PRIVACY POLICY OF THE SCRAMJET.ORG WEBSITE
Intro
This Privacy Policy governs the manner in which user data are used on our Website https://www.scramjet.org. In particular, we indicate the rules for the protection and processing of your personal data, the scope and purpose of their processing, and issues related to the use of the cookie files. By using this Webite, you declare that you accept this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our Site. Your continued use of the Website after the posting of changes to this Privacy Policy will be considered your acceptance of those changes.
Website operator, Data Controller, Data Protection Officer
The Website Operator and Personal Data Controller within the meaning of the provisions on the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter referred to as “GDPR”) is Scramjet sp. z o.o., with registered office in Suwałki (full address: Suwałki 16-400, ul. Innowacyjna 1, Poland), KRS 0000841090.
Scramjet sp.z o.o. hereinafter will be referred to as the Controller or Website Operator.
The Controller declares that he has not appointed the Data Protection Officer.
Ways of obtaining data about Website users
We obtain information about you by:
- its voluntary introduction to the contact form
- its voluntary introduction as part of subscribing to the newsletter,
- collecting technical data about connection and visit to the website (IP address, type of browser used, time of using the website, etc.)
- collecting data about your preferences and activity on the Website by saving cookies in end devices (e.g. phone, computer, tablet, etc.).
Anonymous use of the Website
You can use the Website without revealing your identity and without providing any personal data that would make your identification possible. We will then collect only technical information necessary for the functioning of the Website (connection data, IP address, browser used) and the parameters of the visit to the Website (date of connection, duration of the visit).
From the perspective of the Website Operator, the above mentioned data is not personal data, as it does not make it possible to establish your identity without taking extraordinary measures. However, remember that in the event of a violation of the law on the Website, the above data may be used to establish your identity in conjunction with, for example, the data of your Internet provider.
Website Operator uses Hotjar, a technology service that helps better understand website users’ experience (e.g. how much time they spend on which pages) and enables to build and maintain the service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on behalf of Website Operator.
Obligation to provide personal data
If you intend to use the services:
- contact form
- newsletter
it is necessary to provide personal data marked as mandatory during the subscription to the service. There is no legal obligation to provide such personal data, but refusing to provide it will prevent you from using the above services.
In some cases, it is possible to provide additional information - providing such information will then be voluntary. There is no legal obligation to provide such data, and failure to do so does not constitute an obstacle to using the services.
In each case, we inform you whether the information field is required or optional.
Data collected using forms on the Website - detailed information
Description Contact form Newsletter The scope of mandatory data Name, surname, e-mail address E-mail address Scope of voluntary data Any other data provided in e-mail correspondence None Legal basis for processing Legitimate interest (Article 6 (1) (f) of the GDPR) - correspondence with clients / potential clients regarding the services provided and the functioning of the Website. Consent (art. 173 ust. 1 Prawa telekomunikacyjnego, art. 10 ust. 2 UŚUDE). Purposes of processing Communication on the services provided and the functioning of the Website. Sending the ordered commercial information in the form of a newsletter. Processing period The correspondence is archived and kept for up to 3 years. Until consent is withdrawn. The storage period may be shortened in the event of effective exercise of the user's right, which is related to the cessation of data processing (e.g. objecting or requesting deletion of data) The above-mentioned data may also be processed, to a limited extent, after the deadlines indicated in the table, in order to demonstrate by the Controller that the legal obligations related to data processing are fulfilled. The legal basis for such processing is Art. 6 sec. 1 lit. c) in connection with art. 5 sec. 2 GDPR, i.e. fulfillment of the Controller's legal obligation in terms of the principle of accountability. The period of data processing is determined on the basis of the limitation periods for users' claims and the dates in which it is possible to test the compliance of processing by the supervisory body (the President of the Office for Personal Data Protection).
Cookies - detailed information
We use cookie files. Cookies are small text files that are stored on your end device and that store certain settings and data regarding your interaction with our Website via your browser.
Cookies allow us to recognize your end device and immediately provide certain settings or preferences (such as font size and contrast) or register your activity on the Website (clicking certain options, keeping track of pages visited). Whenever possible, the cookies we use are first-party cookies. However, we also use third party cookies.
Types of our own cookies:
- visitor preferences - we use these cookies only if you have agreed or not consented to our use of cookies or you have changed the Website's display preferences, such as font size and contrast.
