This Privacy Policy outlines the principles of processing personal data obtained through the website by the Administrator: OYSTER Sp. z o.o., based in Warsaw, Pl. Inwalidów 10, 01-552 Warsaw (04-412 Warsaw), registered in the National Court Register maintained by the District Court for the capital city of Warsaw, XIII Commercial Division under KRS number 0001064883, REGON 526723932, NIP 5252977211.

You can contact the Administrator via email: contact@oystertalents.com. 

The Privacy Policy covers the following websites: https://oystertalents.com/. 

In connection with the implementation of the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation “GDPR”), we inform you about the principles of processing your personal data collected when using the Administrator’s websites.

We make every effort to ensure all possible physical, technical, and organizational measures to protect personal data against accidental or intentional destruction, accidental loss, alteration, unauthorized disclosure, use, or access, in accordance with all applicable legal provisions.

I. Definitions:

Administrator – OYSTER Sp. z o.o., based in Warsaw, Pl. Inwalidów 10, 01-552 Warsaw, registered in the National Court Register maintained by the District Court for the capital city of Warsaw, XIII Commercial Division under KRS number 0001064883, REGON 526723932, NIP 5252977211.

Cookies – means IT data, in particular small text files, saved and stored on devices through which the User uses the website.

Administrator Cookies – means Cookies placed by the Administrator, related to the provision of electronic services by the Administrator through the Service.

External Cookies – means Cookies placed by the Administrator’s partners, through the website of the Service.

Device – means an electronic device through which the User gains access to the Service.

User – means the entity to whom, in accordance with the Regulations and legal provisions, electronic services may be provided or with whom an Agreement for the provision of electronic services may be concluded.

Service – means the website or application through which the Administrator operates the online service, operating under the domain https://oystertalents.com/. 

Device – means an electronic device through which the User gains access to the Service.

User – means the entity for whom, in accordance with the Policy and legal provisions, electronic services may be provided or with whom an Agreement for the provision of electronic services may be concluded.

 

II. Personal Data Collected on the Website

1. When using the website, we may process users’ personal data such as:
   1. Name and surname,
   2. Phone number,
   3. Email address,
   4. Current place of employment,
   5. Current position,
   6. CV.
2. Personal data are processed by employees and associates of the Administrator based on granted authorizations. Each person who has been authorized to process personal data has been familiarized with the principles of personal data protection and has committed to keeping the provided information confidential.
3. Personal data may be entrusted to an external entity that supports the Administrator in achieving processing purposes, e.g., marketing services, email handling, hosting, IT, administrative services, legal, advisory services.
4. The Administrator only uses the services of professional entities that guarantee the highest level of service and ensure the security of entrusted information.
5. Through the website, there may be a redirection to another website managed by another Administrator. The Administrator is not responsible for the personal data processed through other websites. Each time a new visit is made, the user should read the content of the Privacy Policy.

 

III. Purpose of Processing Personal Data

1. Personal data are processed for the purpose of:
   1. Concluding and executing an agreement – for the duration of the agreement and after its termination, until the proper execution of the agreement;
   2. Creating summaries, statistics, and analyses for the Administrator’s internal needs;
   3. Sending marketing content – until an objection is raised;
   4. Responding to users’ messages;
   5. Conducting recruitment processes.
2. The legal basis for the Administrator’s processing of personal data is:
   1. Article 6(1)(a) GDPR, i.e., the obtained consent to process personal data;
   2. Article 6(1)(b) GDPR, i.e., the execution of an agreement or taking action at the request of the data subject prior to entering into an agreement;
   3. Article 6(1)(c) GDPR, i.e., compliance with a legal obligation to which the Administrator is subject;
   4. Article 6(1)(f) GDPR, i.e., the legitimate interest of the Administrator.

 

IV. Principles and Duration of Personal Data Processing

1. The User’s personal data will be processed until the consent is withdrawn or in connection with the Administrator’s business activities, until the period specified in legal provisions or the purpose of processing is achieved.
2. The User has the right to access their data and correct, delete, limit processing, the right to data portability, the right to object to processing, and the right to withdraw consent if the processing is based on consent.
3. The User has the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office, if they believe that the processing of personal data concerning them violates the provisions of the General Data Protection Regulation of April 27, 2016.
4. Personal data will not be processed in an automated manner, including profiling.

