- Introduction
Operating under the name of COGITA Sp. z o.o., located at Łąkowa 4, 42-282 Widzów, NIP 9492257381, we ensure proper handling of your personal data. Our goal is to inform you appropriately about matters related to the processing of personal data, especially concerning the provisions of data protection laws, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”). In this Privacy Policy, we inform you about the legal bases for processing personal data, methods of their collection and use, as well as your associated rights.
This Privacy Policy also meets the requirements set forth in the Telecommunications Law of 15 September 2017, concerning the use of cookies. As the owner of the cogita.ai website, we are obligated to inform you about the cookies used by the service.
- Personal Data
2.1. When does this Privacy Policy apply?
The Privacy Policy applies to all cases in which we process your personal data. This applies both to cases where we process personal data obtained directly from you and to cases where your personal data is obtained from other sources.
2.2. How, based on what legal grounds, and what type of personal data do we process?
We maintain transparency regarding the methods and legal grounds for processing personal data, as well as the purposes for which we process personal data. We ensure that necessary information in this regard is provided each time. In order to clarify these matters as clearly as possible, we present the following list of personal data processing operations related to the conducted website.
At the same time, we note that whenever we process personal data based on legitimate interest (Article 6(1)(f) of the GDPR), we strive to analyze and balance our interest with the potential impact on your data (both positive and negative) and your rights under data protection regulations.
A. Processing personal data of visitors to the website
In connection with the use of the website, we process the following data sent by your browser to the server: IP address, date and time of the session start, information about the time zone, information about the source page, access status/HTTP access code, address of the page from which the entry was made, type of browser, operating system and its interface, language, and browser software version.
Processing this data is necessary for the proper functioning and ensuring the stability and security of the website. Its processing is based on Article 6(1)(f) of the GDPR.
B. Processing personal data within the contact form
In the “contact” tab on the website, you can find a contact form enabling you to submit inquiries.
The contact form collects the following data: email address. Optionally, within the content of the question, you may provide other personal data, the provision of which is voluntary and in accordance with your will. The aforementioned data (apart from the content of the question) is necessary to provide an answer to your question.
Personal data is processed based on your consent expressed by entering data in the form and sending it to us, i.e., based on Article 6(1)(a) of the GDPR. The consent is voluntary.
The full scope of your rights and obligations regarding the processing of personal data (in accordance with Article 13 of the GDPR) is included in the information clause in point 2.5. of the Privacy Policy.
C. Processing personal data within the newsletter
By subscribing to the newsletter, you provide us with your data, in the form of an email address, through the newsletter subscription form. Providing data is voluntary but necessary to subscribe to the newsletter. The legal basis for the processing of personal data is Article 6(1)(a) of the GDPR.
You can withdraw your consent at any time.
The full scope of your rights and obligations regarding the processing of personal data (in accordance with Article 13 of the GDPR) is included in the information clause in point 2.5. of the Privacy Policy.
D. Processing personal data within Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses cookies stored on your computer to analyze the use of the website. Information generated by cookies about the use of the website is usually transmitted to a Google server in the USA and stored there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, compile reports on website activity, and provide other services related to website activity and internet usage to the website operator.
The IP address transmitted by Google Analytics will not be associated with other data by Google. We use this tool to analyze and regularly improve the use of the website.
You can prevent cookies from being stored by adjusting your browser software accordingly or by using appropriate browser plugins.
The legal basis for processing personal data is Article 6(1)(f) of the GDPR.
The full scope of your rights and obligations regarding the processing of personal data (in accordance with Article 13 of the GDPR) is included in the information clause in point 2.5. of the Privacy Policy.
D. Processing personal data within the Meta Pixel
The Administrator uses the Meta Pixel function (https://www.facebook.com/business/help/742478679120153?id=1205376682832142). This technology allows Meta (Meta Inc. based in the USA) to know that a particular person registered in it is using the Service. In this case, it is based on data, for which it itself is the administrator, the Operator does not provide any additional personal data to the Facebook service. The service is based on the use of cookies on the user’s end device.
Meta Pixel is a piece of code placed on our website. It allows Meta to identify individuals visiting our online content as a target group for displaying ads on the Facebook portal on their social media profiles (e.g., as part of sponsored ads), which we understand as our legitimate interest (Article 6(1)(f) of the GDPR). Within the Meta Pixel function, it is possible to display our published ads on the Facebook portal exclusively to Facebook users who have shown interest in our services or who have certain common coefficients (such as interests in certain topics or products determined based on visited tabs on our website, viewed products), which we provide to Facebook (this results from the operation of the Pixel installed on our website).
F. Social Media
On the website, you can find links to social media platforms where information about us and our activities is posted. We are both the data controller within the social media platform as the owner of the social media account and the owner of the respective social media platform.
