Dear Sir Or Madam,
In connection with the start of application as of 25th May 2018 of the Regulation of the European Parliament and Council (EU) 2016/679 of 27th April 2016 on protection of natural persons in connection with personal data processing and on free transfer of such data and revocation of the directive 95/46/EC (hereinafter referred to as “GDPR”), USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna, with the registered office at Ostrowite, 87-400 Golub Dobrzyń, informs that since 25th May 2018 you shall be entitled to following rights connected with processing your personal data by USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna.
Privacy policy
This privacy policy contains information connected with personal data processing by USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna (hereinafter referred to as the ” Administrator”). The Data Administrator ensures that it protects personal data which it collected via the website utgrom.com.pl, text messages received on e-mail addresses: stgrom@bazafirm.pl, mzgrom@bazafirm.pl, m.garkowska@grom.bazafirm.pl. Read our privacy policy and in case of doubts send an e-mail to one of following addresses: stgrom@bazafirm.pl, mzgrom@bazafirm.pl, m.garkowska@grom.bazafirm.pl or call the phone number 56 583 6222. We answer your questions with pleasure.
Personal data administrator
USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna, with the registered office in Ostrowite, 87-400 Golub Dobrzyń, NIP 8781696264, is the administrator of your data. The data administrator processes personal data obtained via the website utgrom.com.pl and via e-mail addresses: stgrom@bazafirm.pl, mzgrom@bazafirm.pl, m.garkowska@grom.bazafirm.pl, according to the applicable law, and in particular according to the Regulation of the European Parliament and Council (EU) 2016/679 of 27th April 2016 on protection of natural persons in connection with personal data processing and on free transfer of such data and revocation of the directive 95/46/EC (general regulation on data protection), hereinafter referred to as “GDPR”.
Personal data
Personal data means information about a natural person identified or possible to identify, and a natural person possible to identify is a person who can be directly or indirectly identified, in particular on the basis of an identifier such as name and surname, identification number, data about location, Internet identifier or one or some particular factor determining a physical, physiological, genetic, psychological, economic, cultural or social identity of a natural person.
Data safety
Taking into account character, scope and purposes of processing and risk of violating rights or freedom of natural persons with various probability and severity of risk, the Administrator implements appropriate technical and organizational means, so that the processing takes place according to this regulation and in order to show it. Those means shall be reviewed and updated where necessary. The Administrator uses encryption with the use of SSL certificate.
Rules of personal data processing
The Data Administrator uses best efforts in order to ensure safety and protection of your personal data during their processing. Personal data are processed according to applicable law about personal data protection, and, in particular, the Data Administrator processes personal data respecting following principles:
based on the legal basis and according to the law (legalism),
diligently and honestly (rule of diligence),
in a way that is clear for a data subject,
for specific purposes data is not collected “unnecessarily”,
no more than necessary (accuracy),
with care for correctness of data (correctness),
no longer than necessary (temporality),
ensuring appropriate data security (security).
Basics of personal data processing
The legal basis for personal data processing is:
6 section 1 letter a of GDPR – in case of giving consent to receive commercial information by a person,
6 section 1 letter b of GDPR – in case when processing is necessary to fulfil a contract which party is a data subject or to take up activities upon the request of a data subject before concluding a contract,
6 section 1 letter c of GDPR – in case when processing is necessary to fulfil a legal obligation resting with the administrator,
6 section 1 letter f of GDPR – in case when data processing is necessary for purposes resulting from legally justified interests performed by the administrator or a third party.
Purposes of processing
The Data Administrator processes personal data for following purposes:
performance of a sales agreement, completion of an order or to take action on demand of a subject data before concluding the above-mentioned contract,
conducting marketing activities,
keeping accounting documentation, including issuing invoices,
corresponding with persons who ask questions,
determining, demanding or defending claims which may be raised by the Administrator or which may be raised against the Administrator.
Scope of processing data
Scope of processing data is:
for the purpose connected with performance of a sale agreement, completion of an order or to take action on demand of a subject data before concluding the above-mentioned contract, the scope of processing data is: name, surname, e-mail, contact telephone number (landline phone/ mobile phone), delivery address (street, house number/ apartment number, postal code, city, country, place of residence/ place of conducting activity. In case of Clients who are not Consumers the Data Administrator may additionally process the name of the entrepreneur and NIP,
for the purpose of marketing the scope of processing data is: name, surname, place of residence/ place of conducting activity, e-mail,
for the purpose of keeping accounting books the scope of processing data is: name, surname, place of residence/ place of conducting activity, name of the entrepreneur and NIP,
for the purpose of determining, demanding or defending claims the scope of processing data is: name, surname, e-mail, contact telephone number (landline phone/ mobile phone), delivery address (street, house number/ apartment number, postal code, city, country, place of residence/ place of conducting activity.
