I. General information
3. The Controller of personal data of the Customers is the Service Provider which collects and processes such data.
II. Collected data
A. General information
1. The Customer may browse the Web Portal without having to provide personal data or without having to register, subject to the provisions of letter C below [Automatically collected data].
2. The Customer who has given consent to the processing of its data has the right to withdraw it at any time as well as the right to demand access to its personal data, rectification, erasure of data or to limit the processing, the right to transfer data, object to the processing of data and the right to lodge a complaint with the supervisory authority – The Inspector General for the Protection of Personal Data (GIODO). The above rights also apply in the case of proper data processing by the controller.
B. Non-automatically collected data
1. In accordance with the Terms and Conditions, the condition for placing an Order by the Customer is, among other things, to provide the Customer’s data. Providing the Customer’s data is voluntary, however, failure to provide certain data may prevent the Customer from placing an Order, as the Service Provider will not be able to accept the Order and contact the Customer in order to determine the details of the Order and to conclude and implement the Agreement.
2. The Service Provider and third parties collect the following data of the Customers: name and surname, tax identification number ([NIP] in case of entrepreneurs), e-mail address, contact telephone number, data required for making payment for the Order.
3. The Service Provider collects the data of the Customer in order to conclude an Agreement with the Customer as well as in connection with the performance of the Agreement.
4. Account registration requires the Customer to provide the Login and Password to secure the Account. A unique combination of numbers, letters and characters should be used in the Password.
5. The Login and Password are confidential and should be protected by the Customer against unauthorised use.
6. If the Customer agrees to the processing of its personal data collected non-automatically, the Customer may give such consent and provide such data when placing an Order or creating an account, logging in or during other operations performed by the Customer on the Portal.
C. Automatically collected data
1. During the use of the Web Portal by the Customer, data concerning the Customer is automatically collected. This data includes IP address, domain name, browser type, operating system type, interests, age or gender of the Customer. This data may be collected by cookies, Google Analytics and the Web Beacon system.
2. The cookies referred to in letter C, point 1 are files sent to the Customer’s computer or other device while browsing the Web Portal’s website; whereby:
2.1. Cookies remember the preferences of the Customer which enables, e.g:
a) improving the quality of the Service,
b) improving the search results and accuracy of the Services displayed,
c) creation of viewing statistics,
d) tracking the preferences of the Customer,
e) maintaining the session of the logged in Customer.
2.2. Cookies do not cause any configuration changes in the device or software installed in the Customer’s device.
2.5. The Customer who wants to delete existing cookies should choose the appropriate settings in the web browser used by the Customer or delete cookies manually. The process of removing cookies varies depending on the browser type used by the Customer.
2.6. Limiting, blocking or deleting cookies may cause difficulties in using the Portal and in some cases prevent the use of some of its options.
3. Google Analytics, referred to in letter C point 1, is an Internet analytics system providing insight into the traffic of the Web Portal data and demographic data of the Customers, used for marketing purposes. A Customer who does not agree to the operation of Google Analytics system should block cookies.
4. The Web Beacon referred to in letter C point 1 is a file used to monitor the Customer’s activity on the website or to check the e-mail address of the recipient of the content sent by the Customer via the website when the message containing the Web Beacon file is opened. The Customer who does not agree to the operation of the Web Beacon file should block cookies. As a result of blocking cookies, the Customer will be treated as an anonymous Customer, i.e. one that cannot be assigned any preferences, features, etc.
III. Use of data
1. Based on relevant legal provisions, the processing of personal data provided by the Customer shall be based on legal grounds providing for the admissibility of such processing, in particular in cases where:
1.1. The Customer has voluntarily consented to the processing of its personal data for the given purposes; or
1.2. it is necessary for the conclusion or performance of the agreement with the Customer – this includes the very possibility of using the Portal under the Terms and Conditions as well as the possibility of concluding and performing the Agreements defined in these Terms and Conditions. If the Customer registers on the Portal, the agreement on the use of this Portal authorises the administrator to process the data necessary to ensure that the Customer is able to use this Portal (e.g. the data provided by the Customer at registration); or
1.3. it is necessary for the purposes resulting from legitimate interests pursued by the administrator or by a third party – this applies in particular to purposeful processing to ensure the safety of the Portal’s use, making statistical measurements, improving the functioning of the Portal, marketing and promotion of the Portal’s administrator’s own services.
2. The Customer’s data will be processed only to the extent resulting from the existing legal basis and only during the period of existence of a given basis.
