Privacy policy

Privacy policy of the website www.myropes.pl (hereinafter also referred to as the „Privacy Policy”).

The security of your personal data and the transparency of its processing are very important to Us. For this reason, below we present information regarding the protection of your personal data, the rules for its processing, and the rights you are entitled to.

I. What does the Privacy Policy and cookie policy cover?

This Privacy Policy describes the manner and rules regarding the processing by:

MYROPES sp. z o.o. with its registered office in Łazy, entered into the register of entrepreneurs maintained by the National Court Register for Kraków Śródmieście in Kraków, XII Commercial Division of the National Court Register, under KRS number: 0001168811, NIP: 5130302400, Regon: 541522455, of information concerning users of the website available at: www.myropes.pl together with its subpages.

In the individual parts of this Privacy Policy you will find information regarding the scope and rules of processing your personal data. This Privacy Policy also contains information about the rights you are entitled to in connection with the processing of your personal data, as well as Our contact details.

II. Basic definitions

personal data – all information about a natural person identified or identifiable through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including image, voice recording, location data, contact details, information contained in correspondence, information collected via recording equipment or other similar technology.

controller – an entity that, alone or jointly with others, determines the purposes and means of processing personal data.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Website – the website at www.myropes.pl and other websites that contain a reference to this Privacy Policy.

III. The controller and its contact details

The controllers of your data are:

1. MYROPES sp. z o.o. with its registered office at Łazy 174, 32-048 Łazy, KRS: 0001168811, NIP: 5130302400, Regon: 541522455,

hereinafter jointly referred to as the „Controllers” and individually as the „Controller”.

Contact with the Controller in matters relating to the protection of personal data is possible: in writing – to the registered office address indicated above, or by electronic mail – to the address: biuro@myropes.pl.

IV. Information on the processing of personal data in connection with the use of the Website

The Controllers provide the opportunity to become familiar with information and materials concerning the company MYROPES, including in particular contact details, information related to sustainable development, and information regarding the acquisition of participation rights in the AIF by retail clients.

Below you will find information about the scope of the information collected, the purposes and legal basis of processing, the storage period of the collected information, and any entities that gain access to the information processed by the Controllers.

Scope of the data collected

We process the personal data you leave with Us as part of using the Website. These are primarily data concerning your activity on the Website, i.e. the IP address of the device on which Our Website is displayed, system logs, the URL address of the displayed file or page, the date and time of access, and data concerning the device and browser used by the user. The Website also uses cookies, which also collect certain information – you will find more about cookies in point X of this Privacy Policy.

Providing personal data is voluntary, but may be necessary for the realisation of the purposes specified above, which the Controllers will not be able to achieve if personal data is not provided.

Purpose and legal basis of processing

When you use Our Website, we may process your data for the purposes of:

• providing services by electronic means – based on the premise of concluding and performing a contract for the provision of services by electronic means [legal basis: Article 6(1)(b) GDPR], in connection with Articles 18 and 19 of the Act on the provision of services by electronic means;
• pursuing the legitimate interests of the Controller related to running the Website, consisting in ensuring the security and reliability of the services provided within Our Website, guaranteeing uninterrupted connection establishment, guaranteeing comfortable use of websites, and analysing the security and stability of the system [legal basis: Article 6(1)(f) GDPR].

In this case, personal data is also processed for the secondary purposes of the Controllers, namely:

• pursuing, establishing or defending claims, which constitutes a legitimate interest of the Controllers – [Article 6(1)(f) GDPR];
• for archival and evidentiary purposes, being the realisation of a legitimate interest in securing information in the event of a legally justified need or obligation to prove facts – [Article 6(1)(f) GDPR].

V. Ongoing support for Website users

Scope of the data collected

The processing of personal data is required for the purpose of communicating with Website users, including in particular answering questions concerning the Controllers' offer. This situation occurs in particular when the user:

• uses the contact form – in which case, in connection with the use of the form, the following data is processed: first name, surname, e-mail address, and any other data provided in the course of the exchange of messages,
• when the user sends an e-mail message or contacts the Controller by telephone – in which case data concerning the means of communication and data provided as part of the communication is processed.

Providing personal data is voluntary, but necessary for communication with the Controllers. The Website also uses cookies, which also collect certain information – you will find more about cookies in point X of this Privacy Policy.

