Privacy Policy - The Heart Legal

PRIVACY POLICY OF TH LEGAL SERVICE

1. DEFINITIONS
Whenever the terms listed in Section 1 are used in this Privacy Policy, they shall be understood as defined below.
1.1. Administrator or TH LEGAL – a company operating under the name of TH LEGAL JKOZIOŁ spółka komandytowa with its registered office in Warsaw, ul. Rondo Ignacego Daszyńskiego 1, P.29 (00-843, Warsaw), entered in the Register of Entrepreneurs kept by the District Court for the city of Warsaw. Warsaw, XIII Economic Department of the National Court Register, under the KRS number 0000999243, having NIP number 5273025326 and REGON number 523499210. Contact with the Administrator is possible via e-mail address: office@theheart.legal.
1.2. Personal Data or Data – personal data within the meaning of the RODO.
1.3. User – means any natural person visiting the Site or using one or more of the functionalities described in the Policy.
1.4. Policy – this Privacy Policy.
1.5. Regulations – the regulations of the TH LEGAL Service.
1.6. RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC.
1.7. Service – a website with a collection of all data, information, content and functionality available through it, located at: theheart.legal
1.8. Social Media – social media used by the Administrator.

2. GENERAL PROVISIONS
2.1. The Administrator processes data in connection with the use of the Service. In connection with the User’s use of the Website, the Administrator collects personal data to the extent necessary to provide the services offered, as well as information about the User’s activity on the Website. The detailed rules and purposes of processing personal data collected during the User’s use of the Website are described below.
2.2. With respect to the following categories of Users, the Administrator processes personal data under the terms of the Policy.

3. DATA PROCESSING WITHIN THE SERVICE
3.1. The Administrator processes Users’ personal data for the following purposes:
3.1.1. Provision of Services – in order to provide Users with the services and functionalities of the Website that the User wishes to use in accordance with the Terms and Conditions. Necessary cookies may only be installed by the Administrators through the Service (legal basis: Article 6(1)(b) of the DPA);
3.1.2. Conducting analytics – for analytics and statistical purposes – the legal basis for processing consisting in analyzing the activity of Users in order to improve functionality and services provided is the administrator’s legitimate interest in conducting statistics on the use of the Service in connection with the consent expressed by the User through the cookie banner (legal basis: Article 6(1)(f) RODO);
3.1.3. Conducting marketing activities – in order to provide advertisements and evaluate their performance within the Service – the legal basis for processing consisting in analyzing the activity of Users in order to improve the functionality and services provided is the legitimate interest of the administrator consisting in conducting advertising activities based on the consent expressed by the User through the cookie banner (legal basis: Article 6(1)(a) RODO);
3.1.4. Possible establishment and assertion of claims or defense against claims – the legal basis for processing is the legitimate interest of the Administrator to protect your rights (legal basis: Article 6(1)(f) RODO).
3.2. On the Website, the Administrator and trusted partners, use cookie technology. Cookies are small text files installed on the device of the User browsing our Website. Cookies collect information that facilitates the use of the Website – for example, by remembering the User’s visits to the Website and the activities he/she performs. The Administrator may use cookies and similar technologies for the following purposes.
3.3. The use of cookies for the purpose of providing services is necessary for the use of the Website. The use of cookies for analytical and marketing purposes is voluntary and is done in accordance with your consent. Consent can be withdrawn at any time using the functionality of the Service.
3.4. The following User data may be processed: IP address, other identifiers and data stored in cookies or other similar technologies.
3.5. Cookies can be managed through a consent management platform that allows you to customize the cookies used according to your preferences.
3.6. The user can make the appropriate change in the settings of the Internet browser to disable cookies. Changing your browser settings can restrict the use of both service and analytical and marketing cookies. The Administrator stipulates that this may significantly impede or prevent the use of the Website.
3.7. To do this, use the option of the Internet browser used to connect to the Site and select the option to automatically reject cookies. These settings usually also allow you to manage cookies.
3.8. Below you will find links to sample official websites of the manufacturers of the most commonly used web browsers, where you will find information on the steps needed to change the settings of a particular browser to the extent described above:
3.8.1. Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09.
3.8.2. Mozilla Firefox: https://support.mozilla.org/pl/kb/ciasteczka.
3.8.3. Google Chrome: https://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647.
3.8.4. Opera: https://help.opera.com/Windows/12.10/pl/cookies.html.
3.8.5. Safari: https://support.apple.com/kb/PH5042?locale=en-GB.
3.9. The user can also specify the ability to store or access cookies at any time and through the settings of the software installed within their device.

