Privacy Policy

for www.krakmasaz.pl website

When you use our services, you’re trusting us with your information. We understand this is a big responsibility and work hard to protect your information and put you in control.

 

This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information. 

#1 General information

This Privacy Policy sets out the rules for the processing and protection of personal data provided by Users in relation to the use of their services by Natalia Rączka through the Website.

#2 The administrator of personal data

The administrator of personal data contained in the website is Natalia Rączka with its registered office in Modlnica at ul. Bukowa 2/2 . NIP 6831975285 REGON 123170178. In the interest of security of data entrusted to us, we have developed internal procedures and recommendations to prevent unauthorized disclosure of data. We control their performance and constantly check their compliance with the relevant legal acts - the act on the protection of personal data, the act on the provision of electronic services, as well as any type of implementing acts and Community legislation.

#3 Access to personal data

Personal Data obtained at www.krakmasaz.pl is processed and collected on servers of Globtel Internet Szymon Hersztek, ul. Matecznikowa 2/1, 80-126 Gdańsk, NIP: 9570804786, REGON 192 519144 in which the website administrator purchases the hosting and SSL security certificate.

#4 Security

1. The krakmasaz.pl domain is protected by an encrypted connection using an SSL certificate.

2. In accordance with the Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018 item 1000) and Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of persons in connection with the processing of personal data and on the free flow of such data (GDPR) and the Act on Electronic Services of July 18, 2002 (Journal of Laws of 2002 No. 144 Item 1204), we inform you that the data provided by users as part of the Service forms listed in these regulations, they will be processed in connection with the services provided.

3. We process your personal data that you provided by completing the contact form or saving electronically or paperly to the newsletter on our website www.krakmasaz.pl, hereinafter referred to as "Website" regardless of whether you provided it as a User, Company or as a representative of the Partner or company. At the same time, personal data are only those data which concern natural persons and which enable their identification, e.g. name, address or e-mail address.

4. We process data primarily for purposes related to the implementation of an order or newsletter service so that you can keep up to date information about offers, activities and events.

5. The use of the above forms is at the same time the consent to the processing of personal data provided.

6. The administrator of the user's personal data is Natalia Rączka with its registered office in Modlnica at ul. Bukowa 2/2. NIP 6831975285 REGON 123170178.

7. In all matters related to the processing of your personal data, you can contact administrator - by sending an email to the following address: admin@krakmasaz.pl, or in writing, by post to the following address: ul. Bukowa 2/2, 32-085 Modlnica. At the same time, we suggest e-mail contact. Thanks to this, you will get an answer to your question faster.

8. Personal data is stored electronically in the system to a limited extent in the mailing applications - MailerLite (https://www.mailerlite.com). Data on each of the mentioned platforms are properly secured by SSL protocol, ensuring transmission security, covered by mechanisms ensuring data availability with the possibility of restoring a backup in the event of a physical or technical incident. Using this approach reduces the risk of information being captured and misused by third parties.

9. Your data will be processed no longer than it is necessary for the purpose of processing, and after that time will be stored in a minimal, archived form as long as the law provides.

10. If we process your email address in relation to the newsletter sending, we do so until you withdraw your consent to send the newsletter and for the period from the withdrawal of consent, until the day when you will not be able to claim from us in connection with the newsletter, including particularly in connection with the transmission of unsolicited commercial information.

11. Right to confirm processing - you have the right to obtain confirmation from us whether your personal data is being processed, and if this is the case, you are entitled to access the data and obtain information about the processing of your data.

12. Right to rectification - you can request us to rectify your personal data immediately if you believe that they are incorrect or not up to date. You can also ask us to supplement, if you think that your data is, due to the purpose in which we process the data, incomplete.

13. The right to delete your personal data - this means that you can request removal of your personal data from us and we will delete the data immediately if:
a) personal data is no longer necessary for the purposes for which we have the right to process it,
b) if we process data on the basis of your consent and you have withdrawn your consent,
c) you objected to the processing of data by us (see item 6 below),
d) despite the fact that we strive to protect your data properly and process it in accordance with applicable laws, they are processed unlawfully,
e) the compulsion to delete the data results from the purpose of complying with the legal obligation provided for in European Union law or the law of the Republic of Poland
f) personal data were collected in connection with offering information society services to persons under 18 years of age

14. The right to demand limitation of data processing - you can request from us limitations of processing your data if:

a) you question the accuracy of personal data - for a period allowing us to check the correctness of this data,

b) the processing of your data is unlawful in your assessment, but you are opposed to removing it, demanding instead to limit their use,

c) we no longer need personal data for processing, but you need it to establish, investigate or defend claims,

d) You objected to the processing of data by us - until we find out whether the legitimate grounds on our side override the grounds for your objection.

