We develop expertise in real estate
link do allebank.pl logo i link do linkedin.pl contact
info@amron.pl
Pasek dekoracyjny na górzer strony

Privacy Policy

Definitions

Controller – the controller of Users’ data collected in connection with the use of the Service is Centrum Procesów Bankowych i Informacji Sp. z o.o., with its registered office at ul. Leona Kruczkowskiego 8, 00-380 Warsaw, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, 19th Commercial Division of the National Court Register, under KRS No. 0000035860, NIP No. 5260213095, REGON No. 01105283000000.

Personal Data – any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name and surname, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Privacy Policy – this privacy policy of the Service.

Processing – an operation or set of operations performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

PT – the Telecommunications Law Act of 16 July 2004 (Journal of Laws of 2022, item 1648, as amended).

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Service – the website operated by the Controller at https://amron.pl/.

UODO – the Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2019, item 1781, as amended).

UŚUDE – the Act on Providing Services by Electronic Means of 18 July 2002 (Journal of Laws of 2020, item 344, as amended).

User – any natural person visiting the Service or using one or more of the services or functionalities described in the Privacy Policy.

General Information

As the Controller responsible for the security of the Service for all Users, we respect your right to privacy and, in particular, we ensure the protection of your Personal Data and apply appropriate technological and legal measures to prevent interference with your privacy by third parties. Our activities are aimed at ensuring that you feel fully secure when using the Service, at a level appropriate to the applicable laws, including: the GDPR, PT, UODO and UŚUDE. Accordingly, we emphasise that we process your Personal Data only to the extent necessary to provide individual services offered within the Service, and also in order to obtain information about your activity in the Service.

This Privacy Policy governs the Processing and protection of your Personal Data as a User in connection with your use of the Service. Merely browsing the Service does not require you to provide any Personal Data; nevertheless, your Personal Data is also processed in such a case (see Section III). In addition, when using other functionalities of the Service (subscribing to the newsletter and other forms of marketing, participation in training courses organised by us, ordering services provided by us, submitting a question via the contact form), you may be asked to provide your Personal Data within the scope of the relevant form.

Detailed rules and purposes for the Processing of your Personal Data collected when using the Service’s functionalities are described below.

Use of the Service

Using the Service by browsing it does not require providing Personal Data by completing any forms. However, this does not mean that we do not receive or process your Personal Data in this scope. While you browse the Service, we collect your Personal Data relating to your activity in the Service (recorded in system logs), i.e.: the IP address of the device you use to browse the Service, information about the web browser and operating system you use, the date and time of your activity, including actions you take within the Service, approximate location, and any other information collected via cookies.

Providing the above Personal Data is voluntary, but necessary to analyse your activity in the Service. Failure to provide it results in an inability to analyse it and, potentially, an inability to use those functionalities of the Service that require providing such Personal Data (more information about processing your Personal Data when using the Service without registration is provided in the chapter on cookies).

Your Personal Data processed when you browse the Service without registration will be processed for the following purposes:

management and administration of the Service and ensuring its functionality (Article 6(1)(f) GDPR);
providing the User with content collected in the Service (Article 6(1)(b) GDPR);
ensuring ongoing contact with the User (Article 6(1)(b) GDPR);
analysing Users’ activity and preferences in order to improve the Service’s functionalities (Article 6(1)(f) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR).
We will process the above Personal Data until you effectively object, the purpose of processing is achieved, or the relevant cookies are deleted. After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

Communication with the User

Contacting persons responsible for the operation of the Service by sending an electronic message to any email address provided in the Service, or by submitting a question using the contact form available in the “Contact” section of the Service, involves the processing of your Personal Data. By contacting us in this way, you provide us primarily with your name and surname and your email address, together with the content of your message, which may include Personal Data.

Providing the above Personal Data is voluntary, but necessary to establish contact.

Your Personal Data for the purpose of ongoing contact with the User will be processed for the following purposes:

ensuring ongoing contact with the User, including responding to the question asked via electronic means (Article 6(1)(b) GDPR);
identifying Users’ needs (Article 6(1)(f) GDPR);
management and administration of the Service and ensuring its functionality (Article 6(1)(f) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR).
We will process the above Personal Data until you effectively object or until the purpose of processing is achieved, i.e., until the matter covered by your message is resolved. After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

Newsletter

If you choose to subscribe to the newsletter and consent to receiving, together with it, information on events, materials, promotions and reports of Centrum AMRON, you will be asked to provide your Personal Data, i.e., your email address.

Providing the above Personal Data is voluntary, but failure to provide it will make it impossible for you to receive our newsletter.

