Privacy Policy

§ 1 General provisions

1. this Privacy Policy sets out the principles for the processing of personal data collected through the Online Store https://hurtowniagalanter.pl/.

(2) The use of the Online Store website is carried out using a secure SSL protocol, which increases the protection of data transmission over the Internet.

(3) In order to ensure the integrity and confidentiality of data, the Administrator has implemented procedures that allow access to data only to authorized persons and only to the extent that it is necessary due to the tasks they perform. The Administrator uses organizational and technical solutions to ensure that all operations on personal data are recorded and performed only by authorized persons.

§ 2 Personal data administrator

(1) The administrator of personal data is Adam Borzym conducting business under the name of DIVINO Group - Adam Borzym, registered in the Central Register and Information on Business Activity conducted by the minister responsible for economy, permanent place of business address: 55/1U Grafitowa Street, 72-006 Mierzyn. NIP: 851-288-51-29, REGON: 320841826.

(2) The Data Administrator can be contacted at the following email address: kontakt@hurtowniagalanter.pl and in writing to: DIVINO Group - Adam Borzym, 55/1U Graphite Street, 72-006 Mierzyn.

§ 3 Objectives, legal basis and data retention period

(1) Purposes, legal basis and retention period of personal data:

1. in order to provide the Newsletter service, based on the person's consent (legal basis: Article 6(1)(a) RODO), until the withdrawal of the expressed consent,

2. for the purpose of providing the Account service (legal basis: Article 6(1)(b) RODO), for the time necessary to execute the agreement, and thereafter for the period corresponding to the period of limitation of claims,

3. in order to conclude and execute sales contracts, (legal basis: Article 6(1)(b) RODO), for the time necessary to execute the contract, and thereafter for the period corresponding to the period of the statute of limitations for claims,

4. in order to fulfill tax obligations arising from tax regulations (legal basis: Article 6(1)(c) RODO), for the period of their retention specified by tax regulations,

5. in order to fulfill accounting obligations under the Accounting Act (legal basis: Article 6(1)(c) RODO), for the period of their storage specified by accounting regulations,

6. in order to assert or defend against claims, which is a legitimate interest of the controller, (legal basis: Article 6(1)(f) RODO), for a period corresponding to the period of limitation of claims.

(2) The data controller may process the following personal data:

1. in order to provide the Newsletter service, the email address is processed,

2. in order to provide the Account service, the email address, first name, last name are processed,

3. in order to conclude and perform a sales contract, first name, last name, delivery address, telephone number, e-mail address, Tax ID, Entrepreneur's name, bank account number is processed,

4. in order to fulfill tax obligations, the first name, last name, mailing address, Tax Identification Number, name of the Entrepreneur, bank account number is processed,

5. for the purpose of fulfilling accounting obligations, the first name, last name, mailing address, NIP, name of the Entrepreneur, bank account number is processed,

6. in order to assert or defend against claims, the name, surname, correspondence address, telephone number, e-mail address is processed.

§ 4 Recipients of data

(1) The Administrator shall not share Customers' personal data with other entities, except:

1. courier companies executing shipments on behalf of the Administrator,

2. banks in case of necessity of conducting settlements,

3. entity handling electronic payments, payment cards,

4. authorized state authorities, in particular the Police, the Prosecutor's Office, the President of the Office for Personal Data Protection, the President of the Office for Competition and Consumer Protection.

(2) In addition, the Customers' personal data may be disclosed to entities processing on behalf of and by order of the Administrator, on the basis of a contract of entrustment of personal data processing, in order to provide the services specified in the contract to the Administrator, such as the Internet Store software provider, hosting service provider.

§ 5 Rights of data subjects

(1) Every data subject has the right:

1. to access their personal data (Article 15 RODO),

2. To receive a copy of the data (Article 15(3) RODO),

3. to rectification (Article 16 RODO),

4. to erasure of data (Article 17 RODO),

5. to restrict data processing (Article 18 RODO) - to request restriction of data processing when:

• the data subject questions the accuracy of the personal data - for a period of time that allows the Administrator to verify the accuracy of the data,

• the processing is unlawful, and the data subject objects to the erasure of the data, requesting restriction of its use,

• the Administrator no longer needs the data, but the data are needed by the data subject to establish, assert or defend claims,

• the data subject has objected to the processing - until it is determined whether the legitimate grounds on the part of the Controller override the grounds of the data subject's objection,

6. to data portability - to receive in a structured, commonly used machine-readable format the personal data concerning him or her that he or she has provided to the Controller, and to request that the data be sent to another controller, if the data is processed on the basis of the data subject's consent or a contract with him or her, and if the data is processed by automated means (Article 20 RODO),

7. to object - to object to the processing of his or her personal data for the legitimate purposes of the controller, on grounds related to his or her particular situation, including profiling (Article 21 RODO),

8. to withdraw consent at any time and without stating a reason in the case where the person has consented to the processing of personal data. Withdrawal of consent will not affect the lawfulness of the processing that was carried out on the basis of the consent given before its withdrawal.

