§1 General provisions
2. We hereby declare that we comply with the rules of personal data protection and all legal regulations provided for by the Personal Data Protection Act (i.e. Journal of Laws 2015, item 2135) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC.
3. The person whose personal data is processed has the right to contact us to receive comprehensive information on how we use their personal data. Our aim is always to be clear about the data we collect, how we use it, for what purposes and to whom we provide it, how we ensure that the data is protected when providing it to others, and which institutions you should contact in case of any doubts.
4. The Seller shall apply technical measures such as: physical personal data protection measures, hardware measures of IT and telecommunications infrastructure, protection measures within software tools and database and organizational measures ensuring proper protection of processed personal data, and in particular, they shall protect personal data against unauthorised third parties, unauthorised persons obtaining them and using them for unknown purposes, as well as accidental or intentional change, loss, damage or destruction of such data.
5. We have sole access to the data on the terms and conditions specified in the Regulations and this document. Personal data access may also be entrusted to other entities by means of which payments are made, which collect, process and store personal data pursuant to their Terms and Conditions and entities which are responsible for processing the order. Personal data is provided to the above mentioned entities to the extent required and only to the extent that ensures the performance of services.
6. Following the entry into force and the need to apply Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as ‘the Regulation’) Viridi (hereinafter also referred to as: ‘the Online Shop’), which is the owner of the relevant Internet domain, provides the following information on the rules for processing your personal data.
7. The administrator of your personal data is Viridi Polska Sp. z o.o., ul. Zbożowa 42B, 40-657 Katowice, NIP: 9542795437 tel: +48 792 699 699, e-mail: firstname.lastname@example.org
8. The Online Shop processes your personal data for the following purposes:
b) transfer your personal data to ING Bank Śląski S.A. (‘Bank’) with reference to:
• provision by the Bank to the Online Shop of the service of providing infrastructure for handling payments via the Internet (legal basis: Article 6(1)(f) of the Regulation).
• handling and settlement by the Bank of payments made by the customers of the Online Shop via the Internet with payment instruments (legal basis: Article 6(1)(f) of the Regulation).
• in order to verify by the Bank the proper performance of agreements concluded with the Online Shop, in particular to ensure the protection of payers’ interests in relation to their complaints (legal basis: Article 6(1)(f) of the Regulation).
c) transfer your personal data to Twisto Polska sp. z o.o. with reference to the possibility of offering to pay for the purchased goods or services by Twisto Polska sp. z o.o. within an order contract including the “Buy from Twisto” purchase formula and making this purchase formula available via the Online Shop, as well as for the purpose of verification by Twisto Polska sp. z o.o. of the proper performance of these order contracts (legal basis: Article 6(1)(f) of the Regulation). Translated with www.DeepL.com/Translator (free version)
9. In addition to the purposes indicated in paragraph 3 (primary purpose), the Online Shop may process your personal data for other legally permitted purposes (secondary purpose) where the primary and secondary purposes are closely linked.
10. Processing of your personal data for the purposes specified in paragraph 8 shall take place in connection with the existence of a legitimate interest pursued by the Online Shop.
11. In relation to the processing personal data for the purposes referred to in the aforementioned paragraph your personal data may be provided by the Online Shop to other recipients or categories of recipients of personal data, namely:
• ING Bank Śląski S.A.
• Twisto Polska sp. z o.o.
- Your personal data will be processed for a period of time justified for the purposes indicated in paragraph 8.
13. In relation to the processing of your personal data you are entitled to:
a) the right of access to the content of your personal data,
b) the right to rectify it when it is inconsistent with the actual state,
c) the right to delete or restrict data processing,
d) the right to object to the processing of personal data,
e) the right to data transfer.
- In case the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time. The withdrawal of consent neither affects the processing of data prior to the withdrawal of consent, nor the legal basis for this processing.
15. The President of the Office for Personal Data Protection is the supervisory authority of the Online Shop with respect to personal data.
16. You hold the right to complain to the supervisory authority.
17. In case your personal data is provided for the purpose of concluding an agreement with the Online Shop, providing your personal data is a condition for concluding this Agreement. Providing personal data in this situation is voluntary, but the consequence of not submitting this data shall be that no agreement can be concluded with the Online Shop.
