PRIVACY POLICY DOCUMENT

§1 General Provisions

  1. By using our services, you entrust us with your information. This Privacy Policy serves only to help you understand what information and data are collected, for what purposes, and how we use them. This data is very important to us, so please read this document carefully, as it defines the principles and methods of processing and protecting your personal data. This document also defines the rules for the use of "Cookies."
  2. We hereby declare that we comply with the principles of personal data protection and all legal regulations provided for in the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  3. The person whose personal data is processed has the right to contact us to obtain comprehensive information on how we use their personal data. We always strive to provide clear information about the data we collect, how we use it, the purposes for which it is to be used, and to whom it is transferred. We also provide information about the institutions to contact in case of any doubts.
  4. The Seller uses technical measures such as: physical protection measures for personal data, hardware measures for IT and telecommunications infrastructure, security measures within software tools and databases, and organizational measures to ensure adequate protection of processed personal data. In particular, they protect personal data against unauthorized disclosure to third parties, unauthorized acquisition and use for unknown purposes, as well as accidental or intentional alteration, loss, damage, or destruction of such data.
  5. Under the terms set forth in this document, we have exclusive access to the data. Access to personal data may also be entrusted to other entities through which payments are made, which collect, process, and store personal data in accordance with their Terms and Conditions, and entities tasked with fulfilling orders. Access to personal data is granted to the above-mentioned entities to the extent necessary and only to the extent necessary to ensure the provision of services.
  6. Personal data is processed only for the purposes to which you have consented by clicking on the appropriate fields in the form provided on the Website or in another express manner. The legal basis for the processing of your personal data is your consent to the processing of data or the requirement to provide a service (e.g., ordering a Product) that you have ordered from us (pursuant to Article 6 paragraph 1 letters a and b of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - GDPR).

§2 Privacy Policy

  1. We take privacy seriously. We are characterized by respect for privacy and the fullest possible and guaranteed convenience in using our services.
  2. We value the trust that Users place in us by entrusting us with their personal data to fulfill their order. We always use personal data fairly and in such a way as not to betray this trust, only to the extent necessary to fulfill the order in including its processing.
  3. You have the right to obtain clear and complete information about how we use your personal data and for what purposes it is required. We always clearly inform you about the data we collect, how and to whom we transfer it, and provide information about the entities you should contact in case of doubts, questions, or comments.
  4. If you have any doubts regarding our use of your personal data, we will immediately take steps to clarify and dispel such doubts, and we will fully and exhaustively answer all related questions.
  5. We will take all reasonable steps to protect your data against improper and uncontrolled use and to secure it comprehensively.
  6. The controller of your personal data is PROPERART Ernest Kuziorowicz, ul. Bohaterów Katynia 55, 42-208 Częstochowa, NIP 5732773170.
  7. The legal basis for the processing of your personal data Article 6 paragraph 1 letter b) of the GDPR applies. Providing data is not mandatory, but necessary to take appropriate steps prior to concluding the contract and its implementation. We will transfer your personal data to other recipients entrusted with the processing of personal data on our behalf and for our benefit. Your data will be transferred pursuant to Article 6(1)(f) of the GDPR, where the legitimate interest is the proper performance of contracts/orders. Furthermore, we will share your personal data with other business partners. We store the collected personal data within the European Economic Area ("EEA"), but it may also be transferred to a country outside of this area and processed there. Each personal data transfer operation is performed in accordance with applicable law. If data is transferred outside the EEA, we use standard contractual clauses and the Privacy Shield as safeguards in relation to countries for which the European Commission has not determined an adequate level of data protection.
  8. Your personal data related to the conclusion and performance of a contract will be processed for the duration of the contract, as well as for a period no longer than required by law, including the provisions of the Civil Code and the Accounting Act, i.e., no longer than 10 years from the end of the calendar year in which the last contract was performed.
  9. Your personal data processed for the conclusion and performance of future contracts will be processed until you object.
  10. You have the right to: access your personal data and receive a copy of the personal data being processed; rectify inaccurate data; request erasure of data (right to be forgotten) in the event of the circumstances specified in Article 17 of the GDPR; request restriction of data processing in the cases specified in Article 17 of the GDPR. 18 GDPR, object to data processing in the cases indicated in Art. 21 GDPR, and transfer the data provided, processed by automated means.
  11. If you believe that your personal data is being processed unlawfully, you may lodge a complaint with the supervisory authority (Urząd Ochrony Danych Osobowych, ul. Stawki 2, Warsaw). If you require additional information regarding personal data protection or wish to exercise your rights, please contact us by mail at the correspondence address.
  12. We make every effort to protect against unauthorized access, unauthorized modification, disclosure, and destruction of the information in our possession. In particular:
  1. We control the methods of collecting, storing, and processing information, including physical security measures, to protect against unauthorized system access.
  2. We grant access to personal data only to those employees, contractors, and representatives who need to have access. Furthermore, they are contractually obligated to maintain strict confidentiality, to allow us to monitor and verify their compliance with their obligations, and may face consequences for failure to fulfill these obligations.
  1. We will comply with all applicable data protection laws and regulations and cooperate with data protection authorities and authorized law enforcement agencies. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, rules of social coexistence, and established customs.
  2. The detailed method of personal data protection is set out in the personal data protection policy (DPA: security policy, personal data protection regulations, IT system management instructions). For security reasons, due to the procedures described therein, it is available only to state inspection authorities.
  3. If you have any questions about how we handle personal data, please contact us via the page from which you were redirected to this Privacy Policy. Your contact request will be immediately forwarded to the appropriate designated person.
  4. You always have the right to notify us if:
  1. You no longer wish to receive information or messages from us in any form;
  2. You wish to receive a copy of your personal data held by us;
  3. You wish to correct, update, or delete your personal data held in our records;
  4. You wish to report violations, improper use, or processing of your personal data.
  1. To make it easier for us to respond or respond to the information you have provided, please provide your name and surname and further details.

