Explanations and Relevant Information
1. The Controller of the personal data processed in the service of www.prosperplast.pl (hereinafter: the Service) is Prosperplast 1 Spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered seat in Rybarzowice 43-378 at ul. Wilkowska 968, registered in the District Court in Bielsko-Biała, 8th Business Division of the National Court Register, KRS (National Court Register Number): 0000605309, NIP (Tax Identification Number): 5470200928 (hereinafter: Controller).
2. The Controller may process certain data, including the personal data of the Service users, further to the provision of certain services (newsletter, contact form), and also the user’s activity in the Service.
3. The legal basis for the processing of your personal data is
a. consent (Article 6(1)(a) of GDPR) or the processing is necessary for the performance of a contract for the provision of a service (Article 6(1)(b) of GDPR) — in the event of using a newsletter or contact form service,
b. the Controller’s legitimate interest (Article 6(1)(f) of GDPR) in the event of collecting data for analytical and statistical purposes, i.e. aimed at exploring activities and preferences of the Service users and improving the functionality of the Service and the services provided (especially by means of so-called cookies).
4. Newsletter – a newsletter service consists in sending commercial information about the Controller’s products periodically, especially those presented and offered by the Service, i.e. concerning product brands. It shall be enough to provide an e-mail address in order to receive a newsletter. Provision of the e-mail address is tantamount to expressing consent to the use of this service. Consent may be withdrawn at any time.
5. Contact Form – a service that allows asking questions to the Controller, especially in relation to product brands and also exchanging communication and establishing a contact for any other purpose. The user shall have to provide at least such data that allow the Controller contacting them. Provision of other data is voluntary.
6. Cookies contain information technology data, especially text files that are stored on the user’s end device and are intended for using websites. Cookies usually contain a name of the website from which they originate, their storage period on an end device and unique number.
a. “necessary” – or those allowing using services available in the Service, e.g. maintaining a session after the user has logged in,
b. “functional” – files that allow “memorising” the selected settings and affecting personalisation of the interface,
c. “security” – that support ensuring safety,
d. “performance” – files that allow collecting information about the manner in which the Service has been used.
The user may change how the cookies are used at any time. A majority of the web browsers offer a possibility of accepting or rejecting all cookies, accepting only their certain types or informing the user each time when a website tries to save them. The user may also easily delete cookies that have already been saved on a device by the web browser. The possibilities of managing and deleting cookies differ depending on the web browser that is used. The User may find all the necessary information using the Help function in their web browser or by going to the website http://www.aboutcookies.org/ where it has been explained how to control and delete cookies in the most popular web browsers. Remember that blocking all cookies may result in difficulties in operations or make using certain functionalities of a page completely impossible.
For the purpose of analysing and using cookies the Controller shall use Google Analitycs (if the use does not want to provide data that Google may use, it may be additionally possible to download a dedicated addition to web browsers – https://tools.google.com/dlpage/gaoptout?hl=pl).
7. Your data shall not be stored longer than it is necessary, i.e. not longer than for the time of using the Service or exchanging communication. In the event of consent the data shall be processed no longer than for a period of the provision of a service or similar performance to which such consent relates.
8. The recipients of your personal data may include entities to whom we are obliged to provide data on the basis of the applicable regulations of law (e.g. administration of justice authorities, Tax Office), and also entities providing to us auxiliary services related to the operations of the Service or the provision of services or other performance (in the case of consent), i.e. especially entities providing hosting, information technology, marketing, and similar services. We have relevant agreements signed with such entities guaranteeing proper security and compliance with law.
9. Remember that you have the right to access to your data, including the right to obtain a copy of data, the right to demand their rectification, the right of their erasure (in specific situations), the right to lodge a complaint to a supervisory authority that is involved in the protection of personal data, and the right to restrict data processing. To the extent in which your data are stored on the basis of consent, you may additionally exercise the right to withdraw consent to the extent in which they are processed on such basis (consent withdrawal shall have not affect the lawfulness of processing based on consent before its withdrawal, i.e. to receive your personal data from the Controller in a structured, commonly used and machine-readable format. The User shall have the right to object to the processing of data for marketing purposes, if the processing is performed further to the Controller’s legitimate interest, and also – due to reasons related to a specific situation of the User – in other cases whereby the Controller’s legitimate interest is the legal basis for data processing (e.g. further to the implementation of analytical and statistical purposes).
10. Based on your personal data the Controller shall not perform automated decision-making towards you, including decisions that result from profiling.
11. Subject to section 11a your data shall not be transferred outside the EEA.
11a. A newsletter service is provided by the Mailchimp platform, whose operator has its registered seat and servers in the territory of the US, that is why certain personal data relating to such service may be transferred outside the EEA. According to the assurances by the provider of services each and all security requirements are complied with, especially those provided for in Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council and Recommendations 01/2020 of the European Data Protection Board on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. More information is available at the following address https://mailchimp.com/help/mailchimp-european-data-transfers/.