(2) In order to exercise the aforementioned rights, the data subject should contact the Data Controller and inform the Data Controller which right (e.g. right to obtain a copy of the data, right to erasure, etc.) to what extent (e.g. use of a specific service in the Store) he/she wishes to exercise. A request for the exercise of data subjects' rights can be submitted via e-mail: kontakt@hurtowniagalanter.pl and in writing to: DIVINO Group - Adam Borzym, 55/1U Graphite Street, 72-006 Mierzyn.

(3) If, upon receipt of the request, the Data Controller is unable to determine the content of the request or identify the requester based on the notification made, the Data Controller will request additional information from the requester.

(4) The request will be answered within one month from the date of receipt. If it is necessary to extend this deadline, the Administrator will inform the requesting person of the reasons for such extension. The response will be provided to the e-mail address from which the request was sent, and in the case of requests sent in writing, the response will be sent by registered mail to the address indicated by the person submitting the request, unless the content of the request indicates a desire to receive feedback to the e-mail address.

§ 6 Right to lodge a complaint to the Supervisory Authority

The data subject has the right to lodge a complaint to the supervisory authority in charge of personal data protection, which in Poland is the President of the Office for Personal Data Protection with its seat in Warsaw, 2 Stawki Street, 00-193 Warsaw. Contact with the President of the Office for Personal Data Protection is possible:

1. by mail: the Office of the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw,

2. by electronic mailbox available on the website: https://www.uodo.gov.pl/pl/p/kontakt

3. by telephone (the Office's hotline): 606 950 000.

§ 7 Information on the requirement/voluntariness of providing data

Provision of data is voluntary, but in some cases it may be necessary. The necessity to provide data occurs in the following cases:

1. conclusion of a distance sales contract. Failure to provide personal data necessary for the conclusion and performance of the contract will result in the inability to conclude such a contract,

2. registration of an Account. In order to register an Account, it is necessary to provide data to the extent indicated in the registration form. Failure to provide this data will prevent the registration of the Account,

3. due to the statutory obligations of the Administrator. Such obligation is the processing of personal data in order to fulfill tax obligations and in connection with the maintenance of accounting records. Failure to provide the data will result in failure to fulfill the above obligations.

§ 8 Cookies

(1) The online store uses the mechanism of cookies. Cookies are small text files that are saved by the ICT system in the User's ICT system (on a computer, phone, tablet) while browsing the Online Store and allow for subsequent identification of the User in case of reconnection with the Store's website from the device (e.g. computer, phone, tablet) on which they were saved. These files are intended to ensure proper operation of the Store.

(2) The online store uses cookie files:

1. session cookies - are stored on the User's device and remain there until the session of a given browser ends. The stored information is then permanently deleted from the device's memory. The mechanism of session cookies does not allow to download any data or any confidential information from the User's device,

2. permanent cookies - are stored on the User's device and remain there until they are deleted. Ending the session of a particular browser or switching off the device does not delete them from the User's device. The mechanism of persistent cookies does not allow to download any data or any confidential information from the User's device.

(3) The website uses the following types of cookies:

Necessary cookies (1)

Essential cookies contribute to the usability of the website by enabling basic functions such as website navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Preference cookies (1)

Statistical cookies (3)

Statistical cookies help the Website Administrator understand how users behave on the website by collecting and reporting anonymous information.

Unclassified cookies (1)

Cookies that we classify with the providers of each cookie.

4. cookies used in the Store are not harmful either to the user or to the computer/end device used by the user, so we recommend that you do not disable them in your web browser settings. The mechanism of cookies can be disabled at any time by changing the settings of your web browser, but disabling cookies may prevent the proper use of the website of the Online Store. If you use this option, the use of the Store will be possible, except for functions that by their nature require cookies. Detailed information on the possibility and methods of handling cookies is available in the browsers in the help section of the respective web browser used by the user.

§ 9 Social plug-ins

The Website uses social plug-ins such as Facebook to promote and develop products. The Facebook plug-in is available under the "Facebook Logo" logo. When using this Website, clicking on the "Facebook Logo" causes a direct connection between the User's browser and the Facebook server. The use of this Site and the use of the Service Provider's Fanpage may possibly be observed by Facebook, if the User has a Facebook account. Within the Fanpage, the Service Provider offers various social features through which Users can interact with other Users, post and comment on our Fanpage. More information is available in Facebook's Privacy Policy.