MATITRANS
Policy privacy
PRIVACY POLICY WEBSITE
matitrans.pl
Dear user
We care about your privacy and want you to feel comfortable and secure when using our services, so we have prepared a document from which you can obtain detailed information on the processing of your personal data.
Table of contents:
- Introduction
- Definitions
- General information
- Recipients of personal website data
- Acquisition, collection, purpose, scope and processing activities of personal data
- Data subject rights
- Cookie mechanism, usage data and analytics
- Final provisions
§ 1
Introduction
- This privacy policy sets out the principles for the processing and protection of personal data of Users using the website available at: matitrans.pl hereinafter referred to as the website. The document describes first of all the basis, purposes, scope of personal data processing, indicates the entities to which the data are entrusted, as well as contains information on cookies and analytical tools used within the website.
- The controller of the personal data collected via the website, within the meaning of Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016. (Official Journal of the EU. L No. 119, p. 1), hereinafter referred to as RODO (here you can read the regulation https://eur-lex.europa.eu/legal-content/PL/TXT/HTML/?uri=CELEX:32018R1725&from=EN, is the company: MATITRANS Sławomir Baranowski, entered in the Central Registration and Information on Business Activity, having the address of the place of main business activity: 43/31 Generała Władysława Sikorskiego Street, 78-550 Czaplinek, NIP: 2530083791, REGON: 321309648, contact phone: +48 782 364 771, e-mail address: matitrans.sp@gmail.com, hereinafter referred to as the Administrator and being at the same time the Website Service Provider.
- Users' personal data shall be processed in accordance with the regulations on the protection of personal data and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2002 No. 144, item 1204, as amended).
- The Administrator declares that the privacy policy has an informative role, which means that it is not a source of obligations for website Users. Its purpose is to define the activities undertaken by the Administrator and to describe the related services, tools and functionalities used by website Users, e.g. to use the contact form or other activities undertaken within the website.
§ 2
Definitions
- User – a person using the website; an entity to whom, in accordance with the provisions of law, electronic services may be provided or with whom an agreement for the provision of electronic services may be concluded.
- Administrator – MATITRANS Sławomir Baranowski, 43/31 Generała Władysława Sikorskiego Street, 78-550 Czaplinek, NIP: 2530083791, REGON: 321309648.
- Web page - in other words, a web page is one of the pages included in the same website, which is hosted under the domain: matitrans.pl, which can be opened using a web browser. A website, which is managed by the Administrator, consists of HTML, CSS, JavaScript code and may contain, for example, content, graphics, films or hyperlinks to other websites or files.
- Electronic service – a service provided electronically by the Administrator to the User via the website.
- Contact form – a form in which the Users of the website: matitrans.pl place the necessary information and data in order to perform the service/process the request sent to the Administrator.
- Device – an electronic device through which the User accesses the website.
- Consumer - a natural person concluding a contract with the Administrator within the framework of the website, the subject of which is not directly related to his/her economic or professional activity.
§ 3
General information
- The Website Administrator makes every effort to protect the privacy of the Website Users and any data and information collected from them. With due care, he/she selects and applies technical protection measures, both programmatic and organisational, thus ensuring complete protection against their access, disclosure, loss, destruction, unauthorised modification or processing in violation of applicable laws.
- The Administrator informs that the website uses a transmission protocol to ensure the security of data transmission on the Internet, namely it has the SSL (Secure Socket Layer) protocol installed. This is a type of security that involves encoding data before it is sent from the User's browser and decoding it after it has safely reached the website's server. The information sent from the server to the User is also encoded and decoded once it reaches its destination.
- The data collected by the Controller shall be processed in accordance with the law, respecting the principles of fairness and transparency, shall be collected to the minimum extent necessary for and processed in accordance with the specified purposes, shall not be subject to further processing incompatible with those purposes, shall be adequate and factually correct in relation to its intended use and shall be stored in such a way that data subjects can be identified. The period for which the data are stored depends on the purpose of the processing and is limited until the intended purpose has been achieved.
- The Administrator of the website has access to the data on the basis of the principles set out in the regulations and privacy policy, but may entrust the Users' personal data to external entities cooperating with the Administrator. Such entrustment is possible only on the basis of relevant personal data entrustment agreements concluded between the Administrator and the processor. The agreements contain provisions defining the scope and conditions of personal data processing necessary for the performance of services. The Administrator declares that it cooperates only with entities which, for their part, guarantee the security of personal data processing processes by implementing safeguards corresponding to the requirements set out in the RODO.
