1 General provisions
2 Rules of personal data processing
3 Legal basis for processing personal data
4 Scope of personal data processing
5. Handling personal data
6. Rights of the data subjects
1.1 The administrator of personal data is System – Barosz Gwimet Sp. z o.o., 7 Marklowicka, 44-300 Wodzisław Śląski, NIP: 6342298164 (hereinafter referred to as “Administrator”).
1.2 Personal data shall be processed in accordance with generally applicable laws, including in particular Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016 (hereinafter referred to as the “GDPR”).
1.3 Please send any questions, requests and comments regarding privacy protection to the e-mail address: firstname.lastname@example.org.
Rules of personal data processing
2.1 While processing personal data, the Administrator applies the following rules:
2.1.1 Legitimacy – the processing of personal data may take place only if at least one of the prerequisites provided for by law exists;
2.1.2 The advisability – for the data to be processed, there must be a specific, clear and legally justified purpose. If the processing serves different purposes, consent/legal basis for all purposes is required.
2.1.3 Adequacy – we process only those data that are necessary for the purpose of their collection;
2.1.4. Substantive correctness – the Administrator is obliged to ensure that the data collected by him/her is correct and, if necessary, updated. They should assess the reliability of the source of data collection and implement a method of verifying the authenticity of the processed data;
2.1.5. Time frame – the principle of data storage limitation – we do not process data longer than it is necessary. In practice, the Administrator makes an individual, specific assessment of how long they should process personal data. The storage period depends on many variables.
2.1.6 Data integrity and confidentiality – personal data shall be secured by means of appropriate technical and organizational measures. The Administrator takes the utmost care to protect the information provided against any threats.
Legal basis for personal data processing
3.1 According to the above mentioned principle of legitimacy, the processing of personal data may take place only if at least one of the conditions provided by law exists.
3.2 The Administrator shall be entitled to process personal data if one of the presented situations occurs:
3.2.1. the subject whose data are to be processed has consented to the processing of personal data for one or more specified purposes (art. 6.1.a of GDPR). On that basis, the Administrator will process personal data, in particular to provide the newsletter;
3.2.2. processing is necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject before concluding the contract (Art. 6.1.b GDPR). On that basis, the Administrator will process personal data, in particular, for the purpose of providing electronic services or realisation of other services;
3.2.3. the processing is necessary to fulfill the legal obligation imposed on the Administrator (Art. 6.1.c of GDPR). On that basis, the Administrator will process personal data, in particular for the purpose of issuing invoices, fulfilling the accounting obligations;
3.2.4. processing is necessary for the purposes resulting from legally justified interests pursued by the Administrator (Article 6.1.f of GDPR). On that basis, the Administrator shall process personal data, in particular, in order to assert claims, keep statistics.
Scope of personal data processing
The Administrator processes the following categories of personal data:
4.1 Personal data of persons who joined the newsletter
4.1.1. The Administrator processes those data in order to provide cyclical information on updated news to the given electronic address.
4.1.2 Personal data shall include
18.104.22.168. first and last name
22.214.171.124. e-mail address,
4.1.3 The provision of personal data is always voluntary. Your consent may be revoked at any time.
4.1.4 The personal data processed on the basis of the consent shall be used by the Administrator for the time specified in the consent, and in any case until its revocation. Upon withdrawal of consent, the basis for their further use ceases to exist.
4.2 Data of persons contacting the Portal
4.2.1 The Administrator processes the data in order to be able to respond to questions, requests or comments formulated through available channels
4.2.2. That data may include, depending on the situation:
126.96.36.199. first and last name,
188.8.131.52. e-mail address,
184.108.40.206. telephone number,
220.127.116.11. IP address
4.2.3 The provision of personal data is voluntary. However, refusal to provide it (or providing unreliable, untrue data) may prevent us from contacting and providing the expected answers.
4.3 Personal data of persons using the Comments module
4.3.1 The Administrator processes those data in order to enable users to publish individual statements concerning the content visible in the Portal.
4.3.2 Personal data shall include:
18.104.22.168. electronic mail address,
4.3.3 The provision of personal data is always voluntary.
4.3.4 Personal data shall be processed for the time necessary to publish a comment.
The way of dealing with personal data
5.1 The Administrator uses personal data for the purpose for which they were obtained. Moreover, the data may be used for purposes resulting from legally justified interests pursued by the Administrator, such as
5.1.1. detecting and preventing abuse,
5.1.2. determining, defending and pursuing claims,
5.1.3. the creation of summaries, analyses and statistics
5.2 Processed personal data will never fall into the wrong hands. They will not be traded. However, they may be transferred:
5.2.1. to entities/bodies authorized under the law,
5.2.2. entities to whom the provision of personal data is necessary for the performance of a specific activity (e.g. accounting services, making payments, IT services)
5.3 All entities which may come into contact with personal data, under separate regulations, have been obliged to carefully secure them, keep them confidential, not to disclose them to unauthorized persons.
5.4 The Administrator does not use automated profiling.
5.5 Personal data shall not be processed outside the EEA (European Economic Area).
Rights of the data subjects
6.1 As a rule, the persons whose data are processed have the right to:
6.1.1. access and rectify their data,
6.1.2. delete their data,
6.1.3. limit personal data processed,
6.1.4. transfer data or obtain a copy of them,
6.1.5. withdraw the consent at any time without affecting the lawfulness of processing,
6.1.6. raise objections to the processing of personal data.
6.2 The detailed conditions for exercising the aforementioned rights are set out in Articles 15-21 of the GDPR.
6.3 In order to exercise the rights described above, please contact: email@example.com.
6.4 Each application will be duly recognized by the Administrator and will be answered.
6.5 The rights described above are not absolute (in practice, it may happen that despite receiving a request, the Administrator will not be able to delete, for example the data, because, according to the letter of the law, their processing will still be necessary).
6.6 The data subjects also have the right to lodge a complaint with the President of the Office for Personal Data Protection, in particular if the processing of personal data violates the provisions of the GDPR.
7.1.1. cookie files necessary to ensure usability of the Portal, operation of its basic functions.
7.1.2. cookies for statistical purposes (include anonymous information on the number of users, their behaviour)
7.1.3. cookies for marketing purposes. Cookies make advertising campaigns more effective. Their use makes it easier for advertisers to reach the right audience. Such data is collected through services provided by Google Inc.
7.2 Detailed information about Google Inc. policies.
7.3 Cookies are in no way linked or associated with other information provided by users.
7.4 The Portal users have the right to disable cookies (all or particular types) in the browser settings. Using the Portal without changing these settings will be treated as a clear confirmation action.
7.5 Note: resignation from cookies for marketing purposes will not cause the advertisements to stop being displayed. The advertisements will still be visible, but they will not be of a customized nature.