Purpose and legal basis of processing

Personal data will be processed solely for the purpose of answering a question or fulfilling a request covered by the message. The legal basis for processing this data is the legitimate interest of the controller [Article 6(1)(f) GDPR] consisting in serving clients or potential clients.

In this case, personal data is also processed for the secondary purposes of the Controllers, namely:

• pursuing, establishing or defending claims, which constitutes a legitimate interest of the Controllers – [Article 6(1)(f) GDPR];
• for archival and evidentiary purposes, being the realisation of a legitimate interest in securing information in the event of a legally justified need or obligation to prove facts – [Article 6(1)(f) GDPR].

VI. Handling matters related to the exercise of the rights of data subjects

Scope of the data collected

The Controllers also process personal data in connection with handling matters related to the exercise of the rights of data subjects, which rights are specified by the provisions of the GDPR. In such a case, the Controllers process:

• data enabling the identification of the person submitting the request, e.g. first name and surname, e-mail address, telephone number, address,
• data describing the manner of handling the matter, including correspondence with the person to whom this data relates.

Providing the data is voluntary, but necessary in order to exercise the rights.

Purpose and legal basis of processing

The data is processed in order to fulfil the legal obligations imposed on the Controllers arising from the provisions on the protection of personal data, in particular Articles 12–22 GDPR [Article 6(1)(c) GDPR].

In this case, personal data is also processed for the secondary purposes of the Controllers, namely:

• pursuing, establishing or defending claims, which constitutes a legitimate interest of the Controllers – [Article 6(1)(f) GDPR];
• for archival and evidentiary purposes, being the realisation of a legitimate interest in securing information in the event of a legally justified need or obligation to prove facts – [Article 6(1)(f) GDPR].

VII. Data recipients and information on the transfer of data outside the EU

MYROPES provides the other Controllers with services for the support and management of the Website. For this reason, the other Controllers entrust it with the processing of personal data acquired via the Website.

The recipients of your personal data may also be the Controllers' suppliers, i.e. entities providing the Controller with ICT systems, telecommunications undertakings, law firms, and consulting companies with whom we cooperate. We disclose your personal data to others only where we have a legal basis to do so, in particular where it is necessary for the performance of the services provided to you.

If we transfer your personal data to recipients outside the European Union or the European Economic Area (EEA), this takes place only if, in relation to that third country, the European Commission has confirmed an adequate level of data protection, appropriate safeguards have been ensured (e.g. by means of standard data protection clauses or binding corporate rules approved by the competent supervisory authority), or if we have obtained your consent to do so.

Your personal data may be made available to public authorities or other entities authorised to such access on the basis of legal provisions.

VIII. Data storage period

The Controllers do not store the user's personal data longer than necessary to achieve the purposes for which the data was collected. The processing period depends on the purpose of processing, in particular:

1. In the case of processing data for the purpose of answering users' questions submitted via contact forms or other means of communication, the data will be processed for the time necessary to answer the question, and subsequently:
   • in the case of concluding a contract or contracts with the Controller – for the period indicated in the information clause accompanying that contract/contracts;
   • in the absence of renewed contact, the data will be deleted – depending on the subject of the contact – after 1 year from the last contact or after the expiry of the limitation period for any claims;
2. In the case of processing data to ensure the security of the Website and to prevent fraud, the data will be processed for a maximum of 2 years from the moment of its collection.
3. In the case of processing data for the purpose of concluding and performing a contract for the provision of services by electronic means, the user's data will be processed for the period of performance of the contract for the provision of services by electronic means.
4. In the case of processing data for the purpose of establishing, pursuing or defending claims, the data will be processed at most until the limitation of any claims.
5. Data saved in cookies will be stored by Us for a period corresponding to the life cycle of the given cookie; these periods are indicated in section X.
6. Personal data processed for the purpose of demonstrating and fulfilling the obligations incumbent on the Controllers arising from the provisions of the GDPR will be processed only to the extent and for the period necessary to fulfil these obligations and to demonstrate that the obligations incumbent on the Controllers have been fulfilled.
7. Personal data processed for purposes arising from legitimate interests in the form of archival and evidentiary purposes in the event of a legally justified need or obligation to prove facts will be processed for the period necessary to achieve this purpose, or until an objection is raised, but at most until the completion of the processing of personal data in all the cases indicated above.

