1. Introduction
This policy applies to the website operating at the URL: https://mariamiland.com
Contact email address of the operator: info@mariamiland.com
The operator is the Controller of your personal data with respect to data voluntarily provided on the website.
The website uses personal data for the following purposes:
Handling inquiries via the contact form
Presenting offers or information
The website collects information about users and their behavior in the following ways:
Through data voluntarily entered in forms, which are then stored in the operator’s systems
By storing cookies on end-user devices
2. Selected Data Protection Methods Used by the Operator
Login and data entry areas are protected at the transmission level (SSL certificate). This ensures that personal and login data entered on the site is encrypted on the user’s computer and can only be read on the destination server.
The operator periodically changes administrative passwords.
To protect the data, the operator regularly performs backups.
A key element of data protection is regularly updating all software used by the operator for processing personal data, particularly programming components.
3. Hosting
The website is technically maintained (hosted) on servers provided by home.pl.
Company registration details: home.pl Spółka Akcyjna with its registered office in Szczecin, ul. Zbożowa 4, 70-653 Szczecin, Poland, registered in the National Court Register under number KRS 0000431335, REGON 811158242, NIP 8522103252.
You can learn more about hosting and check the hosting company’s privacy policy at: https://home.pl
The hosting provider:
Uses data loss protection measures (e.g., disk arrays, regular backups)
Uses adequate measures to protect processing sites from fire (e.g., special extinguishing systems)
Uses adequate power failure protection measures (e.g., redundant power lines, generators, UPS)
Uses physical access protection to data processing sites (e.g., access control, monitoring)
Ensures appropriate environmental conditions for servers (e.g., climate control systems)
Uses organizational measures to ensure a high level of security and confidentiality (e.g., staff training, internal regulations, password policies)
Has appointed a Data Protection Officer
To ensure technical reliability, the hosting provider logs server-level activity, which may include:
Resources identified by URLs (requested pages/files)
Time of request and response
Client station name (HTTP protocol identification)
Information on errors during HTTP transactions
Referrer URL (if the user followed a link to the website)
Browser information
IP address
Diagnostics related to self-service ordering processes
Email service-related information
4. Your Rights and Additional Data Use Information
In certain cases, the Controller may share your personal data with other recipients if necessary to perform a contract with you or to fulfill legal obligations. This applies to the following recipient groups:
Authorized personnel, employees, and collaborators who need access to the data
Hosting providers
Email campaign providers
SMS message service providers
Marketing partners
Couriers
Insurers
Legal firms and debt collectors
Banks
Payment operators
Public authorities
Your personal data is processed no longer than necessary to carry out tasks specified by relevant legal provisions (e.g., accounting laws). Marketing data will not be processed for more than 3 years.
You have the right to request from the Controller:
Access to your personal data
Rectification of your data
Erasure of your data
Restriction of processing
Data portability
You also have the right to object to data processing for purposes outlined in section 3.3(c), particularly for the Controller’s legitimate interests including profiling. The objection cannot be exercised if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, especially legal claims.
You have the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, Poland).
Providing personal data is voluntary but necessary to use the website.
Automated decision-making, including profiling, may occur in connection with service provision or direct marketing by the Controller.
Your personal data is not transferred outside the European Union.
5. Information in Forms
The website collects information voluntarily provided by users, including personal data if entered.
The website may record connection parameters (e.g., time, IP address).
In some cases, the website may store information linking form data to the user’s email address. The email address may appear in the URL of the page containing the form.
Data entered in forms is processed based on the purpose of the form, e.g., to handle service requests, business inquiries, service registrations, etc. Each form clearly explains its intended purpose.
6. Administrator Logs
User activity on the website may be logged. These logs are used to administer the website.
7. Key Marketing Techniques
The operator uses Google Analytics (by Google Inc., USA) to analyze website traffic. No personal data is transferred—only anonymized information. The service uses cookies stored on the user’s device. Users can review and edit their ad preferences here: https://www.google.com/ads/preferences/
The operator uses remarketing techniques to tailor advertising messages to user behavior on the site. This may create the impression that personal data is being tracked, but no personal data is transferred to advertising platforms. This technique requires cookies to be enabled.
The operator uses the Facebook Pixel. This technology allows Facebook (Facebook Inc., USA) to recognize that a user registered on their platform is visiting the website. Facebook acts as the data controller in this case. No additional personal data is shared by the website operator. The service uses cookies on the user’s device.
