WEBSITE PRIVACY POLICY
www.poznanonion.pl

For ‘POZNAŃ ONION’ SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, protecting the Users’ privacy is of paramount importance. Therefore, we guarantee the highest standards of privacy protection to all Users of www.poznanonion.pl. As a data controller, ‘POZNAŃ ONION’ SPÓŁKA
Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ ensures the security of data provided by the Users.

The Controller’s aim is also to properly inform the Users about the rights and obligations related to personal data processing, particularly with regard to the provisions on the protection of personal data set out in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as ‘GDPR’). Therefore, out of concern for the privacy of the Website Users, the Controller has prepared this document to inform them about the legal grounds for the processing of personal data provided by the Users in connection with their use of the www.poznanonion.pl Website (hereinafter referred to as ‘Website’), as well Users' rights and the methods of collecting, processing and protecting their personal data.

The term ‘User’ means every natural person who is a data subject and who uses the www.poznanonion.pl Website or any electronic services available through it.

The Controller of the User's personal data provided via the www.poznanonion.pl Website is ‘POZNAŃ ONION’ SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, Kórnicka 10, 62-025 Siekierki Wielkie, NIP 7772321162, (hereinafter referred to as the ‘Controller’).

USER CONSENT

By using the www.poznanonion.pl Website, the User accepts that the Controller collects and uses personal data under this Privacy Policy.

Personal data of a Website User is processed by the Controller based on the User's consent, and in some cases described in this document, based on legitimate interests of the Controller. The User has the right to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

If this Privacy Policy is amended and the User continues to use the Website, this shall be deemed as the User's consent to the new terms and conditions of the Privacy Policy.
PERSONAL DATA PROCESSED BY THE CONTROLLER
1. The method of obtaining personal data
  
  The Controller obtains personal data directly from the User, via the Website where the User fills out the contact form and uses it to send a message to the Controller.
  
  Providing personal data via the contact form is voluntary.
2. Types of personal data being processed
  
  The Controller collects the following personal data of the User via the Service:
  1. First name and last name;
  2. E-mail address;
  3. Phone;
  4. Message content;
  5. Message subject.
PURPOSES OF THE PROCESSING OF PERSONAL DATA

The way the Controller processes the User's data depends on how the User uses the Website and its functionalities. The Controller processes the User's personal data for the following purposes:
1. To communicate with the User.
  
  The Controller uses the User's personal data to communicate with them in a personalised manner. Information communicated to the User concerns products and services offered by the Controller, personal data security, network updates, reminders, as well as suggested offers of the Controller and their partners. Communication with the User also concerns customer support provided to them. Personal data is used to assist the User, help them resolve technical problems and respond to complaints and grievances.
2. To present commercial offers to the User by electronic means.
  
  The purpose of using the User's personal data provided by them via the contact form on the Website is marketing communication that constitutes a part of the Controller’s business, and in particular, presenting commercial offers to the User by electronic means.
3. To present commercial offers to the User by phone.
  
  The purpose of using the User's personal data provided by them via the contact form on the Website is marketing communication that constitutes a part of the Controller’s business, and in particular, presenting commercial offers to the User by phone.
4. To allow the User to submit comments and feedback.
  
  The Controller uses the User’s personal data to allow them to submit comments and feedback regarding the products and services offered by the Controller or entities working with the Controller.
The Controller may also process the User's personal data as included in the contact form for the following purposes:
1. to conclude and perform a contract (if any) between the User and the Controller and serve the User as a client of the Controller in accordance with Article 6(1)(b) of the GDPR;
2. to make financial settlements with a User who is a client of the Controller, which are related to a contract between the parties (if any), as well as pursue claims (if any) against such a User based on legitimate interests of the Controller, in accordance with Article 6(1)(f) of the GDPR, and fulfil the Controller's legal obligations towards tax authorities based on separate regulations, in accordance with Article 6(1)(c) of the GDPR;
3. to allow the Controller's to implement marketing activities based on their legitimate interests, within the meaning of Article 6(1)(f) of the GDPR and in accordance with the declarations of intent concerning marketing communication submitted to the Controller. The consents given with regard to marketing communication (e.g. sending commercial information via electronic means or phone calls for direct marketing purposes) may be withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal;
4. to fulfil the Controller’s legal obligations to the User set out in the GDPR within the meaning of Art. 6(1)(c) of the GDPR.
SHARING PERSONAL DATA

The User's personal data shall not be transferred by the Controller to third parties.
USER RIGHTS
1. User Rights
  
  Users retain numerous rights at every stage of data processing. The Users have the right to access their data, amend it, object to its processing, demand its removal or restrict its processing, verify the correctness of data processing, as well as the right to data portability.
  