§3 Scope and purpose of collecting personal data

  1. We collect and process the necessary personal data using the form on the website to provide services and for accounting purposes, and only for such purposes. and:
  1. to place an order,
  2. to handle inquiries via the contact formy
  3. providing ordered services
  4. presenting offers or information
  5. for the purpose of concluding a contract, handling complaints, and withdrawing from the contract,
  6. issuing a VAT invoice or other receipt.
  7. monitoring traffic on our websites;
  8. collecting anonymous statistics to determine how users use our website;
  9. determining the number of anonymous users of our websites.
  10. controlling how often selected content is displayed to users and what content is most frequently displayed;
  11. analyzing newsletter subscriptions and contact options;
  12. using a communication tool for both email and, subsequently, telephone communication;
  13. integration with social media portals;
  14. possible online payments.
  15. Debt collection receivables
  1. We collect, process, and store the following user data:
  1. name and surname,
  2. residence address,
  3. delivery address (if different from the address of residence),
  4. tax identification number (NIP),
  5. e-mail address,
  6. telephone number (mobile, landline),
  7. information about the web browser used,
  8. other personal data voluntarily provided to us.
  1. Providing the above data is completely voluntary but also necessary for the full provision of services.
  2. Purpose of data collection and processing or use by us:
  1. direct marketing, archiving purposes of advertising campaigns;
  2. fulfillment of obligations imposed by law by collecting information about undesirable activities;
  3. those inherent in the implementation and provision of services, providing you with the Product, and those related to the need to ensure your participation in activities related to the Website. (We collect and use data in particular to contact people who have ordered and use the Product, people who participate in events organized by us, or other forms of activity; this includes, for example, contact in the handling of complaints, evaluation of applications, etc.)
  4. to verify the quality of the services provided, to conduct market statistics, and for user profiling purposes (see Profiling and Cookies below).
  5. for commercial and promotional purposes (with the user's prior consent) (e.g., sending a newsletter to the email address provided by the user, sending the user commercial information about various products and services of ours and our trusted partners, sending information about various competitions and promotional campaigns of both ours and our trusted partners). Importantly, each consent to the processing of personal data in this manner is voluntary and we do not condition the use of our services on it; the scope of data use for marketing and commercial purposes depends on the consent of the individual user.
  1. We may transfer personal data to servers located outside the user's country of residence or to affiliated entities, third parties based in other countries, including countries within the EEA (European Economic Area, EEA – free trade area and Common Market, encompassing the countries of the European Union and the European Free Trade Association (EFTA)), for the purpose of processing personal data by such entities on our behalf in accordance with the provisions of this Privacy Policy and applicable laws, customs, and data protection regulations.
  2. We store your personal data for no longer than is necessary for the proper quality of service and no longer than is necessary to perform related activities specified in separate regulations (e.g., on accounting). With respect to marketing data, data will not be processed for longer than 3 years. Depending on the method and purpose of collection, we store data for the following purposes:
  1. fulfillment of obligations arising from legal, tax, and accounting regulations;
  2. Marketing activities – for the duration of the contract, granting separate consent to the processing of such data – until the completion of activities related to handling the transaction, your objection to such processing, or withdrawal of consent.
  3. Operational activities – until the statute of limitations on the obligations imposed by the GDPR and relevant national regulations expire, in order to demonstrate the reliability of personal data processing.
  1. Bearing in mind that in many countries to which this personal data is transferred, the same level of legal protection of personal data as in the user's country does not apply. User personal data stored in other countries In a given country, access may be granted, in accordance with the laws applicable therein, to, for example, courts, law enforcement authorities, and national security authorities, in accordance with the laws applicable in that country. Subject to lawful disclosure requests, we undertake to require entities processing personal data outside the user's country to take measures to protect the data in a manner adequate to the regulations of their domestic law.

