Deweloper Olsztyn, Warszawa, Trójmiasto, Naterki - nowe mieszkania i apartamenty. Dostarczamy produkty najwyższej jakości, które podążają za współczesnymi trendami i ochroną środowiska.

I. Basic terms

Administrator - Ippon Group Sp. z o.o. with its registered office in Warsaw (00-609), al. Armii Ludowej 26, piętro 8, email address: administrator@ippon.group

User - any natural person whose personal data is processed by the Administrator,

Personal data - all information about an identified or identifiable natural person through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity, as well as the IP address of the device, location data, an internet identifier, and information collected through cookies and other similar technologies.

GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Service - an IT solution located at the internet address https://ippon.group/, which includes, among others, a set of services provided electronically to Users.

II. Processing of personal data and information about forms

1. Personal data of Service Users may be processed by the data Administrator in the following cases:

a) when the Service User consents to it in the forms placed in the Service, in order to take actions related to the forms (Article 6(1)(a) of the GDPR);

b) when processing is necessary for the performance of a contract to which the Service User is a party (Article 6(1)(b) of the GDPR),

c) for complaint handling - the legal basis for processing is the necessity of processing to perform the contract (Article 6(1)(b) of the GDPR);

d) to fulfill a legal obligation incumbent on the Administrator (Article 6(1)(c));

e) for possible establishment, exercise, or defense of legal claims - the legal basis for processing is the legitimate interest of the Administrator consisting in the protection of his rights (Article 6(1)(f) of the GDPR).

f) for the Administrator's marketing purposes, consisting of informing the User about the current offer and new functionalities of the Service - the legal basis for processing is consent (Article 6(1)(a) of the GDPR),

2. The Administrator processes personal data of Service Users to the extent necessary for the purposes specified in point 1 above and for the period necessary to achieve these purposes, or until the consent is withdrawn by the Service User. Failure to provide data by the Service User may, in some situations, result in the inability to achieve the purposes for which the data is necessary.

3. The Administrator may send commercial email messages, provided that the Service User has given consent.

4. The Administrator keeps a record of persons authorized to process the data. Persons authorized to process the data are obliged to keep personal data and methods of their security strictly confidential.

5. The Administrator and persons authorized to process this data use technical and organizational measures to ensure the protection of processed personal data.

6. With the help of forms placed in the Service or for the purpose of executing agreements possible to conclude within the Service, the following personal data of the Service User may be collected: first name, last name, email address, phone number.

7. Data contained in the forms, provided to the Administrator by the Service User, may be transferred by the Administrator to third parties cooperating with the Administrator in connection with the achievement of the purposes specified in point 1.

8. A third party with access to personal data processes it only on the basis of a personal data processing agreement and only at the request of the Administrator.

9. Data provided in forms placed in the Service is processed for purposes arising from the specific form function; additionally, they may be used by the Administrator for archival and statistical purposes. Consent of the data subject is expressed by ticking the appropriate box in the form.

10. The Service User, if provided for by the Service, by ticking the appropriate box in the registration form, may refuse or consent to receiving commercial information by electronic means, in accordance with the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002, No. 144, item 1024, as amended). If the Service User has consented to receiving commercial information by electronic means, he/she has the right to withdraw such consent at any time. The right to withdraw consent to receiving commercial information is exercised by sending an email to the Administrator's address with the relevant request, along with the first and last name of the Service User.

11. The Administrator processes the personal data of Users visiting the Administrator's profiles maintained on social media (Facebook, YouTube, Linkedin). This data is processed to inform Users about the Administrator's activities, offer services, and communicate with Users through tools available on social media. The legal basis for processing personal data for this purpose is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in promoting its own brand and offered services as well as building and maintaining a community associated with the brand.