  Should the User wish to exercise their rights as a data subject, they may contact the Controller using the following contact details: ‘POZNAŃ ONION’ SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, Kórnicka 10, 62-025 Siekierki Wielkie, This email address is being protected from spambots. You need JavaScript enabled to view it..
2. The right to lodge a complaint with a supervisory body
  
  The User whose personal data is being processed by the Controller has the right to lodge a complaint with a supervisory body responsible for the protection of personal data (the President of the Personal Data Protection Office).
COOKIES
1. The Controller hereby informs the User that when using the Website, short text files known as ‘cookies’ are saved on the User's device. ‘Cookies’ contain various IT data, including the User’s IP address, the name of the website they originate from, the period of their storage on the User's device, as well as parameters, statistics and a unique number. ‘Cookies’ are sent to the Website server via a web browser installed on the User's device.
  
  The Website uses ‘cookies’ to:
  1. maintain technical accuracy and continuity of the session established between the Website server and the User's device;
  2. optimise how the User utilises the Website and customise the way it is displayed on their device;
  3. ensure the safe use of the Website;
  4. collect webpage visit statistics to improve the structure and content of the Website;
  5. display advertising content optimally suited to the User’s preferences on their device.
  The Website uses two types of ‘cookies’, i.e. ‘session cookies’ and ‘persistent cookies’. ‘Session cookies’ are files which are automatically removed from the Website Users’ device once they log out of the Website, leave the Website or exit their Internet browser. ‘Persistent cookies’ are stored on the Users’ devices for the time specified in the ‘cookie’ files’ parameters or until manually removed by the Users. ‘Persistent cookies’ may only be installed on a device with the User’s consent.
  
  The Controller would like to inform the User that:
  1. By default, Internet browsers permit the installation of ‘cookies’ on the Users’ devices. Website Users may change the ‘cookie’ settings in their Internet browsers at any time to make the browser block all ‘cookies’ automatically or notify them each time a ‘cookie’ is stored on their device. Detailed information about the possibilities related to the use and handling of ‘cookies’ is available in the web browser settings.
  2. restricting the use of ‘cookies’ by the User may impact the continuity and correctness of the Services provided via the Website.
  ‘Cookies’ installed on the Website User's device may be used by advertisers and business partners working with the Controller.
  ‘Cookies’ can be considered personal data only in conjunction with other identifying data, made available to the Controller by the User as part of their use of the Website.
  Access to ‘cookies’ processed by the Website server is granted exclusively to the Controller.
  If the User does not consent to saving and receiving information using ‘cookies’, they may change the ‘cookie’ settings in their web browser.
OTHER IMPORTANT INFORMATION
1. Ensuring the security of personal data
  
  The Controller introduces appropriate measures to ensure the security of the User's personal data. The secure use of the Website is ensured by systems and procedures that protect data against unauthorised access and disclosure. In addition, the systems and processes used by the Controller are regularly monitored to detect possible threats. Personal data obtained by the Controller is stored in computer systems with strictly limited access.
2. Storing personal data
  
  The storage period of the Users' personal data depends on the purposes for which the Controller processes it.
  The Controller shall retain personal data only for the period necessary to achieve the specific purposes, i.e.:
  - for the period of the Controller's business activity.
  In every situation described above, once the necessary processing period expires, the data may only be processed to pursue claims related to the relationship between the parties until such claims are legally and finally settled.
3. Amendments to the Privacy Policy
  
  This Privacy Policy may be amended in order to update its content or ensure its compliance with the applicable laws. If the Privacy Policy is amended, the date of its update at the end of its text shall be changed. In order to obtain up-to-date information on the personal data protection methods, the Controller recommends that the Users regularly review the provisions of the Privacy Policy.
4. Contact information
  
  If you would like to learn more about this Privacy Policy, please contact the Personal Data Controller: ‘POZNAŃ ONION’ SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, Kórnicka 10, 62-025 Siekierki Wielkie using the following e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it..
  
  In addition, it is also possible to contact the Controller by traditional mail at Kórnicka 10, 62-025 Siekierki Wielkie.

This document was last updated on 30.01.2020.

WEBSITE PRIVACY POLICYwww.poznanonion.pl

Poznań Onion Sp. z o.o.

WEBSITE PRIVACY POLICY
www.poznanonion.pl