Privacy Policy

AND GENERAL PROVISIONS

    1. The administrator of personal data obtained via the website at door-filipek.pl (hereinafter the Website) is Franciszek Filipek running a business under the name PPUH Door - Franciszek Filipek, ul. Adolfa Mitery 5, 32-700 Bochnia, tel. 881-496-045. e-mail address: rodo@door-aluminium.pl NIP: 8681214194 hereinafter referred to as the "Administrator".
    2. Personal data is processed by the Administrator in accordance with the currently applicable Act on the Protection of Personal Data of August 29, 1997, the Act on the Provision of Electronic Services of July 18, 2002, and in accordance with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016 / 679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection), i.e. the so-called "GDPR".
    3. The administrator takes special care to protect the interests of data subjects, and in particular ensures that the personal data collected by him are:
    4. processed in accordance with the law, fairly and transparently for the data subject;
    5. collected for specific, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes;
    6. adequate, relevant and limited to what is necessary for the purposes for which they are processed;
    7. correct and, if necessary, updated;
    8. kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
    9. processed in a manner ensuring adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical and organizational measures.

II PURPOSE AND SCOPE OF DATA COLLECTION

  1. The Administrator processes personal data in the form of name and surname and e-mail address in order to answer questions asked by the User of the Website using the contact form, in particular questions regarding the Administrator's offer.
  2. The Administrator has the right to entrust personal data to entities through which the Administrator implements the purposes of personal data processing specified in this policy, in particular employees, contractors, as well as other entities with which the Administrator cooperates, including in particular the website hosting provider and a marketing agency. The administrator ensures the protection of personal data entrusted to these entities on the terms set out in this policy and in the provisions of applicable law.

III. BASIS FOR DATA PROCESSING

  1. The administrator processes personal data obtained through the Website on the basis of the consent of the data subject, expressed freely and voluntarily. Providing data is completely voluntary, but it is necessary to receive an answer to a complex inquiry.
  2. The administrator also has the right to process personal data, regardless of the consent granted, in a situation where:
  3. processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract;
  4. processing is necessary to fulfill the legal obligation incumbent on the controller;
  5. processing is necessary to protect the vital interests of the data subject or another natural person;
  6. processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority entrusted to the controller;
  7. processing is necessary for the purposes of the legitimate interests pursued by the administrator or by a third party, except where these interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, in particular when the data subject is a child.
  8. The data subject has the right to withdraw the consent given to the processing of personal data at any time. Withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal. The consent may be withdrawn in writing to the Administrator's address, or in electronic form to the e-mail address rodo@door-aluminium.pl
  9. In the event of withdrawal of consent, the Administrator may still be entitled to process personal data on the basis of the provisions of generally applicable law. In such a situation, the Administrator will process personal data only for the purposes and to the extent permitted by law, despite the lack of consent of the data subject.

IV. THE RIGHTS OF THE PERSON WHO THE DATA CONCERNS

A. DATA ACCESS

  1. The data subject is entitled to obtain from the Administrator confirmation whether personal data concerning him is being processed, and if so, he is entitled to access this data and to the following information:
  2. the purposes of processing personal data;
  3. the categories of personal data processed;
  4. information on the recipients or categories of recipients to whom personal data have been or will be disclosed, in particular on recipients in third countries or international organizations, as well as on the applied safeguards related to the transfer of data to recipients in third countries or international organizations;
  5. if possible, the planned period of storage of personal data, and if this is not possible, the criteria for determining this period;
  6. information on the right to request the administrator to rectify, delete or limit the processing of personal data relating to the data subject and to object to such processing;
  7. information about the right to lodge a complaint with the supervisory authority;
  8. if the personal data has not been collected from the data subject - any available information as to their source;
  9. information on automated decision making, including profiling
  10. Upon request, the administrator provides the data subject with a copy of the personal data being processed. For any subsequent copies requested by the data subject, the Controller may charge a reasonable fee based on administrative costs. If the data subject requests a copy by electronic means and unless otherwise indicated, the information will be provided by electronic means, if possible.

B. CORRECTION

  1. The data subject has the right to request the Administrator to immediately correct incorrect personal data concerning him. Taking into account the purposes of processing, the data subject has the right to request that incomplete personal data be supplemented, including by providing an additional statement.

