Privacy and coockie policy

PRIVACY AND COOKIE POLICY

I.GENERAL PROVISIONS

1. The controller of personal data collected via website http://vitroflora.pl is Vitroflora Grupa Producentów sp. z o.o. odpowiedzialnością (LLC) headquartered in Trzęsacz, Trzęsacz 25, 86-022 Dobrcz, entered into the Register of Entrepreneurs kept by the District Court in Bydgoszcz, XIII Economic Division of the National Court Register, under no. KRS 0000253008, holder of the tax identification number (NIP): 5542684776, and the statistical number (REGON): 34015424, holding share capital of PLN 220,000.00 (two hundred twenty thousand PLN), email address: marketing@vitroflora.com.pl, who is also the Service Provider as understood in the Provision of Electronic Services Act, hereinafter referred to as: ‘the Controller’.
2. In case of any doubt or in order to exercise your rights please contact us at marketing@vitroflora.com.pl.
3. Your personal data are processed in accordance with the Act of 29 August 1997 on Personal Data Protection (Journal of Laws 2016, item 922), on the basis of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016  on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/96/EC and in conformance with the Act on Electronic Services of 18 July 2002 (Journal of Laws No. 144, item 1204 as amended).
4. We take great care to protect the interests of the data subjects. The Controller ensures that the collected data are:
- lawfully processed;
- gathered for specified and legitimate purposes and no further processed in a way incompatible with the intended purposes;
- relevant and adequate to the purposes for which they are processed, and kept in a form which enables identification of the data subjects no longer than it is necessary for the processing purposes.

II.PURPOSE AND SCOPE OF DATA COLLECTION AND LEGAL BASIS OF THIS ACTION

1. Your personal data are processed for two purposes:- In order to perform the Agreement and to take steps prior to entering into the Agreement;
- In order to send offers and other marketing and promotional information on the basis of Your consent;
2. Your personal data is not used for profiling – it is not processed by automated means in order to identify your needs nor your personality traits. We do not collect any additional information about you from other sources.
3. We neither sell nor share data with other entities. Your data is not being transferred outside the European Economic Area nor to any international organizations.


III.STORAGE AND REMOVAL OF DATA

1. Your data will be processed for the period necessary to achieve the purposes of processing indicated in point. 2, i.e.:

- within the performance of the Agreement concluded with the Controller – until its performance is completed, and after that time for the period required by law or to secure the settlement of any claims;
- in the scope of processing carried out only on the basis of your consent - until the date of immediate deletion of data, based on the request made by you;
- in the scope of fulfilling legal obligations of the Controller – until these duties are fulfilled by the Controller;
- within the performance of the purposes of the legitimate interests pursued by the Controller – until these purposes are fulfilled.
IV.RECIPIENTS OF YOUR PERSONAL DATA.
1. The recipients of your data may be in particular: authorized employees of the Controller and other persons acting under the authority of the Controller, tax offices, institutions of employment law and social security, as well as institutions authorized to receive your data under applicable law.
2. Your data is also transferred to the entities entrusted with data processing tasks by the Controller and the persons acting under their authority. Such entities process data on the basis of the agreement concluded with the Controller and only in accordance with the Controller’s instructions. These are in particular commercial agents and entities rendering services in the field of IT, legal activities, social security, marketing and licenses.


V.YOUR DATA PROTECTION RIGHTS
1. You have the right to:
- demand access to your data, as well as demand their rectification, limitation of their processing or their removal;
- withdraw at any time the consent granted to the processing of your data to the extent that it applies, subject to the provision that withdrawal of the consent does not affect the lawfulness of data until the consent is withdrawn;
- file a complaint to the supervisory body - which in the Republic of Poland is the President of the Office for Personal Data Protection - if you consider that the processing of your data violates the legal provisions, including the GDPR.

VI.COOKIE FILES
1. The website of the Service Provider uses ‘cookie’ files. Not changing the browser settings on the part of the customer, equals the agreement to using it.
2. Installing cookies is necessary in order to provide properly the website services. Cookies hold information necessary for the proper functioning of the website, especially for those which require an authorization.
3. The website uses session ‘cookie’ files which are temporary files stored in the terminal equipment of the User up to the moment the User logs out (closes the browser).
4. The User has a right to define the scope of the ‘cookies’ by changing the settings on the browser. Detailed information about the possibilities and the ways of managing ‘cookies’ is available in the software settings (of the web browser).