Your Personal Data in connection with the newsletter subscription will be processed for the following purposes:

performance of the newsletter service (Article 6(1)(b) GDPR);
advertising, promotional and marketing purposes of our own products and services where consent has been given (Article 6(1)(a) GDPR);
ensuring ongoing contact with the User in connection with the newsletter service, including for marketing and promotional purposes and the sending of commercial information (Article 6(1)(b) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR).
We will process the above Personal Data for as long as you wish to receive the newsletter, i.e., until you unsubscribe from the newsletter or withdraw your consent to receive it, or until you effectively object. After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

You may unsubscribe from the newsletter at any time by contacting us by email at: newsletter@amron.pl.

Direct Marketing

Irrespective of the above legal bases for processing your Personal Data in connection with the newsletter service, we emphasise that Polish law provides other legal bases requiring your consent to receive any commercial information.

Article 10(2) of the UŚUDE provides that sending any commercial information by electronic means requires the consent of the person concerned to receive it.

Article 172(1) of the PT provides that the use of telecommunications terminal equipment and automated calling systems for direct marketing purposes or for sending unsolicited commercial information requires the prior consent of the end user.

Taking into account that the newsletter service consists in sending information of a commercial nature, also for direct marketing purposes, we indicate that performance of the newsletter service requires the User to provide both of the above consents jointly.

Ordering a Report, Analysis or Valuation

Contacting persons responsible for service delivery on the part of Centrum AMRON and placing an order for a report, analysis or valuation by sending an email message to the relevant email address provided in the Service involves the processing of your Personal Data. By contacting us in this way, you provide us primarily with your name and surname and your email address, together with the content of your message, which may include Personal Data.

Providing the above Personal Data is voluntary, but necessary to establish contact.

In addition, if you wish to order an appraisal report or an AMRON–SARFiN Report in English, you must send the completed order form to the relevant email address and provide therein the Personal Data necessary to place such order, which—depending on the form—may include: property owner data (name and surname, email address, phone number, land and mortgage register number), ordering party data (name and surname or company name, email address, phone number, correspondence address and registered office address, position, tax identification number (NIP)).

Providing the above Personal Data is voluntary, but failure to provide it will make it impossible to place an order.

Your Personal Data in connection with placing an order will be processed for the following purposes:

performance of the sales contract resulting from placing an order (Article 6(1)(b) GDPR);
ensuring ongoing contact with the User in connection with order fulfilment (Article 6(1)(b) GDPR);
fulfilment of statutory obligations incumbent on the Controller, in particular under tax and accounting regulations (Article 6(1)(c) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR).
We will process the above Personal Data for the duration of contract performance, or until you effectively object. After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

Participation in Training

Within the Service, we offer you the option to register for training courses organised by us. Registration for any training course requires providing specific Personal Data which, depending on the training course, may include: the participant’s name and surname, email address and telephone number, as well as the name, tax identification number (NIP) and address of the registering entity, and the name and surname, telephone number and email address of the registering person and the name and surname of the person signing the form (if different from the registering person).

Providing the above Personal Data is voluntary, but failure to provide it will make it impossible to submit a registration and, consequently, to participate in a given event.

Your Personal Data in connection with participation in an event will be processed for the following purposes:

organising and conducting the training, including to the extent necessary to make contact in connection with its delivery, and for the purpose of entering into and performing contracts necessary for its organisation (Article 6(1)(b) GDPR);
general recording of the training (photos and video) for archiving and promotional purposes with the right to disseminate recorded materials presenting the image of the training participant (Article 6(1)(f) GDPR) in connection with advertising, promotional and marketing purposes of our own products and services where consent has been given (Article 6(1)(a) GDPR);
fulfilment of statutory obligations incumbent on the Controller, in particular under tax and accounting regulations (Article 6(1)(c) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR).
We will process the above Personal Data until you effectively object or until the purpose of processing is achieved, i.e., until the training ends. After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

Social Media Profiles

As the Controller, we operate a number of Service profiles on the most popular social media platforms, i.e., LinkedIn and Facebook.

Using our social media profiles does not require providing Personal Data by completing any forms. However, this does not mean that we do not receive or process your Personal Data in this scope. When you use our social media profiles, we obtain your Personal Data relating to your activity on our profiles collected via cookies. Moreover, through your activity on the above profiles (including liking or following our profiles, joining a thematic group, commenting on our posts, sending messages, and other functionalities provided by the respective social media services), you provide us primarily with your name and surname (or your profile name) or other data marked as public, including your shared image and the content of comments posted on our profiles or sent to us via private messages, which may include Personal Data.

Providing the above Personal Data is voluntary, but failure to provide it will make it impossible to use our social media profiles.

