Privacy Policy
- For the owner of this website, the protection of user’s personal data is of the utmost importance. We make every effort to ensure that users feel safe when entrusting their personal information while using the website.
- A user is a natural person, legal entity, or an organizational unit without legal personality, to whom the law grants legal capacity, utilizing electronic services available through the website.
- This privacy policy explains the principles and scope of processing the user’s personal data, their rights, as well as the responsibilities of the data controller, and provides information about the use of cookies.
- The administrator employs state-of-the-art technical means and organizational solutions to ensure a high level of protection for processed personal data and to safeguard against unauthorized access. In accordance with Article 13, paragraphs 1 and 2, of the General Data Protection Regulation of April 27, 2016, we inform you that:
I. PERSONAL DATA CONTROLLER
The personal data administrator is EU-Cert Sp. with its registered office at ul. Karol Szymanowski 12/U6 in Gdańsk (80-280), registered in the business register maintained by the District Court Gdańsk – North in Gdańsk, VIII Economic Department of the National Court Register, under the KRS number: 0000980050, NIP: 5851497842 (hereinafter referred to as the “Owner”).
II. PURPOSE OF PROCESSING PERSONAL DATA
- The administrator processes the user’s personal data for the purpose of providing services or conducting marketing/commercial communication via electronic means of communication (in particular, email, telephone calls, SMS, MMS), in accordance with the provisions of the Telecommunications Law and the Act on the Provision of Electronic Services, or other regulations governing this purpose and the methods of its implementation.
- The user can also provide consent to receive information about news, which will result in the administrator processing personal data for the purpose of sending the user commercial information, including, among other things:
- Personal data is also processed in order to fulfill legal obligations imposed on the data controller and to carry out tasks in the public interest, including but not limited to: performing tasks related to security and defense or storing tax documentation.
- Personal data may also be processed for the purposes of direct marketing of products, securing and pursuing claims, protecting against claims of the user or third parties, as well as marketing the services and products of third parties or self-marketing, not constituting direct marketing.
III. TYPE OF DATA
- The administrator processes the following personal data, the provision of which is necessary for:
1.a. Registering on the website:
First and last name;
Email address;
1.b. Providing services;
First and last name;
Address;
Phone number;
Email address;
1.c. Data provided by the user on an optional basis:
Date of birth;
Personal Identification Number (PESEL);
Tax Identification Number (NIP) (in case of requesting an invoice for a business entity).
IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA
- Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of individuals concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.05.2016, p. 1-88, hereinafter referred to as the “GDPR Regulation.”
- The administrator processes personal data only after obtaining the prior consent of the user.
- Giving consent for the processing of personal data is entirely voluntary.
V. RIGHTS OF THE USER
- The user can request information from the administrator about the scope of personal data processing at any time.
- The user can request correction or rectification of their personal data at any time.
- The user can withdraw their consent for the processing of their personal data at any time without providing a reason. The request to stop processing data can pertain to a specific purpose indicated by the user, for example, withdrawing consent to receive commercial information, or it can pertain to all purposes of data processing. Withdrawing consent for all processing purposes will result in the user’s account being deleted from the website, along with all personal data previously processed by the administrator. Withdrawing consent will not affect actions that have already been carried out.
- The user can request, at any time and without providing a reason, for the administrator to delete their data. A request for data deletion will not affect actions that have already been carried out. Deleting data means the simultaneous removal of the user’s account, along with all personal data previously stored and processed by the administrator.
- The user can object to the processing of personal data at any time, both in relation to all of their personal data processed by the administrator and in a limited scope, for example, regarding the processing of data for a specific purpose. Objection will not affect actions that have already been carried out. Raising an objection will result in the deletion of the user’s account, along with all personal data previously stored and processed by the administrator.
- The user can request a limitation on the processing of personal data, either for a specified period or without a time limit, but within a defined scope, which the administrator must comply with. The request for limitation will not affect actions that have already been carried out.
- The user can request the administrator to transfer their personal data being processed to another entity. For this purpose, the user should submit a request to the administrator, specifying the entity (name, address) to which the user’s personal data should be transferred and which specific data the user wishes the administrator to transfer. Upon the user’s confirmation of their request, the administrator will transfer the user’s personal data to the specified entity electronically. User confirmation of the request is necessary for the security of the user’s personal data and to ensure that the request comes from an authorized person.
- The administrator will inform the user about the actions taken within one month of receiving one of the requests mentioned in the previous points.