GDPR - RODO

PRIVACY POLICY

Privacy policy for customers of Arcoore Spółka z ograniczoną odpowiedzialnością

I.    Data of the Personal Data Administrator

We would like to kindly inform you that the administrator of your personal data is Marcin Zakrzewski, the president of Arcoore with its registered office in Wrocław at ul. Piękna 58 lokal 17, and using the NIP number 899-287-90-27, hereinafter referred to as the “company”. Contact regarding the protection of personal data is possible at the following e-mail address: office@arcoore.com.

 II.  Purposes and grounds for processing personal data

In order to fulfill customer orders in accordance with the scope of our activity, the company processes your personal data – for various purposes, but always in accordance with the law. Below you will find the specific purposes of personal data processing along with the legal grounds.

In order to evaluate the service and provide the service, we process personal data such as:

    – First name and last name,
    – e-mail adress,
    – address,
    – Phone number,
    – sex,
    – order number,
    – Date of registration.

The legal basis for such data processing is Art. 6 sec. 1 lit. b GDPR, which allows the processing of personal data if they are necessary to perform the contract or take steps to conclude a contract; if you also decide to provide your surname, we recognize that you have consented to the processing of your surname as well – then the legal basis for such processing is Art. 6 sec. 1 lit. a GDPR, which allows the processing of personal data on the basis of a voluntarily granted consent;

In order to consider the complaint, we process personal data such as:

    – name and surname (if provided),
    – e-mail adress,
    – order number,
    – possibly the address of residence – if the money is refunded,
    – possibly the bank account number – if the money is refunded.

The legal basis for such data processing is Art. 6 sec. 1 lit. b GDPR, which allows the processing of personal data if they are necessary to perform the contract or take steps to conclude a contract; if you also decide to provide your surname, we recognize that you have consented to the processing of your surname as well – then the legal basis for such processing is Art. 6 sec. 1 lit. a GDPR, which allows the processing of personal data on the basis of a voluntarily granted consent;

In order to contact us by phone in matters related to the provision of the service, we process personal data such as:

    Phone number,
    order number

– if you are interested in the form of telephone contact (we do not require the mandatory provision of a telephone number). The legal basis for such data processing is Art. 6 sec. 1 lit. a GDPR, which allows the processing of personal data on the basis of a voluntarily granted consent;

In order to issue an invoice and fulfill other obligations resulting from tax law, such as storing accounting documentation for 5 years, we process personal data such as:

    – first name and last name,
    – business,
    – home address or registered office address,
    – number nip,
    – PESEL number,
    – order number.

The legal basis for such data processing is Art. 6 sec. 1 lit. c GDPR, which allows the processing of personal data, if such processing is necessary for the Personal Data Administrator to fulfill its obligations under the law;

In order to store unpaid inquiries, we process personal data such as:

    – name,
    – e-mail adress,
    – order number

– it may happen that you will make the decision to use the service some time after receiving the quote. The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements its legitimate interest (in this case, the company’s interest is to enable the conclusion of a contract for a specified period of time without the need to repeat the valuation);

In order to test satisfaction with the services offered, we process personal data such as:

    – e-mail adress,
    – order number.

The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements its legitimate interest (in this case, the company’s interest is to learn the opinions of customers about the services provided in order to adapt them to the needs and expectations of interested parties);

In order to create registers and records related to the GDPR, including, for example, the register of customers who objected in accordance with the GDPR, we process personal data such as:

    – name,
    – e-mail adress,

because, firstly, the provisions of the GDPR impose certain documentation obligations on us to demonstrate compliance and accountability, secondly, if you object, for example, to the processing of your personal data for marketing purposes, we need to know who not to use direct marketing against, because he doesn’t want it.

The legal basis for such data processing is, firstly, Art. 6 sec. 1 lit. c GDPR, which allows the processing of personal data, if such processing is necessary for the Personal Data Administrator to fulfill its obligations under the law; second, Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements his legitimate interest (in this case, the company’s interest is to have knowledge about people who exercise their rights under the GDPR);

In order to grant a discount (after granting consent resulting from the provisions on the provision of electronic services), we process personal data such as:

    – name,
    – sex,
    – e-mail adress.

The legal basis for such data processing is Art. 6 sec. 1 lit. a GDPR, which allows the processing of personal data on the basis of a voluntarily granted consent;

In order to establish, investigate or defend against claims, we process personal data such as:

    – name and surname (if the surname has been provided) or company name,
    – home address (if provided),
    – PESEL number or NIP number (if provided),
    – e-mail adress,
    – IP,
    – order number.

