PL

PRIVACY POLICY

I. General information

  1. This document sets out the privacy policies on the website https://azceos.com
  2. The data administrator is Azceos Zagrajek S.K.A., Ul. Zakliki z Mydlnik 14A, 30-198 Kraków, NIP: 5213697878, REGON: 361626458, KRS: 0001152803, Contact details: ul. Zakliki z Mydlnik 14A, 30-198 Kraków, biuro@azceos.com

 

II. Personal data

  1. Personal data collected by the Administrator are processed on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter GDPR), the current Act on the protection of personal data and the Act of 18 July 2002 on the provision of services by electronic means (Journal of Laws 2002, No. 144, item 1204, as amended).
  2. In addition, the Administrator may save information about connection parameters such as IP addresses for technical purposes related to server administration and to collect general statistical demographic information (e.g. about the region from which the connection is made), as well as for security purposes.
  3. The Administrator makes special efforts to protect the privacy and information provided to him by the Website Users. The Administrator carefully selects and applies appropriate technical measures, including those of a programming and organizational nature, to ensure the protection of the processed data, in particular, it protects the data against disclosure to unauthorized persons, disclosure, loss and destruction, unauthorized modification, as well as against their processing in violation of applicable law.
  4. Personal data will be processed in accordance with the principles of Art. 5 (GDPR). Personal data will be:
    a) processed lawfully, fairly and in a transparent manner for the data subject (“lawfulness, reliability and transparency”)
    b) collected for specific, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not recognized under Art. 89 section 1 GDPR as incompatible with the original purposes („purpose limitation”)
    c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”)
    d) correct and updated where necessary („correctness”)
    e) kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed; personal data may be stored for a longer period provided that they are processed solely for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 section 1 GDPR, provided that appropriate technical and organizational measures required under this Regulation are implemented to protect the rights and freedoms of data subjects („storage restriction”)
    f) processed in a way that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures („integrity and confidentiality”).
  5. As part of the Administrator’s use of tools supporting its current operations provided, for example, by Google, the Customer’s Personal Data may be transferred to a country outside the European Economic Area (EEA), in particular to the United States of America (USA) or another country in which an entity cooperating with it maintains tools for the processing of Personal Data in cooperation with the Administrator.
  6. Whenever we transfer your personal data outside the EEA, we assign it a similar level of protection (that it would receive in the EEA), ensuring that at least one of the following safeguards is implemented:
    a) We will only transfer your personal data to countries, territories or sectors within a country that have been recognized by the European Commission as providing an adequate level of protection for personal data.
    b) The transfer is subject to legally binding and enforceable obligations of the recipient to protect personal data (e.g. through the use of standard contractual clauses approved by the European Commission).
    c) The transfer is subject to binding corporate rules.
    d) The transfer is based on a derogation from restrictions on the transfer of personal data outside the EEA (e.g. if you consent, the transfer is necessary for the performance of a contract with you or the transfer is necessary for the establishment, exercise or defense of legal claims).

 

III. Legal basis

  1. Providing personal data is voluntary. Personal data collected via contact forms include information such as: name and surname, contact telephone number, e-mail address and are used to identify customers, establish business contact with them, present an offer or conduct commercial negotiations with the customer, possibly sign and implement a contract and recruitment purposes.
  2. Personal data collected on the website https://azceos.com/ are processed primarily on the basis of the person’s consent (Article 6(1)(a) of the GDPR), as well as on the basis of Art. 6 section 1 letter b) GDPR, i.e. their processing is necessary to perform the contract to which the data subject is a party or to take action at the request of the data subject before concluding the contract.
  3. After expressing separate consent, pursuant to Art. 6 section 1 letter a) GDPR, data may also be processed for the purpose of sending commercial information electronically or making telephone calls for direct marketing purposes – in connection with Art. 10 section 2 of the Act of July 18, 2002 on the provision of electronic services or Art. 172 section 1 of the Act of July 16, 2004 – Telecommunications Law.
  4. For other purposes, the Customer’s personal data may be processed on the basis of:
    a) applicable legal provisions – when processing is necessary to fulfill the legal obligation imposed on the Administrator, e.g. when the Administrator settles concluded sales contracts based on tax or accounting regulations (Article 6(1)(c) of the GDPR)
    b) necessity for purposes other than those mentioned above resulting from legitimate interests pursued by the Administrator or by a third party, in particular to establish, pursue or defend claims, conduct correspondence with Customers, also via contact forms (including responding to Customers’ messages), market and statistical analyzes (Article 6(1)(f) of the GDPR)
  5. Personal data processed for the purposes covered by the declaration of consent will be processed until the consent is withdrawn. Personal data processed for purposes related to the execution of orders will be processed for the period necessary to complete the order, after which the data subject to archiving will be stored for the period appropriate for the limitation of claims.

 

IV. Recipients of personal data

  1. The recipients of the Buyer’s data may be entities that carry out the order at the request of the Administrator and handle it: shipping companies, accounting companies, suppliers of goods, providers of IT solutions, payment processing companies, banks, companies providing marketing services, telecommunications service providers, law firms, authorized state authorities.
  2. We do not allow third-party providers to use your personal data for their own purposes and only allow them to process your personal data for specified purposes and in accordance with our instructions.

 

V. Your rights in the protection of personal data

  1. Due to the voluntary nature of providing your personal data, you have the right:
    a) access to your personal data (Article 15 of the GDPR)
    b) rectification of your personal data (Article 16 of the GDPR)
    c) deletion of your personal data („right to be forgotten” – Article 17 of the GDPR)
    d) restricting the processing of your personal data (Article 18 of the GDPR)
    e) transfer your personal data (Article 20 of the GDPR)
    f) to object – art. 21 GDPR)
  2. If you find that the processing of personal data violates the provisions of the GDPR, you have the right to lodge a complaint with the President of the Personal Data Protection Office.
  3. Consent to the processing of personal data may be withdrawn at any time. Withdrawal of consent to data processing does not affect the lawfulness of data processing carried out by the Administrator on the basis of consent before its withdrawal.

 

November 25, 2024

The Administrator reserves the right to change this privacy policy