18. In case your personal data is provided to Twisto Polska sp. z o.o. prior to concluding a sales contract for the goods (or services) purchased in the Online Shop, providing this data is a condition for concluding a sales contract in connection with the business model of business activity adopted by the Online Shop.
19. In the event that your personal data is transferred to the Bank in connection with the handling and settlement of payments made by you to the Online Store via the Internet with the use of payment instruments, providing the data is required in order to execute the payment and provide confirmation of its execution by the Bank in favour of the Online Store.
20. In case you provide your personal data to the Bank to verify the proper performance of agreements concluded with the Online Shop, in particular to ensure the protection of payers’ interests in connection with their complaints, the provision of such data is required to enable the performance of the agreement concluded between the Online Shop and the Bank.
21. In case you provide your personal data to Twisto Polska sp. z o.o. in connection with the offer to pay the price for the goods or services purchased by you within the framework of the order agreement including the “Buy from Twisto” purchase formula and making this formula available by the Online Shop, providing this data and processing it for this purpose is required in connection with the business model of business activity adopted by the Online Shop and in order to execute the agreement concluded between the Online Shop and Twisto Polska sp. z o.o.
- We take privacy seriously. We respect your privacy and provide you with the fullest and most comfortable use of our services.
2. We value the trust Users place in us by entrusting us with their personal data in order to fulfill the order. We always process personal data in a fair manner and in such a way that we do not lose this trust, only to the extent necessary to fulfill the order, including its processing.
3. You have the right to receive clear and complete information regarding the way in which we use your personal data and what purposes it is required for. We always clearly communicate the data we collect, how and to whom we provide it, and give information about the entities to be contacted in case of any doubts, questions or comments.
4. Should we have any doubts about our use of your personal data, we will take immediate action to clarify and resolve such doubts and answer all related questions fully and comprehensively.
5. We shall take all reasonable actions to protect User data against improper and uncontrolled use and to protect it in a comprehensive manner.
6. We make every endeavour to protect against unauthorized access, unauthorized modification, disclosure and destruction of information in our possession. In particular:
a) We monitor methods of collecting, storing and processing information, including physical security measures, to protect against unauthorised access to the system.
b) We only provide access to personal data to those employees, contractors and representatives who need to have access to it. Furthermore, by virtue of the contract, they are obliged to maintain strict confidentiality, to allow us to control and check how they fulfil their duties and in case of non-fulfilment of these obligations they may suffer consequences.
7. We shall comply with all applicable data protection laws and regulations and shall cooperate with data protection authorities and law enforcement agencies empowered to do so. In the absence of data protection legislation, we shall act in accordance with generally accepted data protection rules, principles of social coexistence and established customs.
8. The detailed method of personal data protection is included in the Data Protection Policy (GDPR: Security Policy, Data Protection Regulations, IT System Management Manual) For security reasons, due to the procedures described therein, it is available for inspection only by state control authorities.
9. The administrator of your personal data is Viridi Polska Sp. z o.o., ul. Zbożowa 42B, 40-657 Katowice, NIP: 9542795437 tel: +48 792 699 699, e-mail: email@example.com
10. The legal basis for the processing of your personal data is Article 6(1)(b) GDPR. The provision of data is not obligatory, but necessary to take appropriate actions before the conclusion of the contract and its execution. We will transfer your personal data to other recipients who are entrusted with the processing of personal data for and on our behalf. Your data shall be transferred on the basis of Article 6(1)(f) of the GDPR where there is a legally justified interest in the proper execution of contracts/orders. Furthermore, we shall share your personal data with other business partners. We store the collected personal data in the European Economic Area (‘EEA’), but it may also be transferred to and processed in a third country outside this area. Every transmission of personal data is carried out in accordance with applicable law. When data is transferred outside the EEA, we use standard contractual clauses and the privacy shield as preventive measures for countries where the European Commission has not found an adequate level of data protection.
