Protection of your personal data is very important to us. This document contains information on types of personal data collected by us, purposes for which the data will be used, the legal basis for processing of the data, types of cookie files used by us, and also the rights of the user.
We collect only necessary Personal Data and process the data in accordance with the regulations of the GDPR. Types of collected data, purposes for their collecting and the legal basis for the data processing will be described hereafter.
In order to allow the User to display the Website, we collect such Personal Data as the IP address and data gathered by cookie files. We process the data in order to provide the User with an electronic service – namely: providing the User with an access to the content of the Website. The legal basis for the Personal Data processing for this purpose is an obligation to perform a contract – Article 6 (1) (b) GDPR.
If the Website allows for posting comments by the Users, it will result in processing of the such Personal Data as your name and/or online nickname. The legal basis for the Personal Data processing as part of the system of comments is an obligation to perform a contract – Article 6 (1) (b) GDPR.
Moreover, in order to provide access to the Website, we may use your Personal Data to optimise your use of the Website, and also to ensure that the Website is displayed in a convenient and uninterrupted manner. The Personal Data may be also used for statistical and analytical purposes (e.g. Google Analytics), and also to guarantee a secure use of the Website (e.g. to detect bots and abuses). The legal basis for the Personal Data processing for these purposes is the legitimate interests pursued by the Controller – Article 6 (1) (f) GDPR.
The Website may redirect the User to our platform used to place b2b orders. The platform will process the Personal Data that are necessary for placing and managing orders. The legal basis for this is an obligation to perform a contract – Article 6 (1) (b) GDPR – and also compliance with a legal obligation to which the Controller is subject – Article 6 (1) (c) GDPR.
The User may contact us via an electronic contact form available on the Website, an e-mail, a telephone call, and also by means of instant messengers provided by social media. Contacting the Personal Data Controller requires submitting Personal Data necessary for us to contact the User and send answers to the User’s enquiries (in particular: your first name, surname, e-mail address, telephone number; your enquiry may contain also other types of data facilitating contacting you).
The legal basis for processing of the Personal Data provided by the User through an online contact form available at the Website is the consent given by the subject – Article 6 (1) (a) GDPR. In the case of the User contacting us via other communication channels, the legal basis are the legitimate interests pursued by the Controller – Article 6 (1) (f) GDPR.
The Website offers an option to subscribe to our Newsletter. Through the Newsletter, we will send to your e-mail address messages connected with our trade offer, and also information on new products or special price offers. In order to operate the Newsletter, we may use services of software providers specialized in mailings and newsletters.
Subscribing to the Newsletter requires sharing your Personal Data with us (e.g. first name, surname, e-mail). Refusal to provide the Data will disable the possibility to use this service.
The legal basis for processing of the Personal Data provided by the User in order to receive the Newsletter is the consent given by the subject – Article 6 (1) (a) GDPR.
We may process your Personal Data for purposes of direct marketing actions, which involve sending direct messages to selected individual customers, often in relation with their interests (e.g. behavioural advertising). We may also conduct other forms of analytical and statistical actions, and/or send you trade information by e-mail, and/or contact you by phone. We also predict a possibility that such messages will be send to you by post or delivery services. We may undertake also other legitimate actions that are required for purposes of signing a contract or initiating a cooperation. We perform such actions by ourselves or by dedicated IT tools (e.g. marketing automation).
The legal basis for processing of the Personal Data in order to perform direct marketing is the consent given by the subject – Article 6 (1) (a) GDPR – which may be withdrawn at any time.
As part of direct marketing, your Personal Data may be processed also through public profiles in social media, including Facebook, LinkedIn, YouTube, and Instagram, which are managed by us or on our behalf. Owners of the aforementioned social media publish on their websites rules of processing Personal Data. Therefore, we process Personal Data mainly of Users that visit our profiles, to which we have access in connection with comments, likes or as part of other interactions. We process the data in order to allow you to be active on our social profiles, to optimize administration of the profiles, to share information about products offered by us, events or contests organised by us, and as well for statistical and analytical purposes by means of tools provided by owners of the social media.
The legal basis for the Personal Data processing for these purposes is the legitimate interests pursued by the Controller – Article 6 (1) (f) GDPR.