12. Within the Service, the Administrator may automatically tailor certain content to the User's needs, i.e., perform profiling, using the personal data provided by the User for this purpose. Profiling primarily involves automatically assessing which products the User may be interested in based on their past actions taken on the Internet, including within the Administrator's websites, and displaying profiled advertisements of products in this way. Profiling carried out by the Administrator does not result in making decisions that have legal effects on the User or significantly affect them in a similar manner.

III. User Rights

1. In accordance with Articles 15-22 of the GDPR, each User of the Service has the following rights:

a) the right to information about the processing of personal data - upon request, the Administrator provides information about the processing of personal data, the purposes and legal bases of processing, the scope of data held, the recipients to whom personal data are disclosed, and the planned date of their deletion;

b) the right to obtain a copy of data - the Administrator provides a copy of the processed data concerning the requesting person;

c) the right to rectification - the Administrator, upon request of the Participant, removes any discrepancies or errors concerning the processed personal data, and supplements or updates them if they are incomplete or have changed;

d) the right to erasure of data - the User may request the erasure of data whose processing is no longer necessary for any of the purposes for which they were collected;

e) the right to restriction of processing - on this basis, the Administrator ceases to carry out operations on personal data, except for operations to which the person whose data it concerns has consented, and their storage, in accordance with the adopted retention policies, or until the reasons for restricting data processing cease (e.g., a decision of the supervisory authority allowing further data processing is issued);

f) the right to data portability - on this basis, to the extent that data are processed in connection with a concluded agreement or given consent, the Administrator provides data provided by the person to whom they relate;

g) the right to object to the processing of data for marketing purposes - the person whose data it concerns may at any time object to the processing of personal data for marketing purposes, without the need to justify such objection;

h) the right to object to other purposes of data processing - the person whose data it concerns may at any time object to the processing of personal data. The objection in this respect should include justification and is subject to assessment by the Administrator;

i) the right to withdraw consent - if the data are processed based on consent, the person to whom the data relate has the right to withdraw it at any time, which does not affect the lawfulness of processing carried out before the withdrawal of that consent;

j) the right to lodge a complaint - if it is believed that the processing of personal data violates the GDPR or other regulations concerning the protection of personal data, the person to whom the data relate may lodge a complaint with the supervisory authority. The request for the exercise of data subject rights can be submitted:

a) in writing to the address: Ippon Group Sp. z o.o. with its registered office in Warsaw (00-609), al. Armii Ludowej 26, piętro 8

b) by email to the address: administrator@ippon.group

2. A response to requests will be provided within one month of receipt. If it is necessary to extend this deadline, the Administrator will inform the applicant of the reasons for such an extension.

3. The response will be provided to the email address from which the application was sent, and in the case of applications sent by post, by registered letter to the address indicated by the applicant, unless the content of the letter indicates a request for feedback to the email address (in such a case, the email address should be provided).

IV. Cookies and Similar Technology

1. The Service uses cookies.

2. Cookies (so-called "cookies") are computer data, in particular text files, which are stored on the end device of the Service User and are intended for use on the Service's websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.

3. The entity placing cookies on the end device of the Service User and obtaining access to them is the Administrator. Cookies are used, among others, for the following purposes: a) creating statistics that help understand how Service Users use the websites; b) maintaining the user's session on the service (after logging in), so that the User does not have to re-enter their login and password on each subpage of the service; c) determining the user's profile to display them tailored materials in advertising networks, especially in the Google network.

4. Two basic types of cookies are used within the Service: "session" cookies and "persistent" cookies. "Session" cookies are temporary files that are stored on the User's end device until logging out, leaving the website, or turning off the software (web browser). "Persistent" cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.

5. Web browsing software (web browser) usually allows cookies to be stored on the User's end device by default. Service Users can change their settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided in the help or documentation of the web browser. Limiting the use of cookies may affect some functionalities available on the Service's websites.