§4 Cookie Policy

  1. We automatically collect information contained in cookies to collect user data. A cookie is a small piece of text that is sent to the user's browser and which the browser sends back upon subsequent visits to the website. They are primarily used to maintain sessions, e.g., by generating and returning a temporary identifier after login. We use "session" cookies, which are stored on the User's end device until they log out, exit the website, or close their web browser. We also use "persistent" cookies, which are stored on the User's end device for the period specified in the cookie parameters or until they are deleted by the User.
  2. Cookies customize and optimize the website and its offerings to meet the needs of Users through activities such as generating page view statistics and ensuring security. Cookies are also necessary to maintain the session after leaving the website.
  3. The Administrator processes the data contained in cookies each time visitors visit the website for the following purposes:
  1. optimizing the use of the website;
  2. securing the contact form on our website with the Google reCAPTCHA mechanism. Its purpose is to prevent data entry by robots. For this reason, the Operator may disclose to Google Inc. data such as: IP address, duration of the website visit, and mouse movements made by the user.
  3. identifying Service Users as currently logged in;
  4. adapting graphics, selection options, and any other content of the website to the individual preferences of the Service User;
  5. remembering data entered automatically and manually from Order Forms or login data provided by the visitor;
  6. collecting and analyzing anonymous statistics showing how the website is used in the administration panel and Google Analytics.
  7. creating remarketing lists based on information about preferences, behavior, use of the website, and interests, and collecting demographic data, and then sharing these lists in AdWords and Facebook Ads.
  8. creating data segments based on demographic information, interests, and preferences in the selection of viewed products/services.
  9. using demographic and interest data in reports. Analytics.
  1. The User may completely block and delete the collection of Cookies at any time using their web browser.
  2. Blocking the ability to collect Cookies on their device may hinder or prevent the use of certain website functionalities, to which the User is fully entitled, but must be aware of the functional limitations.
  3. A User who does not wish to use Cookies for the purpose described above may manually delete them at any time. For detailed instructions, please visit the website of the manufacturer of the web browser the User is currently using.
  4. More information about Cookies is available in the help menu of each web browser. Examples of web browsers that support the above-mentioned cookies:
  1. Internet Explorer Cookie Settings
  2. Chrome Cookie Settings
  3. Firefox Cookie Settings
  4. Opera Cookie Settings
  5. Safari Cookie Settings
  6. Android Cookie Settings
  7. Blackberry Cookie Settings
  8. iOS (Safari) Cookie Settings
  9. Windows Phone Cookie Settings

§5 Rights and Obligations

  1. We have the right, and in cases specified by law also the statutory obligation, to provide selected or all information concerning personal data to public authorities or third parties who submit such a request for information based on applicable Polish law.
  2. In certain situations, the Controller has the right to transfer your personal data to other recipients if it is necessary for the performance of the above-mentioned tasks. to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to such groups of recipients such as Authorized Employees and Associates who use the data to operate the website and provide services, in particular accounting services and subcontractors.
  3. The User has the right to access the content of their personal data provided, the User may correct and supplement this data at any time, and also has the right to request that it be deleted from their databases or that its processing be discontinued, without providing any reason. In order to exercise your rights, the User may at any time send a relevant message to the email address or in another way that will deliver/transmit such a request.
  4. The processing of personal data of natural persons who are our customers is based on:
  1. legitimate interest as a data controller (e.g., in the scope of creating a database, analytical and profiling activities, including activities related to the analysis of product use, direct marketing of own products, securing documentation for the purpose of defending against potential claims or for the purpose of pursuing claims)
  2. consent (including, in particular, consent to email marketing or telemarketing)
  3. performance of the concluded contract
  4. obligations arising from the law (e.g., tax law or accounting regulations).
  1. The processing of personal data of natural persons who are potential customers is based on:
  1. consent (including, in (in particular, consent to email marketing or telemarketing)
  1. A request from the User to delete personal data or cease its processing by may result in the complete impossibility of providing services or their serious limitation.
  2. We undertake to act in accordance with applicable legal provisions and principles of social coexistence.
  3. Information on out-of-court settlement of consumer disputes. The authorized entity within the meaning of the Act on out-of-court settlement of consumer disputes is the Financial Ombudsman, whose website address is: www.rf.gov.pl.
  4. A complaint about the Controller's actions may be filed with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.

