Privacy Policy of the Relational Ecotherapy Institute
§ 1. Definitions
§ 2. General Information
§ 3. Personal Data Administrator
§ 4. Processing of Personal Data
§ 5. Protection of Personal Data
§ 6. User Rights and Additional Information on Data Usage
§ 7. Cookies
§ 1. Definitions
Data Administrator – an entity, individual, legal person, or public authority that independently or jointly with others determines the purposes and methods of processing personal data.
Personal Data – all information about an identified or identifiable natural person (the person to whom the data relates) through one or more specific factors such as name and surname, location data, internet identifier, IP address, telephone number, and information collected through cookies or other similar technology, determining the physical, physiological, genetic, mental, economic, cultural, or social identity of the person.
Data Processor – an individual or legal person, entity, public authority, or other entity that processes personal data on behalf of the Data Administrator.
Processing of Personal Data – operations or set of operations performed on personal data or sets of personal data, whether automated or not, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
GDPR – General Data Protection Regulation, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
User – an individual visiting this website (web page) or using one or more services or functionalities provided on the Data Administrator’s website.
Act – the applicable Act on the Protection of Personal Data.
§ 2. General Information
This privacy policy applies to the website operating at the URL: www.ecotherapyinstitute.eu.
The operator of the website and the Data Administrator is: Centrum Terapii Leśnej Katarzyna Simonienko also called hereinafter 'Forest Therapy Center Katarzyna Simonienko’, located at 36/14 Wesoła Street, 15-306 Białystok, NIP 5432144582, REGON 386884310.
§ 3. Personal Data Administrator
Contact email address of the operator: info@ecotherapyinstitute.eu The operator is the Data Administrator for User’s personal data concerning data voluntarily provided on the website and stored in cookie files on end devices (so-called „cookies”). The website collects information about users and their behavior in the following ways:
- Through voluntarily entered data in forms, which are entered into the Operator’s systems.
- By saving cookie files on end devices (so-called „cookies”).
- By receiving emails from users.
§ 4. Processing of Personal Data
If a user completes a form, for example, to send a registration for certain activities or contacts us via email, their data such as name, surname, phone number, email address, and IP address are processed. Personal data is processed in accordance with the provisions regarding the protection of personal data (including GDPR), in accordance with this Privacy Policy, to the extent and for the purpose necessary for the proper provision of electronically provided services.
The website uses personal data for the following purposes:
- Handling inquiries through the form.
- Email or phone contact.
- Presentation of offers or information.
Information in forms: The website collects information voluntarily provided by the user, including personal data if provided. In some cases, the website may save information facilitating the connection of data in the form with the user’s email address. In such a case, the user’s email address appears within the URL of the page containing the form.
Personal data provided in the form is processed for the purpose resulting from the function of a specific form, e.g., for the purpose of processing a service request or commercial contact, service registration, etc. Each time, the context and description of the form clearly inform what it is used for.
Personal data may be disclosed by the Data Administrator to other recipients only in exceptional cases, e.g., if it is necessary to perform a contract with the user or to fulfill the obligations incumbent on the Data Administrator. In particular, the legal basis for disclosure may be legal provisions allowing public authorities access to personal data.
Depending on the needs, these may be the following groups of recipients:
- Public authorities, including tax authorities and courts.
- Authorized employees and collaborators who use data to achieve the purpose of the website’s operation.
- Companies providing hosting services, IT solutions, and IT infrastructure.
- Entities/companies/people providing services to the Data Administrator, e.g., in the field of HR, marketing and advertising, accounting, logistics, advisory, and legal services.
- Entities engaged in cooperation with the Data Administrator in the scope of services offered by the Data Administrator, such as agritourism, hotels, tourism, if necessary, e.g., for booking accommodation or purchasing tickets for Users.
§ 5. Protection of Personal Data
Data protection is carried out in accordance with the requirements of applicable law, and data is stored on secure servers. The website uses SSL encryption protocol.
