PRIVACY POLICY KELLTON POLAND SP. Z O.O.

Last Modified: February 16, 2024

Definitions

1.1. Controller - KELLTON POLAND spółka z ograniczoną odpowiedzialnością̨ with seat in Wrocław, ul. Wyścigowa 56g/2a, 53-012 Wrocław, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, VI Commercial Division of the National Court Register under no. KRS 0000466173, amount́ of initial capital: PLN 5,000.00, NIP: 8992744652,

1.2. Personal data - information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, Internet identifier and information collected through cookies and other similar technology.

1.3. Policy - this Privacy Policy.

1.4. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

1.5. Service - www.kellton.com

1.6. User - any natural person using the Service.

1.7. Cookies - small text files stored on the User's device when using the Service and any other similar technologies used to collect information about the User's activity on the Service. Cookies may come from the Controller or from the Controller's trusted partners.

I. Privacy Policy of the Service

1. Processing of Personal Data in connection with the use of the Service
1.1. In connection with the User's use of the Service, the Controller collects data to the extent necessary to provide the various services offered. The use of some of its modules or functions is conditioned on the provision of data about the location of the mobile device used to use the Service. Detailed rules and purposes of processing Personal Data collected during the User's use of the Service are described below.

2. Purposes and legal basis for the processing of Personal Data on the Service
A) Use of the Service
2.1 Personal data of all persons using the Service are processed by the Controller:
2.1.1. for the purpose of providing services electronically in terms of providing Users with access to content collected on the Service - in which case the legal basis for processing is the necessity of processing for the performance of the contract (Article 6.1.b of the GDPR).
2.1.2. for the purpose of establishing and asserting claims or defending against claims - the legal basis for processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR), consisting in the protection of its rights.

B) Contact form
2.2 The Controller shall provide the possibility of contacting him using an electronic contact form. Using the form requires providing Personal Data necessary to contact the User and respond to the inquiry. The User may also provide other data to facilitate contact or handling of the inquiry. Provision of data marked as mandatory is required in order to accept and service the inquiry, and failure to provide such data will result in the impossibility of service. Provision of other data is voluntary.
2.3 Personal data is processed for the purpose of identifying the sender and handling his/her inquiry sent through the form provided - the legal basis for processing is the necessity of processing for the performance of the service contract (Article 6(1)(b) GDPR); with regard to data provided optionally, the legal basis for processing is consent (Article 6(1)(a) GDPR).

C) Recruitment process
2.4. Personal data will be processed for the purpose of conducting the recruitment process, on the basis of the provisions of the labor law (Article 6(1)(c) RODO). Data not required by law, provided in the submitted documentation, will be processed on the basis of a consent, for which will be considered their submission (Article 6(1)(a) RODO).
2.5. In addition, personal data, may be processed for purposes related to future recruitment processes, on the basis of separately expressed consent (Article 6(1)(a) RODO).

3. Cookies
3.1 The Controller within the Service uses cookies. The purposes and rules regarding the use of cookies can be found in the Cookie Policy.

4. Retention of Personal Data
4.1 Data retention period depends on the type of service provided and the purpose of processing. As a general rule, data are processed for the duration of the service, until the withdrawal of the consent given or the filing of an effective objection to data processing in cases where the legal basis for data processing is the legitimate interest of the Controller.
4.2 Data retention period may be extended if the processing is necessary for the establishment and assertion of possible claims or defense against claims, and thereafter only if and to the extent required by law. After the expiration of the processing period, the data shall be irreversibly deleted or anonymized.

5. Rights of the User
5.1 You have the right to access the content of your data and to request rectification, deletion, restriction of processing, the right to data portability and the right to lodge a complaint with the supervisory authority for the protection of Personal Data.
5.2 You also have the right to object to data processing that is based on the legitimate interests of the Controller.
5.3 To the extent your data is processed on the basis of consent, you may withdraw that consent at any time by contacting the Controller via biuro@kellton.com.
5.4 The user also has the right to file a complaint with the Office for Personal Data Protection.

