PRIVACY POLICY AND COOKIES POLICY

DEFINITIONS:

1. Administrator – S-T-P „ Strahltechnik Poland ” Mariusz Ludian  with its registered office at 23–310 Modliborzyce ul. Leśna 13, entered into the Register of Entrepreneurs under REGON no.: 061675220, NIP (VAT number): PL 862–163-50–87.

2. Personal Data – any information related to a natural person identified or identifiable through one or several factors determining the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person, including the image, voice recording, contact data, location data, information included in correspondence, information collected by means of recording equipment, or other similar technology;

3. Policy –
this privacy policy concerning personal data processing;

4. GDPR –
Regulation no. 2016/679 of the European Parliament and of the Council of 7 April 2016 on the rotection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Council Framework Decision 95/46/EC;

5. User –
any natural person whose personal data are processed by the Administrator, in particular our customers, persons using our services, visiting our premises, as well as persons corresponding with the Administrator.


§ 1. GDPR Legal Basis

1.
In connection with the conducted business activity, the Administrator collects personal data in accordance with the relevant regulations, in particular in accordance with the GDPR Regulation, as well as with the applicable data processing rules provided for therein.

2.
As the Administrator, we ensure clarity and transparency of data processing; in particular, we always inform Users about data processing at the moment when such data are collected, including about the purpose and legal basis of data processing. We make sure that data are collected only to the extent necessary for the indicated purpose and processed only for the period that is necessary in order to achieve the intended purpose.

3.
While processing data, we ensure their security and confidentiality, as well as access to information about such data processing for the data subjects – Users. In case when, despite the applied security measures and safety procedures, personal data breach (e.g. leak or loss of data) occurs, we inform about any such occurrence the data subjects, in a manner consistent with the regulations, as well as the competent supervisory authority, i.e. the President of the Office for Competition and Consumer Protection.


§ 2. Contact on Matters Related to Personal Data Processing

Any matters related to policy privacy should be sent to the following e-mail address: info@s-t-p.pl
Due to the lack of statutory requirement, the Administrator did not appoint a data protection officer.


§ 3. Personal Data Security

1.
In order to ensure the data integrity and confidentiality, the Administrator implemented procedures providing access to personal data only for the authorised persons and solely to the extent necessary due to the tasks performed. The Administrator applies organisational and technical solutions at such level as to ensure that any operations involving personal data are recorded and carried out only by the authorised persons and in accordance with the provisions of the GDPR Regulation.

2. The Administrator shall take any necessary actions for our subcontractors and other cooperating entities (processors) to guarantee the application of appropriate security measures in each case when they process personal data on our behalf.

3. The Administrator shall perform risk analysis on an ongoing basis and monitor the adequacy of the applied user data protection safeguards to the identified risks.
If necessary, the Administrator shall implement additional measures intended to increase the data security.


§ 4. Data Origin

The personal data of Users are collected only in connection with the activity on our website – www.s-t-p.pl, in particular by using the contact form.


§ 5. Purpose of Personal Data Processing

The processing of the personal data of Users shall take place pursuant to Art. 6 of the GDPR Regulation, as well as for the marketing purpose. The Administrator cites the consent given by the Users and legitimate interest of the Administrator, which consists in collection of statistical data and website traffic analysis.

The personal data of Users are processed by the Administrator, in particular for the purpose of:

1. contact by electronic means.

2. monitoring activity, including e.g. search for keywords, offer analysis and activity management.

3.
conducting marketing activities, including direct marketing of the Administrator’s own services.

4.
contact for the purposes connected with legally permissible marketing activities through the available communication channels, in particular and with the User’s consent – by e-mail or/and telephone.

Due to the legitimate interest of the Administrator, personal data are also processed for:

1.
ensuring security.

2. counteracting fraud, abuse and breach of ruled.

3. statistical purposes, improvement of services and performing analyses.


§ 6. Data Archiving.

We respect the right to privacy of Users and we care about data security. For this purpose, we use e.g. the Secure Sockets Layer (SSL) encryption.

Personal data provided in the contact form on our website are treated as confidential and not visible to any unauthorised persons.