3. The data provided by the Customer is used by the Service Provider to:
a) provide appropriate service to the Customer,
b) carry out the Order, conclude and perform the Agreement,
c) receive and process reservations and inquiries of the Customers,
d) support and implement payment processes,
e) adapt, measure and improve the services of the Web Portal,
f) conduct marketing activities.
4. The Service Provider collecting the data of the Customer in order to use the Portal, place Orders or conclude and perform Agreements, or a third party making payments, may transfer the data of the Customer to other entities providing services for the Portal, for the Customer or an entity participating in the Order/Agreement execution or a complaint processing, to the extent necessary to perform the indicated activities. This means that personal data is entrusted, among others, to couriers, insurers, financial institutions, third parties with whom the Customer concludes agreements for the provision of services under Products other than the Service.
5. If the Customer consents to the processing of its personal data for marketing purposes (by accepting the relevant Clause), the data of the Customer will then be collected and used by the Service Provider.
6. If the Customer consents to the processing of its personal data in order to receive commercial information in the form of e.g. a newsletter, the data of the Customer will then be collected and used by the Service Provider. The Service Provider may entrust the distribution of commercial information to a third party acting on behalf of the Service Provider. The consent of the Customer to the processing of its personal data for the purpose of receiving commercial information means the consent of the Customer to the processing of its personal data for marketing purposes.
7. Automatically collected data may be used to analyse the behaviour of the Customers on the Web Portal, to collect demographic data about the Customers, to personalise the content of the Web Portal and for the purposes indicated in point II.B and II.C above.
8. The data collected through the Customer’s direct contact with an employee/consultant of the Service Provider or the Service Provider, including via the Helpline, by a third party, are used exclusively for the purpose of contacting the Customer and providing assistance to the Customer.
9. The Service Provider reserves the right to collect the IP addresses of the Customers visiting the Web Portal which may be helpful in diagnosing technical problems with the server, creating statistical analyses (e.g. determining the regions from which the Web portal records the highest number of visits). Moreover, they may be useful in administering and improving the Web Portal.
10. The Customer may revoke its consent to receive commercial and marketing information at any time by changing (unchecking) the appropriate selection option in the settings of the Customer’s Account. If the Customer does not have a registered Account, withdrawal of consent may take place by phone by contacting the Helpline.
11. The Service Provider reserves the right to use the services of third parties in the scope of developing statistics on the use of the Web Portal. The Service Provider assures that in such a case no data allowing identification of the Customer will be passed on to such entities.
13. The data will be processed by the Service Provider and third parties to whom they may be entrusted by the Service Provider for processing, with the reservation that the person to whom the data has been transferred for processing may not use them freely, but only for the purposes and to the extent for which the data has been entrusted by the Service Provider. Moreover, the data may be transferred to recipients authorised to receive such data under the provisions of law.
IV. The right of access to personal data
1. The Customer has the right, at any time, to access, complete, update, correct or delete its personal data and demand that the processing be discontinued.
2. Upon acceptance by the Service Provider of the Order and conclusion of the Agreement in this way, the data used to place a given Order or to perform an Agreement based on this Order, including the issuance of an accounting or settlement document, shall not be subject to any changes. Data collected automatically are not subject to change.
3. The Customer may make any changes in the scope of its personal data in writing or electronically after logging in to the Web Portal using the Password and Login. The Service Provider reserves the right to refuse to delete the Customer’s data if it is necessary to keep the data in order to fulfil the claims or if it is required by the applicable law.
V. Protection of personal data
1. The Controller of personal data applies technical and organisational measures necessary to protect the data required by the applicable regulations on personal data protection, in particular, the Controller protects the personal data of the Customers against unauthorised disclosure, loss or damage.
2. The Customer is obliged to protect the Password against disclosure to third parties.
3. The Customer bears sole responsibility and risk related to the disclosure of the Password to third parties (also as a result of inadequate protection of the Password against access by third parties) or enabling them to use its Account in another way.
4. The Customer is obliged to immediately notify the Service Provider of any unauthorised use of the Customer’s Account or of any other breaches of security rules related to the use of the Portal identified by the Customer.
5. Communication between the Customer and the server of the Web Portal is encrypted. Security of data transmission is ensured through the use of SSL transmission protocol. SSL consists in encoding data before sending it from the Customer’s browser and decoding after safe arrival at the Web Portal’s server. Information sent from the Web Portal’s server to the Customer is encoded and then decoded.
VI. Exclusion of liability
(a) circumstances of Force Majeure,
(b) change in the applicable laws applicable to the provision of electronic services or distance transactions,
(c) change in the Web Portal’s offer of services or a change in the Service Provider’s offer published on the Web Portal’s website,