Privacy Policy

Cybersecurity

Antywirusy i ochrona urządzeń

ESET

Bitdefender

WithSecure

G Data

FORTINET

Zapory sieciowe nowej generacji (UTM)

FORTIGATE

Stormshield

Ochrona przed wyciekiem danych (DLP)

Safetica

Kopie zapasowe

NAKIVO

XOPERO

VEEAM

Acronis

Kontrola dostępu (PAM)

Segura

Zarządzanie urządzeniami mobilnymi (MDM)

PROGET

Bezpieczeństwo apikacji webowych (WAF)

Barracuda

Systemy cybersecurity

Sekoia

HOLM SECURITY

Usługi cyberbezpieczeństwa

Dagma Audyty Bezpieczeństwa IT

Dagma Szkolenia IT
VoIP

Centrale telefonicze

3CX

OpenVox

Slican

Centrale telefoniczne Open source

Asterisk

FreePBX

Nasze autorskie centrale telefoniczne

VoiperoPBX

TaxiPBX

Monitoring central telefonicznych

VoiperoManager

Zaawansowany bot głosowy AI

VoiperoBot

Kontrolery sesji (SBC)

VoiperoSBC

Kamailio

Bramki GSM/SMS

OpenVOX
Blog
News

PRIVACY AND "COOKIES" POLICY

This document governs the Privacy and Cookie Policy of the website hotkey404.com, operated at the URL address: https://hotkey404.com, hereinafter referred to as the “Website”, and all related matters. The Website is managed by:

HOTKEY404 Tomasz Tańcula, based in Kraków (31-802), os. Na Lotnisku 6/18; NIP: 678 297 83 83 and REGON: 385655719, hereinafter referred to as the “Service Provider”. The Service Provider can be contacted by phone at (+48) 22 770 70 70 and via email at: info@hotkey404.com.

Introduction

In the section describing the privacy policy, we inform about the conditions of collecting, processing, using, and protecting the personal data of the Website’s users, hereinafter referred to as “Users”. Personal data means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their identity. Providing personal data is voluntary, but necessary to use certain features, such as using the telecommunications service and/or registering an account on the Website or using contact forms. These purposes are always clearly stated. Failure to provide this data may make it impossible to use these functionalities.

This document also outlines technologies related to data processing, such as browser memory and geolocation.

As part of the cookie policy, we provide information on the conditions for storing or accessing information already stored in the end-user’s telecommunications devices. An end-user is understood as a natural person or entity using a publicly available telecommunications service or requesting such a service to satisfy their own needs.

Declaration

To fulfill our primary goal of respecting privacy, we strive to exercise all due diligence. To achieve this goal, we follow the standards and rules resulting from generally applicable legal regulations. These are, in particular: GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC), the Act of 10 May 2018 on the protection of personal data, the Act of 18 July 2002 on the provision of electronic services, and the Act of 16 July 2004 – Telecommunications Law. In particular, we make due efforts to ensure that personal data is:

processed lawfully, fairly, and in a transparent manner,
collected for lawful purposes, about which we inform at the time of collection,
not further processed in a way incompatible with the purposes stated at the time of data collection,
accurate and, where necessary, kept up to date,
factually correct and adequate in relation to the purposes for which it is processed,
appropriately secured against unauthorized access, destruction, disclosure, and unlawful use,
stored in a form that allows the identification of the person concerned no longer than necessary for the purposes for which the data is processed, as indicated before or during the data collection process.

The data processed by the Service Provider is stored on secure and professional external servers under agreements that ensure an appropriate level of data protection.

Personal Data Administrator

The administrator of personal data processed through the Website is the Service Provider.

Legal Basis and Duration of Personal Data Processing

When collecting personal data, we always inform about the legal basis for its processing. If we refer to:

Art. 6(1)(a) of the GDPR – it means that we process personal data based on the obtained consent,

Art. 6(1)(b) of the GDPR – it means that we process personal data because it is necessary for the performance of a contract or to take steps prior to entering into a contract at the data subject’s request,
Art. 6(1)(c) of the GDPR – it means that we process personal data to comply with a legal obligation,
Art. 6(1)(f) of the GDPR – it means that we process personal data to pursue legitimate interests, which are always specified.

We may also process personal data based on other specific legal acts, such as the Act on the Provision of Electronic Services.

The duration of personal data processing depends on the legal basis and the purpose of the processing. We always inform about this before or during the collection of personal data. Sample data retention periods:

Personal data processed on the basis of consent will be processed until the consent is withdrawn.
Personal data processed using cookies and similar technologies will be processed until the files are deleted using browser or device settings and an objection is raised to their processing.
Personal data processed in connection with legal obligations (e.g., issuing invoices) will be processed within the timeframe required by accounting and tax laws.
Personal data related to service provision, including sales, will be stored until the statute of limitations for possible claims expires, in accordance with applicable law.

