Information Notice for Customers and Contractors
extended pursuant to Article 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (…) hereinafter the GDPR.
We hereby inform you that:
- The Controller of your personal data is Fristom Sp. z o. o. Sp. k. with registered office in Sicienko, address: ul. Przemysłowa 5, 86-014 Sicienko.
- For matters related to your personal data, please contact our Data Protection Officer at email@example.com.
- The data Controller is processing your personal data for the following purposes:
- a) taking steps to enter into a contract, such as providing an offer, sending mail with regard to negotiation of contract terms, etc. – pursuant to Article 6(1)b of the GDPR;
- b) performance of contracts for FRISTOM products and services entered into with the Controller – pursuant to Article 6(1)b of the GDPR;
- c) compliance with legal obligations to which the Controller is subject, e.g. issuing an invoice, keeping and storing accounting records – pursuant to Article 6(1)c of the GDPR;
- d) offers for own products and services provided directly by the Controller (a.k.a. direct marketing), including their selection according to your needs – pursuant to Article 6(1)f of the GDPR;
- e) possible establishment, exercise, or defence of legal claims as pursuit of legitimate interests of the Controller – pursuant to Article 6(1)f of the GDPR.
- Your personal data will be processed for a period necessary for the purposes of processing listed below:
- a)for a period of 6 months, if no contract is entered into;
- b)for a period of 2 years after termination of a contract;
- c)for as long as the Controller is required to do so by the law, e.g. by Article 86(1) of the Tax Ordinance Act;
- d)until processing for the purposes of direct marking is objected to or until the data is deemed to be outdated;
- e)for the longest possible claim limitation period + 1 year after the end of the year when a contract expired in case the claims are made just before the limitation period expires.
- To the extent you contacted our agent – an employee of our company – we process your data on the basis of information you have voluntarily provided to us.
If you have not contacted us, then we have obtained your data from your website or from other legally operating registers (including CEIDG, KRS).
Provision of the data is voluntary yet necessary to present an offer or enter into a cooperation contract.
- When needed, your personal data may be made available to entities authorised under legal provisions, in particular to tax authorities and entities with which FRISTOM has entered into service provision contracts (e.g. IT companies, certifying companies, state–authorised auditors).
- You have the right to access your data and to correct it, receive a copy of it, transmit it, restrict its processing, and erase it (the right to be forgotten) – pursuant to Article 17 of the GDPR.
- You are entitled to object to data processing for the purpose of direct marketing at any time (point (d) of paragraph 3). If you exercise this right, the Controller shall no longer process the data for this purpose.
- In the event that you deem the processing to be infringing on the GDPR provisions, you have the right to make a complaint to the supervisory authority, i.e. to the Chairman of the Personal Data Protection Office.
- Your personal data will never be subject to automated decision–making or profiling.
- Unless the User intends to purchase a product, send a request for quotation, or give consent to receiving the newsletter, using the Website www.fristom.com.pldoes not require any personal data to be provided.
- Provision of personal data by a User is always his/her voluntary decision. However, if consent to personal data processing is not given, the provision of services by electronic means may be prevented.
The Controller of the personal data provided by the Users is FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k., with registered office in 86-014 Sicienko, ul. Przemysłowa 5, VAT ID No. 5542926937, entered into the register of entrepreneurs.
- The Controller is protecting personal data against access by unauthorised persons, loss, modification, damage, or destruction and is processing the data entrusted to it on the basis of legal provisions. The basis for personal data processing is Article 6(1)b of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
- While the Website is being used, additional information may be collected, in particular: the IP address assigned to your computer or the external IP address of the Internet Service Provider, domain name, web browser type, access time, operation system type.
- Web navigation data may also be collected from the Users; it includes information about links and references they decide to click on or other actions taken on the Website.
Rules for Personal Data Processing
- Personal data is processed on the grounds of consent given by a User of the site when he/she uses the contact or newsletter form (or/and when a product is ordered) on the Website.
- Personal data referred to in Article 2 Section 1 above is primarily:
– full name,
– telephone number,
– electronic mail address (email).
- In case of Users operating a business, the User provides the following personal data in addition to the data described in Section 2 above:
– business name under which the company is operating, including designation of its legal form,
– entry number in the Central Business Activity Register and Information Record (CEIDG) or entry number in the National Court Register (KRS),
– address of the registered office,
– mailing address,
– VAT identification number,
- The personal data provided by the User shall be processed:
– to provide the newsletter service and send replies to email enquiries.
– for the purpose of providing information on the current offer, discounts, services as well as to send the newsletter, provided that the User consents to receiving marketing information, including commercial information, by electronic means.
- Users have the right to access, inspect, and verify the processing of their data and to obtain information about the purpose, extent, and means of the processing of data contained in the dataset as well as to request completion, updating, and rectification of personal data, temporary or permanent ban on their processing, erasure of the data, to request that the personal data no longer be processed pursuant to Article 32 Section 1 Subsection 7 of the Personal Data Protection Act, or to object pursuant to Article 32 Section 1 Subsection 8 of the Personal Data Protection Act.
