§1 GENERAL PROVISIONS
- The administrator of personal data collected via the website www.prignitz.pl is "PRIGNITZ - MEBLE POMORSKIE" LTD, registered in the Register of Entrepreneurs by the Szczecin-Center District Court in Szczecin, 13th Commercial Division of the National Court Register under KRS number: 0000155843 , NIP: 7781371159, REGON: 639697555, share capital PLN 150,000, place of activity and delivery address: ul. Pyrzycka 11, 74-240 Lipiany, e-mail address (e-mail): email@example.com, hereinafter referred as the "Administrator".
- Personal data collected by the Administrator via the website are processed in accordance with Regulation of the European Parliment and of the Council (EU) 2016/679 of 27 April 2016 regarding the protection of individuals with regard to the processing of personal data as well as the free movement of such data and repealing Directive 95/46 / EC (general regulation on data protection), hereinafter referred as the GDPR (RODO).
§2 TYPE OF PROCESSED PERSONAL DATA, PURPOSE AND SCOPE OF DATA COLLECTION
- PROCESSING PURPOSE AND LEGAL BASIS. The administrator processes personal data through the website www.prignitz.pl if users use the contact form. Personal data is processed as legally justified interest of the entrepreneur, pursuant to art. 6 par. 1 lit. f) GDPR (RODO).
- TYPE OF PROCESSED PERSONAL DATA. In case of the contact form, the user provides:
- name and surname,
- e-mail address,
- telephone number.
- PERIOD OF PERSONAL DATA ARCHIVISATION. Users' personal data is stored by the Administrator:
- in case when the basis of data processing is the performance of the contract, as long as it is necessary for the contract performance, and after this time through the period corresponding to the limitation of claims period. Unless a special rule provides otherwise, the period of limitation is six years, and for periodic benefits claims as well as conducting business activity claims - three years.
- in case when the basis of data processing is consent, until the consent is canceled, and after the consent is revoked - through the period of time corresponding to the claims limitation period that may be raised by the Administrator and which may be raised against him. Unless a special rule provides otherwise, the period of limitation is six years, and for periodic benefits claims as well as business conducting claims - three years.
Podczas korzystania ze strony internetowej mogą być pobierane dodatkowe informacje w szczególności: adres IP przypisany do komputera użytkownika lub zewnętrzny adres IP dostawcy Internetu, nazwa domeny, rodzaj przeglądarki, czas dostępu, typ systemu operacyjnego.
- While using the website, additional information may be downloaded, in particular: the IP address assigned to the user's computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
- Navigational data may also be collected from users, including information about links and references which they choose to click or about other activities undertaken on the website. The legal basis for this type of activities is the legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR (RODO), relying on facilitating the usage of services provided electronically and improving the functionality of these services.
- Providing of personal data by the user is voluntary.
- Personal data will also be processed in an automated way in the form of profiling, provided that the user consents to it on the basis of art. 6 par. 1 lit. a) GDPR (RODO). The consequence of profiling will be the assignment of a profile to particular person in order to take decisions regarding the person or to analyze, predict person’s preferences, behaviors and attitudes.
- The administrator takes special care to protect the interests of users whose data apply in particular ensures that the data collected by him are:
- processed in accordance with the law,
- collected for designated, legitimate purposes and not subjected to further processing incompatible with these purposes,
- substantially correct and adequate in accordance to the purposes in which they are processed and stored in a form that allows identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.
§3 PERSONAL DATA DISCLOSURE
- Users' personal data are provided to service providers used by the Administrator while running a website. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, or are the subject to the Administrator's purposes and data processing methods instructions (processors) or independently define the purposes and methods of their processing (administrators).
- Users' personal data is stored exclusively in the European Economic Area (EEA).
§4 RIGHT OF CONTROL, ACCESS AND CORRECTION OF OWN DATA CONTENTS
- The person that the data concerns has the right to access their personal data and the right to rectify, delete, limit processing, the right to data transfer, the right to raise objections, the right to withdraw consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
- User's legal basis:
- Access to data - art. 15 GDPR (RODO)
- Correcting data - art. 16 GDPR (RODO)
- Deletion of data (the so-called right to be forgotten) - art. 17 GDPR (RODO)
- Limitation of processing - art. 18 GDPR (RODO)
- Transfer of data - art. 20 GDPR (RODO)
- Raising objection - art. 21 GDPR (RODO)
- Withdrawal of consent - art. 7, 3 GDPR (RODO)
- In order to rights implementation referred in point 2, an appropriate e-mail message can be sent to: firstname.lastname@example.org.
- In case when user appears with permissions resulting from the above rights, the Administrator fulfills the request or refuses to meet it promptly, however not later than within one month after receiving it. However, if - due to the complexity of the request or the number of requests - the Administrator will not be able to meet the request within a month, it will meet them within the next two months after informing the user within one month from receiving the request - about the intended time extension and its reasons.
- If it is found that the processing of personal data violates GDPR regulations, the person that the data concerns has the right to lodge a complaint to the President of the Protection of Personal Data Office.
§5 "COOKIES" FILES
- The Administrator's website uses "cookies" files.
- Installing "cookies" is necessary for the proper services performance on the website. The "cookies" files contain information necessary for the proper functioning of the website, and they also give the opportunity to elaborate general statistics of website visits.
- The website uses two types of "cookies": "session" and "permanent".
- "Session" cookies are temporary files that are stored in the user's device until users log out (leaves the page).
- "Permanent" cookie files are stored in the user's device for the time specified in the "cookie" file parameters or until they are removed by the user.
- The administrator uses his own cookies to better understand user’s interactions within the site content. The files collect information about the way the user uses the website, the type of page from which the user was redirected, and the number of visits and the time of the user's visit to the website. This information does not record the user's specific personal data, but it is used to elaborate website usage statistics.
- The User has the right to decide about the access of "cookies" to his computer by selecting them in the window of his browser. Detailed information about the possibilities and ways of handling "cookies" are available in the software (web browser) settings.
§6 FINAL PROVISIONS
- The administrator uses proper technical and organizational measures to ensure that personal data being processed is protected against hazards and it is proper for protected data categories in particular, protects data against unauthorized access, being taken by an unauthorized person, processing in violation of applicable laws as well as changes, loss, damage or destruction.
- The administrator shall make available appropriate technical measures to prevent the unauthorized persons from obtaining and modifying personal data sent electronically.