Scope and Purposes of Personal Data Processing

We process Users’ personal data in structured datasets, which are defined by the purpose of processing. We process the data to the extent necessary to fulfill the intended purpose. The list below includes datasets, their scope, and the purposes of data processing.

Dataset Name	Scope of Processed Data	Purpose of Processing
Personal data set of Website Users.	full name / company name email address IP address	Enable use of the Website’s functionalities.
Personal data set of Users who concluded a sales contract via the Website.	full name / company name address email address phone number tax ID number (NIP) IP address	Conclusion and performance of the sales contract with Users.
Personal data set of Users who submitted complaints or withdrawal declarations.	full name / company name address phone number email address tax ID number (NIP)	Conduct proceedings related to complaints or contract withdrawals.
Data set of persons corresponding with the Service Provider.	full name email address phone number	Provide Users with commercial, organizational, or technical information by the Service Provider.

Additionally, possible purposes of personal data processing include:

fulfilling legal obligations arising from generally applicable laws, such as accounting or tax law,
pursuing and responding to claims.

We always inform about the purposes of personal data processing before or at the time of data collection.

Disclosure of Personal Data

We may entrust personal data processing to other entities on our behalf. These may include, for example: hosting providers, accounting or legal services, payment operators, or other partners we work with to ensure proper service delivery.

We inform about the recipients of personal data always before or at the time of data collection.

Entrusting data processing always takes place based on a data processing agreement or other legal instrument ensuring an appropriate level of security for the processed personal data.

A current list of entities to whom we entrust data processing is always available. To obtain access to it, simply request it from us, e.g., by sending an email. The legal basis for data entrustment is Article 28 of the GDPR.

In the case of data transfer outside the European Economic Area, we always inform about this fact before or at the time of data collection.

In all other cases, we do not disclose collected data to third parties unless required by generally applicable laws, i.e., at the request of an authorized authority or court.

Rights of Data Subjects

In connection with the processing of personal data, individuals whose data we process have the following rights. The ability to exercise these rights depends on the legal basis of data processing.

Right of Access

The data subject has the right to obtain confirmation from us as to whether their personal data is being processed. If this is the case, they have the right to access that data and receive additional information (e.g., purposes, categories, recipients, retention, rights, source).

Upon receiving such a request, we are obliged to provide a copy of the personal data being processed. If the request is made electronically and no other request is made, we will also provide the information electronically.

Right to Rectification

The data subject has the right to request the immediate rectification of inaccurate personal data concerning them. Taking into account the purposes of processing, they also have the right to request completion of incomplete personal data, including by submitting an additional statement.

Right to Erasure (“Right to Be Forgotten”)

The data subject has the right to request the immediate deletion of personal data concerning them. We are then obliged to delete the data without undue delay if one of the following grounds applies:

the consent has been withdrawn and there is no other legal basis for processing,
an effective objection to processing has been made,
the data was processed unlawfully,
the data must be deleted to comply with a legal obligation,
the data was collected in connection with offering information society services.

Right to Restriction of Processing

The data subject has the right to request restriction of processing in the following cases:

they contest the accuracy of personal data – for a period allowing us to verify the data accuracy,
the processing is unlawful and the data subject opposes the erasure of the data and requests restriction instead,
we no longer need the data for processing purposes, but the data is required by the data subject to establish, exercise, or defend legal claims,
the data subject has objected pursuant to Art. 21(1) of the GDPR pending verification whether the legitimate grounds on our side override the grounds for the objection.

Right to Data Portability

The data subject has the right to receive their personal data, which they have provided to us, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance from us, provided that the processing:

is based on consent or on a contract; and
is carried out by automated means.

In exercising the right to data portability, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible. This right must not adversely affect the rights and freedoms of others.

Right to Object

The data subject has the right to object at any time – on grounds relating to their particular situation – to the processing of their personal data which is based on Article 6(1)(f) (legitimate interests of the controller), including profiling. In such cases, we are no longer allowed to process this personal data unless we demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.

Also, if the data subject objects to processing for direct marketing purposes (including profiling for marketing), their personal data may no longer be processed for such purposes.

Server Logs

These are internal event logs of the Website’s server, automatically recording page requests sent when Users use the Website. System logs include the page request sent by the User, IP address, browser type, browser language, request date and time, and at least one “cookie” file that can uniquely identify the User’s browser.

The data collected in system logs is used solely for administering the Website. It is not transferred to third parties, except in situations described in this document.

