ENEA SA respects the right to privacy and protection of personal data of the viewers (hereinafter referred to as “users”) of the ENEA Group’s Website containing the CSR Report and the ENEA Group’s annual report for 2019.
Collection and processing of personal data
ENEA S.A. with its registered office at ul. Górecka 1, 60-201 Poznań, is the Administrator of the ENEA Group’s Website containing the CSR report and the ENEA Group’s annual report for 2019 (hereinafter referred to as the “Website”) and the Controller of users’ personal data.
Any matters or concerns related to the processing of users’ personal data should be reported to our Data Protection Officer, Ms. Joanna Poprawska, at the e-mail address: email@example.com, or by regular mail to the following address: ul. Górecka 1, 60-201 Poznań.
The Website carries out functions related to obtaining information about users and their behaviors by:
- saving ‘cookie’ files on end-user devices,
- system files (‘logs’).
Such information is collected automatically by the system via a web browser during the user’s visit to the Website. We do not use such data to identify the user and we do not have the means that would enable us to identify the user on their basis. However, given that the IP address permits the identification of natural persons by applying additional means, presented below is information about how we process the data saved in our logs and cookies.
The processing of data contained in our logs and cookies is performed on the following data:
- IP address,
Cookies are digital data, in particular text files, which are stored on the end-user device of a visitor to the Website and are intended for the use of the Website. Cookies usually contain the name of the website where they originated, the time of storage on the device and a unique number.
The entity which saves cookies on the end-user device of a visitor to the Website and which obtains access to such files is the operator of the Website.
The data contained in cookies and logs are processed:
- for statistical purposes and monitoring the activity of users as well as to test the proper operation of all features of the Website pages in order to enable their continuous improvement. The legal basis for the processing of such data is Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – OJ L of 2016 No 119/1 (hereinafter referred to as “GDPR”);
- for the purpose and to the extent necessary to establish, assert or defend our claims, if any, related to the use of the Website, which is in pursuit of our legitimate interest in accordance with Article 6(1)(f) GDPR. In the event of the occurrence of any claims related to the use of the Website, we will store the user’s data until the expiration of the applicable statute of limitations.
By providing us with his or her personal data through the Website, the user has the right to access such data, rectify or delete them, limit their processing or object to their processing or transfer.
In order to exercise these rights, the user may contact us by sending an e-mail to the following address: firstname.lastname@example.org.
If the user has any concerns about the manner in which we process his or her personal data, the user always has the right to file a complaint with the regulatory authority.
How are the user’s personal data protected?
The user’s personal data are protected in compliance with the provisions of the GDPR, the Act of 18 July 2002 on the Provision of Electronic Services and the Act of 16 July 2004 entitled Telecommunications Law. In particular, we use an SSL certificate for data protection purposes.
We do not disclose any data collected through the Website to other entities, except for subcontractors that have been scrutinized by us, unless with the user’s consent. We provide such data to our subcontractors on an ongoing basis.
Only our selected employees and selected employees of the subcontractors we have scrutinized, whose services we use to maintain the functionality of the Website and who are required to keep any information obtained in strict confidence, have access to personal data.
What are cookies?
Cookies are small files that the Website saves in the web browser on the user’s device whenever he or she visits the Website pages. Cookies consist of a series of letters and numbers that contain information necessary for the proper operation of the Website.
What kinds of cookie do we use?
Serial files – temporary cookies that remain on the user’s device until the user logs out of the Website or shuts down the web browser,
Permanent files – files that remain on the user’s device for the time specified in the cookie parameters or until they are manually deleted from the web browser by the user.
Security of information
Data sent in cookies are safe and do not affect the operation of the user’s device in any manner whatsoever. Data in cookie files are sent in encrypted form, preventing any unauthorized access.
User management of cookies
The user may independently set up cookies from the level of the web browser used on his or her device. By default, web browsers have the option of sending cookies from websites to the user’s device. The default settings may be changed by the user in the following two ways:
- The user may block the automatic handling of cookies in the web browser settings on his or her device, which may, however, impair some of the Website’s functionalities or completely disable the use of the Website,
- The user may, in the web browser options on his or her device, turn on the notification function about every instance of the sending of cookies to his or her device.
Data about the user’s IP address are saved in the logs of the Website and contain the date and time of connection to the Website. Such information is used only for statistical purposes concerning the number of visits and does not personally identify the user.