The protection of Users’ privacy is particularly important to VOYA Sp. z o.o. For this reason, Users of the voya.eu.com Service are guaranteed high standards of privacy protection. Voya Sp. z o.o. as the Data Administrator takes care of the security of the data provided by Users.

The Administrator’s goal is also to properly inform Users about the rights and obligations related to the processing of personal data, especially in relation to the content of the provisions on the protection of personal data specified in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”). Therefore, taking care to protect the privacy of the Service Users, in this document the Administrator informs about the legal basis for processing personal data provided by Users in connection with their use of the voya.eu.com Service (hereinafter referred to as the “Service”), methods of collecting, processing and protecting personal data, as well as about the rights of Users.

The User is any natural person whose data is being processed, using the voya.eu.com website or electronic services available through the Service.

The administrator of personal data provided by the User on the voya.eu.com Service is VOYA Sp. z o.o., Kokotek 18, 41-700 Ruda Śląska, Poland, NIP 0123456789, (hereinafter referred to as the “Administrator”).

1 USER CONSENT

Using the voya.eu.com Service by the User means that the User accepts that the Administrator collects and uses personal data in accordance with this Privacy Policy.

The User’s personal data are processed by the Administrator based on their consent, and in some cases described in this document, within the legitimate interest of the Administrator. The User has the right to withdraw the previously expressed consent at any time. Withdrawal of consent does not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.

In the event that this Privacy Policy changes and the User continues to use the Service, this is considered as consent to the current terms of the Privacy Policy.

2 PERSONAL DATA PROCESSED BY THE ADMINISTRATOR
2.1 Method of obtaining personal data

The Administrator obtains personal data directly from the User via the Service, through the functionalities and communication tools available therein and sending messages to the Administrator via them.

Providing personal data by the User is voluntary.

2.2 Types of personal data processed
The Administrator collects the following personal data about the User via the Website:

– Name and surname;
– Email address;
– Telephone number;
– Message content;
– Message subject.

3 PURPOSES OF PERSONAL DATA PROCESSING
The manner in which the Administrator processes data concerning the User depends on the manner in which the User uses the Service and the functionalities available therein. The Administrator processes the User’s personal data for the following purposes:

3.1 Communication with the User.
The Administrator uses the User’s personal data to communicate with him in a personalized way. The information communicated to the User concerns the offered products or services, the security of personal data, network updates, reminders, but also suggested offers from the Administrator or its partners. Communication with the User also concerns the User’s service. Personal data is used to help the User, solve technical problems and respond to his complaints or claims.

3.2 Presenting commercial offers to the User electronically.
The purpose of using the User’s personal data provided by him/her through the functionalities and communication tools available on the Website is marketing communication conducted by the Administrator as part of its business activities, in particular presenting commercial offers to the User electronically.

3.3 Presenting commercial offers to the User by telephone.
The purpose of using the User’s personal data provided by him/her through the functionalities and communication tools available on the Website is marketing communication conducted by the Administrator as part of its business activities, in particular by presenting commercial offers to the User by telephone.

3.4 Sending information to the User electronically as part of the subscription to the Administrator’s newsletter.
The purpose of the Administrator’s use of the User’s personal data provided as part of the Administrator’s newsletter subscription form available on the Website is to inform the User electronically (by e-mail) about new products, services, promotions or events of the Administrator or its partners.

3.5 Enabling the User to submit comments or opinions.

The Administrator uses the User’s personal data to enable him to comment on/opinionate on the activities, services or products of the Administrator or entities cooperating with him.

