Privacy Policy

1. General Information

This policy applies to the website operating at the URL: rs-mal.pl.
The website operator and Data Controller is: Mateusz Smolarski RS-MAL, os. Pod Skarpą 28/2, 34-100 Wadowice, Poland.
Contact email address: biuro@rs-mal.pl
The Operator is the Controller of your personal data with regard to the data voluntarily provided on the Website.
The Website processes personal data for the following purposes:

• Handling inquiries via the contact form

• Presenting offers or information

The Website gathers information about users and their behavior in the following ways:

• Through data voluntarily entered in forms, which are entered into the Operator’s systems

• Through cookies saved on end-user devices

2. Selected Data Protection Methods Used by the Operator

• Login and personal data entry areas are protected at the transmission layer (SSL certificate). This ensures that personal data and login credentials are encrypted on the user’s computer and can only be read by the target server.

• The Operator regularly creates backup copies for data protection.

• A key part of data protection is regularly updating all software used by the Operator to process personal data, especially programming components.

3. Hosting

The website is hosted (technically maintained) on servers of an external provider.
To ensure technical reliability, the hosting company keeps server-level logs. These logs may include:

• Resources identified by a URL (pages, files)

• Time of the request

• Time of response

• Client station name – identified via HTTP protocol

• Error information from HTTP transactions

• URL of the previously visited page (referer) if the user was redirected via a link

• Browser information

• IP address

• Diagnostic information related to self-service ordering processes

• Email service handling information sent to and from the Operator

4. Your Rights and Additional Information on How Data is Used

In some cases, the Controller may transfer your data to other recipients if it is necessary to perform a contract or to fulfill legal obligations. These recipients include:

• Hosting companies under a data processing agreement

• Authorized employees and collaborators who use the data to fulfill website functions

• Companies providing marketing services for the Controller

Your personal data is processed no longer than necessary to fulfill tasks defined by specific legal provisions (e.g., accounting regulations). Marketing data will not be processed longer than 3 years.

You have the right to:

• Access your personal data

• Rectify your data

• Delete your data

• Limit processing

• Transfer your data

You also have the right to object to the processing referred to in item 3.2 when it concerns legally justified interests of the Controller, including profiling, unless there are overriding legitimate grounds for processing.

You can lodge a complaint about the Controller’s actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.

Providing personal data is voluntary but necessary to use the Website.
Automated decision-making, including profiling, may be applied to you in connection with service delivery or direct marketing.
Personal data is not transferred outside the European Union.

5. Information in Forms

The website collects data voluntarily provided by users, including personal data if provided.
The site may store connection parameters (e.g., time, IP address).
In some cases, it may store information linking form data to the user’s email address, e.g., in the form URL.
Data from forms is processed for the purpose specified in the specific form’s description, such as handling a service request, business contact, or service registration.

6. Administrator Logs

User behavior on the website may be logged. This data is used for website administration.

7. Important Marketing Techniques

• The Operator uses Google Analytics (Google Inc., USA) for statistical analysis. No personal data is shared with the service; only anonymized data is used. Google cookies may be used. Users can manage preferences at: https://www.google.com/ads/preferences/

• Remarketing techniques are used to match ads to user behavior on the site. No personal data is shared with ad providers. Cookies are required for these techniques.

• User behavior is analyzed via heatmaps and session recordings (anonymized, no passwords or personal data).

• Automated website functions may send emails after visiting specific subpages, provided the user has consented to commercial communication.

8. Cookie Information

The Website uses cookies.
Cookies are text files stored on the user’s end device and used for website functionality.
Cookies typically include: website name, storage time, and a unique identifier.
The Operator places cookies on the user’s device and has access to them.

Cookies are used to:

• Maintain user sessions (e.g., staying logged in)

• Implement marketing techniques mentioned earlier

Types of cookies used:

• Session cookies – temporary, deleted when the user logs out or closes the browser

• Persistent cookies – stored until a set expiration or manual deletion

By default, browsers allow cookies. Users can change this in their browser settings to block or delete cookies.
Restricting cookies may affect website functionality.

Cookies may also be used by third parties such as:

• Google (USA)

• Facebook (USA)

• Twitter (USA)

9. Managing Cookies – How to Give or Withdraw Consent in Practice

If you do not wish to receive cookies, you can change your browser settings.
Disabling essential cookies for authentication, security, or preferences may hinder or, in extreme cases, prevent website use.

To manage cookies, choose your browser from the list below and follow the instructions:

Desktop browsers:

• Edge

• Internet Explorer

• Chrome

• Safari

• Firefox

• Opera

Mobile devices:

• Android

• Safari (iOS)

• Windows Phone