Privacy policy

This privacy policy describes the rules for processing information about you, including personal data and cookies.

1. General Information

  1. This policy applies to the website operating at: https://tormstorm.pl
  2. The operator of the website and the Data Controller is:
    Fundacja Brama Karpat, 38-500 Sanok, ul. Białogórska 5,
    operating under the brand TormStorm, 38-500 Sanok, ul. Kiczury 16.
  3. Contact e-mail address: biuro@tormstorm.pl
  4. The operator is the Controller of your personal data regarding data voluntarily provided in the Service.
  5. The website collects and processes personal data for the following purposes:
    • Handling inquiries via forms
    • Preparing, packing, and shipping goods
    • Providing the services ordered
  6. The website collects user data and behavior through:
    1. Voluntarily entered data via forms, which are then stored in the operator’s systems
    2. Storing cookies on the user’s end devices

2. Selected Methods of Data Protection Used by the Operator

  1. Areas for logging in and entering personal data are protected at the transmission layer (SSL certificate).
  2. User passwords are stored in a hashed form. The hashing function is one-way and cannot be reversed—this is a modern standard for password storage.
  3. The operator regularly changes administrative passwords.
  4. Regular backups are made to protect data.
  5. All software used to process personal data is regularly updated.

3. Hosting

  1. The service is hosted (technically maintained) on servers provided by zenbox.pl
  2. To ensure technical reliability, the hosting company logs:
    • Requested resources (URLs),
    • Time of request and response,
    • Client station name (via HTTP protocol),
    • Error logs related to HTTP transactions,
    • Referrer links,
    • Browser information,
    • IP address,
    • Diagnostic data related to service ordering,
    • Email correspondence logs.

4. Your Rights and Additional Information on Data Use

  1. In some cases, the Data Controller may transfer your data to third parties if it is necessary to perform a contract with you or to meet legal obligations. Data may be shared with:
    • Hosting providers (under data processing agreements)
    • Couriers
    • Postal operators
    • Banks
    • Payment processors
  2. Your data will be processed no longer than necessary. Marketing data will not be processed for more than 3 years.
  3. You have the right to request from the Administrator:
    • Access to your personal data,
    • Rectification,
    • Erasure,
    • Restriction of processing,
    • Data portability.
  4. You also have the right to object to processing for legitimate interests of the Administrator, including profiling. However, if there are overriding legal grounds (e.g., legal claims), the objection may not be upheld.
  5. You have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.
  6. Providing personal data is voluntary but necessary to use the service.
  7. Automated decision-making, including profiling, may be used to provide services or for direct marketing.
  8. Personal data is not transferred outside the European Union.

5. Information in Forms

  1. The service collects data provided voluntarily by the user, including personal data if entered.
  2. The service may record connection parameters (timestamp, IP address).
  3. In some cases, the system may link form data to a user’s email address if it appears in the page URL.
  4. Form data is used in accordance with the purpose indicated—e.g., service requests, contact, registration, etc. Each form clearly indicates its purpose.

6. Administrator’s Logs

  1. User behavior in the service may be logged for administrative purposes.

7. Key Marketing Techniques

  1. The Operator uses statistical analysis of site traffic via Google Analytics (Google Inc., USA). Only anonymized data is shared. The service uses cookies on user devices.
    You can manage ad preferences from Google’s ad network at: https://www.google.com/ads/preferences/
  2. The Operator uses remarketing techniques to tailor ads based on user behavior on the site. No personal data is transferred to advertising operators. These techniques require cookies.
  3. The Operator uses Facebook Pixel, which allows Facebook (Facebook Inc., USA) to detect that a registered user is using the website. No additional personal data is shared.

8. Cookie Information

  1. The service uses cookies—text files stored on the user’s device, usually containing the website’s name, storage time, and a unique number.
  2. The cookies are used for:
    – Maintaining user sessions (so users don’t have to log in repeatedly),
    – Achieving marketing goals as mentioned above.
  3. There are two main types of cookies used:
    – Session cookies: temporary, deleted after browser closure or logout.
    – Persistent cookies: stored until manually deleted or after a set time.
  4. Web browsers typically allow cookies by default. You can disable them in your browser settings. This may limit some features of the website.
  5. Cookies may also be used by external services such as: Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).

9. Managing Cookies – How to Grant or Withdraw Consent?

  1. If you don’t want cookies, change your browser settings. Disabling essential cookies may affect website functionality.
  2. To manage cookie settings, select your browser below and follow the instructions:
    Edge
    Internet Explorer
    Chrome
    Safari
    Firefox
    Opera

Mobile devices:

Windows Phone
Android
Safari (iOS)

Tormstorm
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.