Providing data
Providing data is voluntary, but in some cases may be necessary. The necessity to provide data occurs in following cases: entering into contracts with the Administrator (sales agreement, contract for provision of services concerning the registration of the Account). Not providing personal data necessary to conclude and perform a sales agreement, completion of an order results in the lack of possibility to conclude above-mentioned contracts. In such a situation providing personal data is the contractual requirement due to statutory obligations of the Administrator, i.e. providing personal data is the contractual requirement resulting from generally applicable provisions of law imposing an obligation to process personal data on the Data Administrator. Such a duty is to process personal data in order to keep accounting books. In case of not providing personal data it shall result in failure to perform above duties.
Period of data storage
The Data Administrator stores personal data for a period which depends on a purpose in which they are processed. The period is as follows for the data processed: for the purpose related to performance of a sales agreement the data are stored for a purpose necessary for performance, termination or otherwise expiration of a concluded contract, for the marketing purpose the data are stored until the consent of a subject data for further processing of his/her data for that purpose is withdrawn, for the purpose of keeping accounting books the data are stored for a period that is required by provisions of law requiring the Administrator to keep accounting books (5 years calculating from the beginning of a year following the financial year which is concerned by the data), for the purpose of determining, demanding or defending claims the data are stored for a period of the duration of the legally justified interest performed by the Administrator, however no longer that for a period of limitation of claims in relation to a subject data for a business activity conducted by the Administrator. The period of limitation is determined by provisions of law, in particular the Civil Code (the basic deadline for claims connected with conducting a business activity is 3 years, and 2 years for a sales agreement).
Data receivers
The Data Administrator cooperates with external entities thanks to which the proper functioning of the company’s activity is ensured. Personal data may be transferred to following receivers or categories of receivers:
carriers/ forwarding agents who deal with the delivery of postal packets or registered packets,
entities providing accounting and human resources services,
entities providing services from the field of OHS,
operators of a payment system that provide a payment service,
entities providing IT and technical services, suppliers of software, suppliers of e-mails and hosting, suppliers of software to manage activity of a company.
Rights of a subject data
In a situation when the Data Administrator processes your personal data you are entitled to following rights:
the right to access your personal data, their correction and removal as well as limitation of data processing, to appeal against their processing, and also the right to transfer data,
the right to withdraw a consent at any moment in case when a given person gave consent for personal data processing, for example in order to receive commercial information. This consent may be withdrawn at any moment by submitting an appropriate statement in writing or by e-mail. Withdrawal of a consent does not affect compliance with legality of processing which was made on the basis of a consent before its withdrawal,
the right to file a complaint to the supervisory body – a person whose data are processed by the Administrator is entitled to file a complaint to the supervisory body if s/he considers that personal data processing concerning him/her violates applicable provisions in the scope of protection of personal data. The President of the Office of Personal Data Protection is the supervisory body in Poland.
In order to use above-mentioned rights please contact USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna by sending an appropriate message in writing to the address of the registered office: USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna, Ostrowite, 87-400 Golub Dobrzyń or via an e-mail to one of the addresses: stgrom@bazafirm.pl, mzgrom@bazafirm.pl, m.garkowska@grom.bazafirm.pl.
Cookies
Cookies are small text information in the form of text files sent by the server and saved on the side of a person who visits the website of USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna (for example on a hard drive of a computer, a laptop – depending which device is used by a visitor of utgrom.com.pl).
During a visit on our website the Administrator may process data included in cookies for following purposes:
Memorizing data from completed forms of inquiry/ order,
Adjusting content of the website utgrom.com.pl to individual preferences of the Client (for example, concerning colours, font sizes, a page layout) and optimizing the usage of websites utgrom.com.pl.
Cookies used in utgrom.com.pl are not harmful either to a Client or a computer/ a terminal unit used by a Client, so we recommend to use them in browsers.
The mechanism of operation of cookies may be disabled any time by changing settings in a web browser, however disabling cookies may prevent from the proper use of the website of the Online Shop. Detailed information on possibilities and ways of handling cookies is available in settings of a browser which is used by the User in the help section.
We wish you a nice day.
USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna
The sender of the letter is:
USŁUGI TECHNICZNE “GROM” Mirosława Grom i Józef Grom spółka jawna, Ostrowite, 87-400 Golub Dobrzyń, the holder of NIP 878-16-96-264 and REGON 871572101
KRS 0000256150,
DISTRICT COURT IN TORUŃ, VII COMMERCIAL DIVISION OF THE NATIONAL COURT REGISTER
We respect your privacy and thank you for receiving this message. If you do not wish to receive the information, please send feedback with the content “NO”.