POLICY PRIVACY OF THE WEBSITE WWW.INCOLA.COM.PL
This Policy Privacy defines the principles of processing and protection of personal data provided by Users in connection with their use of the website www.incola.com.pl (hereinafter referred to as the ‘Website’).
- The Controller of the personal data (hereinafter referred to as the ‘Controller’) contained in the Website is:
- GFS Poland spółka z ograniczoną odpowiedzialnością (a limited liability company) with its registered office in Bielsko-Biała at Komorowicka 110, 43-300. KRS (NCR): 0000641133, NIP (Tax Identification Number): 9542769813, REGON: 365629258.
- Contact details:
- Biuro/Office +48 33 333 90 92
- e-mail: biuro@gfsp.pl
- To ensure the security of the data entrusted to it, the Controller has developed internal procedures and recommendations to prevent data from being made available to unauthorised persons. Their performance is subject to inspection and their compliance with the relevant legal acts currently in force – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union L 119, case 1), national provisions, such as the Personal Data Protection Act, the Act on Provision of Electronic Services, as well as any type of implementing acts and other community legislation.
- The personal data is being processed based on the User’s explicit consent and in the cases when legal provisions authorise the Controller to process personal data.
- The Website performs functions of obtaining information about users and their behaviour in the following ways:
- through information provided by users electronically regarding order performance,
- through voluntarily entered data in the contact and complaint forms,
- through collection of cookies [see cookies policy].
- The website collects information voluntarily provided by the user.
- The controller shall inform the user about the processing of his or her data, when obtaining data from the user, and about a planned change in the purpose of the processing.
- Personal data such as: the User’s full name, address, payment data, as well as telephone number and e-mail address are collected for the purposes of order performance.
- Data provided in the form by the User are processed for the purpose resulting from the function of a particular form, e.g. in order to carry out the information contact process, handle complaints or use the newsletter function.
- The personal data provided by the User may be processed for marketing purposes under a separate consent.
- Users’ personal data are forwarded to third parties only if it is lawful to do so, including for the purpose of order processing or billing, and for marketing purposes. They are forwarded with the user’s express, prior and separate consent.
- The Controller cannot make order fulfilment conditional upon the User’s consent to the processing of data for marketing purposes.
- Users’ personal data may be forwarded to the following service contractors of GFS Poland sp. z o.o. for the purposes:
- of marketing by FreshMail Sp. z o.o.
- of marketing by Pitted Cherries Radowicz&Jaroszyński
- of hosting services by Home.pl S.A.
- of hosting services by Cyberfolks S.A
As well as other operators providing tax services (accounting services), IT and courier services.
In the future, other operators that may replace current service providers will process personal data made available to the controller in a specific scope.
- Operators cooperating with GFS Poland sp. z o.o. receive only the necessary personal data to complete orders as well as for marketing purposes in the case of a separate user consent.
- User’s personal data are transmitted securely using encryption.
- Personal data left on the website cannot be sold in accordance with the provisions of the Act on the protection of personal data.
- Personal data collected for the purpose of order fulfilment or collected through an inquiry in the contact form will be collected and processed until an objection or withdrawal of consent for processing is received from the data subject and if the data were processed illegally or the need to remove them results from legal obligations.
- If the data subject to erasure have been made public by the Controller, the Controller shall make reasonable efforts, including technical measures, to inform other controllers processing these personal data about the need to erase the data and prevent access to them.
- The user shall have the right to obtain information free of charge on the personal data being processed. The user shall also have the right to rectify, block, request transfer of collected data to another controller and request to cease processing their data at any time through their erasure. To this end, you should use the contact data provided or the contact form available on the Website.
- The controller shall complete and update the data upon the user’s request. The controller shall have the right to refuse the completion of data, if such completion would not be in line with the purposes of data processing (e.g. the Controller does not need to process data which are unnecessary). The Controller may rely on the data subject’s statement regarding the data being updated, unless it is insufficient in the light of the procedures adopted by the Controller (such as procedures for collecting such data), the law or if grounds exist to consider the statement unreliable.
- Upon the User’s request regarding access to their data, the Controller notifies the User whether or not that User’s data are processed and provides the details of processing, in accordance with Art. 15 of the GDPR (the scope corresponds to the information obligation when collecting data), and also grants the user access to the data concerning the User.
- The Controller shall limit data processing upon the User’s request when:
- The User questions the accuracy of the data – for a period sufficient to verify their accuracy,
- The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead,
- The Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims,
- The User lodged an objection to the processing for reasons related to User’s specific situation – until it is determined whether the Controller has legally justified grounds overriding the grounds for objection.
- When processing is restricted, the Controller shall store the data but shall not process it (shall not use it, shall not forward it) without the consent of the data subject, unless in order to establish, investigate or defend claims, or to protect the rights of another natural or legal person or due to important public interest considerations.
- If the User does not consent to the processing or use of their personal data in accordance with these provisions, the User has the right to object by e-mail, telephone or using the form provided on the website.
- The Controller undertakes to notify the User without undue delay of any violation of security of personal data processed by the Controller, if the violation may cause a high risk of breaching the rights or freedoms of a natural person.
- The Controller shall keep the processing of personal data to a minimum, in terms of:
- data adequate for purposes (amount of data and scope of processing),
- data access,
- data storage period.
- The Controller reserves the right to amend the Website’s privacy policy. The Controller will notify users of any changes.
- The incola.com.pl Website and other systems are protected by current technical and organisational measures against loss, destruction, access, modification or dissemination of user data by unauthorised persons.
- The website may contain links to other websites. Such websites operate independently of the Website and are not supervised by the website in any way. These websites may have their own privacy policies and regulations.
- The User shall have the right to lodge a complaint with the supervisory body in connection with illegal processing of their personal data.
If you have any doubts concerning any of the provisions of this policy, please feel free to contact us through the contact form available on the website, which can be found in the CONTACT section, or using the contact data provided above.
Cookies policy of INCOLA.COM.PL website
- Cookies are text files that are stored on the website user’s end device.
- The Website does not automatically collect any information, except for information contained in cookies.
- The website operator places cookies on the user’s end device and has permanent access to them.
- The content of cookies prevents identification of the website user.
- Personal data of the website users are not processed or stored using cookies.
- The website administrator uses cookies in order to:
– adjust the content of the website to the individual preferences of the user,
– prepare statistics to understand users’ preferences and behaviours, analysis of these statistics is anonymous and enables the content and appearance of the website to be adjusted to the prevailing trends. Statistics are also used to assess the popularity of the website. - The Website uses the following types of cookies:
– Session files are stored until the user leaves the website.
– Permanent files are stored on the user’s end device until they are deleted by the user or automatically deleted over time. - The website user may request information about placing cookies in their device.Changes of settings in the user’s web browser regarding cookies may limit access to some of the functions of the website.
The policy is verified on an on-going basis and updated if necessary.
The current version of the Policy has been accepted and is valid as of 8 December 2022.
The previous version is available here – Privacy and cookies policy (here)