1. Principles of personal data processing and website operation

​

1. The website available at www.thesoc2.com (hereinafter referred to as "the Website") is managed by ITGRC Advisory Ltd., with its registered office at 590 Kingston Road, London, United Kingdom, SW20 8DN, company number: 12435469. As the Website operator, we also act as the Data Controller.

​

2. For matters related to the Website operation and personal data processing, we encourage you to contact us electronically at: office@itgrcadvisory.com.

​

3. We ensure that all personal data processed within the Website is treated with the utmost care and in accordance with applicable laws. The information you voluntarily provide to us while using the Website is used for strictly defined purposes, such as:

​

• Enabling interaction through the comment system,

• Efficient handling of inquiries submitted via contact forms,

• Presentation of current offers and relevant information.

​

4. Data collection about users and their activity on the Website is conducted in two ways:

​

1. Through information that you consciously and voluntarily enter in forms available on the Website. This data is then processed in our IT systems.

2. Through cookies that are saved on users' end devices. This mechanism allows us to analyze how the Website is used and adapt its functionality to users' needs.

​

2. Data protection mechanisms

​

To ensure the security of your personal data, we have implemented advanced technical and organizational solutions. Our approach to information protection is based on two key pillars:

​

1. Data transmission encryption

​

All areas of the Website where personal data is entered or login occurs are secured using the SSL (Secure Socket Layer) protocol. This advanced encryption technology ensures that information entered by the user on the page is immediately encoded before leaving the user's device. The decryption process only takes place on our destination server, which practically eliminates the risk of data interception by unauthorized entities during transmission.

​

2. Continuous improvement of IT infrastructure

​

The second element of our security strategy is a systematic update policy. It covers all software components used in the personal data processing. We pay particular attention to regular updates of programming modules, which allows us to quickly respond to emerging threats and security vulnerabilities.

​

3. Technical infrastructure and system data collection

​

1. Ensuring stable and secure operation of our Website requires cooperation with a professional hosting service provider. In this regard, we use the infrastructure of Wix.com Ltd., which is responsible for the technical maintenance of servers supporting our platform.

​

2. As part of standard procedures for ensuring technical reliability, our hosting partner conducts detailed activity logging at the server level. This process includes gathering system information that may contain:

​

1. Detailed URL addresses of resources being accessed,

2. Precise timestamps of incoming requests and outgoing responses,

3. Client station identifiers (as per HTTP protocol),

4. Reports on any errors occurring during HTTP transactions,

5. URL addresses of pages from which redirections to our Website occurred,

6. Characteristics of users' web browsers,

7. IP addresses of devices connecting to the Website,

8. Diagnostic data related to self-registration processes and service ordering,

9. Metadata concerning electronic correspondence handled by our systems.

​

4. User rights and principles of personal data processing

​

In the interest of transparency and compliance with applicable regulations, we would like to present key information regarding the processing of your personal data and your rights.

​

1. Sharing of personal data

​

In certain cases, when it is necessary to fulfill a contract with you, comply with legal obligations arising from the law, or protect our legitimate interests, we may transfer your personal data to selected external entities, such as:

​

• Hosting Service Providers: Personal data may be transferred to external entities only on the basis of a data processing agreement, which clearly defines the rules for their processing and obligations regarding personal data protection, in accordance with applicable laws. This data may be transferred, for example, to hosting service providers to ensure the safe and stable operation of our Website.

• Comment System Providers: Data may be transferred to enable users to use and manage the comment features on the site.

• Marketing Service Companies: Data may be transferred for the purpose of conducting marketing campaigns and tailoring advertising content to your preferences, only based on your expressed consent or within the framework of legitimate interests.

​

2. Data retention period

​

Your personal data is stored for the period necessary to achieve specific purposes, in accordance with applicable laws and based on your consent. In the case of data used for marketing purposes, this data will be processed until you withdraw your consent or until the processing purposes are achieved.

​

The retention period for personal data depends on the type of data processed and the purpose of processing. For example, data stored for marketing purposes will be processed until the user withdraws consent, while data necessary for contract execution will be kept for the duration of the contracts and for the time required by law. The standard data retention period may be 3 years, unless otherwise specified.

​

3. User rights

​

You have a number of rights regarding your processed personal data, including:

​

• Right of access to data,

• Right to rectification of data,

• Right to erasure of data,

• Right to restriction of processing,

• Right to data portability,

• Right to object to processing, especially for marketing purposes.

​

4. Voluntary provision of data

​

Providing personal data is voluntary, but in some cases, it may be necessary to use certain features of our Website, such as using contact forms. Users have the right to refuse to provide data, but this may prevent the use of the full functionality of the Website.

​

5. Withdrawal of consent for personal data processing

​

The user has the right to withdraw consent for the processing of their personal data at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. To withdraw consent for personal data processing, please follow these steps:

​

1. Notification of Consent Withdrawal: The user can withdraw consent by sending an email to: office@itgrcadvisory.com. The message should contain information allowing for user identification (e.g., full name, email address used when giving consent).

