Policy privacy

The privacy policy describes the rules for processing information about you, including personal data and cookies, i.e. cookies.

1. General information

1. This policy applies to the Website, operating at url: glutenfree-traveler.com
2. The operator of the website and the Administrator of personal data is: Dorota Ociepka
3. Operator’s e-mail address: dorota-glutenfree-traveler.com
4. The Operator is the Administrator of your personal data in relation to the data provided voluntarily on the Website.
5. The website uses personal data for the following purposes:
   • Conducting a comment system
   • Handling queries via form
6. The Website performs the functions of obtaining information about users and their behavior in the following ways:
   1. Through the data voluntarily entered in the forms, which are entered into the Operator’s systems.
   2. By saving cookies in the end devices (so-called “cookies”).

2. Selected data protection methods used by the Operator

1. The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). Thanks to this, personal data and login data entered on the website are encrypted on the user’s computer and can be read only on the target server.
2. User passwords are stored in a hash form. The hash function works one-way – it is not possible to reverse its operation, which is now a modern standard for storing user passwords.
3. In order to protect the data, the Operator regularly makes backups.
4. An important element of data protection is the regular update of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. The 3rd Hosting and hosting

1. The service is hosted (technically maintained) on the operator’s servers: another company
2. The hosting company maintains server-level logs to ensure technical reliability. The record may be subject to:
   • resources specified by the URL identifier (addresses of the requested resources – pages, files),
   • time of the question,
   • time of sending the response,
   • the name of the client station – identification carried out by the HTTP protocol,
   • information about errors that occurred during the implementation of HTTP transactions,
   • URL address of the page previously visited by the user (referrer link) – if the transition to the Website took place via a link,
   • information about the user’s browser,
   • information about the IP address,
   • diagnostic information related to the process of self-ordering services through recorders on the website,
   • information related to the handling of e-mail addressed to the Operator and sent by the Operator.

4. Your rights and additional information on how the data is used

1. In some situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary for the performance of the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to such groups of recipients:
   • Hosting company on the basis of entrustment
2. Your personal data processed by the Administrator no longer than is necessary to perform related activities specified in separate regulations (e.g. on accounting). In relation to marketing data, the data will not be processed for more than 3 years.
3. You have the right to request from the Administrator:
   • access to personal data concerning you,
   • to their correction,
   • removal,
   • restrictions of processing,
   • and data portability.
4. You have the right to object to the processing indicated in point 3.2 to the processing of personal data in order to exercise legitimate interests pursued by the Administrator, including profiling, but the right to object may not be exercised if there are valid legitimate grounds for processing, overriding interests, rights and freedoms, in particular establishing, exercising or defending claims.
5. The Administrator’s actions are entitled to a complaint to the President of the Office for Personal Data Protection, ul. Rates 2, 00-193 Warsaw.
6. Providing personal data is voluntary, but necessary to operate the Website.
7. In relation to you, actions may be taken consisting in automated decision-making, including profiling in order to provide services within the concluded contract and to conduct direct marketing by the Administrator.
8. Personal data is not transferred from third countries within the meaning of the provisions on the protection of personal data. This means that we do not send them outside the European Union.

5. Information in the forms

1. The Website collects information provided voluntarily by the user, including personal data, if it is provided.
2. The website can save information about connection parameters (time stamp, IP address).
3. The website, in some cases, may save information that facilitates the linking of the data in the form with the e-mail address of the user filling the form. In this case, the user’s e-mail address appears inside the url address of the page containing the form.
4. The data provided in the form are processed for the purpose resulting from the function of a specific form, e.g. in order to process a service request or commercial contact, registration of services, etc. Each time the context and description of the form in a clear way informs what it is for.

6. Logi of the Administrator

Information about user behavior on the website may be logged in. This data is used to administer the service.

7. Significant marketing techniques

1. The operator uses statistical analysis of website traffic, via Google Analytics (Google Inc. based in the USA). The operator does not transfer personal data to the operator of this service, but only anonymized information. The service is based on the use of cookies in the user’s end device. In terms of information about the user’s preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/
2. The operator uses the Facebook pixel. This technology means that Facebook (Facebook Inc., based in the USA) knows that the person registered in it uses the Service. In this case, it is based on data, against which it is the administrator, the Operator does not transfer any additional personal data from Facebook. The service is based on the use of cookies in the user’s end device.

8. Information about cookies files

1. The website uses cookies.
2. Cookies (so-called “cookies”) are IT data, in particular text files, which are stored in the terminal equipment of the Website User and are intended for use of the Website’s websites. Cookies usually contain the name of the website from which they originate, their storage time on the end device and a unique number.
3. The entity placing cookies on the Website User’s end device and gaining access to them is the Website operator.
4. Cookies are used for the following purposes:
   1. maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage of the Service;
   2. achieving the objectives set out above in the section “Subtly marketing techniques”;
5. The Website uses two basic types of cookies: session cookies and persistent cookies. “Session” cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or disavensing the software (web browser). “Permanent” cookies are stored in the User’s end device for the time specified in the parameters of cookies or until they are deleted by the User.
6. Web browsing software (web browser) usually allows cookies to be stored on the User’s end device by default. Users of the Website may change the settings in this respect. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided by the help or documentation of the web browser.
7. Restrictions on the use of cookies may affect some of the functionalities available on the Website.
8. Cookies placed on the Website User’s end device may also be used by entities cooperating with the Website operator, in particular those related to: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA), Twitter (Twitter Inc. with its registered office in the USA).

9. Managing cookies – how to express and withdraw consent in practice?

1. If the user does not want to receive cookies, he can change the browser settings. We reserve that disabling cookies necessary for the processes of authentication, security, maintaining user preferences may make it difficult, and in extreme cases may prevent the use of websites
2. To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:
   • Edge and Edge
   • The Internet Explorer
   • Chrome
   • Safari
   • Firefox and Firefox
   • The Opera
   Mobile devices:
   • The Android
   • Safari (iOS)
   • The Windows Phone