Privacy Policy

HARISTO Ltd. with its registered office in London at: 63/66 Hatton Garden, Fifth Floor, Suite 23, postcode: EC1N 8LE London, United Kingdom, processes personal data based on the consent expressed by the data subject (i.e. based on Article 6(1) point (a) of the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the GDPR). At the same time, it is hereby stipulated that HARISTO Ltd. shall also have the right to process personal data in order to safeguard its legitimate interests in situations where the above-mentioned interests are not overridden by the interests or fundamental rights and freedoms of the data subject, i.e. based on Article 6(1) point (f) of the GDPR.

HARISTO Ltd. shall process personal data for the period during which the data subject uses the Websites or until the moment the data subject requests the erasure of his or her collected personal data.

This Privacy Policy refers to websites, in terms of cookies, as well as other similar technologies used to record information about Users (hereinafter referred to as “websites”) operated by HARISTO Ltd. with its registered office in London, UK and guarantees the Users of the Operator’s websites the right of choice in terms of providing access to the information that concerns them.

Rights of the data subject

The data subject whose data is processed by HARISTO Ltd. shall have the right to:

• access his or her personal data processed by HARISTO Ltd. along with the information referred to in Article 15(1) of the GDPR, also contained in this Privacy Policy. At the same time, the data subject shall have the right to request a copy of his or her personal data which is subject to the processing;
• obtain, without undue delay, the rectification of inaccurate personal data or have incomplete personal data completed;
• request the erasure of his or her personal data (the right to be forgotten) in a situation, in which:
  • the personal data is no longer necessary in relation to the purposes for which it is processed;
  • the data subject has withdrawn his or her consent to the processing of personal data concerning him or her;
  • the data subject has objected to the processing of personal data concerning him or her, which is discussed further on in this Privacy Policy;
  • the personal data was processed by HARISTO Ltd. illegally;
  • the obligation to erase the personal data is stipulated in the regulations of the Community or national law;
  • the consent to the processing of personal data was expressed by a minor, below 16 years of age;
• request the restriction of the processing of personal data in a situation, in which:
  • the accuracy of the personal data is contested by the data subject or the data subject objects to the processing, as discussed further on in this Privacy Policy – for a period enabling HARISTO Ltd. to verify the accuracy of the personal data or determine whether the objection is justified;
  • in spite of the illegality of the processing of personal data, the data subject only wants to limit its scope in the database of HARISTO Ltd. instead of erasing it;
  • the processing of the personal data is no longer necessary for HARISTO Ltd., yet the data subject needs it to continue to be processed for the purpose of establishing, exercising or defending his or her legal claims.

In the period of restriction of the processing of personal data, HARISTO Ltd. shall have the right to store the data, and the processing of the data shall only be allowed with the consent of the data subject or for the purpose of establishing, exercising or defending legal claims or in order to protect the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State;

• receive the personal data concerning him or her, which he or she provided to the data controller, in a structured, commonly used, and machine-readable format. The data may be transmitted directly to a data controller designated by the data subject, where technically feasible.

Any refusal to comply with the above-mentioned requests by HARISTO Ltd. needs to be justified by the regulations of the generally applicable law, in particular the GDPR.

The data subject may exercise the rights discussed above by sending his or her request to the e-mail address of the Data Protection Officer: monika@haristo.com

Objection

The data subject shall have the right to object to the processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.

If the data subject does object to the processing of personal data, HARISTO Ltd. shall without undue delay restrict the processing of personal data pursuant to the terms specified in the previous section. Then, if the objection turns out to be justified, the personal data shall be erased by HARISTO Ltd., unless their further processing for purposes other than marketing purposes is required based on important, legitimate grounds, overriding the interests, rights, and freedoms of the data subject or unless the data constitutes the basis for the establishment, exercise or defence of legal claims. If the data subject objects to the processing of personal data for the purpose of direct marketing, HARISTO Ltd. shall cease processing this data for the such purpose.

The data subject may object to the processing of personal data by sending his or her request to the e-mail address of the Data Protection Officer: monika@haristo.com

What are cookies?

Cookies contain short text and numerical information placed on the device used by the User to browse websites or other IT data. They are mainly text files stored on Users’ end devices (including PCs, laptops, smartphones, tablets) used to access websites. The files make it possible to recognise the User’s device and properly display the given website tailored to his or her individual preferences. Cookies usually contain information such as the name of the website they come from, the time of storage on the end device, and their unique number. Cookies have no impact on the software installed on the end User’s device. Cookies from the Operator’s website can only be read by the Operator.

How do we use cookies?

Cookies are used in order to tailor website content to the preferences and expectations of the User and to optimise website use. They are also used to create anonymous, aggregated statistics which help us understand how the User uses our websites, which makes it possible to improve their structure and content, excluding personal identification of the User. Thanks to cookies, we can check website performance, analyse and examine how our websites work by creating anonymous statistics, which lets us improve their structure and content.

Do cookies contain personally identifiable information?

Personal data collected using cookies may be collected only in order to perform certain functions for the User. Such data is encrypted in a way making it impossible for unauthorised persons to access it. We never identify the identity of Users based on information provided by cookies. Operating data collected using cookies may also be collated with demographic data (e.g. age, sex, city size) provided by the User at registration. In such case, any User identifiers are removed from the collated data (anonymisation). In order to meet the objectives referred to above, the Operator may cooperate with business partners, e.g. advertisers, research companies, application providers, etc.

Categories and types of cookies used on the Operator’s websites:

Two categories of cookies are used – session cookies and persistent cookies. Session cookies remain on the User’s device only during the use of the Operator’s websites. Persistent cookies remain on the User’s device for the duration of their defined lifetime or until they are removed by the User.

When it comes to the types of cookies used by the Operator, they include the following:
- cookies required for the website to work properly, the so-called “strictly necessary cookies” – they allow the User to freely browse the Operator’s websites and use their individual elements;
- cookies improving website performance, the so-called “performance cookies” – they collect information about the way in which the User uses the Operator’s websites through the identification of the areas he or she visited, the time spent there, and any difficulties in the form of error messages;
- cookies improving website functionality, the so-called “functionality cookies” – they remember the settings and choices made by the User and personalise content settings and services;
- advertising cookies – thanks to them, the User receives adverts tailored to his or her preferences.

Deleting Cookies

By default, the software used to browse websites allows cookies to be placed on the end device. If the User does not want to receive cookies, he or she should change the settings of the end device so as to disable cookies in the browser settings or to receive a notification every time cookies are placed on the device. Detailed information about the options and ways of handling cookies can be found in the end device User’s software (browser) settings or on the producer’s website. At the same time, we would like to note that limiting or disabling cookies may impact certain functionalities available on the website, and in extreme cases, it may make it impossible for the User to use the Operator’s website.

Data Protection Officer and the Supervisory Authority

The person appointed by HARISTO Ltd. to supervise the security of the processing of personal data and ensure the exercise of the rights of the data subjects is the Data Protection Officer.

You can contact the Data Protection Officer on any matters concerning the processing of personal data e-mailing: privacy@haristo.com

Data subjects shall also have the right to lodge a complaint with the competent local Supervisory Authority, i.e. Data Protection Officer https://www.gov.uk/government/organisations/cabinet-office/about/personal-information-charter.

Final provisions

To all matters not settled herein, the regulations of the generally applicable law, in particular the GDPR, shall apply.

HARISTO Ltd. reserves the right to change this Privacy Policy. The current text of the Privacy Policy will always be available at https://www.haristo.com/en/privacy-policy/

This Privacy Policy is effective as of 31 August 2020.