§ 7. Personal data are processed:

a)
 in accordance with the provisions on personal data protection,

b) in accordance with the implemented Privacy Policy,

c) to the extent and for the purpose necessary to establish and formulate the content of the Agreement, to modify or terminate the Agreement, as well as for proper execution of services provided electronically,

d) to the extent and for the purpose necessary to fulfil the legitimate interests (legally justified purposes), provided that such personal data processing does not violate the rights and freedoms of an individual.

Every data subject (if we are the administrator of such data) shall have the right to access, rectify, remove or restrict the processing of personal data, as well as the right to object, the right to lodge an appeal to a supervisory body, and the right to withdraw the consent to data processing.

We hereby reserve the right to process your personal data after termination of the Agreement or withdrawal of your consent, only to the extent necessary for the purpose of pursuing potential claims before the court, or if we are obliged to retain data under domestic, EU or international regulations.

The Administrator shall have the right to make the User’s personal data or other data available to authorised entities under applicable legal provisions (e.g. to law enforcement authorities).

The removal of personal data may take place as a result of withdrawing the consent or lodging an admissible objection to personal data processing.

The Administrator shall not make personal data available to any other entities than the entities authorised pursuant to the relevant provisions of law.

We have implemented pseudonymisation, data encryption and access control, thanks to which we are able to minimise the effects of any potential data security breach.


§ 8. Voluntary Consent through Browser Settings

Providing personal data on the website www.s-t-p.pl is voluntary. The basis for processing personal data is my consent – i.e. User’s consent. I have an influence on the web browser and its settings. The recipients of personal data may include e.g. Google. I have the right to withdraw my consent at any time by changing the browser settings. Personal data shall be processed and stored depending on the period of technology use. Profiling is used in Google Analytics, Google AdWords. In case of raising an objection to profiling, please optimise your browser accordingly.

In case of any questions concerning personal data processing, please contact us.


§ 9 Duration of Personal Data Processing

Your personal data shall be stored for the period from 30 days to 10 years – for as long as marketing opportunities are used and data required for conducting business activity are collected.


§ 10. Rights of Website User

The User shall have the right to access the content of their personal data, the right to rectify and remove their personal data, as well as the right to restrict personal data processing/withdraw the consent to personal data processing, the right to data portability and the right to raise an objection against personal data processing.  The User shall have the right to lodge a complaint to the following supervisory body:

President of the Office for Competition and Consumer Protection, ul. Stawki 2, 00193 Warszawa, if in the opinion of the User, personal data processing violates the provisions of EU GDPR Regulation.


§ 11. Cookies

www.s-t-p.pl website uses cookies. These are small text files sent by web server and stored by the browser software. When the browser connects with the website again, the site recognises the type of device from which the User is connecting. The parameters allow for the information contained therein to be read only by the server that created such information. Therefore, cookies facilitate the use of previously visited sites.

The collected information concern the IP address, type of browser used, language, type of operating system, Internet service provider, information about time and date, location and information sent to the site through the contact form.

The collected data are used for monitoring and checking how Users use our sites, in order to improve the functioning of the website, thus ensuring more effective and trouble-free site navigation. We perform the monitoring of User information using Google Analytics tool, which records the User behaviour on the website.

Cookies identify the User, which allows to match the content of the site used by the User to their needs. By remembering their preferences, it enables to deliver the relevant adverts addressed to the particular User. We use cookies to guarantee the highest standard of comfort in using our website, whereas the collected data are used only within the Administrator’s company in order to optimise the activities.

We use the following cookie files on our site:

a) ‘necessary’ cookie files, enabling the use of services available on the website, e.g. cookie credentials used for services requiring authentication within the website;

b) cookies intended to ensure security, e.g. used for detecting abuse in respect of authentication on the website;

c) ‘performance’ cookies, enabling to collect information about the manner of using website pages;

d) ‘functional’ cookies, enabling to ‘remember’ the settings selected by the User and personalise the User interface, e.g. in respect of the chosen language or region from which the User originates, font size, website design, etc.;

e) ‘advertising’ cookies, enabling to provide the Users with advertising content better adapted to their interests.

The User has the option to switch off or restore collecting cookies by changing browser settings. The instruction for management of cookies is available on the following website:

http://www.allaboutcookies.org/manage-cookies

Additional personal data, such as e-mail address, are collected only in the locations where the User expressly gave their consent to collect such data by completing the contact form. We store and use the above data only for the purposes necessary to perform a specific function.