PRIVACY POLICY OF THE VITRINTEC WEBSITE
- The protection of the Users' personal data is of the utmost importance for the Owner of this website. The Owner makes every effort to ensure that the Users feel safe providing their personal data when they use the website.
- The User is a natural person, a legal person or an organisational unit without legal personality, to which legal capacity is granted by law, using the electronic services available on the website.
- This Privacy Policy explains the principles and scope of the processing of the User's personal data, the User's rights, and the responsibilities of the Data Controller, it also informs about the use of cookies.
- The Data Controller uses state-of-the-art technical measures and organisational solutions to ensure a high level of protection of the personal data processed and to prevent unauthorised access.
Personal data controller
The Personal Data Controller is Vitrintec Sp. z o. o. with its registered office at ul. Karola Olszewskiego 23, entered into the Register of Entrepreneurs kept by the District Court in Kielce, 10th Commercial Division, under KRS [National Court Register] no.: 0000588283, NIP [Tax Identification Number]: 9591967051 (hereinafter referred to as the "Owner" or "Data Controller").
Purpose of the processing of personal data
- The Data Controller processes the collected personal data only for the purpose for which it was provided, in a manner consistent with the scope of the permission granted by the User and on the basis and within the limits of the law. The User has the right to access and correct their personal data as well as the right to lodge a written request to stop the processing of the personal data. The User may correct their personal data by contacting the website personnel either by post or by e-mail.
- The User may also agree to receive information on news and special offers, as a result of which the Data Controller will also process personal data for the purposes of sending commercial information about, e.g., new products or services, special offers or sales to the User.
- Personal data is also processed to comply with the legal obligations to which the Data Controller is subject and perform tasks in the public interest, e.g., tasks related to security and defence or the storage of tax documentation.
- Personal data may also be processed for the purposes of securing and asserting claims or providing protection against the User's or third-party claims, as well as marketing of services and products of third parties or own marketing, which is not direct marketing.
Type of data
- The Data Controller processes the following personal data that must be provided for the operation of the contact form:
- name and surname;
- e-mail address,
- telephone number,
Data provided by the User optionally:
- attachments;
- enquiry content.
Legal basis for the processing of personal data
Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4 May 2016, pp. 1-88 (hereinafter referred to as the "GDPR").
- The Data Controller processes personal data only with the prior consent of the User.
- Giving consent to the processing of personal information is entirely voluntary.
USER'S RIGHTS
- The User may at any time ask the Data Controller to provide information on the scope of the processing of their personal data.
- The User may at any time request the correction or rectification of their personal data.
- The User may withdraw their consent to the processing of their personal data at any time, without giving reasons. The request not to process personal data may relate to a specific purpose of processing indicated by the User, e.g. withdrawal of consent to receive commercial information, or relate to all purposes of data processing. The withdrawal of consent with respect to all purposes of the processing of data will result in the User's account being deleted from the website, together with all personal data of the User processed by the Data Controller. The withdrawal of consent will not affect the actions already taken.
- The User may request that the data controller erase the User's data, at any time, without stating the reason. The request to erase data will not affect the actions already taken. The erasure of data is tantamount to the deletion of the User's account, together with all personal data stored and processed by the Data Controller until that time.
- The User may object to the processing of personal data at any time, both with regard to all personal data of the User processed by the Data Controller and only to a limited extent, e.g., with regard to the processing of data for a specifically indicated purpose. The objection will not affect the actions already taken. Lodging an objection will result in the deletion of the User's account, together with all personal data stored and processed by the Data Controller until that time.
- The User may request that the processing of their personal data be restricted either for a specific period of time or without a time limit but within a specific scope, and the Data Controller will have to comply with the request. The request will not affect the actions already taken.
- The User may request that the data controller transfer the User's personal data to another entity. For this purpose, the User should send a written request to the Data Controller and indicate the entity (i.e. its name and address) to which the User's personal data should be transferred. The User should also specify which data is to be provided by the Data Controller. Once the User has confirmed their wish, the Data Controller will transfer the User's personal data to the designated entity in an electronic form. The User's confirmation of the request is necessary for the purpose of the security of the User's personal data and to ensure that the request comes from an authorised person.
- The Data Controller will inform the User of the actions taken within one month of the receipt of one of the requests mentioned in the previous points.
- In accordance with the GDPR regulation, the User has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their usual residence, their place of work or the place where the alleged infringement has been committed, if they consider that the processing of the Data violates the above-mentioned regulation.
Personal data storage period
- As a general rule, personal data is only kept for as long as it is necessary to fulfil the contractual or statutory obligations for which such data was collected. The data will be erased immediately when it is no longer needed for evidential purposes, in accordance with civil law or with respect to the statutory obligation to store data.