11. Your personal data concerning the conclusion and performance of the contract shall be processed for the period of its execution, as well as for a period no longer than provided for by law, including the provisions of the Civil Code and the Accounting Act, i.e. no longer than 10 years, counting from the end of the calendar year in which the latest contract was performed.
12. Your personal data processed for the purpose of concluding and performing future contracts shall be processed until you object.
13. You are entitled to: access your personal data and receive a copy of your processed personal data, rectify your inaccurate data; request to delete your data (right to be forgotten) in case of the circumstances foreseen in Article 17 of the GDPR; request a restriction of data processing in the cases mentioned in Article 18 of the GOP, object to the processing of data in the cases stated in Article 21 of the GDPR, transfer of provided data, processed by automated means.
14. If you believe that your personal data is processed unlawfully, you may lodge a complaint with the supervisory authority (Personal Data Protection Office, ul. Stawki 2, Warszawa). If you need further information regarding data protection or want to exercise your rights, please contact us by post to our address.
16. The user has always the right to notify us if:
a) no longer wishes to receive information or messages from us in any form;
b) wishes to receive a copy of their personal data in our possession;
c) correct, update or delete their personal data held in our records;
d) wishes to report infringements, misuse or processing of their personal data.
17. In order to make it easier for us to respond or react to the information provided, please enter your name and further details.
§3 Scope and purpose of personal data collection
- We process the essential personal data for the purpose of providing services and for accounting purposes and only such purposes, i.e. :
a) to place an order,
b) to conclude a contract, to lodge a complaint and to terminate the contract,
c) to issue a VAT invoice or other receipt.
- The following User data is collected, processed and stored:
a) name and surname,
b) address of residence,
c) address for service (if different from your address of residence),
d) tax identification number (NIP),
e) e-mail address (e-mail),
f) phone number (mobile, landline),
g) information about the Internet browser used,
h) other personal data voluntarily provided to us.
- The provision of the above data is entirely voluntary but also essential to the full service performance.
4. The purpose of data collection and processing or use of the data by us:
a) direct marketing, archival purposes of advertising campaigns;
b) fulfilling the obligations imposed by law by collecting information on adverse effects;
6. In view of the fact that many of the countries to which this personal data is transferred do not have the same level of legal protection for personal data as in user’s country. Your personal data stored in another country can be accessed, for example, by courts, law enforcement and national security authorities, in accordance with the laws of that country. Subject to lawful requests for disclosure, it is our commitment to require this processing personal data outside your country to take measures to protect your data in an appropriate manner in accordance with their national law.
§4 Cookies policy
- We automatically collect the information contained in the cookies in order to collect User data. A cookie is a small piece of text which is sent to the user’s browser and which the browser sends back when the user visits the website. They are mainly used to maintain the session, e.g. by generating and sending back a temporary ID after login. We use “session” cookies stored on your terminal device until you log out, shut down the website or turn off your browser and “permanent” cookies stored on the user’s terminal device for the time specified in the parameters of the cookies or until you delete them.
2. Cookies customize and optimize the website and its offer for the needs of Users through such activities as creating page view statistics and ensuring security. Cookies are also essential to maintain your session after you leave the website.
3. The Administrator processes the data contained in the cookies each time the website is visited by visitors for the following purposes:
a) optimising the use of the website;
b) identifying Service Recipients as currently logged in;
c) customization, graphics, choice options and any other content of the website to the individual needs of the Service Recipient;
d) saving the automatically and manually added data from the Order Forms or the login data provided by the visitor;
e) collecting and analysing anonymous statistics presenting the use of the website in the administration panel and google analytics
f) creating remarketing lists based on information about your preferences, behaviour, how you use your interests in the Website and collecting demographic data, and then sharing these lists with AdWords and Facebook Ads.
g) creating data segments based on demographic information, interests, preferences in the choice of products/services viewed.
h) using demographic and interest data in Analytics reports.
- The User can block and delete the collection of cookies at any time with their browser.
5. If the User blocks the possibility of collecting Cookies files on their device, it may prevent or hinder the use of some of the website’s functionalities, to which the User is fully entitled, but must be aware in such a situation of functionality limitations.