At any time you may object to processing of your Personal Data for purposes of direct marketing, including profiling, to an extend to which this processing is related to direct marketing.
If you contact us by an online contact form, by e-mail or phone call in order to register a complaint concerning products offered by us, we will process only the Personal Data necessary for management of the claim. We may also ask you to provide other information necessary for managing the claim. The legal basis for processing your Personal Data for these purposes is compliance with a legal obligation to which the Controller is subject – Article 6 (1) (c) GDPR, and also the legitimate interests pursued by the Controller – Article 6 (1) (f) GDPR.
Both we, the Personal Data Controller, and the entities performing for us analytical, statistical and advertising services use Cookie Files in order to ensure the highest possible performance of the Website and adjust its content to needs of the User. We use the data collected in this process to optimize the Website, guarantee its security, and also for analytical and statistical purposes. However, the Cookie Files used by us do not allow us to receive direct information about the User’s identity.
You may manage the settings of the Cookie Files through your Internet browser. The most popular browsers offer various options, including accepting all Cookie Files, accepting only selected Cookie Files used on a given website, managing settings of different Cookie Files or blocking/deleting Cookie Files. Detailed information on managing settings of Cookie Files, including their blocking and deleting, is available in the settings of your Internet browser.
Changes in Cookie Files settings may negatively impact some features of the Website. If you do not change the settings of your Internet browser, Cookie Files will be stored at your end device. Changes to settings of the Internet browser may be introduced at any time.
We distinguish the following types of Cookie Files due to their life span:
We distinguish the following types of Cookie Files due to their purposes:
The legal basis for processing your Personal Data in connection with necessary and secure Cookie Files in order to allow you to use the Website is an obligation to perform a contract – Article 6 (1) (b) GDPR. The legal basis for processing your Personal Data in connection with all other types of Cookie Files is the consent given by the User – Article 6 (1) (a) GDPR.
The level of Personal Data protection outside the EEA differs from the one that is required by the EU law. Therefore, we share your Personal Data outside the EEA only when necessary, e.g. to guarantee the highest level of IT services or to ensure security of the Personal Data. As the Personal Data Controller, we make sure that entities from outside of the EEA, processing the Personal Data on our request, have access to the Data only in a scope that is necessary to perform their services and with a suitable level of security. Consequently, we cooperate with entities processing Personal Data in countries that the European Commission considers as guaranteeing an appropriate protection level for Personal Data; additionally, we use the standard agreement clauses as prescribed by the European Commission.
We may transfer your Personal Data to:
The Use has the following rights:
The aforementioned rights you may exercise exclusively in accordance with the applicable GDPR regulations.
We will process your Personal Data for a period not longer than necessary.
A period for which your Personal Data will be processed depends on the type of performed service and the purpose of processing. We will process your Personal Data during the period of performing a service (e.g. managing an order, answering an enquiry, subscribing to the Newsletter) until your consent is revoked or a valid objection to processing of your Personal Data was registered in cases when the legal basis for Personal Data processing is a legitimate interest of the Controller.
If processing of your Personal Data is necessary for establishing and pursuing potential claims, or for defending against such claims, then the processing period may be extended. After the period, we will process your Personal Data when it is allowed by current legal regulations and to an extend allowed in the regulations.
When the processing period expires, we will delete your Personal Data or make them anonymous.
With issues concerning your Personal Data you may contact us by e-mail at email@example.com or by sending a letter to the Personal Data Controller’s address – see: Point I.
We systematically analyse the risks involved in order to ensure that your Personal Data are processed by us in a secure way. We pay special attention to making sure that only authorised people have access to your Personal Data and only when necessary for tasks performed by them. We employ technical and organisational measures in order to: guarantee security of your Personal Data processing; prevent unauthorised people from accessing or acquiring the Data; prevent processing of the Data against the legal regulations concerning personal data protection; protect the Data against changing, losing or damaging them (for example through SSL certificates protecting data transmission, passwords listed in a secure database, changes of access passwords, software updates). When transferring or sharing the Personal Data with our subcontractors or cooperators we make sure that they also guarantee suitable security measures.