- The Administrator has the right, and also a statutory obligation, to pass on information concerning website Users to public authorities, e.g. in connection with proceedings for possible infringements of the law, or to third parties who make such a request on the basis of the applicable provisions of Polish law.
- The use of services and tools made available as part of the website, as well as providing personal data by the User is voluntary. However, their provision may be necessary for the conclusion and performance of the contract for the provision of electronic services on the website, thus their absence will prevent the conclusion of such a contract. The extent of the data necessary to conclude a contract is indicated on the website.
- When using the services and tools made available on the website, the user acknowledges having read the provisions of this privacy policy and, at the same time, gives his/her consent (if required) to the use of his/her personal data in accordance with these provisions by ticking the relevant checkboxes on the website (the contents of the checkboxes specify the purpose for which the personal data provided will be used).
§ 4
Recipients of personal data of the website
- In order to ensure the proper functioning of the website, the Administrator uses the services of external entities. The Administrator transfers the data only if it is necessary for the purpose of processing the personal data in question and only to the extent necessary for its fulfilment.
- Examples of recipients of personal data of website Users are:
- entities operating the website functionalities.
- Data recipients (external entities) process personal data on the basis of the relevant entrustment agreements signed with the Website Administrator. These entities collect, process, store personal data in accordance with their regulations and privacy policies.
- The Administrator entrusts the processing of personal data of Service Recipients and Users of the
„matitrans.pl” website to the following entities:
- b.center Bartosz Kaczmarek, 117 Kossaka Street, 64-920 Piła, NIP: 7642435045, REGON: 301172998 - for IT support of the website.
§ 5
Acquisition, collection purpose, scope and processing activities
- The Administrator obtains information about Users by, among other things, collecting server logs, IP addresses, software and hardware parameters, pages viewed, mobile device identification number and other data on devices and use of systems. The collection of the above information will take place in connection with the use of the website. This data is not used by the Administrator to identify the User.
- Navigation data may also be collected from Users, including information on links and references or other actions taken on the website, in order to facilitate the use of the electronically provided services and to improve the functionality of these services.
- The administrator reserves the right to filter and block messages sent via the internal messaging system, in particular if they are spam, contain forbidden content or otherwise threaten the safety of website users.
- Within the framework of the website operated, the Administrator processes Users' personal data for the following purposes:
- contacting Users in response to queries sent via the contact form, contacting Users via e-mail in response to queries sent,
- to facilitate the use of the website and to ensure the IT security of the website,
- to perform the contract for the provision of electronic services.
- The Administrator informs that it collects, processes and stores the following User data: electronic mail address (e-mail address) and optionally first and last name.
- The personal data that are collected for the purposes indicated in the privacy policy will be stored for the period of performance of the services provided by the Administrator and for the period resulting from the limitation periods for claims, consumer rights or other rights in this respect.
CONTACTING THE USER
- The basis for the processing of data in connection with the User service, which includes contacting the User in order to respond to an enquiry sent via email, contact form, is Article 6(1)(a) RODO, i.e. consent to processing. If a contract is concluded after contact, the data will be processed on the basis of Article 6(1)(b) RODO. The legal basis for the processing after the eventual termination of the contact will be the legitimate purpose of archiving the correspondence for future demonstration (pursuant to Art.6(1)(f) RODO).
CONTACT SUPPLIER
- As part of the functionality of the website, the Administrator provides the possibility of contacting him using an interactive form. The use of the form requires the provision of personal data necessary to contact the User and answer the questions contained in the form. The user may also provide other data in order to facilitate contact or request a service. Providing data marked as mandatory is required in order to handle the request, and failure to provide it may result in the inability to handle it. Providing other data is voluntary.
- The legal basis for processing data in connection with the use of the contact form is Article 6(1)(a) RODO, i.e. consent to processing.
- For the identification of the sender and the handling of his/her enquiry sent via the form provided - the legal basis for the processing is the necessity of the processing for the performance of the service contract (Article 6(1)(b) RODO).
- The legal basis for the processing after the eventual termination of the contact will be the legitimate purpose of archiving the correspondence for future proof (pursuant to Art.6(1)(f) RODO).
FANPAGE
- The Administrator provides Users with access to his/her Fanpage via the Facebook platform, which is administered by the Administrator himself/herself or a person appointed (authorised) to perform this function. Via the Fanpage, the User may add comments, post as a guest, use the "Like" or "Share" functions.
