The website owner ensures that its overriding goal is to provide people using the website with privacy protection at a level that meets at least the requirements of applicable law, in particular the provisions of the GDPR and the Act of 18 July 2002 on the provision of electronic services.
The website owner may collect personal data and data of a different nature. The collection of this data takes place, depending on their nature - automatically or as a result of actions of website visitors.
General information, cookies
The owner and operator of the website is HADI HAIR LADIES SALON with its registered office in Dubai, address: Nikki Beach Resort&Spa, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in the Commercial Division of the National Court Register under the number TRN: 100391332200003. In accordance with the provisions of the GDPR, the website owner is also the Administrator of Personal Data of the website users ("Administrator").
The website gathers information about website users and their behavior in the following ways:
the website automatically collects information that is contained in cookies.
through data voluntarily entered by website users in the forms available on the website.
by automatically collecting web server logs by the hosting operator.
Cookie files (so-called "cookies") are IT data, in particular text files, which are stored on the website user's end device and are intended for using the website's pages. Cookies usually contain the name of the website from which they originate, their storage time on the end device and a unique number.
During a visit to the website, website users' data may be automatically collected regarding the user's visit to the website and covering, among others IP address, type of web browser, domain name, number of page views, type of operating system, visits, screen resolution, number of screen colors, addresses of websites from which the website was accessed, time of using the website. These data are not personal data, nor do they allow identifying a person using the website.
The entity placing cookies on the user's end device and accessing them is the website owner.
Cookies are used to:
adapt the content of the website pages to the user's preferences and optimize the use of websites; in particular, these files allow to recognize the website user's device and properly display the website, tailored to their individual needs,
creating statistics that help understand how website users use websites, which allows improving their structure and content,
maintaining the website user's session (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage of the website.
The website uses the following types of cookies:
"Necessary" cookies, enabling the use of services available as part of the website, e.g. authentication cookies,
cookies used to ensure security, e.g. used to detect fraud,
"Performance" cookies, used to obtain information on how users of the website use the website,
"Advertising" cookies, enabling the delivery of advertising content to users of the website more tailored to their interests,
"Functional" cookies, enabling "remembering" the settings selected by the website user and adapting the website to the website user, e.g. in terms of the selected language.
The website uses two basic types of cookies: "session" cookies and "persistent" cookies. Session cookies are temporary files stored in the terminal device until leaving the website, logging out by the website user or turning off the software (web browser). Persistent cookies are stored on the website user's end device for the time specified in the cookie file parameters or until they are deleted by the website user.
In the majority of cases, the software used for browsing websites by default allows the storage of cookies on the website user's end device. Website users can change their cookie settings at any time they choose. These settings can be changed in the options of the web browser (software), among others, in a way that prevents the automatic handling of cookies or forces the user to be notified of each time cookies are placed on his device. Detailed information about the possibilities and ways of handling cookies is available in the web browser settings.
Cookies placed on the website user's end device may also be used by advertisers and partners cooperating with the website owner.
Processing of personal data, information on forms
Personal data of website users may be processed by the Administrator:
in the event that the website user agrees to this in the forms placed on the website in order to take the actions to which these forms relate (art.6 par.1 lit.a RODO) or
when the processing is necessary to perform the contract to which the website user is a party (Article 6 (1) (b) GDPR), in the event that the website enables the conclusion of an agreement between the Administrator and the website user.
The website processes personal data that is only voluntarily provided by website users. The administrator processes the personal data of website users only to the extent necessary for the purposes set out in point 1 lit. a and b above and for the period necessary to achieve these purposes, or until the user withdraws his consent. Failure to provide data by the website user may, in some situations, result in the inability to achieve the purposes for which the provision of data is necessary.
The following personal data of the website user may be collected as part of forms placed on the website or in order to perform contracts that may be concluded on the website: name, surname, address, e-mail address, telephone number, login, password.
The data contained in the forms, provided to the Administrator by the website user, may be transferred by the Administrator to third parties cooperating with the Administrator in connection with the implementation of the purposes set out in point 1 lit. a and b above.
The data provided in the forms posted on the website are processed for purposes resulting from the function of a specific form, in addition, they may also be used by the Administrator for archival and statistical purposes. The consent of the data subject is expressed by checking the appropriate box in the form.