C. DELETION OF DATA

  1. The data subject has the right to request the administrator to immediately delete his personal data, and the Administrator is obliged to delete personal data without undue delay, if one of the following circumstances occurs:
  2. personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
  3. the data subject has withdrawn the consent on which the processing is based and there is no other legal basis for the processing;
  4. the data subject objects to the processing and there are no overriding, legitimate grounds for processing
  5. the data subject objects to the processing of data for direct marketing purposes;
  6. personal data was processed unlawfully;
  7. personal data must be removed in order to comply with the legal obligation provided for in the Union law or the law of the Member State to which the Administrator is subject;
  8. the personal data has been collected in relation to the offering of information society services.

D. DATA PROCESSING RESTRICTION

  1. The data subject has the right to request the administrator to limit data processing in the following cases:
  2. the accuracy of the personal data is contested by the data subject - for a period allowing the Controller to check the correctness of this data;
  3. the processing is unlawful and the data subject opposes the deletion of personal data and requests the restriction of their use instead;
  4. the controller no longer needs personal data for the purposes of processing, but they are needed by the data subject to establish, assert or defend claims;
  5. the data subject has objected to processing - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for objection of the data subject.
  6. Limitation of the processing of personal data should be understood as the storage of personal data in order to limit their further processing.
  7. If, under the above-mentioned request, data processing has been restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the establishment, exercise or defense of legal claims, or to protect the rights of another natural or legal person. , or for reasons of important public interest of the Union or of a Member State. Before lifting the restriction of processing, the administrator informs the data subject who requested the restriction.

E. DATA TRANSFER

  1. The data subject has the right to receive, in a structured, commonly used, machine-readable format, personal data concerning him, which he provided to the administrator, and has the right to send this personal data to another administrator without any obstacles from the administrator to whom the personal data was provided, if the processing takes place on the basis of consent or on the basis of a contract and if the processing is carried out in an automated manner.
  2. When exercising the right to transfer the data specified above, the data subject has the right to request that the personal data be sent by the Administrator directly to another administrator, if technically possible.
  3. The data subject has the right not to be subject to a decision which is based solely on automated processing, including profiling, and produces legal effects or significantly affects that person.

F. OBJECT

  1. The data subject has the right to object at any time - for reasons related to his particular situation - to the processing of his personal data based on the provision of art. 6 sec. 1 lit. e, f of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, including profiling based on these provisions.
  2. After the objection is raised, the Administrator is no longer allowed to process this personal data, unless he demonstrates the existence of valid legally valid grounds for processing, overriding the interests, rights and freedoms of the data subject, or the grounds for establishing, investigating or defending claims.
  3. If personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of his personal data for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing. . If the data subject objects to processing for direct marketing purposes, the personal data may no longer be processed for such purposes.

G. EXECUTION OF RIGHTS

  1. The rights set out above are exercised upon a request submitted to the Administrator in writing or by e-mail to the e-mail address: rodo@door-aluminium.pl. Any inquiries regarding the rights of the data subject may be sent to the same e-mail address. The administrator makes every effort to explain the rights in a clear and accessible way and enable the data subject to exercise them.

H. COMPLAINT

  1. The data subject has the right to lodge a complaint with the supervisory authority, in particular in the Member State of his habitual residence, place of work or place of the alleged infringement, if he or she believes that the processing of personal data concerning him violates this Regulation.
  2. The above-mentioned complaint should be submitted to the supervisory body, the President of the Office for Personal Data Protection, to the following address: ul. Stawki 2, 00-193 Warsaw.