- Through the fanpage, the User may be redirected to the website of the Administrator.
- The basis for the processing of data as part of the operation of the fanpage and necessary for its management and for statistical purposes, consisting, inter alia, in the analysis of data collected automatically when using the website, including cookies, is the legitimate interest of the controller pursuant to Article 6(1)(f) RODO.
- The basis for the processing of personal data in connection with the posting of comments is consent pursuant to Article 6(1)(a) RODO.
- Within the fanpage, the User can stop observing it at any time. By ceasing to observe, content from the Administrator related to the fanpage will no longer be displayed.
- The Administrator informs that he processes the following personal data: first name, surname, general information, which was posted by the User on his profile on the social network Facebook.
- The personal data will be processed for the duration of the fanpage or until you withdraw your consent.
- The Administrator informs, that personal data collected within the framework of the operated fanpage, may be transferred to the United States by saving it in a database located on a US server. Facebook, Inc. is an entity based in both a third country - the United States and Ireland, which has joined the Privacy Shield programme and thus guarantees an adequate level of personal data protection as required by European legislation.
SOCIAL MEDIA TOOLS (FACEBOOK)
- The "matitrans.pl" website uses a plug-in and other tools provided by the social networking site Facebook. When displaying a website on which such a plug-in has been placed, the User's browser establishes a direct connection to the Facebook Administrator's server.
- The content of the plug-in is transmitted by the respective Service Provider directly to the User's browser and integrated into the website. This integration enables the Service Provider to receive information that the User's browser has viewed the matitrans.pl website, even if the User does not have a Facebook profile or is not currently logged in to Facebook. If the User is logged in to the social network, the Service Provider will be able to directly associate the website visit with the corresponding Facebook profile.
- When the user of the website uses the "Like" or "Share" button, the corresponding information will also be sent directly to the server of the respective service provider and stored there. Furthermore, this information will be published on the social network and will appear, for example, on a Facebook wall. The purpose and scope of the data collection and further processing and use of the data by the Service Providers, as well as the possibility of contacting and the rights of the Users in this respect and the possibility of making settings to ensure privacy protection are indicated in the privacy policy of each Service Provider.
§ 6
Data subject rights
- The RODO grants Users the rights in question, a list of which is provided below. These rights are granted without stating a reason, but are not absolute and will not apply to all personal data processing activities. Should the User wish to exercise any of his/her rights, he/she may, at any time, send a declaration of intent to the website's e-mail address or the Administrator's registered office.
I. Right of access to data exercised pursuant to Article 17 of the RODO.
The User may, at any time, contact the Controller to confirm whether his/her data is being processed, and if this is the case the User has the right:
- to obtain access to personal data,
- to be informed about the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients of such data, the intended period of storage of the User's data or the criteria for determining that period (when determining the intended period of processing is not possible), about the User(s)' rights under the RODO (when determining the planned period of data processing is not possible), about the User's rights under the RODO and the right to lodge a complaint with a supervisory authority, about the source of this data, about automated decision-making, including profiling, and about the safeguards applied in connection with the transfer of this data outside the European Union,
- to obtain a copy of their personal data.
II. Right to rectification of data exercised pursuant to Article 18 of the RODO.
The User has the right to request from the Administrator the immediate rectification of his/her personal data that is inaccurate. He also has the right to request the completion of his personal data. To rectify or complete your personal data, please send the information to the website's email address.
III. Right to erasure ("right to be forgotten") - exercised on the basis of Article 19 RODO.
- You may request the Administrator to delete all or some of your data,
- You have the right to request the erasure of your personal data when:
- the personal data are no longer necessary for the purposes for which they were collected or for which they were processed,
- he/she has withdrawn specific consent, to the extent that the personal data were processed on the basis of the User's consent,
- objected to the use of your data for marketing purposes,
- the personal data was processed unlawfully,
- the personal data must be erased in order to comply with a legal obligation provided for by Union law or the law of a Member State to which the controller is subject
- the personal data was collected in connection with the offering of information society services,
- despite the User's request for the erasure of personal data due to the filing of an objection or the withdrawal of consent, the Administrator may retain certain personal data to the extent that the processing is necessary for the establishment, investigation or defence of claims, as well as for the fulfilment of a legal obligation requiring processing under Union law or the law of a Member State to which the Administrator is subject,
- the erasure of personal data or the cessation of processing by the Administrator may result in the impossibility of providing the services provided through the website or in the restriction of the use of the website's functionalities.