 

V. Transferring Personal Data Outside the EU

1. The Administrator may use tools of entities based outside the European Economic Area (EEA) or that may store data outside the EEA. Personal data will not be transferred to international organizations. The Administrator will use all legally available protective measures to secure the transfer of such data. Data transfers outside the EEA may occur based on exceptions provided in Article 49 GDPR, if the conditions specified in this article are met. Information on the safeguards used and the scope of data transferred outside the EEA can be obtained by contacting the Administrator or the DPO.
2. Additionally, personal data may be transferred to entities providing services in Ukraine, based on standard contractual clauses, in accordance with Article 46(2)(c) GDPR.

 

VI. Profiling

1. Users’ personal data will not be processed in an automated manner, including profiling, meaning no decisions that produce legal effects concerning the person or similarly significantly affect them will be based solely on automated processing of personal data and no such automatically made decisions are associated.

 

VII. Activity on Social Media

1. The Administrator owns accounts on social media platforms:
   1. Facebook,
   2. LinkedIn,
   3. YouTube,
   4. Instagram.
2. The Administrator manages and administers accounts on social media platforms to promote products, services, and its activities. In these activities, the Administrator handles personal data of social media users who follow the Administrator’s profiles, participate in contests, events, and engage in dialogue both with the Administrator and other users through accounts managed by the Administrator.
3. If a user wishes to end the processing of personal data provided through social media, they should stop following the Administrator’s profiles using the options provided by the platform, e.g., by clicking the “Unlike” button on Facebook.
4. All rights to trademarks (including logos), copyrights, database rights, and all other intellectual property rights to the content of the website and social media profiles belong to the Administrator.
5. It is prohibited to copy, modify, use in any form, or reproduce in whole or in part the content of the website for commercial purposes without prior written consent from the Administrator and the content’s author.
6. Content presented on the website and social media profiles aims to promote the Administrator’s activities. Using materials for other purposes is prohibited.
7. Materials shared on the Administrator’s social media profiles are either the Administrator’s property or shared with the content authors’ consent.
8. The user using the Administrator’s social media profiles declares that the content they post:
   1. Will not be inappropriate. Inappropriate content is considered when:
      1. It is plagiarized, defamatory, offensive, harassing, false, misleading, derogatory, discriminatory, threatening, or harassing, expresses racial or sexual prejudices;
      2. Contains mocking, uncultured, offensive language, insults, obscene suggestions, or swearing;
      3. Contains quotes of other users’ statements taken out of context to create a false or negative impression;
      4. Is obscene, indecent, or pornographic; or
      5. Violates another person’s confidentiality or privacy rights. 
   2. Will not harm any ongoing legal proceedings known to the user;
   3. Will not contain accusations of indecency or personal criticism against the Administrator’s employees;
   4. Will not likely (i) cause fear, uncertainty, or anxiety to another person, (ii) incite violation of social norms, or (iii) encourage aggression or hatred based on race or religion;
   5. Will not infringe any copyrights, trademarks, patents, or other intellectual property rights of the Administrator or any third party;
   6. Will not be technically harmful (including, in particular, computer viruses, logic bombs, Trojan horses, worms, harmful components, corrupted data, or other malicious software, harmful data or actions);
   7. Will not constitute an offer, advertisement, or promotion of any product or service or contain requests for donations or financial support;
   8. Will not be spam or unsolicited advertising sent by mail;
   9. Will not aim to impersonate another person or falsely present the user’s identity, affiliation, or position;
   10. Will not present or encourage behaviours that could be considered a crime, lead to civil liability, or are against the law.
9. The User may post links to other websites and subpages on the Administrator’s profile, provided that: 

1. the content or links to such websites or subpages do not violate any provisions of the Privacy Policy; 
2. the terms of use of such websites or subpages allow for the posting of links to them; 
3. they are clearly and visibly marked as links; 
4. the content of the websites or subpages is clearly related to the Content next to which the link is placed; and 
5. the link does not cause any files to be automatically downloaded.

1. The Administrator reserves the right to promptly delete any content that violates the above rules, especially comments that are: 

1. defamatory, false, and misleading; 
2. offensive, insulting, or containing threats; 
3. obscene or of a sexual nature; 
4. harassing, racist, sexist, homophobic, or discriminatory against any religion or other groups of people.

Will be promptly deleted.  

1. Without the explicit consent of the Administrator, the User is not entitled to repost any Content or other materials or applications that have been previously removed.

 

VIII. Types of Cookies Used

The Cookies used by the Administrator are safe for the User’s Device. In particular, this method does not allow viruses or other unwanted software or malicious software to enter the User’s Devices. These files allow for identifying the software used by the User and customizing the Service individually for each User. Cookies usually contain the name of the domain they come from, the time they are stored on the Device, and a value assigned to them.