In connection with the use of the Website by Users, we may automatically collect and store in server logs technical details on how services are used, requests sent by the User related to electronic service provision, IP address, and technical data about the functioning of the Website during activities performed by the User. These include information about the start, end, and scope of each use of the electronic service. We may also collect information for local storage on the User’s device using browser memory mechanisms.

Cache Memory

While providing services to Users, we may automatically use browser, app, or device cache memory. This involves storing data in the browser memory installed on the User’s device. Local storage allows storing data between sessions. The purpose of using cache memory is to speed up the use of the Website by eliminating the need to repeatedly download the same data, thus reducing bandwidth usage.

Geolocation

We or third parties via cookies may use geolocation functionality, which involves collecting and processing information about the User’s location. For this purpose, the following data may be processed: IP address, GPS sensor data, Wi-Fi access point location, or cellular base station data.

Cookies and Profiling – Introduction

While providing services to Users, we use professional technologies to collect and store information, such as cookies. These are commonly used, small files containing a string of characters that are sent and stored on the User’s end device (e.g., computer, laptop, tablet, smartphone) when visiting the Website. This information is sent to the browser’s storage and sent back at subsequent visits. Cookies contain information necessary for the proper use of the Website. Typically, they include the originating website, the time they are stored on the device, and a unique number. External entities listed in section 16 of this Privacy and Cookie Policy may also have access to cookie data.

As part of “business” cookies, we may use cookies that allow us to understand user preferences. For example, we may analyze visit frequency. This allows us to better tailor our offerings, e.g., by displaying ads suited to individual users’ needs and preferences or retargeting those who have previously visited our website. Disabling these cookies will prevent such advertising.

Legal Basis for Cookie Processing

Consent to cookie processing can be given by:

using a button indicating consent or confirming reading its terms,
configuring the software installed on the User’s telecommunications end device,
configuring the service used by the User.

This consent can be withdrawn at any time, free of charge, in the manner described in the cookie management section.

What Cookies Do We Use?

Cookies can be categorized using three criteria.

According to their purpose:

Essential cookies – necessary for the proper functioning of the Website and its features, e.g., authentication cookies. Without storing them, using the Website is not possible,
Functional cookies – allow storing selected User settings and preferences, such as language, font size, or website layout. These improve the Website’s functionality and performance. Without them, certain features may be limited,

According to their lifespan:

Session cookies – expire at the end of the User’s session,
Persistent cookies – remain after the session ends.

According to the entity managing them:

Service Provider’s cookies,
Third-party cookies.

Service Provider’s Cookies

Service Provider’s cookies allow us to recognize the User’s device and display the Website tailored to their individual preferences, making the use of its features easier and more enjoyable. By storing these cookies on the User’s device, it is possible, for example, to remember login details, maintain a session after logging in, remember selected goods or services, or adapt the Website to User preferences, such as layout, language, or color scheme.

Third-Party Cookies

The Service Provider may use cookies from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA, as part of the following services:

Google Analytics – used to evaluate the effectiveness of advertising campaigns run using Google Adwords, as well as to study User behavior and traffic and to compile traffic statistics,

The use of third-party cookies is governed by the privacy and cookie policies of those entities. The current rules of these third parties can be found here: https://www.e-regulaminy.pl/biuletyn/polityki-prywatnosci-i-plikow-cookies/.

Managing Cookies and Other Information

By default, browser settings usually allow cookies and other information to be stored on the end device. If the User does not agree to the storage of these files, they must change the browser settings. It is possible to disable their storage for all connections or for specific websites, as well as to delete them. The method of managing cookies depends on the software used. The current management rules can be found in the browser settings and at: https://www.e-regulaminy.pl/biuletyn/polityka-cookies-obsluga/.

Consent to the processing of cookies is voluntary. However, please note that limiting their use may affect or prevent the use of some Website functionalities.

Links to Other Websites or Software

The Website may contain links to other websites or software. We are not responsible for the privacy or cookie policies of those websites or software. We recommend reading their privacy and cookie policies upon visiting or installing them.

Changes to the Privacy and Cookie Policy

We reserve the right to amend this Privacy and Cookie Policy. In such a case, we will publish the updated version in this location.

Contact and Reporting

We consistently strive to process Users’ personal data and cookies in accordance with the highest standards. Therefore, we have implemented a rapid response system for potential threats to these standards. If you identify a threat or breach, please contact us immediately using the details below:

info@hotkey404.com
Phone: +48 22 770 70 70

We are happy to receive any feedback. If you have any questions, requests, or concerns regarding the processing of personal data or cookies, please feel free to contact us.