IV. Consent to the processing of personal data and the right to withdraw consent exercised on the basis of Article 7.(3) RODO
- By accepting the statements placed by the Administrator in the interactive forms available on the website, the User consents to the processing of his/her data for the specified purposes,
- The User has the possibility to consent to the processing of his/her data for additional purposes by accepting the optional statements proposed in the forms available on the website,
- The User has the right to withdraw any consent he/she has given to the Administrator, the withdrawal of consent will have effect from the moment of withdrawal,
- The withdrawal of consent will not cause any negative consequences for the User, however, it may prevent further use of services or functionalities that the Administrator can lawfully provide only with consent,
- withdrawal of consent shall not affect the processing of personal data lawfully carried out by the Administrator prior to its withdrawal.
V. Right to object to data processing exercised on the basis of Article 23 RODO
- The User has the right to object at any time, on grounds related to his/her particular situation, to the processing of his/her personal data, including profiling, if the Administrator processes personal data on the basis of a legitimate interest,
- an opt-out sent by the User in the form of an email from receiving marketing information on products and services implies the User's objection to the processing of his/her data, including profiling for these purposes,
- if the Administrator has no other legal basis allowing for the processing of the User's data and the lodged objection proves to be legitimate, the personal data against which the objection has been lodged will be deleted.
VI. The right to request the restriction of the processing of your personal data exercised on the basis of Article 20 RODO
You have the right to request the restriction of your personal data when:
- he or she questions the correctness of his or her personal data - the Personal Data Controller will restrict the processing of his or her personal data for a period of time allowing to verify the correctness of the data,
- the processing of the User's personal data is unlawful, and instead of erasing the personal data, the User requests the restriction of the processing of his/her personal data,
- when the User's personal data are no longer necessary for the purposes of the processing, but are needed in order to establish, assert or defend the User's claims,
- when the User has objected to the processing of his/her personal data - in which case the processing is restricted until it is determined whether the legitimate interests on the part of the Personal Data Controller override the grounds indicated in the User's objection.
VII. Right to request the transfer of your personal data (Article 22 RODO)
The User has the right to receive his/her personal data from the Controller in a structured, commonly used machine-readable format and to have it sent to another Personal Data Controller.
The User also has the right to request that it is the Controller who sends the User's/User's personal data directly to another Controller (if technically possible).
The User also has the right to lodge a complaint with the President of the Office for Personal Data Protection regarding the violation of his/her data protection rights or other rights granted under the RODO.
§ 7
Cookie policy, usage data and analytics
- The website uses small files called cookies, these are saved and stored on the computer or other terminal device of the website Users, if the Internet browser allows it. Cookies usually contain the name of the domain from which they originate, the time they are stored on the Device and the assigned value.
- Cookies are used to optimise the use of the website, in order to collect statistical data that allow identifying the use of the website by the Users, which makes it possible to improve the structure of the website. They are also necessary to maintain the User's session after they have left the website.
- The administrator uses two types of cookies:
- session (temporary) cookies: they are detected on the user's end device and remain where they are available for inspection. The saved information is then permanent and deleted from the device's memory. The session cookie mechanism does not allow downloading any personal data or any confidential information from the user's device,
- persistent cookies: they are stored on the User's device and remain there until they are deleted. Ending a given browser session or turning off the device does not delete them from the User's device. The persistent cookie mechanism does not allow downloading any personal data or any confidential information from the User's device.
- At any time, using the web browser you are using, you can change cookie settings, including blocking the collection of cookies. Such action may make it difficult or impossible to use the website's services and tools, including making it impossible to place an order.
- If the User decides that he or she does not agree to the use of cookies for the purposes described above, he or she can delete them manually at any time. Detailed instructions and information about cookies are included in the help menu of the web browser currently used by the User. Examples of web browsers that support the above-mentioned cookies are: Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Safari, Microsoft Edge./li>
- Some external entities operating as part of the website allow Users to withdraw consent to their collection and use of data for advertising purposes based on the User's activity. More information on this and the possibility of making a choice can be found, for example, on the website: youronlinechoices.com.
§ 8
Final Provisions
- This privacy policy contains links to other websites, it is recommended to read the privacy policies and regulations of these websites.
- The above privacy policy applies only to the Administrator's website.
- It is possible to expand the website's offer, which makes it possible to change the content of the privacy policy, about which you will be informed with an appropriate message on the website.
- If you have additional questions regarding the website's privacy policy, please send a message to the e-mail address provided by the Administrator: matitrans.sp@gmail.com.