Personal Data Administrator (“Administrator”) – means a natural person or a legal entity, public authority, agency or other entity that, alone or jointly, determines the purposes and means of processing personal data with others.
Personal Data Processor (“Processor”) is the entity that processes Customer data at the request of the Administrator Detailed rules of processing are each time described in the Agreement for entrusting the processing of Personal Data concluded between the Processor and the Administrator.
Personal data: all information about an identified or identifiable natural person through one or more specific factors determining the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person, including the device’s IP number, location data, internet identifier and information collected via cookies and other similar technology. </ span>
Recipient means a natural or legal person, public authority, entity or other an entity to which personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the course of a specific proceeding under Union or Member State law are not considered recipients; the processing of these data by those public authorities must comply with the applicable data protection rules according to the purposes of the processing;
Person authorized to process personal data – a person with a personal authorization issued by the Data Administrator (in accordance with Article 29 of the GDPR), specifying the name and surname of the authorized person, the date of granting and termination and the scope of authorization to process personal data, as well as an individual identifier, if the data will be processed in the IT system. This person is obliged to submit a written declaration of keeping the processed data secret and the security measures applied these data.
Profiling means any form of automated processing of personal data that involves the use of personal data to evaluate certain personal factors of a natural person, in particular to analyze or forecast aspects relating to the effects of work of that natural person, his economic situation, health, personal preferences, interests, reliability, behavior, location or movement;
Processing means an operation or set of operations performed on personal data or data sets personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or otherwise sharing, adjusting or combining, limiting, deleting or destroying; < / span>
GDPR: Regulation of the European Parliament and of the Council (EU) 2016/679 of
on April 7, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC. The legal act has been in force since May 25, 2018.
Customer is an individual who has completeda 18 years old and has full legal capacity, or a legal person or organizational unit with legal capacity.
Order within the meaning of this document, is a legal act performed using the Website Internet, during which the Customer expresses his will to purchase the ordered products and services in accordance with their description and the price received from the Data Administrator.
Consent of the data subject means voluntary, specific, informed < / span>
and an unambiguous demonstration of the will to which the data subject is concerned, in the form of a statement or clear affirmative action ( filling out the contact form, sending a question to the Administrator’s e-mail address), allows for the processing of personal data concerning her.
2. The purposes for which personal data are processed in connection with the use of the website.
– Handling an order placed via the contact form on the Website or sent via e-mail of the Data Administrator for the purpose of purchase goods and services rendered.
– For the purpose of marketing products and services provided by the Data Administrator.
– For Marketing purposes of the Website
Please be advised that:
1. Personal data in the CrisTap company are processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / WE, called the GDPR.
2. The administrator of personal data collected via the Website https://cristap.pl/ , i.e. the entity deciding how your personal data will be processed is CrisTap Iwona Musiał based in Wejherowo at ul. Budowlanych 7; 84-200 Wejherowo. Contact with the Data Administrator is possible at via address e-mail: firstname.lastname@example.org , by phone: (58) 677 52 39, the Data Administrator is responsible for the security of the obtained personal data and its processing in accordance with the law.
3. The administrator processes personal data for the purpose of:
a) fulfillment of legal obligations incumbent on the Administrator in accordance with art. 6 sec. 1 letter c of the GDPR;
b) pursuing claims resulting from the concluded contract in accordance with art. 6 sec. 1 lit. f GDPR;
c) answer questions asked via e-mail address
and the contact telephone number available on the Company’s website, pursuant to 6 sec. 1 lit. f GDPR.
d) Each time the purpose and scope of data processed by the Administrator results from the consent of the Website user or legal regulations and clarified are as a result of actions taken by the user on the Website.
e) The administrator may process the following personal data in order to answer questions asked via the e-mail address, contact form or contact phone available on the company’s website https://cristap.pl/kontakt/ :
– name and surname,
– e-mail address,
– other data provided voluntarily by the user, e.g. phone number
to expedite contact or order fulfillment.
f) Provision of the data indicated above in sub-item e) is voluntary, but necessary to answer the question asked, the order placed, or the application or complaint submitted. The consequence of not providing the required personal data will be the inability to provide the user with an answer.
4. The period of personal data processing
The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. The administrator has the right to process personal data for the period necessary to handle the inquiry, fulfill the order, consider the case, and after this period for the period of limitation of any claims. Depending on the legal basis, it will be:
• time needed to prepare the answer,
• duration of legal obligations and the time when legal provisions require data to be stored, e.g. archiving regulations , tax, billing, etc.,
• time limit for legal claims, e.g. from the contract or the complaint.
The data processing period may be extended if the processing is necessary for the establishment, investigation or defense against possible claims, and after this period, only if and to the extent that it will be required by law, e.g. settlement and financial. After the expiry of the processing period, the data is irreversibly deleted or anonymized.
