§ 1

General Provisions

1. The purpose of this Privacy and Cookie Policy is to  ensure the sense of security of all Website users. The use of the Website shall constitute acceptance of the terms and conditions of the Privacy and Cookie Policy.

2. The definitions used in the Privacy Policy shall be understood as follows:

a) Privacy Policy – means this document,

b) Website – means the website that leads to this Privacy Policy,

c) User – any natural person visiting the Website; for the purpose of a better reception of this Privacy Policy the term “User” was replaced by “You”,

d) Data – means data obtained from the User using forms, left by the User when visiting the Website, including the User’s personal data,

e) Personal Data – means information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name or identification number,

f) Personal Data Processing – means practically any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means (e.g. collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction),

g) Controller – personal data controller, namely EUROIMPEX SPÓŁKA AKCYJNA, having its registered office in Wrocław, ul. Mydlana 3b (51-502 Wrocław), entered in the register of entrepreneurs of the National Court Register at the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division, under KRS number: 0000068587, VAT No.: 8990107125, REGON: 008479195; for the purposes of better reception of this Privacy Policy the term “Controller” was replaced with “Us”,

h) GDPR – means the Regulation of the European Parliament and the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

3. When using our Website it is recommended that You use the latest versions of internet browsers. If You are using an older version of a browser or/and versions other than the latest available, we cannot guarantee the proper operation of the Website.

4. If You have any questions about the principles of personal data processing and protection, or if You wish to exercise Your rights related to that, please contact us at: barbara.pokorny@euroimpex.pl (contact with a person supervising personal data processing within the Controller’s organisation).

§ 2

Personal Data

1. We process all data, including personal data, that you leave when visiting our Website using the form provided on the Website.

2. In particular we process the following categories of personal data provided by You using the form:

a) full name,

b) address/place of residence,

c) e – mail address,

d) telephone number.

3. We represent and warrant that Your personal data are processed in accordance with the generally applicable personal data protection regulations, including the provisions of GDPR, as well as in accordance with the Privacy Policy implemented by us.

4. Your personal data are collected only within the scope that is adequate, necessary, and required in view of the purposes for which they are processed.

5. Your personal data are processed for the following purposes:

a) answering an enquiry (submitted to us via form on the Website) concerning products and services that are of interest to You and are offered by us, with a view to entering into a contract with us, pursuant to art. 6(1)(b) of GDPR, according to which data processing is allowed if it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

a) entering and performing a contract, pursuant to art. 6(1)(b) of GDPR, according to which data processing is allowed if it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

c) defending against claims and possibly pursuing claims, pursuant to art. 6(1)(F) of GDPR, according to which data processing is allowed if it is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;

d) marketing and promotional purposes (You receiving commercial information and a newsletter related to our business activities), pursuant to art. 6(1)(a) GDPR, according to which data processing is allowed if the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

6. Every data subject (where we act as the Controller) has the right to:

a) access his or her personal data,

b) rectify them,

c) revoke consent for data processing (where data processing is based on consent),

d) erase them (including as a result of consent revocation or a legally permitted objection to personal data processing),

e) limit their processing,

f) data portability,

g) object to personal data processing,

h) lodge a complaint with a supervisory authority, i.e. President of the Personal Data Protection Office.

7. The rules related to the exercise of the rights specified in sec. 6 have been described in detail in art. 15 – 21 of GDPR. We encourage You to familiarize yourself with these regulations, as they describe in detail the content of such rights, the rules under which they can be exercised, and exceptions from their application. The above rights are not absolute and will not apply to all personal data processing activities. Such rights may be exercised using communication channels specified in § 1(4) of the Privacy Policy.

8. Provision of personal data for the purpose of entering into and performing a contract by the Controller (specified in sec. 5(a – c)) is necessary to provide performance under such a contract. Not providing personal data will make it impossible to enter into a contract. Within the remaining scope, i.e. for marketing and promotional purposes (specified in sec. 5 (d)), the provision of personal data is voluntary. The only consequence of not giving Your consent will be not receiving from us commercial information and newsletter related to our business activities.

9. You personal data are kept for periods prescribed and required under law or where it is necessary for the proper functioning of the Controller, and for us to comply with the accountability principle, i.e. so that we can demonstrate compliance with the regulations on the protection of Your personal data. In connection with that we reserve the right to process your personal data:

a) for the purpose specified in sec. 5(a) – during the period of negotiations, after which, depending on the results, personal data will be further processed for the purpose of performance of the concluded contract, or will be immediately erased if no cooperation has been established;

b) for the purpose specified in sec. 5(b, c) – for the period of performance of the contract (service provision) and, in justified cases, also after the performance of the contract (conclusion of service provision), where allowed or required by applicable provisions of law (e.g. processing for the purpose of settlements, to exercise claims, or the expiry of the statue of limitations). In such a case personal data are processed only for the period of time necessary for the achievement of the relevant objectives;

c) for the purpose specified in sec. 5(d) – until your consent for processing is revoked.