Name Service Purpose Type of cookie and period of use Legal basis cookie_consent Cookie consent Stores cookie preferences First-party persistent, 1 month Legitimate interest of the Website Operator (Article 6 (1) (f) of the GDPR) - ensuring the optimal presentation of the Website wai_settings Website availability Remembers accessibility settings First-party persistent, 3 months Legitimate interest of the Website Operator (Article 6 (1) (f) of the GDPR) - ensuring the optimal presentation of the Website Types of third party cookies we use:
Name Service Purpose Type of cookie and period of use Legal basis CONSENT youtube.com Detects if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary to ensure compliance of the Website with the GDPR. third-party cookies, persistent, required, period of use - in accordance with the privacy policy of youtube.com In accordance with the privacy policy of youtube.com yt-player-headers-readable youtube.com It is used to determine the optimal video quality based on the settings of the end device and the user's network third-party cookies, persistent, required, period of use - in accordance with the privacy policy of youtube.com In accordance with the privacy policy of youtube.com _GRECAPTCHA google.com This cookie is used to distinguish humans from bots. It is beneficial for the Website to compile correct reports on its use. third-party cookies, session The legitimate interest of the Controller (Article 6 (1) (f) of the GDPR) - obtaining analytical data for the purpose of developing the Websit We also use Hotjar cookies. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. Hotjar stores this information in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on behalf of Website Operator. Detailed information about Hotjar cookies is available here.
Detailed information on the possibilities and methods of handling cookies is available in the settings of the web browser software, e.g.
Users' rights related to the processing of their personal data
In connection with the processing of your data, you have the following rights:
- the right to information about processing (Article 13 of the GDPR) - the right is implemented through this Policy
- the right to access the processed data concerning you (Article 15 of the GDPR) - implemented by contacting the e-mail address indicated below
- the right to object to the processing of your personal data based on the legitimate interest of the Controller the purposes of scientific or historical research or for statistical purposes (Article 21 (1) and (6) of the GDPR) - implemented by contacting the e-mail address provided below
- the right to object to processing for direct marketing purposes - you can object at any time to the processing of your data for direct marketing purposes (Article 21 (2) of the GDPR) - implemented by contacting the e-mail address provided below or by clicking on the link to deactivate the newsletter -[email protected]
- the right to rectify, delete data and to limit their processing (Articles 16 - 18 of the GDPR) - implemented by contacting the e-mail address provided below;
- the right to transfer data (Article 20 of the GDPR) - implemented by contacting the e-mail address indicated below
- the right to withdraw the consent at any time - the withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of your consent before its withdrawal
- the right to lodge a complaint with a supervisory authority - the President of the Personal Data Protection Office
If you wish to exercise any of the above rights or any other rights that you may have in relation to your personal data, or if you have any other questions or requests, please contact us at: [email protected]
Data recipients
Your data may be transferred to third parties who may be data processors (based on a processing entrustment agreement) or separate data controllers. The recipients of the data may in particular be:
- entities providing services for the Website Operator related to the functioning of the website and requiring disclosure of your data (hosting providers, entities listed in point 10);
- advertising agencies, entities managing the display of advertisements on websites;
- offices, judicial bodies or other bodies authorized to obtain information on data (courts, prosecutor's office, police, other security services);
- auditors;
- providers of IT services and data security services.
Transfer of data to third countries (outside the European Economic Area)
Your data may be transferred to third countries (outside the European Economic Area), as part of the provision of the following services:
Mailchimp
Recipient of the data: The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308, USA
We use the Mailchimp website to handle the contact form and send the newsletter and your data will be transferred to the entity operating this website. You can read the website's privacy policy here: Mailchimp Data Security and Privacy. The data provided in the contact form is processed solely for the purpose of contacting you by e-mail. However, the data provided in the form when subscribing to the newsletter is processed only for the purpose of sending you the newsletter. The use of the contact form and the newsletter is free of charge.
Google Services
Recipient of the data: Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, United States of America, and its subsidiaries.
YouTube
We place YouTube videos on the Website and use a plug from YouTube operated by Google to play them. The service operator is Google. We use YouTube to show videos and inform audiences about us and our services. Playing YouTube videos may involve the installation of Google group cookies. For more information on how Google handles your data, see Google's privacy policy at https://policies.google.com/privacy , which also applies to YouTube.
Google Analytics
We use Google Analytics for statistical analyzes. Google Analytics is Google's web analytics service. Google uses cookies, inter alia, for analyzes as part of Google Analytics. Google determines the type and scope of use and analysis of cookies. For more detailed information, please see Google's privacy policy by clicking on the link https://www.google.com/policies/privacy/
Google reCAPTCHA
To protect against misuse of our online forms and against spam, we use the Google reCAPTCHA service with some of the forms on this website. By checking manual entries, this service prevents automated programs (bots) from performing improper actions on the website. Additional information on Google reCAPTCHA and Google's privacy policy can be found at: https://policies.google.com/privacy.
The European Commission has approved the use of standard contractual clauses to ensure adequate data protection when it is transferred outside the EEA. Due to the inclusion of standard contractual clauses in the data processing agreements concluded with the above-mentioned data recipients, these data are protected during their transfer outside the EEA to countries that are not covered by the adequacy decision.
How do we keep your data safe
We store your data on specially protected servers in the European Union, as well as on the servers of our service providers, including the United States. They are protected by technical and organizational measures to prevent loss, destruction, access, modification or distribution of your data by unauthorized entities.
Your personal data is transmitted encrypted via the Internet. We use TLS (Transport Layer Security) encryption for data transmission.
In order to protect the integrity, confidentiality and availability of data, we also use other safeguards defined in accordance with our internal risk analysis.