7. More information on Cookies is available in the help menu of each web browser. Examples of Internet browsers that support the mentioned “Cookies”:
a) Internet Explorer cookie settings
b) Chrome cookie settings
c) Firefox cookie settings
d) Opera cookie settings
e) Safari cookie settings
f) Android cookies
f) Blackberry cookies
h) iOS (Safari) cookies
i) Windows Phone cookies
§5 Rights and obligations
- We have the right and, in cases specified by law, the statutory obligation to provide selected or all information concerning personal data to public authorities or third parties who make such a request for information on the basis of applicable Polish law.
2. The User has the right to access the content of their personal data, which they make available, the User can correct and complete this data at any time, and has the right to request it to be removed from their database or to stop processing it, without giving any reason. In order to exercise your rights, you may send the applicable message at any time via e-mail or by any other means that will provide/transmit such request.
3. A request by the User to delete personal data or to stop processing may result in a complete inability to provide services or a serious limitation of the services.
4. We undertake to act in accordance with applicable laws and rules of social coexistence.
5. Information on extra-judicial handling of consumer disputes. The authorized entity under the Act on Out-of-Court Settlement of Consumer Disputes is the Financial Ombudsman, whose website address is as follows: www.rf.gov.pl.
§6 Basic safety principles
- Every User should take care of their own data security and the security of their devices that access the Internet. It is essential that such a device has an antivirus software with a regularly updated database of definitions, types and kinds of viruses, a secure version of the Internet browser it uses and a firewall on. The User should check if the operating system and the programs installed on it have the latest and compatible updates, as attacks use errors detected in the installed software.
2. The access data to services offered over the Internet are – e.g. logins, passwords, PIN, electronic certificates, etc. – should be secured in a place that is inaccessible to others and cannot be hacked from the Internet. It should not be disclosed or stored on the device in a form that allows unauthorized access and reading by unauthorized persons.
- Be careful when opening strange attachments or clicking on links in emails that you did not expect from unknown senders or from the spam folder.
4. It is recommended to run antiphishing filters in your Internet browser, i.e. tools that check whether the displayed website is authentic and is not used for phishing purposes, e.g. by impersonating a person or institution.
5. Files should only be downloaded from trusted places, services and websites. It is not recommended to install software from unverified sources, especially from unknown publishers with unverified opinion. It also applies to mobile devices such as smartphones and tablets.
6. When using a home wireless network Wi-Fi, the password should be set so that it is safe and difficult to crack, it should not be any formula or sequence of characters that is easy to guess (e.g. street name, host name, date of birth, etc.). It is also recommended to use the highest possible standards of wireless Wi-Fi network encryption, which can be run on the equipment you have, e.g. WPA2.
§7 Use of Social Media Plugins
- Facebook.com, Twitter and other social networking plugins can be located on our websites. Services related to them are provided by Facebook Inc. and Twitter Inc. respectively. And others
2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. In order to view Facebook plugins go to: https://developers.facebook.com/docs/plugins.
3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. In order to view Twitter plugins go to: https://developers.facebook.com/docs/plugins.
4. The plugin only provides the supplier with information about which of our websites you have accessed and how long it takes. If the User is logged in to their Facebook or Twitter account while visiting or staying on our website, the supplier is able to link their interests, informational preferences and other data, e.g. by clicking on the Like button or by leaving a comment or by entering their profile name in the searches. This information will also be forwarded by the browser directly to the supplier.
5. For more detailed information on the collection and use of data by Facebook or Twitter and on privacy protection, please see the following pages:
a) Data protection/privacy advice issued by Facebook: http://www.facebook.com/policy.php.
b) Data protection/privacy advice issued by Twitter: https://twitter.com/privacy
6. Czater.pl is a service enabling you to create and set up a live chat on your website, allowing you to contact your customers in real time. The owner and Administrator of the Service is EBROS Mariusz Rosa, ul. Olimpijska 27, 05-220 Zielonka, hereinafter referred to as the Administrator.
7. In order to prevent Facebook or Twitter from recording your visit on our website, you must log out of your account before visiting our website.
Copyright notice to the Regulations