Privacy policy

  1. INFORMATION ABOUT THE ADMINISTRATOR

 

  1. The Administrator of your personal data received at the conclusion of the Contract is Kompol Sp. z o.o. entered into the Register of Entrepreneurs of the National Court Register by the District Court for the Capital City of Warsaw, 14th Commercial Division of the National Court Register under KRS number 0000126405, NIP [tax identification] number 534-10-14-939.
  2. You can contact the data Administrator in writing, by post, by e-mail, as well as by phone in the following way:
    • a. Address: ul. Jowisza 7, Grodzisk Mazowiecki 05-825; 
    • b. Phone number: (0-22)755 68 68; 
    • c. E-mail: kompol@kompol.pl. 
  3. In accordance with the applicable provisions on the protection of personal data, in particular with the content of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as ‘GDPR’), in order to ensure proper protection of personal data, the data subject below provides information on the personal data being processed. 
  4. The Administrator makes every effort to ensure all means of physical, technical and organizational protection of personal data against accidental or deliberate destruction, accidental loss, alteration, unauthorized disclosure, use or access, in accordance with all applicable regulations. 
  5. The Administrator’s website may contain links leading to other websites not administered by the Administrator. The entities managing these websites may have their own privacy policy. Therefore, the Administrator recommends that you read such document before you provide your personal data there. 

 

  1. PURPOSE, LEGAL BASIS FOR PROCESSING AND TIME OF PROCESSING PERSONAL DATA

 

Your personal data will be processed by the Administrator for the following reasons: 

  1. In order to conclude and perform the contractual relationship, i.e., to perform the Contract for the sale of products and deliver to customers, as well as to ensure the correct quality of the service – for the duration of the Contract and settlements after its completion, as well as for the period of limitation of claims – art. 6 sec. 1(b) GDPR; 
  2. In order to fulfill binding legal obligations, e.g., issuing and storing invoices and accounting documents, responding to complaints within the time limit and in the form provided for by law – for the duration of the performance of duties and the period in which the law requires the storage of documents – art. 6 sec. 1(c) GDPR; 
  3. In order to establish, defend and pursue claims – for the period in which the claims under the Contract are time-barred – art. 9 sec. 2(f) GDPR; 
  4. For analytical and statistical purposes – for the duration of the Administrator’s business needs – on the basis of the Administrator’s legitimate interest in advertising its own products – art. 6 sec. 1(f) GDPR (the detailed processing method is described in point 5); 
  5. For advertising purposes – for the duration of the Administrator’s business needs – based on consent to receive advertising information, information about the store, its offer and products – art. 6 sec. 1(a) GDPR. If you consent to the processing of your data, the content of this consent will specify exactly for what purpose we will process this data. 

 

  1. SCOPE OF THE PROCESSED PERSONAL DATA

 

  1. In order to perform the Contract, the Administrator needs to obtain the following personal data: identification data (name, surname, NIP [tax identification] number, PESEL number, series and number of the ID card), address data (e-mail address, street, place of residence, zip code). Failure to provide this data prevents the fulfillment of the order. 
  2. The Administrator may additionally ask for optional data (e.g., telephone number or e-mail address). This data does not affect the conclusion of the Contract, but facilitates contact with the customer, and thus affects the efficient fulfillment of the order. 
  3. The Administrator may also ask for your e-mail address, provided that the Administrator has previously obtained your consent to process the e-mail address in order to send the newsletter. 
  4. The data is processed in accordance with the requirements of applicable law and contractually agreed conditions. 

 

  1. TRANSFER OF DATA TO OTHER ENTITIES (DATA RECIPIENTS)

 

The recipient of the data is understood as a natural or legal person, public authority, unit or other entity to which the Administrator discloses your personal data.
We will transfer your data to: 

  1. Entities processing data on behalf of the Administrator, participating in the performance of the Administrator’s activities, i.e., in the process of customer service (e.g., subcontractors, suppliers) 
  2. Entities operating our ICT systems and providing us with ICT tools; 
  3. Entities providing the Administrator with accounting and tax services; 
  4. Entities providing the Administrator with advisory services / legal assistance, audit services. 