V. "COOKIES"

  1. The Administrator also processes data characterizing the way the User uses the Website (operational data), including:
  2. Designations identifying the end of the telecommunications network or the IT system used by the User (e.g. IP address, type and language of the web browser, operating system);
  3. Information on the start, end and scope of each use of the Website by the User;
  4. Information about data saved to users' end devices (cookies).
  5. "Cookies" used on the Website come from the Administrator as well as from other entities - in particular the entity providing analytical services for the use of the website (Analytics).
  6. If the user does not change the browser settings, he agrees to their use.
  7. The installation of "cookies" may be necessary for the proper provision of certain services on the Website, in particular those requiring authorization.
  8. The Website uses three types of "cookies": session, permanent and analytical:
  9. "Session" cookies are temporary files that are stored on the User's end device until logging out (leaving the Website).
  10. "Persistent" cookies are stored in the Customer's end device for the time specified in the parameters of "cookies" or until they are deleted by the User.
  11. "Analytical" cookies enable better understanding of the Customer's interaction with the content of the Website, in particular to better organize its layout. "Analytical" "cookies" collect information on the way the Service is used by the Service Recipients, the type of page from which the Service Recipient has been redirected, and the number of visits and the time of the Service Recipient's visit to the website.
  12. The operational data collected by the Administrator, specified above, do not register specific personal data of the Service Recipient, but are used by the Administrator to develop statistics on the use of the Website.
  13. Cookies stored on the user's device may be used by entities other than the Administrator to profile the user, in particular to display personalized advertisements or other content on other websites.
  14. The user has the right to decide on the access of "cookies" to his computer by selecting them in the window of his browser. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings. If the User does not want to save files on his device, he should disable this option in the browser window.

VI. FINAL PROVISIONS

  1. The administrator does not make decisions only in an automated manner, nor does he use personal data for profiling.
  2. The administrator does not appoint a Personal Data Protection Inspector.
  3. The rights of the data subject, described in detail in this Privacy Policy, result from generally applicable law, and the provisions of this Privacy Policy in no way limit these rights.
  4. The scope in which it will be possible to exercise the rights of the data subject may be limited by law, in particular due to the rights and freedoms of other persons or due to the public interest.
  5. In order to ensure a high level of personal data protection, the Administrator will take regular steps to review this privacy policy and amend it, in the event of a change in the scope of personal data processed, the processing technology of such personal data, as well as in the event of changes in applicable law or guidelines. in terms of their application.

 

INFORMATION CLAUSE FOR THE PROCESSING OF PERSONAL DATA - VISUAL MONITORING

Based on Article. 13 sec. 1 and 2 of the Regulation of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection) ( Journal of Laws UE.L.2016.119.1) - hereinafter referred to as the GDPR, I inform you that:

  1. The administrator of the data recorded via the cameras of the monitoring system inside and outside the buildings is Franciszek Filipek running a business under the name of Franciszek Filipek - PPUH DOOR, ul. Adolfa Mitery 5, 32-700 Bochnia, NIP: 8681214194, REGON: 851698160. Contact with the Administrator is possible via the postal operator to the following address: PPUH DOOR Franciszek Filipek, ul. Adolfa Mitery 5, 32-700 Bochnia or via the e-mail address: rodo@door-aluminium.pl.
  2. Your personal data in the form of an image will be processed in order to ensure public order and security as well as to protect goods and property pursuant to art. 6 sec. 1 lit. f GDPR, i.e. processing is necessary for the purposes of the legitimate interests pursued by the Administrator.
  3. Your personal data in the form of an image will be transferred only to persons authorized by the Administrator. The recipients of your personal data in the form of an image will be entities authorized to obtain them on the basis of generally applicable law, entities performing public tasks on the basis of a separate agreement for entrusting personal data, entities providing services to the Administrator in connection with monitoring, persons injured in registered situations by the system.
  4. Your personal data in the form of an image will be stored by the Administrator for a period not longer than two months. After this time, the recorded material will be permanently overwritten with new data. The processing period may be extended each time by the limitation period for claims, if the processing of your personal data in the form of an image will be necessary to establish or pursue any claims or defend against such claims by the Administrator.
  5. Your personal data in the form of an image will not be transferred outside the European Economic Area and to international organizations.
  6. Your personal data in the form of an image will be processed manually or automatically, will not be processed automatically and will not be profiled.
  7. The administrator would like to assure you that all persons whose personal data are processed by the Administrator have appropriate rights under the GDPR, including, in particular: the right to access data recording, including the right to obtain a copy of this data, to rectify it, deletion, limitation of their processing, transfer, and other rights in this regard in accordance with applicable regulations. The use of the above-mentioned rights may not, however, infringe the rights of third parties.
  8. You have the right to lodge a complaint with the President of the Personal Data Protection Office, if you feel that the processing of your personal data violates the provisions of the GDPR.
  9. The Administrator makes every effort to ensure all means of physical, technical and organizational protection of personal data against accidental or deliberate destruction, accidental loss, alteration, unauthorized disclosure, use or access, in accordance with all applicable regulations.

Pin It on Pinterest

Shares
Share This