telephone: +48 698 645 948
The Controller has appointed the Data Protection Officer.
- The data subjects may contact the Data Protection Officer, Mateusz Pinkiewicz, in relation to all issues connected with processing of their personal data as well as with exercising of the rights vested to them in compliance with the personal data protection provisions via e-mail: firstname.lastname@example.org.
- The data is processed for the purposes of service performance, including for performance of a contract and sales of products, as well as in the cases when it is necessary for fulfilment of legitimate purposes of the data Controller, in particular for the purposes of direct marketing of own products or services, or for other purposes that the User expresses their consent to, if it is required in compliance with applicable legal provisions. In particular, it may be consent to receipt of correspondence and commercial information relating to own products and services of the Controller as well as to the products and services of the partners cooperating with the Controller, sent electronically and via the telephone. The data subject is entitled to withdraw the consent at any time.
- The Controller processes the data in compliance with the law, collects it for specified lawful purposes and does not subject it to further processing being incompliant with these purposes. The data is being collected solely in adequate, needed and necessary scope in relation to the purposes, for which it is being processed. The Controller does not process special categories of personal data. Provision of the data is voluntary yet necessary for performance of services.
- The Controller makes all efforts in order to protect the personal data of the Customers and Users against unauthorised access of third parties thereto and in this field applies high-level organisational and technical security measures. The Controller does not provide the personal data to any unauthorised recipients. The Controller may entrust processing of personal data on behalf of the Controller to another entity, in the course of a written contract. The data may be provided solely to the entities being entitled to receive it under mandatory rules of the law.
- The Controller stores the data for the period being necessary for performance of the contract and for definite time determined in applicable legal provisions and not for longer than it is necessary for the purposes resulting from legitimate interests pursued by the Controller or by a third party, i.e. inter alia in order to pursue claims on account of the conducted activity. For the purposes, for which the data subject has expressed consent to the processing of their personal data, this data is stored to the time of consent withdrawal.
- The data subject has the right to request access to the content of their personal data from the Controller, the right to rectify it, to erase it or to limit its processing as well as the right to object against its processing in the statutorily determined cases and the right to data portability. The data subject has also the right to lodge a complaint to the supervisory authority in case of ascertainment of unlawful processing of their personal data. If the data subject has expressed their consent to the processing of their personal data for one or more specific purposes, they have the right to withdraw the consent at any time without any impact on the lawfulness of the processing of this data which was performed on the basis of the consent before its withdrawal.
- Provision of the personal data is voluntary but non-provision of the data marked as necessary prevents Registration or Order placement. If the processing is necessary for performance of a contract that the data subject is a party to or for taking of actions upon the request of the data subject before contract conclusion, provision of the needed and specific scope of data is necessary.
- In order to provide the most favourable, tailor-made and personalised offer for its Customers and Users as well as for the purposes being necessary for conclusion or performance of a contract between the data subject and the Controller and also in case of an express consent of the data subject, the Controller may apply ‘profiling’ which means a form of automated personal data processing, consisting in use of personal data for assessment of some personal factors of a natural person, in particular for analysis or forecast of aspects relating to personal preferences and interests. The decisions as to sending of a personalised offer or another benefit are made automatically on the basis of such criteria as sex, date of birth, website addresses, in which the actions were performed, number and frequency of performed actions. After determination of meeting of the criteria, the IT system automatically sends information on the granted benefit, e.g. a discount. The granted benefit may be used according to the principles determined in the information on its granting or resigned from. In case of data processing for the purposes of direct marketing, including profiling, processing based on legitimate interest of the Controller, for the purposes of scientific, historical and statistical research, the data subjects have the right to object against data processing due to special situation of the data subject. The Controller does not make any decision that is based solely on automated processing, including profiling, and significantly affects the data subject. The Controller implements adequate measures for protection of the rights, freedoms and legitimate interests of the data subject and at least of the right to obtain human intervention from the side of the Controller, to express own standpoint and to question the decision being a result of automated data processing.