15. Right to data transfer - you may request us to send, in a structured, commonly used computer-readable format, your personal data that you have previously provided to us. You can send this data to another administrator and also ask us, if technically possible, to send data directly to another administrator. You have the right to transfer data only in relation to the data which we process on the basis of an agreement with you or on the basis of your consent.

16. The right to lodge a complaint to the body - you have the right to file a complaint about our actions or omissions to the supervisory body which is the President of the Office for Personal Data Protection.

17. Profiling - the only nature of profiling that can take place on our sites, takes place while monitoring the activities of users through cookies from sites such as Google Analytics, Facebook, Instagram, Twitter which we use to embed content on our sites. The Google Adwords mechanism can also, to a certain extent, build user profiles, for example by determining age group, place of residence, geographic location, etc. These data are not used and processed by us in any way, and are statistics of website visits or responses to sponsored content in Google search engine and online advertising. Because we do not make any decisions on this basis and we do not undertake personal characteristics assessment on this basis, and you agree to the use of cookies separately, there is no profiling process that requires separate consent.

18. Natalia Rączka, as the entity running the Website, cares about the protection of privacy and personal data provided by Website Users.
In the interest of security of data entrusted to us and in accordance with the objectives of GDPR, we have developed and implemented an internal policy of personal data security, which defines the application of appropriate technical and organizational measures to protect the rights and freedoms of data subjects. This policy implies limiting the storage of data and processing it in a way that ensures adequate and adequate security, including protection against unauthorized access, illegal processing, ensuring the integrity and confidentiality of data, in particular accidental data loss, destruction or damage, using appropriate technical or organizational measures. We control and constantly check compliance with the relevant legal acts - the Personal Data Protection Act, the Electronic Services Provision Act, as well as all types of executive acts and Community legislation. An element of our security policy is also the introduction of periodic audits in the scope of the period of use of personal data and the notification system that enable keeping the declared date of use or data storage.

19. The internal security policy that we apply and which we have included in a non-public internal document confirming compliance with GDPR requirements in this respect is also directly related to the risk analysis, which was also formalized as a separate document to ensure compliance with the law and due diligence in relation to our internal procedures. The internal security policy is in the understanding of GDPR our approved code of conduct, referred to in art. 40 and 42. Regulations.

#5 User's consent

Personal Data are processed on the basis of the consent expressed by the User and in cases where the law authorizes the Administrator to process personal data on the basis of law or to implement the contract concluded between the parties.

#6 Ways of obtaining data

The website performs the functions of obtaining information about users and their behaviors in the following way:

through information entered voluntarily in contact forms
by collecting "cookie" files - see the "cookie" policy.
The website collects information voluntarily provided by the user

#7 The purpose of data processing

The data provided in the contact forms are processed for the purposes resulting from the function of a specific form, e.g. to carry out the process of handling an information contact.

#8 Use of personal data

Personal data left on the site will not be sold or made available to third parties, in accordance with the provisions of the Act on the Protection of Personal Data.

#9 Access to personal data

The data contained in the form may be viewed by the natural person who placed it there. This person also has the right to modify and cease processing of his data at any time.

#10 Changes to the website's privacy policy

We reserve the right to change the privacy policy of the website, which may be affected by the development of Internet technology, possible changes in the law in the field of personal data protection and the development of our website. We will inform you about any changes in a visible and understandable way.

#11 Links to Other Websites

This site may provide links to other websites as a service to you. This privacy statement does not apply to those sites. You should check the privacy statement and other legal documents posted on each relevant site.

#12 Final Provisions

In matters not covered by the above provisions, the provisions of the Act on the Protection of Personal Data (Journal of Laws of 2016, item 922) and any acts introducing changes to the Act on the Protection of Personal Data (Journal of Laws of 2016, item 922) shall apply. .