The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements its legitimate interest (in this case, the interest of the Company is to have personal data that will allow to establish, pursue or defend against claims, including clients and third parties);

For archival and evidence purposes, we process personal data such as:

    – name and surname (if provided),
    – e-mail adress,
    – order number

– for the purposes of securing information that may be used to demonstrate facts of legal significance. The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements its legitimate interest (in this case, the interest of the Company is to have personal data that will prove certain facts related to the provision of services, e.g. when a state authority requests it) ;

For analytical purposes, i.e. research and analysis of activity on the website belonging to the Company, we process personal data such as:

    – date and time of visiting the website,
    – type of operating system,
    – approximate location,
    – type of web browser used to browse the website,
    – time spent on the site,
    – visited subpages,
    – subpage where the contact form has been completed.

The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator implements its legitimate interest (in this case, the company’s interest is to learn about customer activity on the website);

In order to use cookies on the website, we process such text information (cookies will be described in a separate section). The legal basis for such processing is Art. 6 sec. 1 lit. a GDPR, which allows the processing of personal data on the basis of a voluntarily granted consent (the first time you enter the website, you are asked for consent to the use of cookies);

In order to administer the website, we process personal data such as:

    – IP address,
    – server date and time,
    – information about the web browser,
    – information about the operating system

– these data are saved automatically in the so-called server logs, each time you use the website belonging to the Company. It would not be possible to administer the website without the use of a server and without this automatic saving. The legal basis for such data processing is Art. 6 sec. 1 lit. f GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator carries out its legitimate interest (in this case, the interest of the Company is website administration);

   III. Cookies

    1. The company on its website, like other entities, uses the so-called cookies, i.e. short text information saved on a computer, phone, tablet or other user’s device. They can be read by our system, as well as by systems belonging to other entities whose services we use (e.g. Google).
    2. Cookies perform many functions on the website, most often useful, which we will try to describe below (if the information is insufficient, please contact us):

    – ensuring security – cookies are used to authenticate users and prevent unauthorized use of the customer panel. Therefore, they are used to protect the user’s personal data against unauthorized access;
    – impact on the processes and efficiency of using the website – cookies are used to ensure that the website works efficiently and that you can use the functions available on it, which is possible, among other things, by remembering the settings between subsequent visits to the website. Thanks to them, you can efficiently navigate the website and individual subpages;
    – session status – cookies often contain information on how visitors use the website, e.g. which subpages are displayed most often. They also make it possible to identify errors displayed on some subpages. Cookies used to save the so-called “Session state” therefore help to improve services and increase the browsing experience;
    – maintaining the session status – if the client logs in to his panel, cookies enable the session to be maintained. This means that after switching to another subpage, you do not have to re-enter your login and password each time, which contributes to the comfort of using the website;
   – creating statistics – cookies are used to analyze how users use the website (how many people open the website, how long they stay on it, which content is of greatest interest, etc.). Thanks to this, it is possible to constantly improve the website and adapt its operation to the preferences of users. In order to track activity and create statistics, we use Google tools, such as Google Analytics; in addition to reporting website usage statistics, pixel Google Analytics may also be used, together with some of the cookies described above, to help display more relevant content to the user in Google services (e.g. in the Google search engine) and throughout the web;

    3. Importantly, many cookies are anonymised for us – without additional information, we are not able to identify your identity on their basis.
    4. By default, your web browser allows the use of cookies on your device, so during the first visit, please consent to the use of cookies. However, if you do not wish to use cookies when browsing the website, you can change the settings in your web browser – completely block the automatic handling of cookies or request notification each time cookies are placed on the device. The settings can be changed at any time.
    5. While respecting the autonomy of all people using the website, we feel obliged to inform you that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, e.g. in the form of having to log on to each subpage, longer page loading period. , restrictions on the use of functionalities.
6.  The right to withdraw consent

    1. If the processing of personal data is based on consent, you may withdraw this consent at any time – at your discretion.
    2. If you would like to withdraw your consent to the processing of personal data, it is sufficient for this purpose:

    – send an email directly to office@arcoore.com or
    – send the letter by registered mail to the address of the company’s registered office.

    3. If the processing of your personal data was based on consent, its withdrawal does not make the processing of personal data up to that point illegal. In other words, until the consent is withdrawn, we have the right to process your personal data and its revocation does not affect the lawfulness of the current processing.

   V. The requirement to provide personal data

    1. Providing any personal data is voluntary and depends on your decision. However, providing certain personal data is necessary to meet your expectations regarding the implementation of your order.
    2. In order for you to be able to order a quote or place an order, it is necessary to provide your name, surname, telephone number and e-mail address – without this we are not able to process the order.
    3. To complete the order, it is necessary to provide the delivery address – without it, we are not able to deliver the goods.

