Skip links

Privacy Policy

Privacy Policy of www.fantasmatic.pl

This Privacy Policy describes how we process your information, including personal data and cookies.

1. General Information

  1. This policy applies to the Website operating at the URL: www.fantasmatic.pl
  2. The operator of the website and the Personal Data Administrator is the company Fantasmatic Sp. z o.o. registered at Al. Solidarności 113, lok 21A, 00-140 Warsaw, entered into the National Court Register by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register under KRS number 0000876396, REGON 387878100, NIP 5252848100
  3. Operator’s contact email address: foto@fantasmatic.pl
  4. The Operator is the Administrator of your personal data in relation to the data voluntarily provided on the Website.
  5. The Website uses personal data for the following purposes:
    • Newsletter management
    • Handling inquiries via form
    • Provision of ordered services
    • Presentation of offers or information
  6. The Website collects information about users and their behavior in the following ways:
    1. Through data voluntarily entered in forms, which is then entered into the Operator’s systems.
    2. By saving cookie files (so-called “cookies”) on end-user devices.

2. Selected data protection methods used by the Operator

  1. Login and personal data entry points are protected at the transmission layer (SSL certificate). This ensures that personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
  2. Personal data stored in the database is encrypted in such a way that only the Operator possessing the key can read it. This protects the data in case of database theft from the server.
  3. User passwords are stored in hashed form. The hashing function is one-way – it cannot be reversed, which is a modern standard for storing user passwords.
  4. The Operator periodically changes its administrative passwords.
  5. To protect data, the Operator regularly performs backups.
  6. A crucial element of data protection is the regular updating of all software used by the Operator for personal data processing, which specifically means regular updates of programming components.

3. Hosting

  1. The Website is hosted (technically maintained) on the servers of the operator: Kru.pl Sp. z o.o.
  2. Registration data of the hosting company: Kru.pl Sp. z o.o. 31-305 Kraków, ul. E. Radzikowskiego 3 NIP: 9512360611, REGON: 146203721, KRS: 0000434320 (District Court for Kraków-Śródmieście in Kraków – XI Commercial Division)
  3. At https://www.kru.pl/polityka.php, you can learn more about hosting and check the hosting company’s privacy policy.
  4. The hosting company:
    • employs data loss prevention measures (e.g., disk arrays, regular backups),
    • employs adequate protection measures for processing locations in case of fire (e.g., special fire suppression systems),
    • employs adequate protection measures for processing systems in case of sudden power failure (e.g., dual power paths, generators, UPS power backup systems),
    • employs physical access protection measures for data processing locations (e.g., access control, monitoring),
    • employs measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g., environmental control, specialized air conditioning systems),
    • employs organizational solutions to ensure the highest possible degree of protection and confidentiality (training, internal regulations, password policies, etc.),
    • has appointed a Data Protection Officer.
  5. To ensure technical reliability, the hosting company maintains server-level logs. The following may be recorded:
    • resources specified by URL identifier (addresses of requested resources – pages, files),
    • time of request arrival,
    • time of response dispatch,
    • client workstation name – identification performed by the HTTP protocol,
    • information about errors that occurred during HTTP transactions,
    • URL address of the page previously visited by the user (referer link) – if the transition to the Website occurred via a link,
    • user browser information,
    • IP address information,
    • diagnostic information related to the self-service ordering process via registrars on the website,
    • information related to email handling directed to and sent by the Operator.

4. Your rights and additional information on data usage

  1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary for the performance of a contract concluded with you or to fulfill obligations incumbent on the Administrator. This applies to the following groups of recipients:
    • hosting company on the basis of entrustment
    • payment operators
    • authorized employees and associates who use the data to achieve the website’s operational purpose.
  2. Your personal data processed by the Administrator will not be processed longer than necessary to perform related activities specified by separate regulations (e.g., accounting). For marketing data, data will not be processed for longer than 3 years.
  3. You have the right to request from the Administrator:
    • access to your personal data,
    • their rectification,
    • erasure,
    • restriction of processing,
    • and data portability.
  4. You have the right to object to the processing indicated in point 3.3 c) regarding the processing of personal data for the purpose of legitimate interests pursued by the Administrator, including profiling, provided that the right to object cannot be exercised if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, in particular for the establishment, exercise, or defense of legal claims.
  5. You have the right to lodge a complaint regarding the Administrator’s actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
  6. Providing personal data is voluntary, but necessary for the operation of the Website.
  7. Automated decision-making, including profiling, may be carried out in relation to you for the purpose of providing services under the concluded agreement and for the Administrator’s direct marketing activities.
  8. Personal data is not transferred from third countries within the meaning of personal data protection regulations. This means we do not transfer it outside the European Union.

5. Information in forms

  1. The Website collects information voluntarily provided by the user, including personal data, if provided.
  2. The Website may save connection parameters information (timestamp, IP address).
  3. In some cases, the Website may save information facilitating the linking of data in the form with the email address of the user filling out the form. In such a case, the user’s email address appears within the URL of the page containing the form.
  4. Data provided in the form is processed for the purpose resulting from the function of the specific form, e.g., for handling a service request or commercial contact, service registration, etc. In each case, the context and description of the form clearly indicate its purpose.

6. Administrator Logs

  1. Information about user behavior on the website may be logged. This data is used for website administration.

7. Key Marketing Techniques

  1. The Operator uses statistical analysis of website traffic via Google Analytics (Google Inc. based in the USA). The Operator does not transfer personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s end device. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookie files using the tool: https://www.google.com/ads/preferences/
  2. The Operator uses remarketing techniques that allow for tailoring advertising messages to user behavior on the website, which may give the impression that the user’s personal data is used for tracking, but in practice, no personal data is transferred from the Operator to advertising operators. The technological condition for such actions is enabled cookie support.
  3. The Operator uses the Facebook pixel. This technology allows Facebook (Facebook Inc. based in the USA) to know that a person registered with them is using the Website. In this case, it relies on data for which Facebook itself is the administrator; the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.

8. Information about cookies

  1. The Website uses cookies.
  2. Cookie files (so-called “cookies”) are IT data, specifically text files, which are stored on the Website User’s end device and are intended for using the Website’s web pages. Cookies usually contain the name of the website they come from, their storage time on the end device, and a unique number.
  3. The entity placing cookie files on the Website User’s end device and accessing them is the Website operator.
  4. Cookie files are used for the following purposes:
    1. maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on every subpage of the Website;
    2. achieving the purposes specified above in the “Key Marketing Techniques” section;
  5. Within the Website, two main types of cookie files are used: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the User’s end device until logging out, leaving the website, or closing the software (web browser). “Persistent” cookies are stored on the User’s end device for a period specified in the cookie parameters or until deleted by the User.
  6. Web browsing software (web browser) usually allows, by default, the storage of cookie files on the User’s end device. Website Users can change these settings. The web browser allows for the deletion of cookie files. Automatic blocking of cookie files is also possible. Detailed information on this topic can be found in the help or documentation of the web browser.
  7. Restrictions on the use of cookie files may affect some functionalities available on the Website’s web pages.
  8. Cookie files placed on the Website User’s end device may also be used by entities cooperating with the Website operator, particularly including companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing cookie files – how to practically express and withdraw consent?

  1. If the user does not wish to receive cookie files, they can change their browser settings. We reserve that disabling cookie support essential for authentication processes, security, and maintaining user preferences may hinder, and in extreme cases, prevent the use of websites.
  2. To manage cookie settings, select the web browser you use from the list below and follow the instructions:

    Mobile devices:

www.fantasmatic.pl
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.