2.3. How long are your personal data processed?
The period for which we will process personal data depends on the legal basis for their processing. We inform you that:
In cases where we process personal data based on consent, the processing period lasts until the intended purpose is achieved or the consent is withdrawn;
In cases where we process personal data for the performance of a contract or taking steps at the request of the data subject prior to entering into a contract (order fulfillment), for the duration of the order fulfillment and, after its completion, for the period of limitation of
any claims related to the contract;
In cases where we process personal data based on a legitimate interest, the processing period lasts until the legitimate interest exists or until an effective objection to data processing is raised.
2.4. Who do we share your personal data with?
Your personal data may be shared with:
Entities providing IT services, providing us with software or technical support in maintaining IT systems;
Entities providing hosting services;
Entities providing legal services, if necessary;
Entities providing postal or courier services;
Entities providing marketing services;
Entities providing accounting services;
Entities providing legal, tax, or financial advisory services;
Entities providing analytical services;
Entities providing newsletter distribution services;
Entities providing communication services.
2.5. Information clause
The information obligation is provided by COGITA Sp. z o.o., with its registered office at Łąkowa 4, 42-282 Widzów, NIP 9492257381 (hereinafter referred to as the “Administrator”).
Contact with the Administrator is possible:
Via e-mail at: privacy@cogita.ai
By mail to the address of the Administrator’s registered office: Łąkowa 4, 42-282 Widzów
The Administrator processes personal data based on the legal grounds referred to in art. 6 sec. 1 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general regulation on data protection) (hereinafter referred to as “GDPR”), i.e.,:
Consent (Article 6(1)(a) of the GDPR);
Necessity to perform the contract (Article 6(1)(b) of the GDPR);
Legal obligation (Article 6(1)(c) of the GDPR);
Protection of vital interests (Article 6(1)(d) of the GDPR);
Task carried out in the public interest or in the exercise of official authority (Article 6(1)(e) of the GDPR);
Legitimate interest pursued by the Administrator or by a third party (Article 6(1)(f) of the GDPR).
The Administrator has appointed a Data Protection Officer, who can be contacted via e-mail at dpo@cogita.ai.
Providing personal data by the data subject is voluntary, but necessary to achieve the purposes for which the data is collected.
The recipients of personal data may be:
Entities providing IT services to the Administrator, providing the Administrator with software or technical support in maintaining IT systems;
Entities providing hosting services to the Administrator;
Entities providing legal services to the Administrator, if necessary;
Entities providing postal or courier services to the Administrator;
Entities providing marketing services to the Administrator;
Entities providing accounting services to the Administrator;
Entities providing legal, tax, or financial advisory services to the Administrator;
Entities providing analytical services to the Administrator;
Entities providing newsletter distribution services to the Administrator;
Entities providing communication services to the Administrator.
The data will be processed for the duration of the contract, and after its completion for the period of limitation of any claims related to the contract, or until consent is withdrawn.
The data subject has the right to:
Access to personal data, rectification, deletion, or limitation of processing;
Objection to data processing;
Data transfer;
Withdrawal of consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The data subject has the right to lodge a complaint with the supervisory authority.
Providing personal data by the data subject is voluntary, but necessary to achieve the purposes for which the data is collected.
Personal data will not be subject to automated decision making, including profiling.
Your personal data may be transferred to third countries in connection with the performance of the contract, based on your consent, or to fulfill the Administrator’s legal obligations.
Your personal data will not be processed in an automated manner, including profiling, and will not be profiled.
By using the website, you consent to the use of cookies in accordance with the settings of your browser.
Your personal data will not be profiled.
2.6. How do we protect your personal data?
We apply appropriate technical and organizational measures to ensure the protection of personal data processed, appropriate to the risks and categories of data covered by the protection, in particular, we protect data against unauthorized access, unauthorized removal, processing in violation of applicable laws, and changes, loss, damage or destruction.
The detailed scope of protection measures depends on the nature, scope, context, and purposes of processing, as well as the risk of violation of the rights or freedoms of natural persons with different probabilities and seriousness of threats.
- Cookies
The website uses cookies. These are IT data, in particular, text files, which are stored on the website user’s end device and are intended for using the website’s pages. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.
3.1. What kind of cookies do we use?
We use two types of cookies: session and permanent. Session cookies are temporary files that are stored on your end device until you log out, leave the website, or turn off the software (web browser). Permanent cookies are stored on your end device for the time specified in the cookie file parameters or until they are deleted by you.
3.2. What are cookies used for?
Cookies are used to:
Adjust the content of the website pages to the user’s preferences and optimize the use of websites;
Recognize the user’s device and display the website properly, tailored to their individual needs;
Create statistics that help understand how users use websites, which allows improving their structure and content;
Maintain the user’s session after logging in so that the user does not have to re-enter their login and password on every subpage.
3.3. How to change cookie settings?
The default settings of most web browsers allow the use of cookies. You can change these settings to block the automatic handling of cookies in the browser settings or to inform you each time cookies are sent to your device. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
- Final provisions
We reserve the right to change this Privacy Policy by publishing a new Privacy Policy on this website. Any changes to the Privacy Policy will take effect from the date of publication of the Privacy Policy on the website.