- Information regarding the contract is kept for evidential purposes, for a period of three years, starting from the end of the year in which the business relationship with the User is terminated. The data will be erased after the expiry of the statutory limitation period for the assertion of contractual claims.
- Moreover, the Data Controller may keep historical information related to the concluded transactions, as the storage of such information is related to, e.g., the User's warranty claims.
- If no contract has been concluded between the User and the Owner, the User's personal data is stored until the deletion of the User's account from the website. The account may be deleted based on the User's request or as a result of the withdrawal of consent to the processing of personal data or an objection to the processing of such data.
Entrusting other entities with the processing of personal data
- The Data Controller may entrust the processing of personal data to entities cooperating with the Data Controller to the extent necessary for the completion of the transaction, e.g. for the purposes of preparing the goods ordered, making deliveries or providing commercial information from the data controller (the latter applies to the Users who have agreed to receive commercial information).
- Apart from the purposes indicated in the Privacy Policy, the Users' personal data will not be made available in any way to third parties or provided to other entities for the purposes of sending marketing materials of such third parties.
- The personal data of the Users of the website are not transferred outside the European Union.
- The Privacy Policy complies with the provisions arising from Art. 13 sec. 1 and sec. 2 of the GDPR.
Cookies and other technologies
- The website uses cookies and other similar mechanisms (hereinafter collectively referred to as "cookies") stored on Users' end devices. Cookies are pieces of information that contain a unique reference code that the website sends to the User's device to store and sometimes track information about the device being used.
- Usually, cookies do not enable the identification of the User. Their main task is to adjust the website to the User through the collection of information such as, e.g., the User's method of access to the website (e.g. via a computer or smartphone) or their preferences. Cookies are also used for advertising and statistical purposes.
- Some of the cookies on the website are only available during a particular web session and deleted when the browser is closed. Other cookies are used to remember and identify the User when they return to the website. In that case, the cookies are retained for a longer period of time.
- The cookies used on this website are as follows:
_ga – stored for a period of 2 years
_gid – stored for 1 day
PHPSESSID – stored for the duration of the session
csrf-cookie-name – stored for a period of 2 hours
video-main-progress - stored for a period of 2 years
video-main-paused – stored for a period of 2 years
_gat_gtag_UA_123279724_1 – stored for 1 minute
5. All cookies on the website are set by the Data Controller
6. All cookies used by the website comply with the applicable European Union law.
7. Most Users and some mobile browsers automatically accept cookies. If the User does not change the settings, cookies will be saved on the device.
8. The User can change their preferences regarding the acceptance of cookies or change their browser so that they can receive an appropriate notification each time the cookie function is enabled. To change cookie acceptance settings, the User should adjust their browser settings. It is worth remembering that blocking or deleting cookies may prevent the full use of the website.
9. Cookies will be used for the necessary session management, including:
- to create a special login session for the User of the website, so that the website remembers that the User is logged in and their requests are delivered in an efficient, secure and consistent manner;
- to recognise the User who has previously visited the website, which allows to identify the number of unique Users who have used the website and to ensure that the website has sufficient capacity for the number of new Users;
- to check whether a website visitor is registered on the website;
- to record information from the User's device, including: cookies, IP address and information about the used browser, to be able to diagnose problems, administer and track the use of the website;
- to customise the elements of the layout or the content of the website;
- to collect statistical information about how the User uses the website, to be able to improve the website and to determine which areas of the website are most popular among the Users.
- For the above purposes, the Internet tracking technology popular on the market is used in the form of the Google Analytics tool, provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, which is used to monitor traffic on the website and optimise the display of marketing and promotional content. In view of the above, anonymous data is collected regarding the websites visited by Users, including:
- the type of browser used by the User;
- the date of the first and last visit and length of the User's visit;
- the location from which the User visited the website;
- the number of unique visits or views.
- Google Analytics also collects demographic data and data related to the User's interests.
As part of the cookie settings directly from the website, the user can decide whether or not to consent to the collection of such data.
- Google Analytics does not collect any data that makes it possible to identify the User. Therefore, data collected as part of Google Analytics does not constitute personal data.
- The Google Analytics tool is used in such a way that the User's IP address is shortened before it is transmitted beyond the European Economic Area. Only in exceptional cases the full IP address is transferred to the Google server in the USA and shortened there. Anonymised IP addresses processed by Google Analytics are typically not merged with other Google data.
- The User can prevent the data collected by cookies regarding their use of the website from being recorded by Google, as well as the processing of the data by Google, by installing the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout.
- Users interested in details related to data processing within Google Analytics can read the explanation prepared by Google and available at the following address: https://support.google.com/analytics/answer/6004245.
Amendments
In case of any amendments to the applicable Privacy Policy, relevant modifications to the above provision will be made accordingly.