The Administrator may process the User’s personal data obtained through the Service also for the following purposes:

– in order to conclude and execute a possible contract between the User and the Administrator and to serve the User as a client of the Administrator in accordance with Article 6 paragraph 1 letter b) of the GDPR;
– in order to conduct financial settlements with the User who is the Administrator’s client as part of the performance of a possible agreement concluded between the parties, as well as to pursue possible claims from the User who is the client within the legitimate interest of the Administrator in accordance with Art. 6 sec. 1 letter f) of the GDPR and to fulfil the Administrator’s legal obligations towards the tax authorities on the basis of separate provisions in accordance with Art. 6 sec. 1 letter c) of the GDPR;
– in order to implement the Controller’s marketing activities within the legitimate interest of the Controller within the meaning of art. 6 sec. 1 letter f) of the GDPR, as well as in accordance with declarations of intent regarding marketing communications submitted to the Controller. Consents granted in the scope of marketing communications (e.g. to send commercial information by electronic means or telephone contact for direct marketing purposes) may be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
– in order to fulfil the legal obligations of the Administrator towards the User specified in the GDPR, within the meaning of Article 6 paragraph 1 letter c) of the GDPR.

4 SHARING PERSONAL INFORMATION
The User’s personal data are not transferred by the Administrator to third parties.

5 USER RIGHTS
5.1 User Rights
At each stage of processing his or her data, the User is provided with a number of rights allowing him or her to access his or her data, verify the correctness of data processing, correct it, as well as have the right to object to its processing, request the deletion of data, restriction of processing or transfer of data.

If the User wishes to exercise his/her rights as a data subject, he/she may contact the Administrator using the following contact details: VOYA Sp. z o.o., Kokotek 18, 41-700 Ruda Śląska, Poland, info@voya.eu.com.

5.2 The right to lodge a complaint with a supervisory authority
The User whose personal data are processed by the Administrator has the right to lodge a complaint with the supervisory authority competent in matters of personal data protection (President of the Personal Data Protection Office).

6. COOKIES
The Administrator informs that during the use of the Service, code fragments called “cookies” are saved in the User’s end device, which are text files corresponding to HTTP requests directed to the Administrator’s server. “Cookies” files are installed by each browser from which the User visits the Service. “Cookies” files are used in the Service for the purpose of:
– maintaining technical correctness and continuity of the session between the Service server and the User’s end device;
– optimizing the User’s use of the Service’s web pages and adjusting the way they are displayed on the User’s end device;
– ensuring the safe use of the Website;
– collecting statistics of visits to the Service pages to support the improvement of their structure and content;
– displaying content tailored to the User’s preferences on their end device.

Detailed information on the cookies used by the Administrator and their management is available in the Cookies Policy.

7. OTHER IMPORTANT INFORMATION
7.1 Protection of personal data security
The Administrator introduces appropriate measures to ensure the security of the User’s personal data. Safe use of the Service is ensured by the systems and procedures used to protect against access and disclosure of data to unauthorized persons. In addition, the systems and processes used by the Administrator are regularly monitored to detect possible threats. Personal data obtained by the Administrator are stored in computer systems to which access is strictly limited..

7.2 Storage of personal data
The period of storage of Users’ personal data depends on the purposes of data processing by the Administrator. The Administrator stores personal data for such a period as is necessary to achieve specific purposes, i.e.:

 – for the period of the Administrator’s business activity

In each of the above cases, after the necessary processing period has elapsed, the data may be processed only for the purpose of pursuing claims arising from the relationship between the parties until such time as these claims are finally settled in court.

7.3 Changes to Privacy Policy
In order to update the information contained in this Privacy Policy and its compliance with applicable law, this Privacy Policy may be changed. In the event of a change in the content of the Privacy Policy, the date of its update indicated at the end of its text will be changed. In order to obtain information on the method of personal data protection, the Administrator recommends that Users regularly read the provisions of the Privacy Policy.

7.4 Contact Information
In order to obtain any information regarding this Privacy Policy, the User may contact the Personal Data Administrator: VOYA Sp. z o.o., Kokotek 18, 41-700 Ruda Śląska, Poland, using the following contact details:: info@voya.eu.com.

In addition, it is also possible to contact us by post at the following address: Kokotek 18, 41-700 Ruda Śląska, Poland.

This document was last updated on 08.09.20224.