The Administrator uses two types of cookies:

• Session Cookies: are stored on the User’s Device and remain there until the end of the browser session. The stored information is then permanently deleted from the Device’s memory. The session cookies mechanism does not allow for the collection of any personal data or any confidential information from the User’s Device.
• Persistent Cookies: are stored on the User’s Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not cause their removal from the User’s Device. The persistent cookies mechanism does not allow for the collection of any personal data or any confidential information from the User’s Device.

Within the Service, the following types of cookies are used:

• “Necessary” cookies, enabling the use of services available within the Service, e.g., authentication cookies used for services requiring authentication within the Service;
• Security cookies, e.g., used to detect authentication abuse within the Service;
• “Performance” cookies, enabling the collection of information on how the websites of the Service are used;
• “Functional” cookies, enabling “remembering” the settings selected by the User and personalizing the User interface, e.g., in terms of the selected language or region from which the User comes, font size, website appearance, etc.

In many cases, the software used to browse websites (web browser) by default allows the storage of cookies on the User’s device. Users of the Service can change their cookie settings at any time. These settings can be changed in particular to block the automatic handling of cookies in the web browser settings or inform about each placement of cookies on the User’s device. Detailed information on the possibilities and ways of handling cookies is available in the software settings (web browser).

 

IX. Purposes for which Cookies are Used

The Administrator uses its own Cookies for the following purposes:

• Service configuration: adjusting the content of the Service’s websites to the User’s preferences and optimizing the use of the Service’s websites;
• Recognizing the User’s Device and its location and appropriately displaying the website, tailored to the User’s individual needs;
• Remembering the settings selected by the User and personalizing the User’s interface, e.g., in terms of the selected language or region from which the User comes;
• Remembering the history of visited pages within the Service to recommend content; font size, website appearance, etc.; 
• Correct configuration of selected Service functions, allowing in particular the authentication of the browser session authenticity;
• Optimization and increase of the efficiency of services provided by the Administrator;
• Realizing processes necessary for the full functionality of websites, adjusting the content of the Service’s websites to the User’s preferences and optimizing the use of the Service’s websites. In particular, these files allow recognizing the basic parameters of the User’s Device and appropriately displaying the website, tailored to their individual needs;
• Correct handling of the affiliate program, allowing in particular the verification of sources of Users’ redirections to the Service’s websites;
• Remembering the User’s location, correct configuration of selected Service functions, enabling in particular the delivery of information adjusted to the User’s location;
• Analysis and research, and audience audit, creating anonymous statistics that help understand how Users of the Service use the Service’s websites, enabling the improvement of their structure and content;
• Ensuring the security and reliability of the service.

 

X. Options for Specifying Conditions for Storing or Accessing Cookies

The User can independently and at any time change the settings regarding cookies, specifying the conditions for storing and accessing cookies on the User’s Device. Changes to the settings, mentioned in the preceding sentence, the User can make through the web browser settings or through the service configuration. These settings can be changed, in particular, to block the automatic handling of cookies in the web browser settings or inform about each placement of cookies on the User’s device. Detailed information on the possibilities and ways of handling cookies is available in the software settings (web browser).

Cookies placed on the end device of the User of the Service may also be used by partners cooperating with the operator.

The User can delete cookies at any time using the available functions in the web browser they use.

Limiting the use of cookies may affect some of the functionalities available on the Service’s website.

See how to disable the cookie mechanism:

In Chrome browser
In Firefox browser
In Opera browser
In Safari browser

 

XI. Final Provisions

1. The Administrator reserves the right to update the content of the Privacy Policy.
2. The Administrator reserves the right to withdraw or change the content presented on the site without notice. The Administrator is not responsible if for any reason beyond the Administrator’s control, the Site is unavailable at any time or for any period.
3. The Administrator reserves the right to occasionally limit access to certain parts of the Site in connection with maintenance work or updating the Site.
4. The Privacy Policy comes into effect on the approval date, March 11, 2024.
5. In matters not regulated in the Privacy Policy, concerning its subject, and in the case of inconsistency of any part of the Privacy Policy with applicable law, the relevant provisions of Polish law shall apply, in particular: 

1. the Act of April 23, 1964, – Civil Code, 
2. the Act of March 2, 2000, on the protection of certain consumer rights and on liability for damage caused by a dangerous product, 
3. the Act of July 27, 2002, on special conditions of consumer sales and amendments to the Civil Code, 
4. the Act of July 18, 2002, on the provision of electronic services (hereinafter referred to as the UŚUDE), 
5. the Act of May 10, 2018, on personal data protection, 
6. GDPR.