- Any request arising from the User rights described in Article 2 Section 5 herein must be sent at the email address: firstname.lastname@example.org
Basic User Rights
- Users can request that their data be erased from the database of FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. at any time by sending such a request by email at email@example.com, preferably using the mail account they provided during registration.
- Users can unsubscribe from the newsletter at any time by:
– ending a request to unsubscribe from the newsletter using the mail account they provided during the registration process; the requests have to be submitted at firstname.lastname@example.org,
– clicking the “unsubscribe from the newsletter” link given in each email containing marketing information that is sent to Users,
– changing the settings of their on–line shop accounts where they can cancel marketing information sending.
- Erasure of User data entails erasure of all User information and data. However, operator of the www.fristom.com.pl website reserves the right to retain User data and refuse to delete it to the extent and for the period provided for by law, particularly for the purpose of settling liabilities that have arisen between the User and the Company.
Basic Data Controller Obligations
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k., which is the Controller of personal data, exercises special care in the course of data processing to ensure that interests of the Users are protected.
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. ensures that the personal data is:
– processed in accordance with the law,
– collected exclusively for the indicated legally compliant purposes,
– not subject to further processing, which would be illegal,
– adequate and sufficient for the purposes of processing,
– stored only within the necessary period, i.e. until the purpose of processing is accomplished,
– stored in compliance with the highest security standards,
– stored in a form that enables identification of data subjects.
- The personal data is stored in a dataset that has been safeguarded by technical and organisational measures protecting the processing of data. The personal dataset can only be accessed by persons authorised by the personal data controller.
The Cookies Mechanism, IP Address
- The Website is using small data files called cookies. They are saved by FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. on the computer of the Website visitor using the Website, provided that the web browser allows that. Cookie files usually contain the name of the domain of their origin, their ‘expiry date’, and a unique, random number that serves as file identification. Information collected by means of this type of files helps adjust the services offered by FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. to individual preferences and real needs of the Website visitors. This also enables the provision of general page view statistics for the information presented on the Website.
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. is using two types of cookie files:
- session cookies: the saved information is deleted from the device memory as soon as each session of a browser ends or the computer is shut down. The session cookies mechanism does not allow any personal data or confidential information to be downloaded from the Users’ computers;
- persistent cookies: they are stored on hard drives of the Users’ computers and remain there until deleted.
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. is using its own cookies for the purpose of analyses, research, audience audits, and specifically to create anonymous statistics that give an understanding of how the Users use the Website, thereby facilitating improvement of its structure and content.
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. is using third–party cookies in order to:
- collect general and anonymous static data by means of Google Analytics (administrator of the third–party cookies: Google Inc based in the USA);
- present a map with marked location of the office of FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. on the Website, via the website maps.google.com (administrator of the third–party cookies: Google Inc based in the USA);
- popularise the Website by means of the social networking site facebook.com (administrator of the third–party cookies: Facebook Inc based in the USA or Facebook Ireland based in Ireland);
- present advertisements customised to meet Users’ preferences using the on–line advertising tool Doubleclick.net (administrator of the third–party cookies: Google Inc based in the USA);
- present the Rzetelny Regulamin Certificate (or other certificate available on the site) via the website rzetelnyregulamin.pl (administrator of the third–party cookies: B2B Consulting Sp. z o.o. based in Warsaw).
- The cookies mechanism is safe for Website Users’ computers. In particular, it is not possible for any viruses or other undesired software or malware to get through to the Users’ computers this way. Nevertheless, the Users have the option of limiting or disabling the access of cookie files to their computers. In the event that this option is used, the Users will still be able to use the Website, save for the functions that require cookie files by their nature.
- We present the methods of changing cookie usage settings in popular web browsers below:
- web browser https://support.microsoft.com/pl-pl/products/windows?os=windows-10)
- web browser https://support.mozilla.org/pl/kb/ciasteczka
- web browser https://support.google.com/chrome/answer/95647?hl=pl
- web browser https://support.apple.com/pl-pl/HT201265
- web browser http://help.opera.com/Linux/9.22/pl/cookies.html
- FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. may collect your IP addresses. An IP address is a number assigned to the computer of a Website visitor by his/her Internet Service Provider. The IP number lets you use the Internet. In most cases, it is assigned to computers dynamically, i.e. it changes each time they connect to the Internet and is therefore commonly treated as non-PII (personally identifiable information). IP addresses are used by FRISTOM Spółka z ograniczoną odpowiedzialnością Sp. k. for diagnosis of technical problems with the server, creation of statistical analyses (e.g. determination of regions from which our website is accessed the most), as useful information for Website management and improvement as well as for security purposes and identification of unwanted automatic programs viewing the Website content and thereby overloading the server, if needed.