6. Recipients of Personal Data
6.1 In connection with the performance of services, Personal Data may be disclosed to external entities, including, in particular, IT service providers that allow for the proper use of the Service.
6.2 The Controller reserves the right to disclose selected information concerning the User to the competent authorities or third parties who submit a request for such information, based on the relevant legal basis and in accordance with the provisions of the applicable law.

7 . Transfer of Personal Data outside the EEA
7.1 The level of protection of Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Controller will transfer Personal Data outside the EEA only when necessary and with an adequate level of protection, primarily by:
7.1.1. cooperation with processors of Personal Data in countries for which a relevant decision of the European Commission has been issued regarding the determination of ensuring an adequate level of protection of Personal Data;
7.1.2. use of standard contractual clauses issued by the European Commission;
7.1.3. application of binding corporate rules approved by the relevant supervisory authority.
7.2 The Controller shall always inform of its intention to transfer Personal Data outside the EEA at the stage of collection. Due to the fact that the Company uses the services of other providers, such as for ICT services, and also transfers certain information within the group of companies, your data may be transferred outside the European Economic Area. In such a case, this will always be done in such a way as to ensure the security of your data, based on the relevant standard contractual clauses adopted by the European Commission.

8. Security of Personal Data
8.1 The Controller shall conduct a risk analysis on an ongoing basis to ensure that the Personal Data is processed by the Controller in a secure manner - ensuring, first and foremost, that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. The Controller ensures that all operations on Personal Data are recorded and performed only by authorized employees and associates.
8.2 The Controller shall take all necessary measures to ensure that its subcontractors and other cooperating entities also provide guarantees to apply appropriate security measures whenever they process Personal Data on behalf of the Controller.

9. Provision of Personal data in the Service is voluntary, however needed for us to deal with your request. With regard to the information indicated in the recruitment process as necessary, in accordance with the law - providing data is mandatory and necessary to participate in the recruitment process. Failure to provide them may prevent participation in the recruitment process. Providing data other than those indicated in the recruitment process as required does not affect the recruitment process and is not necessary.

10. Contact information
10.1 The Controller can be contacted via biuro@kellton.com.

11. Changes to Privacy Policy
11.1 The policy shall be reviewed on an ongoing basis and updated as necessary.
11.2 The current version of the Policy has been adopted and is effective as of 1 January 2024.

II. Cookie Policy

The site allows the collection of information about the user through cookies and similar technologies, the use of which most often involves the installation of this tool on the user's device (computer, smartphone, etc.). This information is used to remember the User's decisions (e.g. choice of font, contrast, acceptance of policies), maintain the User's session (e.g. after logging in), remember the password (with consent), collect information about the User's device and his/her visit for security purposes, but also to analyze visits and customize content.

1. What are cookies used for on the Service?
1.1 The Controller uses Cookies primarily to enable the User to access the Service and facilitate the User's use of the Service.
1.2 The Controller also uses Cookies for analytical and marketing purposes - but only if the User agrees to this when using the Service for the first time or changes his/her preferences through the user panel during its use.
1.3 The Controller also uses other technologies and technical solutions that allow access to information stored on the User's device or browser (e.g. Local Storage, through which the Controller gains access to information stored during the use of the Service in a separate part of the User's browser memory).

2. What types of Cookies are used on the Service?
2.1 Cookies used on the Service are divided into the following categories:

TYPE

Description

Necessary Cookies

These cookies are installed to provide the User with access to the Service and its basic functions, and therefore do not require the User's consent. Without the necessary Cookies, the Controller would not be able to provide Users with services on the Service.

