Privacy Policy

The privacy policy describes the principles of how we process information about you, including personal data and cookies, also known as cookies.


1. General Information

  1. This policy applies to the website operating at the URL: oneart.pl
  2. The service operator and personal data administrator is: Tomasz Brzeziński
  3. Operator’s contact email address: max@oneart.pl
  4. The operator is the administrator of your personal data with respect to the data you voluntarily provide on the website.
  5. The website uses personal data for the following purposes:
    • Operating a newsletter
    • Operating a comment system
    • Conducting online chat conversations
    • Handling inquiries via a form
    • Providing the requested services
    • Presenting an offer or information
  6. The website obtains information about users and their behavior in the following ways:
    1. Through data voluntarily entered in forms, which are entered into the operator’s systems.
    2. By saving cookies (so-called “cookies”) on end devices.

2. Selected Data Protection Methods Used by the Operator

  1. Login areas and areas for entering personal data are protected at the transmission layer (SSL certificate). This means that personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
  2. User passwords are stored in a hashed form. The hashing function works in one direction—it is not possible to reverse it, which is the contemporary standard for storing user passwords.
  3. Two-factor authentication is used in the service, providing an additional form of protection for logging into the website.
  4. The operator periodically changes their administrative passwords.
  5. To protect the data, the operator regularly makes backups.
  6. A crucial element of data protection is the regular update of all software used by the operator to process personal data, which particularly includes regular updates of software components.

3. Hosting

  1. The website is hosted (technically maintained) on the operator’s servers: zenbox.pl
  2. The hosting company logs server-level data to ensure technical reliability. These logs may include:
    • Resources specified by URL identifier (addresses of requested resources—pages, files),
    • Time of the request,
    • Time of the response,
    • Name of the client’s station—identified through the HTTP protocol,
    • Information about errors that occurred during the HTTP transaction,
    • URL address of the previously visited page by the user (referrer link)—if the transition to the website was made via a link,
    • Information about the user’s browser,
    • Information about the IP address,
    • Diagnostic information related to the self-ordering process through recorders on the website,
    • Information related to the handling of email directed to and sent by the operator.

4. Your Rights and Additional Information on How Your Data is Used

  1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to fulfill the contract concluded with you or to fulfill the obligations of the Administrator. This applies to the following groups of recipients:
    • Hosting company on an entrustment basis
    • Payment operators
    • Comment system operators
    • Online chat solution operators
    • Authorized employees and associates who use the data to achieve the purpose of the website
  2. Your personal data processed by the Administrator is not retained longer than necessary to perform the related activities specified by separate regulations (e.g., accounting regulations). With respect to marketing data, the data will not be processed for more than 3 years.
  3. You have the right to request from the Administrator:
    • Access to personal data concerning you,
    • Rectification of data,
    • Deletion of data,
    • Restriction of processing,
    • Data portability.
  4. You have the right to object to the processing indicated in point 3.2 regarding the processing of personal data in order to perform the legitimate interests pursued by the Administrator, including profiling, provided that the objection right cannot be exercised if there are valid legally justified grounds for processing, overriding your interests, rights, and freedoms, in particular for establishing, pursuing, or defending claims.
  5. Complaints about the Administrator’s actions can be submitted to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
  6. Providing personal data is voluntary but necessary to operate the website.
  7. Automated decision-making processes, including profiling, may be undertaken with respect to you in order to provide services under the concluded contract and for the purpose of direct marketing conducted by the Administrator.
  8. Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not send it outside the territory of the European Union.

5. Information in Forms

  1. The website collects information voluntarily provided by the user, including personal data, if provided.
  2. The website may store information about connection parameters (time designation, IP address).
  3. In some cases, the website may save information to facilitate linking data in the form with the email address of the user filling out the form. In such cases, the user’s email address appears inside the URL of the page containing the form.
  4. Data provided in the form is processed for purposes resulting from the function of the specific form, e.g., to handle a service request or commercial contact, register services, etc. The context and description of the form clearly inform what it is used for.

6. Administrator Logs

  1. Information about user behavior on the website may be logged. This data is used for the purpose of administering the website.

7. Important Marketing Techniques

  1. The operator uses statistical analysis of website traffic through Google Analytics (Google Inc. based in the USA). The operator does not provide personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s end device. Regarding the information about user preferences collected by Google’s advertising network, the user can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/
  2. The operator uses Facebook Pixel. This technology means that Facebook (Facebook Inc. based in the USA) knows that a person registered with it uses the service. In this case, it is based on data for which it is the administrator. The operator does not transmit any additional personal data from itself to Facebook. The service is based on the use of cookies on the user’s end device.
  3. The operator uses a solution that tracks user behavior by creating heat maps and recording behavior on the website. This information is anonymized before being sent to the service operator so that they do not know which physical person it concerns. In particular, passwords and other personal data entered are not recorded.
  4. The operator uses a solution that automates the operation of the website concerning users, e.g., it may send an email to a user after visiting a specific subpage, provided they have consented to receive commercial correspondence from the operator.

8. Information on Cookies

  1. The website uses cookies.
  2. Cookies (so-called “ciasteczka”) are IT data, particularly text files, that are stored on the end device of the Service User and are intended for the use of the website’s pages. Cookies typically contain the name of the website they come from, the time they are stored on the end device, and a unique number.
  3. The entity placing cookies on the Service User’s end device and accessing them is the website operator.
  4. Cookies are used for the following purposes:
    1. Maintaining the Service User’s session (after logging in), so the user does not have to re-enter their login and password on each subpage of the website;
    2. Achieving the purposes set out above in the section “Important marketing techniques”;
  5. The website uses two fundamental types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the User’s end device until logging out, leaving the website, or turning off the software (web browser). “Persistent” cookies are stored on the User’s end device for the time specified in the parameters of the cookies or until they are deleted by the User.
  6. Web browsing software (web browser) typically allows cookies to be stored on the User’s end device by default. Website users can change the settings in this regard. The web browser allows the deletion of cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.
  7. Restrictions on the use of cookies may affect some of the functionalities available on the website’s pages.
  8. Cookies placed on the User’s end device may also be used by entities cooperating with the website operator, particularly regarding companies such as Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), and Twitter (Twitter Inc. based in the USA).

9. Managing Cookies – How to Express and Withdraw Consent in Practice?

  1. If a user does not want to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, or user preference maintenance processes may hinder, and in extreme cases, may prevent the use of websites.
  2. To manage cookie settings, select the web browser you are using from the list below and follow the instructions:
    • Edge
    • Internet Explorer
    • Chrome
    • Safari
    • Firefox
    • Opera

      Mobile devices:
      • Android
      • Safari (iOS)
      • Windows Phone
Scroll to Top