 

  1. COOKIES AND LOG DATA

 

  1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the user visiting the website (e.g., on the hard drive of the computer, laptop, or on the smartphone’s memory card – depending on what device you use when visiting our website). These files allow to recognize the user’s device and properly display the website tailored to his/her individual preferences. Cookies usually contain the name of the website which they come from, the storage time on the terminal device, and a unique number. 
  2. This website uses the following types of cookies: 
    • a. session cookies that collect information about the User’s activities and exist only during a given session, which begins when the website is opened and ends with its closing, 
    • b. permanent cookies, which are stored on the User’s ICT device (on the computer, telephone or other device of the User from which the connection with the Website was made) and remain on it for a long period of time after closing the web browser, 
  3. The Administrator processes the data contained in cookies when visitors use the website for the following purposes: 
    • a. improving the speed of the website, 
    • b. enabling certain functionalities to work on the website, 
    • c. collecting statistical (anonymous) data, excluding personal identification 
  4. By default, most web browsers available on the market accept cookies by default. You have the option of specifying the conditions for the use of cookies in the settings of your web browser. This means that you can, for example, partially limit (e.g., temporarily) or completely disable the option of saving cookies on your computer – in the latter case, however, it may affect some of the website’s functionalities. 
  5. Detailed information on changing the settings for cookies and their self-removal in the most popular web browsers is available in the help section of the web browser (the most popular browsers are Mozilla, Firefox, Microsoft, Internet Explorer, Chrome, and Opera). 
  6. The Administrator also collects log data (IP address, domain), which are stored for an indefinite period and are used to generate statistics. These data are aggregate and anonymous, i.e., they do not contain features that identify the website’s visitors. Logins are not disclosed to third parties. 
  7. Personal data collected using cookies may be collected only for the purpose of performing specific functions for the user. Such data is encrypted in a way that prevents access by unauthorized persons. 
  8. Cookies used by the website operator’s partners are subject to their own privacy policy. 

 

  1. RIGHTS OF THE DATA SUBJECT

 

  1. The data controller ensures the following rights, which can be exercises to submit a request for: 
    • a. Correction of data that is incorrect, in particular because it was collected with errors or because it changed after collection. The above right also covers the supplementation of missing data; 
    • b. Removal of data that has been processed or placed on our websites unreasonably. You can exercise the above right only if:
      • Your data is no longer necessary for the purposes for which it was collected, in particular if the period for which the Administrator planned or was obliged to process personal data has expired; 
      • You have withdrawn your consent on which the right to process personal data was based, unless the Administrator has any other legal basis for processing; 
      • You have objected to the processing and there are no overriding legitimate grounds for processing. 
      • The administrator may refuse to accept the request for the deletion of personal data, in cases provided for by law, in particular when further processing is necessary to fulfill a legal obligation requiring the processing of such data under EU or national law, to establish, pursue or defend claims. 
    • c. Restrictions on processing (suspension of data operations – as per the submitted request) when:  
      • You question the correctness of personal data – for a period allowing the Administrator to check the correctness of this data; 
      • The processing is unlawful and you oppose to the deletion of personal data, requesting the restriction of data processing (their use) instead; 
      • The Administrator does not need the data, but you need them to establish, investigate and defend claims. 
    • d. Access to data (for information about the data processed by us and for a copy of this data), including obtaining a copy of the personal data that is subject to processing. The first copy is free. For any further copies that you request from the Administrator, you may be charged a reasonable fee resulting from administrative costs (cost of postage, photocopying, etc.); 
    • e. Data transfer to another data controller. You have the right to receive your personal data in a structured, commonly used and machine-readable format, and you have the right to send this data to another administrator; 
    • f. The right to object to the processing of data when it is done on the basis of the legitimate interest of the Administrator. The Administrator can no longer process the data, unless the Administrator demonstrates the existence of legally valid grounds for processing that override the interests, rights and freedoms of the data subject; 
    • g. The right to withdraw consent to the processing of data at any time (if the processing was based on your consent). However, the withdrawal of consent does not affect the legality of the processing which was carried out before its withdrawal. 
  2. The rights referred to in paragraph 1 can be exercised by submitting a request to the Administrator’s office or by calling the number provided in point 1 (information about the Administrator). The Administrator may ask for additional information allowing to authenticate the person exercising the rights. To ensure that you are entitled to submit a request, we may ask for additional information to authenticate you. 
  3. If the Administrator’s use of the received data is not necessary to perform the contract, fulfill a legal obligation, or does not constitute a legitimate interest of the Administrator, the Administrator may ask for consent to a specific method of data processing. The consent granted may be withdrawn at any time (this will not affect the lawfulness of the use of data before the consent is withdrawn). 
  4. The data subject has the right to lodge a complaint with the President of the Personal Data Protection Office if you believe that the processing of your data violates the law.