Your Personal Data in connection with the use of our social media profiles will be processed for the following purposes:

operating and managing profiles on LinkedIn and Facebook (Article 6(1)(f) GDPR);
ensuring ongoing contact with the User in connection with the use of the Service profiles, including for marketing and promotional purposes (Article 6(1)(b) GDPR);
advertising, promotional and marketing purposes of our own products and services where consent has been given (Article 6(1)(a) GDPR);
establishing, pursuing or defending against potential claims and damages (Article 6(1)(f) GDPR);
securing and archiving information in case it is necessary to prove facts or demonstrate compliance with an obligation incumbent on the Controller (Article 6(1)(f) GDPR);
compiling statistics on the use of profiles by Users (Article 6(1)(f) GDPR).
We will process the above Personal Data:

for as long as you use our profiles, i.e., until you stop following them or liking our posts, leave a thematic group, stop using other functionalities provided by the social media services, delete your account or comment, or until you effectively object; and/or
until the purpose of processing is achieved, i.e., until the matter covered by your message is resolved, or until you effectively object; and/or
until you delete the relevant cookies.
After this period, the above Personal Data may continue to be processed by us, but no longer than until the limitation period for potential claims expires or the mandatory retention period required by applicable law elapses—whichever of these grounds for processing expires later.

Social Media

We inform you that the Service includes plug-ins leading directly to our social media profiles indicated in Section IX above. After clicking the logo of one of the above social media platforms, you will be redirected to one of our profiles, which involves the processing of your Personal Data in accordance with the rules established by the entities responsible for those platforms. We emphasise that these entities independently and separately from us determine the purposes and rules for processing personal data applicable on a given platform and described in their privacy policies and other terms; therefore, any questions and claims arising from your use of those social media platforms should be addressed directly to the respective entities.

For additional transparency, we provide below links to the privacy policies of those social media platforms, which we encourage all Users to read:

LinkedIn – https://pl.linkedin.com/legal/privacy-policy

Facebook – https://www.facebook.com/privacy/explanation

Disclosure of Personal Data

In order to achieve the purposes set out in the Privacy Policy, we process your Personal Data ourselves and also provide it to entities cooperating with us in order to ensure the highest quality of services. These entities process your Personal Data on our behalf and are obliged to maintain full confidentiality.

Your Personal Data may be disclosed by the Controller to entities authorised to receive it under applicable law (e.g., the Police, enforcement authorities, the Social Insurance Institution (ZUS), tax authorities) and to other entities cooperating with the Controller, pursuant to Article 6(1) GDPR, inter alia, where necessary for purposes arising from the legitimate interests pursued by the Controller.

In addition, your Personal Data may also be transferred to processors acting on our behalf, such as IT service providers, transport providers, accounting firms, law firms, postal and courier service providers, and financial service providers. Such entities process data as subcontractors, under an agreement with the Controller and solely in accordance with the Controller’s instructions.

We also provide your Personal Data to entities that provide services related to our services to you and which are separate controllers processing your data on their own behalf—these include, among others, courier or postal companies, banks and payment institutions.

We emphasise that your Personal Data may be transferred to third countries outside the European Economic Area (the United States and Canada), primarily as a result of our use of services provided by Meta Platforms Ireland Limited (Facebook) and LinkedIn Ireland Unlimited Company (LinkedIn). We note that the transfer of your Personal Data to those third countries is based on an appropriate legal basis ensuring adequate protection. This may include relevant European Commission decisions or standard contractual clauses used by the above entities.

Profiling and Automated Decision-Making

We also inform you that in some cases we may make decisions concerning you in an automated manner based on profiling, i.e., automated processing of your Personal Data. You may also be subject to analysis of preferences and behaviours while performing activities within the Service’s functionalities by our partners using marketing automation software, in order to enable delivery of personalised content and improve the functioning of the Service, in accordance with Article 6(1)(f) GDPR.

The profiling we use consists of using computer algorithms to analyse your Personal Data (User behaviour within the Service, data collected via cookies, purchase history, User purchasing preferences, as well as Personal Data provided by the User) in order to display—directly within the Service or via direct marketing (emails, telephone marketing, etc.)—a personalised offer based on potential preferences and interests of the User that may relate to the Controller’s products and services.

User Rights

In connection with the processing of your Personal Data, you have the right to:

access your Personal Data and obtain information, inter alia, about the purpose, scope and method of its processing and information about recipients of such Personal Data;
rectify and supplement incomplete Personal Data or have it erased;
request temporary or permanent restriction of processing of Personal Data or object to processing;
data portability;
withdraw your consent to the processing of Personal Data at any time;
lodge a complaint with the supervisory authority regarding the protection of Personal Data—in Poland, the President of the Personal Data Protection Office.
All your requests will be processed without undue delay, but no later than within 30 days of receipt of the relevant request.

Where processing is based on your consent, you may withdraw such consent at any time, without giving reasons. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal. In some cases, your consent is required to provide specific services or perform specific actions. In such a case, withdrawal of consent will make the provision of such service or the performance of such action impossible.

