parties referred to in § V subpara. 1 point a-c, the Administrator will oblige the indicated entity to maintain confidentiality and security of information and to use the personal data provided solely for the purpose and scope necessary to achieve the purpose of sharing personal data, eg in connection with providing the service or product to the Administrator.

VI. USE OF COOKIES.
According to art. 173 of the Act of 16 July 2004 Telecommunications Law, the website www.ardeakredyty.pl uses cookies containing IT data, in particular text files, which are stored in the User's end device. Detailed information on cookies can be found at: https://en.wikipedia.org/wiki/HTTP_cookie

Types of cookies
1. Cookies used by the Administrator are safe for the User's device. In particular, this way it is not possible to get viruses or other unwanted software or malicious software onto users' devices. These files allow to identify the software used by the User and adjust the service individually to each User. Cookies usually contain the name of the domain from which they originate, their storage time on the device and the assigned value.
2. The administrator uses the following types of cookies:
a. SESSION COOKIES: they are stored on the User's device and remain there until the end of the session of the given browser. The saved information is then permanently deleted from the device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the User's device.
b. PERMANENT COOKIES: they are stored on the User's device and remain there until they are deleted. Ending the session of a given browser or turning off the device does not delete them from the User's device. The mechanism of persistent cookies does not allow the collection of any personal data or any confidential information from the User's device;
c. ANALYTICAL COOKIES: collect information about the use of a given site, such as pages visited by a given User and any error messages; they do not collect information enabling identification of the User, and the collected data are aggregated in such a way that they become anonymous. Analytical cookies are used to improve the website's performance;
d. FUNCTIONAL COOKIES: allow the site to remember any choices made on pages (such as changing the font size, customizing the page) and allow services such as adding comments on someone's blog.
3. The User has the ability to limit or disable access of cookies to his device. If you use this option, the use of the site will be possible, except for functions which, by their nature, require cookies.

The purposes in which cookies are used.
1. The administrator uses own cookies for the following purposes:
a. Site configuration.
i) adaptation of the website content to the User's preferences and to optimize the use of website pages.
ii) recognize the device of the Website User and its location and properly display the website, adapted to his individual needs.
b. User authentication on the website and providing user sessions on the website:
i) maintaining the Website User's session (after logging in), thanks to which the User does not have to re-enter his login and password on every subpage of the website;
ii) correct configuration of selected website functions, allowing in particular verification of the authenticity of the browser session.
iii) optimizing and increasing the efficiency of services provided by the Administrator.
c. Implementation of processes necessary for the full functionality of websites.
i) adaptation of the website content to the User's preferences and to optimize the use of website pages. In particular, these files allow to recognize the basic parameters of the User's device and properly display the website, tailored to his individual needs;
ii) correct operation of the partner program, enabling in particular verification of sources of Users' redirects to the website's websites.
d. Analysis and research and audience audit.
i) creating anonymous statistics that help to understand how the Website Users use website pages, which allows improving their structure and content.
e. Ensuring the safety and reliability of the service.

Possibilities of determining the conditions of storage or access through cookies.
1. The User may independently and at any time change the settings for cookies, specifying the conditions for their storage and access to the User's device via cookies. Changes to the settings referred to in the previous sentence, the User can make using the web browser settings. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of the web browser or inform about their every time placing cookies on the user's device. Detailed information about the possibilities and ways of handling cookies are available in the software (web browser) settings.
2. The User may at any time delete cookies using the features available in the web browser he uses.
3. Restricting the use of cookies may affect some of the functionalities available on the website.

VII. SUMMARY.

1. Contact details:
- Personal data administrator:
ARDEA CONSULTING Limited Liability Company
head office address: Warsaw (00-870), Wronia 45 lok. 14
telephone number: +48 224042324
e-mail address: biuro@ardeakredyty.pl
- In order to express or withdraw consents and raise objections, the entitled person may use the following contact options:
e-mail address: biuro@ardeakredyty.pl
address of the office for postal correspondence:
Warsaw (00-870), Wronia 45 lok. 14
telephone number: +48 224042324
2. Data protection supervision authority.
In case of any doubts or reservations about the way the Company administers personal data of the clients, the Administrator encourages to contact him at the email address indicated above. Notwithstanding the foregoing, the rightholder has the right to submit a complaint to the President of the Office for the Protection of Personal Data.
3. Any changes to this Policy, in particular those resulting from the need to adapt the privacy policy to the applicable law, will be published on the Administrator's website at www.ardeakredyty.pl.
4. This Policy is valid from May 25th 2018.