2. Confirmation of Consent Withdrawal: Upon receiving the notification of consent withdrawal, we will send the user an email confirming receipt of such request. This process may take up to 7 business days.

3. Deletion of Personal Data: After withdrawing consent for personal data processing, this data will be promptly deleted from our systems. If the data was transferred to external entities before the withdrawal of consent, we commit to informing these entities about the necessity to delete the data. However, please note that each external entity has its own privacy policy and procedures related to data deletion. For detailed information, we encourage you to familiarize yourself with the privacy policies of these entities.

4. Cessation of Marketing Processes: In case of withdrawing consent for personal data processing for marketing purposes, all marketing processes will be halted, and the user will stop receiving any marketing content from us.

​

Additional Information: If you have any questions regarding the procedure for withdrawing consent for personal data processing, please contact us via email at: office@itgrcadvisory.com.

​

6. Collection and processing of data from forms

​

Our approach to collecting information through forms is based on the principles of transparency and voluntariness. Here are the key aspects of this process:

​

1. Technical aspects of connection

​

To ensure the security and optimize the operation of the Website, we may record certain technical parameters of the connection, such as timestamp or IP address. This data is used solely for administrative and analytical purposes.

 

2. Purpose of processing form

​

Data Information provided in forms is processed in accordance with a clearly defined purpose, which directly results from the function of a given form. This may include:

​

• Handling service requests,

• Establishing business contact,

• Registration of services,

• Other purposes, each time clearly specified in the context of a given form.

​

3. Transparency of intentions

​

We make every effort to ensure that the context and description of each form clearly and unambiguously inform about its purpose. Our goal is to provide users with full awareness of why they are providing us with their data.

​

4. Security and confidentiality

​

All data submitted through forms is treated as confidential and subject to rigorous protection procedures in compliance with applicable personal data protection regulations.

​

7. Cookie usage policy

​

Our approach to using cookies is based on the principles of transparency and respect for user privacy. Cookies are small pieces of data, usually in the form of text files, stored on the user's device while browsing websites. They typically contain information about their source, storage time, and a unique identifier.

​

1. Types of cookies used

​

Session cookies: Temporary files deleted after the browsing session ends.
Persistent cookies: Stored for a longer, specified time or until manually deleted by the user.

​

2. Third-party cookies

​

Our Website may use cookies placed by external entities (so-called "third-party cookies"), including analytical cookies used to monitor website traffic and analyze user behavior. Analytical cookies, such as Google Analytics, allow us to better understand how the Website is used and improve its functionality, but may collect data such as anonymous identifiers, time spent on the site, or user preferences. Users can control analytical cookies through browser settings or tools provided by analytics service providers.

​

These files enable traffic analysis on the site, better tailoring of advertising content to user preferences, and integration with social media services. Details of third-party cookies that may be used on our Website include:

​

1. Google Analytics (Google Inc., USA)

   • Purpose: Analysis of site traffic statistics, optimization of Website content and functionality.

   • Storage period: Dependent on Google settings, typically from 30 days to 2 years.

2. Google Ads (Google Inc., USA)

   • Purpose: Tailoring advertising content to user preferences.

   • Storage period: Dependent on Google settings, typically from 30 days to 1 year.

3. Facebook Pixel (Facebook Inc., USA)

   • Purpose: Targeting ads on Facebook and analyzing the effectiveness of marketing campaigns.

   • Storage period: Dependent on Facebook settings, typically from 90 days to 1 year.

 

Data collected by third-party cookies may include information about site traffic, such as pages visited, time spent on the site, browser type, user location, and user preferences. This information is collected in a way that prevents direct identification of the user, however, it may be used for profiling based on anonymized demographic data, such as age or gender.

​

Detailed information about privacy policies and data processing principles by third parties can be found on the following pages: Google Analytics Privacy Policy, Google Ads Privacy Policy, Facebook Data Policy.

​

3. Control over cookies

​

Most internet browsers accept cookies by default. However, users have full control over these settings and can:

​

• Delete existing cookies,

• Block the acceptance of new cookies,

• Configure the privacy level according to their own preferences. Detailed instructions on managing cookies can be found in the documentation of the internet browser being used.

​

4. Impact on website

​

Functionality It's worth noting that limiting or disabling cookie handling may affect some functionalities available on our Website.

​

5. Cookie management

​

Instructions for Popular Browsers To adjust cookie settings, select the browser you use from the list below and follow the dedicated instructions:

​

Desktop browsers:

1. Microsoft Edge

2. Internet Explorer

3. Google Chrome

4. Apple Safari

5. Mozilla Firefox

6. Opera

​

Mobile browsers:

1. Android (various browsers)

2. Safari (iOS)

3. Windows Phone

​

Due to the diversity of devices and frequent software updates, detailed instructions for each browser may change. We encourage you to visit the official websites of browser manufacturers, where you will find the most up-to-date information and guides.

​

We recommend periodically checking and updating your cookie preferences. This will allow you to continuously adjust your privacy level to changing needs and expectations.