10. Please bear in mind that revoking consent for personal data processing does not affect the legality of processing performed in accordance with law prior to such revocation. Additionally, the consent may be revoked at any time, which is communicated to You when your consent is obtained. We provide you with the option of revoking consent in the same easy manner in which it was granted, i.e. using the communication channel specified in § 1(4) of the Privacy Policy. The only result of revocation of consent will be not receiving from us commercial information related to our business activities.

§ 3

Personal Data Protection

1. We respect Your right to privacy and we take care to ensure the security of your data, therefore we do everything we can to protect the personal data provided to us against unauthorised access, and within this scope we use appropriate organisational and technical security measures.

2. Your personal data are stored on secured servers.

3. To ensure data security we use, among other things, a secure sockets layer encryption for Website communication.

4. We have implemented pseudonymysation, data encryption, and we have access control in place to minimise the consequences of data security breach, if any.

5. Personal data provided on the Website are treated as confidential and are not visible to third parties other than us (that is the Controller) and entities authorised by us.

6. We do not provide your personal data to entities other than those authorised under relevant provisions of law.

7. Personal data are processed only by persons authorised by us or by the processors with whom we cooperate closely, e.g. who provide us with ICT services or store data on servers. Such entities process personal data under an agreement with the Controlled and only in accordance with the Controller’s instructions. Data processing is outsourced to the following entities: Landingi sp. z o.o.

8. All personal data subprocessors guarantee the use of appropriate personal data security and protection measures required by the applicable provisions of law.

9. We represent that:

a) we do not provide Your personal data to third countries or international organisations,

b) we ensure that persons authorised to process personal data have undertaken to maintain confidentiality,

c) we undertake all measures required under art. 32 of GDPR,

d) we comply with the terms and conditions of using another processor, referred to in art. 28(1-4, 9) of GDPR e) Your personal data are not subject to automated decision-making, including profiling.

§ 4

Information about cookies.

1. The Website uses cookies. Cookies are small text files sent through a www server and stored by the browser computer software. When the browser connects to the page again, the website recognises the type of device used by the user. The parameters will allow the information contained in them to be read only by the server by which they were created. Therefore cookies facilitate the use of previously visited websites.

2. The collected information are related to the IP address, the type of browser used, language, type of operating system, internet services provider, information about the time and date, location and information provided to the website using the contact form.

3. The analysed cookies contain anonymous information about the Website usage. Cookies help improve the functionality of the Website and better adjust it to the expectations and needs of visitors. Cookies collect anonymous information, record website trends without identifying individual persons. Analytical tools use their own cookies to analyse the activities of the visitors. Such cookies are used to store information, e.g. time when the visit started, and whether the visitor used the site before, what website was visited before, what the screen resolution of the visitor’s device is, how the visitor is using the site, etc.

4. The software used to view websites (internet browser) usually allows storage of cookies on the end device of a Website visitor as a default. However you can always change cookie settings in this scope from the level of your browser, or erase cookies entirely (detailed information on this is contained in help or the browser documentation). Remember, however, that disabling cookies may cause difficulties in using the Website as it will prevent the collection of cookies and reading of information on their basis.

5. Our Website uses the following cookies:

a) “strictly necessary” cookies, which make it possible to use the services available on the website, e.g. authentication cookies used for services requiring authentication on the Website;

b) cookies used to ensure security, e.g. used to detect authentication breaches on the Website;

c) “performance ” cookies, which allow the collection of information about the manner in which the website pages are used;

d) “functionality” cookies, which allow the Website to “remember” the user’s settings and customisation of the user interface, e.g. with respect to the selected language or the user’s region, font size, display mode, etc.;

e) “advertising” cookies used to deliver to the users advertising content more relevant to their interests,

f) cookies used to monitor site traffic, including Google Analytics cookies  which are used to create statistics and to analyse the manner in which the Website is used by the User, and Google AdWords (Google LLC cookies), as re-marketing tools; such files are not used to identify the User. Detailed information about the scope and terms and conditions of collection of data in connection with this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.

§ 5

Amendments and updates to the Privacy and Cookie Policy

1. Please be informed that we reserve the right to amend this Privacy and Cookie Policy at any time.

2. This Privacy Policy was implemented on and is in force as of 24 May 2018.

3. Modifications of the Privacy and Cookies Policy are intended to reflect changes in legislation, the Controller’s personal data practices, and to strengthen the personal data protection system.

4. Amendment shall be effected by publishing new Privacy and Cookie Policy on our website.