    VI. Recipients of personal data

    1. Like most entrepreneurs, we use the help of other entities in our activities, which often involves the necessity to provide personal data. In connection with the above, if necessary, we transfer your personal data to lawyers cooperating with us who provide services, to companies servicing quick payments, an accounting company, a hosting company, as well as an insurance company (if it is necessary to repair the damage).
    2. In addition, it may happen that, for example, on the basis of an appropriate legal provision or a decision of a competent authority, we will also have to transfer your personal data to other entities, whether public or private. Therefore, it is extremely difficult for us to predict who may request the disclosure of personal data. Nevertheless, we ensure that we analyze each case of a request for disclosure of personal data very carefully and very carefully, so as not to accidentally provide information to an unauthorized person.

    VII. Transferring personal data to third countries

We kindly inform you that your personal data is not transferred outside the European Economic Area.

 

VIII. The period of personal data processing

    1. In accordance with applicable law, we do not process your personal data “indefinitely”, but for the time needed to achieve the set goal. After this period, your personal data will be irretrievably deleted or destroyed.
    2. In a situation where we do not need to perform operations on your personal data other than their storage, we additionally secure them until they are permanently deleted or destroyed – through pseudonymization. Pseudonymization consists in encrypting personal data or a set of personal data in such a way that it is impossible to read them without an additional key, and therefore such information becomes completely useless for an unauthorized person.
    3. Regarding individual periods of personal data processing, we kindly inform you that we process personal data for the period of:

    – the duration of the contract – in relation to personal data processed for the conclusion and performance of the contract;
    – 3 years or 10 years + 1 year – in relation to personal data processed for the purpose of establishing, investigating or defending claims (the length of the period depends on whether both parties are entrepreneurs or not);
    – 6 months – in relation to personal data that were collected during the valuation of the service, and at the same time the contract was not concluded immediately;
    – 5 years – in relation to personal data related to the fulfillment of obligations under tax law;
    – until the consent is withdrawn or the purpose of processing is achieved, but not longer than for 5 years – in relation to personal data processed on the basis of consent;
    – until the objection is effectively raised or the purpose of processing is achieved, but not longer than for 5 years – in relation to personal data processed on the basis of the legitimate interest of the Personal Data Administrator or for marketing purposes;
    – until they become obsolete or lose their usefulness, but no longer than for 3 years – in relation to personal data processed mainly for analytical purposes, the use of cookies and website administration.

    4. We count the periods in years from the end of the year in which we started processing personal data in order to improve the process of deleting or destroying personal data. Separate counting of the deadline for each event would entail significant organizational and technical difficulties, as well as a significant financial outlay, therefore setting a single date for the deletion or destruction of personal data allows us to manage this process more efficiently. Of course, if you exercise your right to be forgotten, such situations are considered individually.
    5. An additional year related to the processing of personal data collected for the performance of the contract is dictated by the fact that you can hypothetically submit a claim a moment before the expiry of the limitation period, the request may be delivered with a significant delay or you may incorrectly specify the limitation period for your claim.

   IX. Data subject rights
  1. We kindly inform you that you have the right to:

    – access to your personal data;
    – rectification of personal data;
    – deletion of personal data;
    – restrictions on the processing of personal data;
    – object to the processing of personal data;
    – transferring personal data.

    2. We respect your rights under the provisions on the protection of personal data and we try to facilitate their implementation as much as possible.
    3. We point out that these rights are not absolute, and therefore we may legally refuse you to comply with them in certain situations. However, if we refuse to accept the request, it is only after careful analysis and only in a situation where the refusal to accept the request is necessary.
    4. Regarding the right to object, we explain that you have the right to object to the processing of your personal data at any time on the basis of the legitimate interest of the Personal Data Administrator (they are listed in point II) in connection with your particular situation. However, you must remember that, in accordance with the provisions, we may refuse to take into account the objection if we prove that:

    – there are legitimate grounds for processing that override your interests, rights and freedoms, or
    – there are grounds for establishing, investigating or defending claims.

    5. In addition, you can object to the processing of your personal data for marketing purposes at any time. In such a situation, after receiving the objection, we will stop processing for this purpose.
    You can exercise your rights by:

    – sending an email directly to the address office@arcoore.com or
    – sending a letter by registered mail to the address of the company’s registered office.

 

  1. Right to lodge a complaint

    If you believe that your personal data is processed contrary to the applicable law, you may lodge a complaint with the President of the Personal Data Protection Office.

      XI. Final Provisions

      1. In matters not covered by this Privacy Policy, the provisions on the protection of personal data shall apply.
        2. You will be notified / notified by e-mail about any changes introduced to this Privacy Policy.
        3. This Privacy Policy is valid from 01/05/2020.
        4. In matters not covered by the regulations, the provisions of the Civil Code and relevant acts of Polish law, as well as European Union law, in particular the GDPR (Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in connection with with the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC).

    In matters not covered by the regulations, the provisions of the Civil Code and relevant acts of Polish law, as well as European Union law, in particular the GDPR (Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in connection with with the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC).

Promotion for logged in users

Register on our website and get attractive discounts on our products!

×