Privacy policy

GENERAL

1. This Privacy Policy covers personal data provided to GRAFFITI STUDIO SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ via the website maintained at https://graffitistudio.pl
2. The administrator of personal data collected via the website is GRAFFITI STUDIO SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Jaworzno, entered into the National Court Register kept by the District Court Katowice Wschód in Katowice – VIII Commercial Division of the National Court Register under KRS number: 0000315262, address of the place of business and address for service: Na Stoku 78, 43-600 Jaworzno, NIP: 6321959637, REGON: 240987925, share capital in the amount of: PLN 4,500,000, Tel. +48 32 661 01 30, hereinafter referred to as the Administrator.
3. Personal data collected via the website are processed in accordance with Regulation 2016/679 of the European Parliament and of the Council of 27.04.2016. on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as the General Data Protection Regulation (Official Journal of the European Union L of 2016, No. 119, p. 1) and in accordance with the Act on the provision of electronic services of 18 July 2002 (Journal of Laws of 2002 No. 144, item 1204, from the post. died.).
4. The Administrator takes special care to protect the interests of persons whose data is collected via the website, and in particular ensures that the data collected by him, using appropriate technical and organizational measures, are: processed in accordance with the law; collected for specified, legitimate purposes and not subjected to further processing incompatible with those purposes; factually correct and adequate in relation to the purposes for which they are processed; stored in a form that allows identification of the persons concerned, no longer than it is necessary to achieve the purpose of processing and are processed in a way that ensures adequate security of personal data, including their protection against unauthorized or unlawful processing and their accidental loss, destruction or damage.
5. Taking into account the nature, scope, context and purposes of the processing of personal data and the risk of violating the rights and freedoms of persons whose data are processed with different probabilities of occurrence and severity of the threat, the Controller shall implement appropriate technical and organizational measures to ensure a level of security of personal data processing corresponding to this risk; applies, in particular, technical measures to prevent unauthorized persons from obtaining and modifying personal data sent electronically.

PURPOSE OF COLLECTING PERSONAL DATA AND RECIPIENTS OF PERSONAL DATA

1. Personal data collected via the website are processed by the Administrator for the following purposes:

a) responding to requests for proposals pursuant to Article 6(1)(b) of the General Data Protection Regulation,

b) concluding and performing contracts for the provision of maintenance services pursuant to Article 6(1)(b) of the General Data Protection Regulation,

c) direct marketing of the Administrator’s own products or services pursuant to Article 6(1)(f) of the General Data Protection Regulation,

d) marketing pursuant to Article 6(1)(a) of the General Data Protection Regulation,

(e) the transmission of commercial communications by electronic means pursuant to Article 6(1)(a) of the General Data Protection Regulation.

2. Personal data collected via the website may be made available by the Administrator to the following entities:

a) In the case of persons who use the website in order to submit inquiries and to conclude and implement contracts for the provision of maintenance services, the Administrator makes the collected personal data available to entities related to the Administrator by business relations – i.e. : providers of courier, transport, forwarding, postal services; providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support and service providers supplying the Administrator with IT solutions enabling the Administrator to conduct business activity, including the website and the services provided through it (in particular, providers of computer software for running the website, e-mail and hosting providers and suppliers software for managing the company and providing technical support to the Administrator), with the proviso that the Administrator makes the collected personal data available to the selected provider acting on its behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

b) In other cases, the Administrator makes the collected personal data available to service providers supplying the Administrator with IT solutions enabling the Administrator to conduct business activity, including the website and services provided through it (in particular, computer software providers for running the website, e-mail and hosting providers and software providers for managing the company and providing assistance). technical to the Administrator), with the proviso that the Administrator makes the collected personal data available to a selected provider acting on its behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

III. BASIS FOR DATA PROCESSING AND PERIOD OF THEIR STORAGE

1. Providing personal data by persons using the website is voluntary, however, failure to provide personal data indicated in the Request for Quotation Form and in the Service Form, necessary to respond to inquiries and necessary to conclude and implement contracts for the provision of maintenance services results in the inability to respond to inquiries and the inability to conclude and implement contracts for the provision of services Service.
2. In the case of personal data processing in order to respond to inquiries and in order to conclude and implement contracts for the provision of maintenance services, the basis for the processing of personal data of the user of the website is the need for the Administrator, at the request of the data subject, to take appropriate actions before concluding the contract with the user and performing contracts for the provision of maintenance services (Article 6(1)(b) of the General Data Protection Regulation).

In the case of data processing for the purpose of direct marketing of the Administrator’s own products or services, the basis for the processing of personal data is the fulfillment of legally justified purposes pursued by the Administrator – in accordance with applicable regulations, the processing of personal data for the purposes of direct marketing of the Administrator’s own products or services may be considered as an activity performed in the legitimate interest (Article 6(1)(f) of the General Regulation).  on data protection). In the case of data processing for marketing purposes, the basis for the processing of personal data is the prior consent of the website user (Article 6(1)(a) of the General Data Protection Regulation). In the case of data processing for the purpose of sending commercial information by electronic means, the basis for the processing of personal data is the prior consent of the user of the website (Article 6(1)(a) of the General Data Protection Regulation).