4. DATA PROCESSING USING SOCIAL MEDIA
4.1. The Administrator processes personal data of Users who follow TH LEGAL’s profiles on Social Media and interact with them in order to:
4.1.1. to inform about the services we provide and to build a positive image of TH LEGAL (legal basis: Article 6(1)(f) of the DPA) which constitutes the Administrator’s legitimate interest in promoting the activities and ensuring the recognition of TH LEGAL;
4.1.2. responding to inquiries and comments received via social media (legal basis: Article 6(1)(f) of the DPA), which is the Administrator’s legitimate interest in responding to inquiries and comments from people using social media;
4.1.3. possible establishment and investigation of claims or defense against claims – the legal basis of the processing is the legitimate interest of the Administrator to protect your rights (legal basis: Article 6(1)(f) RODO).
4.2. The following data may be processed: name or nickname, other information publicly available on the User’s profile on Social Media or which the User provides to TH LEGAL. Providing data publicly available in the User’s profile may be necessary to interact with the Administrator on Social Media for the purposes indicated in Section 4.1. Policies. Provision of other types of data is voluntary and the User may provide them in order to facilitate contact with the Administrator or to handle his/her inquiry.
4.3. You can find detailed information on the processing of data by Social Media used by the Administrator at the following link:
https://pl.linkedin.com/legal/privacy-policy

5. THOSE CONTACTING TH LEGAL
5.1. The Administrator processes the personal data of Users who contact the Administrator via the contact form on the Website, the form that allows them to send a resume, or who contact the Administrator in any other way for the following purposes:
5.1.1. identification of the sender and handling of the inquiry, request or application sent (legal basis: Article 6(1)(f) RODO), which is the Administrator’s legitimate interest in responding to the submitted inquiry;
5.1.2. necessary for the conclusion of the employment contract (legal basis: Article 6(1)(b) of the DPA), in terms of name, surname, date of birth, contact details, education, professional qualifications and history of previous employment (Article 22¹ § 1 of the Labor Code);
5.1.3. possible establishment and investigation of claims or defense against claims – the legal basis of the processing is the legitimate interest of the Administrator to protect your rights (legal basis: Article 6(1)(f) RODO).
5.2. The following data may be processed: your name, company name, e-mail address, telephone number or other information that you provide to us in the course of contact.
5.3. Provision of data marked as mandatory is required by the Administrator as part of the form to accept and handle the User’s inquiry. Failure to provide this data makes it impossible to handle the request. Provision of other types of data and data through contact by other means is voluntary. However, you may provide them to facilitate contact with the Administrator or to handle your inquiry.

6. DATA PROCESSING PERIOD AND DATA RECIPIENTS
6.1. As a general rule, data are processed for the duration of the service, until the consent given is withdrawn or an effective objection is made to the processing in cases where the legal basis for the processing is the legitimate interest of the Administrator.
6.2. The period of data processing may be extended if the processing is necessary for the establishment and assertion of possible claims or defense against claims, and thereafter only if and to the extent required by law. At the end of the processing period, the data are irreversibly deleted or anonymized.
6.3. Personal data, depending on the purpose of processing, may be transferred to entities cooperating with the Administrator:
6.3.1. entities affiliated with the Administrator;
6.3.2. entities that provide services to the Administrator, such as providers of information systems and IT services, platform to support the Administrator, law firms, marketing agencies (for marketing services).
6.4. In the case of those who have consented to sending commercial information, Users’ personal data may be disclosed to service providers and IT systems that the Administrator uses to send commercial information.
6.5. Personal data may be transferred outside the European Economic Area (hereinafter: “EEA”), to third countries that do not guarantee the same level of protection that is required in the EU. In order to protect personal data, TH LEGAL will transfer data only (i) pursuant to an enabling decision of the European Commission, or (ii) on the basis of EU-approved standard contractual clauses. To access the documents TH LEGAL uses to transfer your personal data from the EEA, please contact the Administrator.

7. RIGHTS OF DATA SUBJECTS
7.1. Each person has the right to request access to his or her data, rectification, deletion, portability, restriction of processing, to lodge a complaint with the President of the Office for Personal Data Protection, as well as to withdraw consent at any time without affecting the legality of processing carried out on the basis of consent before its withdrawal.
7.2. The right to object to data processing is available in the case of processing based on the legitimate interests of the data controller.
7.3. The User may exercise his/her rights by contacting the Administrator through the data indicated in Section 1.1.

8. FINAL PROVISIONS
8.1. The provisions of the TH LEGAL Privacy Policy may be subject to improvements and changes, and the latest versions of the Policy will be published on the TH LEGAL Website each time and will be dated as of the last update.
8.2. In matters not regulated by the Privacy Policy, the provisions of the Civil Code and relevant acts of Polish law, as well as European Union law, in particular RODO, shall apply.
8.3. The policy is effective as of March 12, 2024.