IX. Your rights

To the extent and in the cases specified by the provisions, in particular the GDPR, you are entitled to the following rights:

• the right of access to the processed data – on this basis, the data subject is entitled to obtain from the data controller information about the processing of personal data – including the purposes of processing, the categories of personal data processed, the legal basis of processing, the planned processing period, and the recipients to whom the data is disclosed – as well as to obtain a copy of the personal data that is processed by the data controller,
• the right to rectification of data – on this basis, the data subject has the right to request the data controller to rectify incorrect personal data or to complete incomplete personal data concerning that person,
• the right to erasure of data – on this basis, the data subject has the right to demand that the data controller immediately erase their personal data where the personal data is no longer necessary for the purposes for which it was collected, or where the data subject has withdrawn the consent that was the sole legal basis for processing (this does not affect the lawfulness of processing carried out before the withdrawal of consent),
• the right to restriction of processing – on this basis, the data subject has the right to request the data controller to restrict processing where:
  • there is a likelihood that the personal data is incorrect (until the data controller verifies its correctness),
  • the processing is unlawful and the data subject objects to the erasure of the personal data, requesting instead the restriction of its use,
  • the purpose of processing the personal data by the data controller has ceased, but it is needed by the data subject for the establishment, pursuit or defence of claims,
  • the data subject has objected to the processing,
• the right to data portability – on this basis, the data subject whose data is processed in an automated manner on the basis of the person's consent or a concluded contract has the right to request the data controller to provide (in a commonly used machine-readable format) the data supplied by them or to transmit it to another controller (where technically possible),
• the right to withdraw consent – if processing is carried out on the basis of consent, the consent may be withdrawn at any time by the data subject (this does not, however, affect the lawfulness of processing carried out before the withdrawal of consent),
• the right to object – on this basis, the data subject has the right to object to the processing of data concerning them which is carried out on the basis of a legitimate purpose of the data controller (the objection should contain a justification), unless the data controller demonstrates the existence of overriding grounds for processing; however, where the objection concerns the processing of personal data for marketing purposes, no justification of the objection is required, and the controller must comply with the objection.

If you have questions about the processing of your personal data by the Controllers, or you wish to exercise the rights you are entitled to under the provisions on the protection of personal data in connection with the processing of your personal data, you may contact Us – you will find the contact details in the section „The controller and its contact details”.

• the right to lodge a complaint with a supervisory authority – if you consider that the processing of personal data by the Controllers infringes the provisions of the GDPR or other generally applicable provisions on the protection of personal data, you may lodge a complaint with the President of the Personal Data Protection Office.

X. Rules concerning cookies

General information about cookies

Cookies are small text files containing data saved at the moment of visiting a website, stored on users' end devices (e.g. computers), intended for the use of websites.

A cookie usually contains the name of the website it comes from, the period of activity, a generated unique number used to identify the browser from which the connection to the website is made, and other necessary data. However, we do not receive direct information about the user's identity through them.

For what purpose and on what legal basis do we use cookies?

The Website uses so-called necessary cookies and analytical cookies, whereby analytical cookies are used only if the User consents to their use.

Necessary cookies are a type of cookie that is essential for the functioning of the website. Necessary cookies cannot be disabled in the Controller's systems. The User may change their browser settings to block them, but the Website will not then function correctly.

Analytical cookies are used for the purpose of optimising and improving the Website, as well as conducting a statistical analysis of the use of the Website.

How long do cookies last?

Each cookie has a period of activity, after which it expires, unless the User deletes it earlier. The period of activity depends on the type of the given cookie and its function. Some cookies are active only for the duration of the user's visit to the Website, and others longer (e.g. several days, months, or even years). You will find detailed information about the period of cookie activity in the table below.

First-party and third-party cookies

Cookies may be set by the Website or by third parties (so-called third-party cookies). Below you will find detailed information about the cookies and other similar tools used on the Website.

The use of necessary cookies does not require the user's consent. Cookie settings may, however, be regulated through the user's browser settings. Most browsers automatically accept cookies. The user may, however, at any time change the settings of their web browser and disable the use of cookies.

Please note that the methodology for disabling cookies differs in each browser. The user can obtain comprehensive information on blocking cookies via the help section of the browser they use, e.g. Mozilla Firefox, Google Chrome, Opera, Safari.