The website user, if the website has such functionalities, by selecting the appropriate window in the registration form, may refuse or agree to receive commercial information by means of electronic communication, in accordance with the Act of 18 July 2002 on the provision of electronic services ( Journal of Laws of 2002, No. 144, item 1024, as amended). If the website user has agreed to receive commercial information by electronic means of communication, he has the right to withdraw such consent at any time. Exercise of the right to withdraw consent to receive commercial information is implemented by sending an e-mail to the address of the website owner with an appropriate request, including the name and surname of the website user.
The data provided in the forms may be provided to entities technically performing some services - in particular, it concerns the provision of information about the owner of a registered domain to entities that are operators of the Internet domain (in particular the Scientific and Academic Computer Network jbr - NASK), payment service websites or other entities, with which the Administrator cooperates in this respect.
The personal data of website users is stored in a database that uses technical and organizational measures to protect the processed data in accordance with the requirements set out in relevant regulations.
To prevent the re-registration of persons whose participation in the website has been terminated due to the unauthorized use of the website's services, the Administrator may refuse to delete personal data necessary to block the possibility of re-registration. The legal basis for refusal is Art. 19 paragraph 2 point 3 in connection with art. 21 paragraph 1 of the Act of July 18, 2002 on the provision of electronic services (vol. From October 15, 2013, Journal of Laws of 2013, item 1422). The Administrator's refusal to delete personal data of website users may also occur in other cases provided for by law.
In the cases provided for by law, the Administrator may disclose some of the personal data of website users to third parties for purposes related to the protection of third party rights.
Website users' rights regarding their personal data.
In accordance with art. 15 - 22 GDPR, every website user has the following rights:
Right of access to data (Article 15 GDPR)
The data subject is entitled to obtain confirmation from the Administrator whether personal data concerning him are being processed, and if this is the case, he is entitled to access it. In accordance with art. 15 The administrator will provide the data subject with a copy of the personal data being processed.
The right to rectify data (Article 16 GDPR)
The data subject has the right to request the Administrator to immediately correct any personal data that is incorrect.
The right to delete data ('right to be forgotten') (Article 17 of the GDPR)
The data subject has the right to request the Administrator to immediately delete personal data concerning him, and the Administrator is obliged to delete personal data without undue delay if one of the following circumstances occurs:
personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
the data subject has withdrawn the consent on which the processing is based
the data subject raises an objection pursuant to art. 21 paragraph 1 to the processing and there are no overriding legitimate grounds for processing
Right to restriction of processing (Article 18 GDPR)
The data subject has the right to request the Administrator to limit processing in the following cases:
When the data is incorrect - in time for it to be corrected
The data subject has lodged an objection pursuant to Art. 21 paragraph 1 to the processing - until it is determined whether legally justified grounds on the part of the Administrator prevail over the grounds of objection of the data subject.
5. Right to data portability (Article 20 GDPR)
The data subject has the right to receive in a structured, commonly used machine-readable format personal data concerning him which he has provided to the Administrator, and has the right to send this personal data to another administrator without any obstacles on the part of the Administrator to whom this personal data was provided. The data subject has the right to request that personal data be sent by the Administrator directly to another administrator, if it is technically possible. The law referred to in this point may not adversely affect the rights and freedoms of others.
6. Right to object (Article 21 GDPR)
If personal data is processed for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data concerning him for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing .
The above users' rights may be exercised for a fee in cases where the applicable law provides for it.
If the above rights are violated or the website user finds that his personal data are processed by the Administrator contrary to applicable law, the website user has the right to lodge a complaint with the supervisory authority.
In accordance with accepted practice of most websites, the website operator stores http queries directed to the website operator's server (information on some behaviors of website users are subject to logging in the server layer). The viewed resources are identified by URL addresses. The exact list of information stored in the web server log files is as follows:
the public IP address of the computer from which the request came,
name of the client station - identification carried out by the http protocol if it is possible,
website username provided in the authorization (login) process,
time of receipt of the inquiry,
http response code
the number of bytes sent by the server,
URL address of the page previously visited by the website user (referrer link) - if the website was accessed via a link,
information about the website user's web browser,
information about errors that occurred during the implementation of the http transaction.
The above data is not associated with specific people browsing the pages available on the website. In order to ensure the highest quality of the website, the website operator occasionally analyzes log files to determine which pages are most frequently visited as part of the website, which web browsers are used, whether the structure of the pages does not contain errors, etc.
The logs collected by the operator are stored for an indefinite period as an auxiliary material for the proper administration of the website. The information contained therein will not be disclosed to any entities other than the operator or entities associated with the operator in person, by capital or by contract. Based on the information contained in these files, statistics can be generated to help administer the site. Summaries containing such statistics do not contain features that identify visitors to the site.