You may also object at any time to the processing of data for direct marketing purposes, including to profiling-based operations, and you may object—on grounds relating to your particular situation—to the processing of Personal Data based on our legitimate interest as the Controller other than direct marketing and profiling. If you object to processing of Personal Data for a specific purpose, we may still process such data for other purposes.

Processing of Personal Data will be restricted based on your request for temporary or permanent restriction of processing or objection to processing by sending an email to: iod@cpb.pl or by changing your web browser settings.

We also emphasise that the above rights may not apply in every case and to the extent you request, and the manner of their exercise may depend on circumstances that cannot currently be foreseen. In no case, however, will this mean limiting any of your rights, but only the application of the applicable personal data protection regulations.

Collection of User Data — HTTP Requests

When the User uses the Service, we store HTTP requests sent to the server. Viewed resources are identified by URLs and relate to:

the public IP address of the end device from which the request was sent;
the User’s workstation name – identification carried out via the HTTP protocol, where possible;
the time the request was received;
the first line of the HTTP request;
the HTTP response code;
the amount of data sent by the server;
the URL of the page previously visited by the User (the so-called referrer link) – where access to the Service occurred via an external link;
information about the User’s browser;
information about errors that occurred during the processing of HTTP operations.
The above information is in no way combined with your Personal Data and is not used to determine your identity, except where it is necessary to apply, register or log in in order to use the Service.

The Service may automatically collect information, including information contained in cookies. The collected information is used, inter alia, for:

managing the Service;
identifying potential security threats;
analysing User traffic within the Service and for statistical purposes;
analysing Users’ preferences and behaviours.
The scope of information collected automatically depends on your web browser settings. You should check your browser settings to find out what information is made available by the browser automatically or to change those settings. For this purpose, we recommend reading the “Help” section of the browser you use.

Use of Cookies

As the Controller, we inform you that the Service may include external links enabling Users to directly access other websites and that, when using the Service, cookies from other entities may also be placed on your device, in particular from providers such as Facebook and LinkedIn, in order to enable the use of Service functionalities integrated with those services. Each provider sets the rules for the use of cookies in its privacy policy; therefore, we have no control over the providers’ privacy and cookie policies.

For security reasons, we recommend that before using resources offered by other websites or services, you read the document concerning the privacy and cookies policy, if available, and if not, contact the administrator of the respective website or service to obtain information in this regard.

The Service uses cookies, i.e., IT data, in particular text files, stored on the User’s end device. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.

Cookies are used to:

facilitate the User’s use of the Service while browsing;
subsequently identify the User in the event of reconnecting the Service with the device on which the cookies were stored;
create statistics that help understand how Users use the Service’s resources, which enables improving its structure and content;
tailor the content of the Service to Users’ preferences and optimise the use of the Service to the User’s individual needs.
Within the Service, we may use the following types of cookies:

necessary – cookies required for the proper operation of the Service, ensuring basic functions and security, enabling, among others, navigation and access to areas requiring authentication;

marketing – cookies used to analyse Users’ activity and display relevant advertisements and marketing campaigns, to provide ads that are relevant and interesting to individual Users and thus more effective for third-party publishers and advertisers;

analytics – cookies supporting the collection of anonymous statistical and analytical data related to Users’ activity within the Service; they help us analyse numerical aspects of user traffic and understand how Users interact with the Service (e.g., number of visitors, bounce rate, traffic sources, etc.);

functional – cookies that help perform certain functions, such as sharing content on social media platforms, collecting feedback, and other third-party features.

Web browsing software (a web browser) usually allows cookies to be stored on the User’s end device by default. Users of the Service may change these settings. The browser also allows cookies to be deleted. Automatic blocking of cookies is also possible. Detailed information is provided in the help section or documentation of the browser used by the User.

Restrictions on the use of cookies may affect certain functionalities available within the Service. Cookies placed on the Service User’s end device may also be used by advertisers and partners cooperating with the Controller. For this purpose, the Controller may retain information about the User’s navigation path or time spent on a given page.

If the User does not wish to receive cookies, they may change their browser settings. However, disabling cookies necessary for authentication processes, security or maintaining User preferences may hinder, and in extreme cases prevent, the use of the Service.

Contact

To obtain any information about the process of collecting and processing data by the Controller, the User may contact:

Centrum Procesów Bankowych i Informacji Sp. z o.o., ul. Leona Kruczkowskiego 8, 00-380 Warsaw, Poland.

Data Protection Officer

We have appointed a Data Protection Officer (DPO), who can be contacted at: iod@cpb.pl.

Updates to the Privacy Policy

This Privacy Policy is regularly reviewed and updated, and its content may therefore change. With each new version, we will publish the date of each subsequent update in order to apply the provisions relevant to a given case.

This Privacy Policy has been effective since 12 February 2024.