Optional Cookies

These cookies are used by the Controller only if the User consents to them.
These cookies are:
- Functional - allow us to remember Users' preferences or choices (such as username, language, text size or other customizable elements) and provide Users with personalized content on the Service;
- Analytical - they make it possible to check the number of visits and sources of traffic on the Service. They help identify which of its features are more or less popular and understand how users navigate the Service. This allows the Controller to improve the performance of the Service;
- Advertising - are used to provide advertisements in accordance with Users' interests and preferences. Based on the information from these files and activity on other Services or sites, a profile of Users' interests is built.

3. Are Third Party Cookies used on the Service?
3.1 By using the Service, the User may receive Cookies from third parties cooperating with the Controller. More detailed information is provided below:

THIRD PARTY	DESCRIPTION
Analytics providers	In order to better understand how the Service works, the Controller works with analytics providers such as Google. For more information on how they use User data, click here: https://support.google.com/analytics/answer/7318509?hl=en
Advertising partners	The Controller's advertising partners (Google) may use advertising cookies to display advertisements that they believe will be of most interest to the User, and to measure the effectiveness of such advertisements on the Service.

4. How long are cookies stored?
4.1 The Service uses permanent and session cookies. Below you will find more information about how long they are kept:

TYPE

Description

Session Cookies

Some cookies are temporary files, stored until you log out, leave the Service or turn it off. These types of cookies help analyze traffic, enable identification and troubleshooting of technical problems, and make it easier to navigate the Service.

"Permanent" Cookies

"Permanent" Cookies are stored for the time specified in their parameters or until the User deletes them. They help the Controller remember the User's settings and preferences in order to make the User's next visit more convenient or to provide tailored content. Below is a list of cookies along with their lifespan:

Cookie Name	Cookie Publishing Tool (GA/Adw ords/One Trust etc.)	Cookie Function	Cookie Duration
Google Optimize	Adwords	This tag is used for A/B testing for Landing pages	2 Months
Quick Enquiry Form - Tracking GA4	Google Analytics	This tag was used for tracking the form filled by quick enquiry on older website	6 Months
enquiry	Adwords	This tag was used for form fill tracking	6 Months
custom	Google Analytics	Tracking page view, custom HTML was there for tracking page view.	6 Months
Sitelinks Searchbox	Google Analytics	Default tags for Sitelinks	6 Months
Conversion Linker_import_1	Adwords	These tags are used to measure click data so that conversions are measured correctly	6 Months
Contact Us - Thank You Page - GA4 Event	Google Analytics	Tracking Thakyou Page conversion from contact us page	6 Months
PPC Conversion Tracking	Google Analytics	Tracking ThankYou page conversion on other pages	6 Months
Contact Us Page Form	Adwords	PPC Contact us form tracking	7 Months
Google Ads Conversion Tracking - Pop Up Form - kellton	Adwords	Pop up form tracking	7 Months
Google Analytics GA4 Event - Pop UP Form - kellton	Google Analytics	Pop up form tracking	7 Months
Kellton GA4 - Config	Google Analytics	GA4 Confirgration	1 Year
chat_start	Adwords	Google Ads Conversion Tracking	3 Years
Conversion Linker	Adwords	These tags are used to measure click data so that conversions are measured correctly.	4 Years
GA tag	UA	Universal Analytics Implementation Setup	4 Years
Captcha	Google ReCaptch a	Captcha on Forms	6 Months
_hjSessionUser	Custom Cookie	Track user session history	3 Months

5. How can I change my cookie settings?
5.1 The Service uses a Consent Management Platform (CMP) to help you manage your cookie preferences.
5.2 You may use the CMP to change your cookie settings. CMP allows:
5.2.1. obtain detailed information about the Cookies used on the Service and the Controller's trusted partners;
5.2.2. give and withdraw consent for the Controller and trusted partners to use optional Cookies;
5.2.3. change previously selected settings.

6 Changes to the Cookie Policy
6.1 The cookie policy is reviewed on an ongoing basis and updated as necessary.
6.2 The current version of the Cookie Policy has been adopted and is effective as of 1 January 2024.