6. To collect statistics, the Administrator uses the Google Analytics product, thus the User's data visiting the Service will be received by Google, 1600 Amphitheatre Parkway Mountain View, CA 94043 United States. Google is certified under the Privacy Shield program. Under the agreement between the USA and the European Commission, the latter has declared an adequate level of data protection for companies holding the Privacy Shield certificate. It is possible to block Google Analytics access to User data by installing a browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout/. For details regarding data processing under Google Analytics, we encourage you to read the explanations prepared by Google: https://policies.google.com/privacy?hl=en.

7. The Administrator also uses marketing tools available within the Facebook service and provided by Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA. Within these tools, advertisements on the Facebook service are targeted. Actions in this regard are carried out based on a legitimate interest in the form of marketing one's own products or services. In order to target personalized advertisements based on the behaviors of Users visiting the website https://ippon.group/, the Facebook Pixel has been implemented, which automatically collects information about the use of the Service. Information collected in this way is most often transmitted to Facebook servers in the United States and stored there. Information collected within the Facebook Pixel is anonymous, i.e., it does not allow the User to be identified. The Administrator is only informed about the actions the User has taken on their website. However, Facebook may associate this information with other information about the User collected while using the Facebook service and use it for its own purposes, including marketing. Such actions by Facebook are no longer dependent on the Administrator, and information about them is described in Facebook's privacy policy: https://www.facebook.com/privacy/explanation. From their Facebook account, users can also manage their privacy settings. Facebook Inc. is headquartered in the USA and utilizes technical infrastructure located in the USA. To ensure an appropriate level of personal data protection required by European regulations, Facebook has joined the EU-US Privacy Shield program. Under the agreement between the USA and the European Commission, the latter has recognized an adequate level of data protection for companies holding the Privacy Shield certificate.

8. To provide users with additional information, the website https://ippon.group/ contains links to websites administered by entities independent of the Administrator, such as Facebook, LinkedIn, or YouTube. Separate clauses or privacy policies may apply to them. The Administrator encourages users to familiarize themselves with their content.

9. With regard to any websites linked to the Service that are not owned by the Administrator or subject to their control, the Administrator bears no responsibility for their content or for the confidentiality principles applicable to users. When displaying a website containing such a link, the user's browser establishes a direct connection with the servers of the social media service providers (service providers). The content of the plugin is transmitted directly from the respective service provider to the user's browser and integrated into the website. Through this integration, service providers receive information that the user's browser has displayed the Administrator's website, even if the user does not have a profile with the respective service provider or is not currently logged into it. This information (along with the IP address) is transmitted directly from the user's browser to the server of the respective service provider (some servers are located in the USA) and stored there. If a user is logged into one of the social media services, that service provider will be able to directly associate the visit to the Administrator's website with the user's profile on that social media service. If a user uses a particular plugin, such as clicking the "Like" or "Share" button, the relevant information will also be transmitted directly to the server of the respective service provider and stored there. Additionally, this information will be published on the respective social media service and will be visible to contacts added by the user. The purpose and scope of data collection, as well as their further processing and use by service providers, as well as the user's contact options and rights in this regard and the possibility of making settings to ensure privacy protection, have been described in the privacy policies of the respective service providers.

10. If a user does not want social media services to directly associate data collected during visits to the Administrator's website with the user's profile on that service, they should log out of that service before visiting the website. Users can also completely prevent plugins from loading on the website by using appropriate extensions for their browser, such as script blocking.

V. Server Logs

1. Using the website involves sending queries to the server where the website is stored. Each query directed to the server is recorded in server logs. The logs include, among other things, the user's IP address, server date and time, information about the internet browser, and operating system used. Server logs are recorded and stored on the server.

2. Data stored in server logs are not associated with specific individuals using the website and are not used by the Administrator to identify the user.

3. Server logs serve solely as auxiliary material for administering the website, and their contents are not disclosed to anyone other than persons authorized to administer the server.

VI. Final Provisions

The privacy policy is regularly reviewed and updated as necessary.

The privacy policy is effective as of November 30, 2019.