§6 Basic security principles

  1. The login and personal data entry areas are protected in the transmission layer (SSL certificate). As a result, personal data and login details entered on the website are encrypted on the user's computer and can only be read on the target server.
  2. Every user should take care of their own data security and the security of their devices used to access the internet. Such devices should absolutely have antivirus software with a regularly updated database of definitions, types, and kinds of viruses, a secure version of the web browser they use, and an enabled firewall. Users should check whether the operating system and programs installed on them have the latest and compatible updates, as attacks exploit bugs discovered in installed software.
  3. Access data to services offered on the internet—e.g., logins, passwords, PINs, electronic certificates, etc.—should be secured in a place inaccessible to others and impossible to hack from the internet. They should not be disclosed or stored on a device in a form that allows unauthorized access and reading by unauthorized persons.
  4. Be cautious when opening strange attachments or clicking links in unexpected emails, e.g., from unknown senders or from the spam folder.
  5. It is recommended to run anti-phishing filters in your web browser, i.e., tools that check whether the displayed website is authentic and is not intended to scam you, for example, by impersonating a person or institution.
  6. Files should only be downloaded from trusted sites, services, and websites. We do not recommend installing software from unverified sources, especially from unknown publishers with unverified reputations. This also applies to mobile devices, such as smartphones and tablets.
  7. When using your home Wi-Fi network, you should set a password that is secure and difficult to crack. It should not be any pattern or string of characters that are easy to guess (e.g., street name, host's name, date of birth, etc.). It is also recommended to use the highest possible Wi-Fi encryption standards that are possible on your device, e.g., WPA2.

§7 Using Social Media Plugins

  1. So-called plug-ins from social media portals like facebook.com and Twitter and others may be found on our websites. The related services are provided by Facebook Inc. and Twitter Inc., respectively.
  2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. To view Facebook plugins, go to: https://developers.facebook.com/docs/plugins
  3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view Twitter plugins, go to: https://dev.twitter.com/web/tweet-button
  4. The plugin only transmits information to its provider about which of our websites you accessed and at what time. If you are logged in to your account, e.g., Facebook or Twitter, while viewing or using our website, the provider is able to combine your interests, information preferences, and other data obtained, for example, by clicking the Like button, leaving a comment, or entering your profile name in search results. This information will also be transmitted directly to the provider by your browser.
  5. More detailed information about the collection and use of data by Facebook or Twitter and about privacy protection can be found on the following websites:
  1. Data protection/privacy advice issued by Facebook: http://www.facebook.com/policy.php
  2. Data protection/privacy advice issued by Twitter: https://twitter.com/privacy
  1. To prevent Facebook or Twitter from recording your visit to our website, you must log out of your account before browsing our website.

§8 Hosting

  1. The website is hosted (technically maintained).
  2. Company hosting company:
  • applies data loss protection measures (e.g., disk arrays, regular backups),
  • applies adequate measures to protect processing sites in the event of fire (e.g., special fire extinguishing systems),
  • applies adequate measures to protect processing systems in the event of a sudden power failure (e.g., dual power lines, generators, UPS systems),
  • applies physical means to protect access to data processing sites (e.g., access control, monitoring),
  • applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g., environmental control, specialized air conditioning systems),
  • applies organizational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.),
  • has appointed a Data Protection Officer.
  1. To ensure technical reliability, the hosting company maintains logs at the level The following may be recorded:
  • resources specified by the URL identifier (addresses of requested resources – pages, files),
  • request arrival time,
  • response sending time,
  • name of the client station – identification performed by the HTTP protocol,
  • information about errors that occurred during the execution of the HTTP transaction,
  • URL address of the page previously visited by the user (referrer link) – in the case when the Website was accessed via a link,
  • information about the user's browser,
  • IP address information,
  • diagnostic information related to the process of self-service ordering through registers on the website,
  • information related to the handling of e-mail addressed to the Operator and sent by Operator.