§ 6. User Rights and Additional Information on Data Usage
Every person (User) whose data is processed has the right to:
- Access to their personal data (Art. 15 GDPR).
- Rectification (correction, supplementation) of their data (Art. 16 GDPR).
- Deletion of data (Art. 17 GDPR).
- Restriction of processing (Art. 18 GDPR).
- Data portability (Art. 20 GDPR).
- Object to further processing of their personal data (Art. 21 GDPR).
- Not be subject to automated decision-making (Art. 22 GDPR).
- Withdraw consent (Art. 7 GDPR).
Deletion of personal data may occur as a result of withdrawing the consent expressed at any time. Withdrawal of consent does not affect the lawfulness of the processing of the User’s personal data based on the consent given before its withdrawal. As a result of withdrawing consent, it is no longer possible to process personal data based on this specific legal basis in the future.
The User has the right to object to the processing of personal data for the purpose of pursuing the legitimate interests of the Administrator, including profiling, provided that the objection cannot be made in the case of the existence of valid legal grounds for processing, overriding the interests, rights, and freedoms of the User, especially the establishment, investigation, or defense of legal claims.
Contact with the person supervising the processing of personal data on the website is possible via email: info@ecotherapyinstitute.eu. Actions of the Administrator may be subject to a complaint to the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw.
Providing personal data is voluntary but necessary to use the website. Actions may be taken concerning the User involving automated decision-making, including profiling, to provide services under the concluded contract and for direct marketing carried out by the Administrator.
Personal data is not transferred to third countries within the meaning of the regulations on the protection of personal data. This means that they are not transmitted outside the European Union.
§ 7. Cookies Files
The service uses cookies files (commonly known as „cookies”). Cookies files are computer data, specifically small text files sent by the www server, stored on the end device of the Service User, and intended for use on the Service’s websites. When the browser reconnects to the site, the website recognizes the type of device from which the user is connecting. Parameters allow reading information contained in them only by the server that created them. Therefore, cookies make it easier to use previously visited websites. Cookies usually contain the name of the website from which they originate, the time of storing them on the end device, a unique IP address, the type of browser used, language, operating system type, internet service provider, information about time and date, and location.
The entity placing cookies files on the end device of the Service User and accessing them is the Service Operator. Cookies files are used for the following purposes:
- Creating statistics that help understand how Service Users use the websites, enabling the improvement of their structure and content.
- Determining the User’s profile to display tailored materials in advertising networks, especially in the Google network.
The Operator uses the statistical analysis of traffic on the site through Google Analytics (Google Inc. based in the USA). Collected data is used to monitor and check how users use the Service to improve its functioning. The Operator does not transfer personal data to the operator of this service, only anonymized information. The service is based on the use of cookies in the end user’s device. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
Two main types of cookies files are used within the Service: „session” cookies and „persistent” cookies. „Session” cookies are temporary files stored on the end user’s device until logging out, leaving the website, or turning off the software (web browser). „Persistent” cookies are stored on the end user’s device for a specified period in the parameters of cookies files or until they are deleted by the User.
Website browsing software (web browser) usually allows storing cookies files on the end user’s device by default. Service Users can change their settings in this regard. The web browser allows you to delete cookies files. It is also possible to automatically block cookies files. Detailed information on this topic is provided in the help or documentation of the web browser.
Limiting the use of cookies files may affect some functionalities available on the Service’s websites.
Cookies files placed on the end user’s device of the Service User can also be used by entities cooperating with the Service Operator, especially concerning advertising networks and companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), for displaying ads tailored to the way the user uses the Service. For this purpose, they may retain information about the user’s navigation path or the time spent on a particular page.
Other services and plugins of the Service that may process cookies files depending on the user’s activity on the site include:
- Facebook (privacy policy)
- Instagram (privacy policy)
- Managing cookies files – how to express and withdraw consent in practice?
If the user does not want to receive cookies files, they can change the settings of the web browser. Note that disabling cookies necessary for authentication processes, security, and maintaining user preferences may make it difficult, and in extreme cases, may prevent the use of websites. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/.