5. Recipients of personal data
a) Directory of recipients of personal data processed by the Data Administrator results primarily from the scope of services used by the user, but also from the law.
b) Subject to all data security guarantees, the Administrator may transfer the user’s personal data – except to persons authorized by Data administrator – other entities, including:
entities processing data on behalf of the Administrator, e.g. IT and technical service providers and legal service providers, financial and accounting, advisory services based on contracts for entrusting the processing of personal data, maintaining an appropriate level of security of the data provided; other administrators, such as correspondence providers, shipping or courier companies. </span >
c) We also inform you that the Data Administrator does not transfer personal data processed in its files to third countries, or any international organizations.
6. Permissions related to the processing of personal data
Data subjects are entitled to the following rights:
a) the right to information about the processing of personal data – on this basis the person making the request, the Administrator provides information on the processing of their data, including information on the purposes and legal grounds for processing, the scope of the data held, entities to which they are disclosed and the planned date of data deletion;
b) the right to obtain a copy of the data – on this basis, the Administrator provides a copy processed data relating to the person submitting the request;
c) the right to rectify – The administrator is obliged to remove any discrepancies or errors in the processing of personal data and to supplement them if they are incomplete or out of date;
d) right to delete data – on this basis, you can request deletion data the processing of which is no longer necessary to achieve any of the purposes for which they were collected;
e) the right to limit processing – if such a request is made Administrator ceases to perform operations on personal data – except for operations for which the person consented the data subject – and their storage, in accordance with the adopted retention rules or until the reasons for limiting data processing have ceased to exist (e.g. the claim or complaint procedure is completed);
f) right to data portability – on this basis – to the extent in which the data is processed in connection with the concluded contract or consent – the Administrator issues the data provided by the data subject in a format that can be read by a computer. It is also possible to request that this data be sent to another entity – provided, however, that there are technical possibilities in this regard, both on the part of the Administrator and another indicated entity;
g) the right to object to data processing for marketing purposes – person, the data subject may at any time object to the processing of personal data for marketing purposes, without the need to justify such objection;
h) the right to withdraw consent – if the data is processed on the basis of the expressed consent, the data subject has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before the consent was withdrawn.
i) right to file a complaint – in case of reasonable suspicion that the processing personal data violates the provisions on the protection of personal data, the data subject may submit a complaint to the President of the Personal Data Protection Office.
. 6 rights please contact
with the Data Administrator via e-mail address: email@example.com or tel./fax (58) 677 52 39
7. Security of personal data
Technical and organizational measures securing personal data processed by the Data Administrator were selected in accordance with art. 32 and 35 GDPR.
The administrator conducts analyzes on an ongoing basisę risk in order to ensure that personal data are processed by him in a safe manner, ensuring, above all, that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks performed by them. The administrator makes sure that all operations on personal data are recorded and performed only by authorized and authorized employees and associates.
The administrator takes all necessary steps to ensure that his subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process personal data on behalf of the Administrator.
a) The policy is verified on an ongoing basis and, if necessary, updated. The current version of the Policy has been adopted and is effective from January 2, 2020.
II. COOKIES POLICY
1. The Data Administrator collects information obtained automatically – system logs (so-called event logs), containing, in particular, public IP addresses of users visiting the Website and using the services provided
as part of the Website. System logs are used by the Administrator for statistical purposes. Collective summaries in the form of statistics do not contain any features that identify users visiting the Website.
on the user’s end device and used to access the pages of the Website.
4.1. creating analyzes, reports and statistics on the way users use the Website pages,
4.2. adjusting the content of the Website to the user’s preferences and optimizing the use of the Website,
5. By means of the cookie technology, only anonymous statistical data is collected
about users. The information obtained through cookies is not assigned to a specific person and does not allow him to be identified.
6. When visiting the Website, at least one cookie is sent to the user’s end device in order to uniquely identify the browser. Information sent by the browser uare automatically registered by the Website.
7. Cookies may also be placed and used by IT partners cooperating with the Administrator.
8. The Website may contain links to other websites, buttons, tools or content pointing to the services of other companies or institutions. The use of these applications or links may result in the transmission of information about users to designated external entities.
9. Cookies, information stored by them and access to this information does not change the configuration of the end device or the software installed on this device.
11. If the user does not change the default settings of the web browser regarding cookies, these files will be placed on the end device and will be used in accordance with the rules set by the provider of the web browser.
12. Information on cookie management in individual browsers – including in particular blocking instructions receiving cookies – can be found on pages dedicated to individual browsers:
1. Chrome: http://support.google.com/chrome/bin/answer. py? hl = en & amp; answer = 95647
2. Firefox: http://support.mozilla.org/en/kb/ciasteczka
3. Internet Explorer: https://support.microsoft.com/en -pl / help / 17442 / windows-internet-explorer-delete-manage-cookies
4. Opera: http://help.opera.com/Linux/12.10/en/cookies.html</a >
5. Safari: https://support.apple.com/en-gb/HT201265
Users who, after reading the information available on the Website, do not want cookies to remain in the device’s web browser, should remove them from their browser after completing their visit to the Website.