3. Personal data collected via the website are stored by the Administrator for the period of:

a) In the case of personal data processed in order to respond to inquiries and to conclude and perform contracts for the provision of maintenance services – for the period necessary to perform, terminate or otherwise expire contracts concluded as a result of responding to inquiries and until the performance, termination or expiry of contracts for the provision of maintenance services in another way. After this time, the data may be stored for a period corresponding to the period of limitation of claims under these contracts that the Administrator may raise against the person whose data is processed and which may be raised by such a person against the Administrator.

b) In the case of personal data processed for the purpose of direct marketing of the Administrator’s own products or services – for the period of existence of a legitimate interest pursued by the Administrator, but not longer than for the period of limitation of claims against the data subject due to the business activity conducted by the Administrator (the period of limitation of claims is determined by the provisions of the Civil Code, according to which the basic deadline the limitation period for claims related to running a business is three years, and for a sales contract two years), with the proviso that the Administrator may not process personal data for the purpose of direct marketing in the event of an effective objection in this respect by the data subject.

c) In the case of personal data processed for marketing purposes and for the purpose of sending commercial information by electronic means – until the data subject withdraws his consent to further processing of his data for this purpose.

THE RIGHT TO ACCESS AND CORRECT THE CONTENT OF THE DATA AND OTHER RIGHTS OF PERSONS WHOSE DATA ARE PROCESSED

1. Users of the website have the right to request from the Administrator access to the content of their personal data (to information about the processed data and to receive a copy thereof), rectification (correction of data), deletion (“the right to be forgotten”) or limitation of processing (suspension of data operations or non-deletion of data – in accordance with the submitted application) and have the right to object to the processing, and have the right to transfer their data to another data controller to the extent specified in Article 20 of the General Data Protection Regulation. The detailed conditions for the exercise of these rights are set out in Articles 15 to 21 of the General Data Protection Regulation.
2. Users of the website, whose data are processed by the Administrator on the basis of their consent for the purpose of marketing and for the purpose of sending commercial information by electronic means (pursuant to Article 6(1)(a) of the General Data Protection Regulation) have the right to withdraw their consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
3. Users of the website whose data are processed by the Administrator have the right to object at any time – for reasons related to their particular situation – to the processing of personal data concerning them based on Article 6(1)(e) (public interest or tasks) or f) (legitimate interest of the Administrator) of the General Data Protection Regulation. In such a case, the controller may no longer process the personal data unless he demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or grounds for establishing, exercising or defending legal claims.
4. Users of the website whose data are processed by the Administrator for the purposes of direct marketing of the Administrator’s own products or services have the right to object at any time to the processing of their personal data for the purposes of such marketing, to the extent that the processing is related to such direct marketing.
5. In order to exercise the rights referred to in the points above, you can contact the Administrator by sending an appropriate message in writing or by e-mail to the Administrator’s address indicated at the beginning of this Privacy Policy.

 RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

1. Users of the website, whose data are processed by the Administrator, have the right to lodge a complaint with the supervisory body in the manner and in the manner specified in the provisions of the General Data Protection Regulation and in the provisions of Polish law, in particular the Act on the Protection of Personal Data. The supervisory authority in Poland is the President of the Office for Personal Data Protection.

COOKIES AND OPERATIONAL DATA

1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the website visitor (e.g. on the hard disk of a computer, laptop or smartphone memory card – depending on which device the website visitor uses). Detailed information on cookies, as well as the history of their creation can be found m.in here: https://pl.wikipedia.or/wiki/HTTP_cookie
2. The Administrator may process the data contained in Cookies when visitors use the website for the following purposes:a) identifying persons as logged in to the website and showing that they are logged in;b) remembering data from completed Request for Quotation Forms and Service Forms or login data to the website;c) adapting the content of the website to the individual preferences of people using the website (e.g. regarding colors, font size, page layout) and optimizing the use of the website;d) keeping anonymous statistics showing the manner of using the website;
3. Most web browsers available on the market accept the storage of cookies by default. Everyone has the opportunity to specify the terms of use of Cookies using the settings of their own web browser. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the possibility of saving Cookies – in the latter case, however, it may affect some of the functionalities of the website.
4. The settings of the web browser in the scope of Cookies are important from the point of view of consent to the use of Cookies by our website – in accordance with the regulations, such consent may also be expressed through the settings of the web browser. In the absence of such consent, you should change the settings of your web browser in the field of Cookies.
5. Detailed information on changing the settings for Cookies and deleting them yourself in the most popular web browsers is available in the help section of the web browser and on the following pages (just click on the link): • in Chrome • in Firefox • in Internet Explorer • in Opera • in Safari • in Microsoft Edge
6. The administrator also processes data related to the use of the website (IP address, domain) to generate statistics helpful in administering the website. These data are aggregated and do not contain features identifying visitors to the website and are not disclosed by the Administrator to third parties.

VII. FINAL PROVISIONS

1. The Website may contain links to other websites. The Administrator suggests that after switching to other websites, read the privacy policy of these websites. The Administrator reserves that this Privacy Policy applies only to the website maintained at the address https://graffitistudio.pl
2. The Administrator applies technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular protects the data against their disclosure to unauthorized persons, taking by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.
3. The Administrator shall accordingly provide the following technical measures to prevent unauthorized persons from obtaining and modifying personal data sent electronically:a) Securing the data set against unauthorized access.b) Access to the Account only after providing an individual login and password.c) SSL certificate.