Privacy policy

Town on the Trail of Borderland Cultures

1. General information

The privacy policy describes the rules for processing information about you, including personal data and cookies.

  1. This policy applies to the website located at the URL: The operator of the website and the data controller is: “OBYWATELSKA PRZEDSIĘBIORCZOŚĆ NA RZECZ INTEGRACJI, ROZWOJU GOSPODARCZEGO, KULTURY, TURYSTYKI I SPORTU ORAZ ZACHOWANIA TRADYCJI REGIONÓW KRESOWYCH- BIŁGORAJ XXI”, I. B. Singera 9, 23-400 Biłgoraj.
  2. Contact email address of the operator:
  3. The operator is the data controller for your personal data voluntarily provided in the Service.
  4. The Service uses personal data for the following purposes:
    – running a newsletter,
    – operating a comment system,
    – handling inquiries via the form,
    – providing ordered services,
    – presenting offers or information.
  5. The Service collects information about users and their behavior in the following ways:
    – through voluntarily entered data in forms that are entered into the Operator’s systems.
    – by storing cookies on end-user devices (so-called “cookies“).”

2. Selected data protection methods used by the Operator

  1. The places of login and entering personal data are protected in the transmission layer (SSL certificate). This means that personal data and login information entered on the website are encrypted on the user’s computer and can only be read on the destination server.
  2. Personal data stored in the database is encrypted in such a way that only the Operator with the key can read it. This ensures that the data is protected in case of a database breach on the server.
  3. User passwords are stored in a hashed form. The hashing function works one way only – it is not possible to reverse its operation, which is currently the modern standard for storing user passwords.
  4. Two-factor authentication is implemented on the website, which provides an additional layer of protection for logging into the Service.
  5. The Operator periodically changes their administrative passwords.
  6. To protect data, the Operator regularly performs backups.
  7. An essential element of data protection is the regular update of all software used by the Operator for processing personal data, including regular updates of programming components.

3. Hosting

The service is hosted (technically maintained) on the servers of the operator: JCHost.

4. Your rights and additional information on data usage

  1. In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to fulfill the contract concluded with you or to fulfill the obligations imposed on the Administrator. This applies to such groups of recipients:
    – Hosting company on the basis of data processing agreement,
    – Comment system operators,
    – Operators of online chat solutions,
    – Authorized employees and collaborators who use the data to achieve the purpose of the website’s operation,
    – Companies providing marketing services on behalf of the Administrator.
  2. Your personal data processed by the Administrator will not be retained longer than necessary for the activities related to them as specified by separate regulations (e.g., accounting). In the case of marketing data, the data will not be processed for more than 3 years.
  3. You have the right to request from the Administrator:
    – Access to your personal data,
    – Their correction,
    – Deletion,
    – Restriction of processing,
    – And data portability.
  4. You have the right to object to the processing referred to in point 3.3 c) regarding the processing of personal data for the purposes of the legitimate interests pursued by the Administrator, including profiling. However, the right to object cannot be exercised if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, especially in the establishment, exercise, or defense of legal claims.
  5. You have the right to lodge a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, regarding the actions of the Administrator.
  6. Providing personal data is voluntary but necessary for the operation of the Service.
  7. Automated decision-making, including profiling, may be taken against you for the purpose of providing services under the concluded contract and for conducting direct marketing by the Administrator.
  8. Personal data is not transferred to third countries within the meaning of personal data protection regulations. This means that we do not transfer them outside the European Union territory.

5. Information in forms

  1. The Service collects information voluntarily provided by the user, including personal data, if they are provided.
  2. The Service may store information about connection parameters (time stamp, IP address).
  3. In some cases, the Service may store information that facilitates linking data in the form with the user’s email address filling out the form. In such a case, the user’s email address appears within the URL of the page containing the form.
  4. Data provided in the form is processed for the purpose arising from the specific form function, e.g., to process a service request or business contact, registration of services, etc. Each time, the context and description of the form clearly inform what it is used for.

6. Administrator's logs

Information about user behavior on the website may be subject to logging. This data is used for the administration of the service.

7. Significant marketing techniques

  1. The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc. based in the USA). The Operator does not transmit any personal data to this service provider, only anonymized information. The service is based on the use of cookies on the user’s end device. Regarding user preferences collected by the Google advertising network, users can view and edit information derived from cookies using the tool:
  2. The Operator uses remarketing techniques to tailor advertising messages to user behavior on the website. This may give the illusion that user personal data is being used for tracking, but in practice, no personal data is transferred from the Operator to advertising operators. The technological condition for such activities is the enabled cookie support.
  3. The Operator uses the Facebook pixel. This technology informs Facebook (Facebook Inc. based in the USA) that a registered person on Facebook is using the Service. In this case, it relies on data for which it is the administrator, and the Operator does not provide any additional personal data to the Facebook service. The service is based on the use of cookies on the user’s end device.
  4. The Operator uses an automated solution to automate the operation of the Service in relation to users, for example, it may send an email to the user after visiting a specific subpage, provided the user has given consent to receive commercial correspondence from the Operator.

8. Information about cookies

  1. The Service uses cookies.
  2. Cookies are computer data, in particular text files, which are stored in the end device of the Service User and are intended for use on the websites of the Service. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.
  3. The entity that places cookies on the end device of the Service User and has access to them is the operator of the Service.
  4. Cookies are used for the following purposes:
    – maintaining the user’s session on the Service (after logging in), so the user does not have to enter their login and password on each subpage of the Service;
    – achieving the goals specified in the “Significant marketing techniques” section above.
  5. Two basic types of cookies are used within the Service: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the user’s end device until they log out, leave the website, or close the web browser. “Persistent” cookies are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.
  6. Web browsing software (web browser) usually allows cookies to be stored on the user’s end device by default. Service users can change their cookie settings in this regard. The web browser allows you to delete cookies. Automatic cookie blocking is also possible. Detailed information on this subject can be found in the help or documentation of the web browser.
  7. Limitations on the use of cookies may affect some functionalities available on the Service’s websites.
  8. Cookies placed in the end device of the Service User may also be used by entities cooperating with the operator of the Service, in particular, this applies to companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
    More information about cookies can be found on our website: Cookie Policy.

9. Managing cookies - how to give and withdraw consent in practice?

  1. Should a user choose not to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, and user preference maintenance processes may hinder or, in extreme cases, prevent the use of websites.
  2. To manage cookie settings select the web browser:
    – Edge
    – Internet Explorer
    – Chrome
    – Safari
    – Firefox
    – Opera

    Mobile devices:
    – Android
    – Safari (iOS)
    – Windows Phone