Privacy policy

Applies as of 25^th May 2018.

This Privacy Policy of the website at the www address https://remtor.com specifies the rules of collecting, using and processing personal data obtained from the website Users by the personal data controller – Remtor sp. z o.o. with its registered office in Sępólno Krajeńskie, at ul. Koronowskiej 22, 89-400 Sępólno Krajeńskie. The Controller processes personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27^th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “GDPR”).

I. Personal data processing in connection with the use of the website

The Controller collects the Users’ data in connection with their using the website and only to the extent necessary for rendering the particular services offered on the website; the Controller also collects anonymized information about the Users’ activity on the website - by means of http cookies - according to the rules laid down in this Policy.

II. Legal basis for and purposes of personal data processing on the website

The personal data provided by the User to the Controller include in particular the forename, surname, address of residence, telephone number and e-mail address; these are processed for a variety of purposes:

1. to the extent necessary for answering the question asked, where the question does not constitute a request for a commercial offer,
2. for the purpose of preparing a commercial offer concerning products and services offered by the Controller,
3. for the purposes of preparing and pursuing negotiations aimed at concluding a contract and, thereafter, for the purposes of performing the contract.

The Controller would like to emphasise that the personal data provided by the User are not used for marketing purposes, i.e. the Controller does not send advertisements, newsletters, nor does the Controller use any other forms of direct marketing.

The administrator does not process data for automated decision making and profiling.

Personal data are provided by filling in the relevant fields of the form on the “CONTACT” subpage. Personal data are provided voluntarily, but a refusal to give consent to the processing of personal data or provision of incomplete personal data may prevent one from using the services offered by the Controller.

Therefore, the Controller processes the User’s personal data for the purposes necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, as provided for in Article 6(1)(b) of GDPR.

Upon completion of the performance of the contract, the User’s personal data provided to the Controller may also be stored for a further period of time for the following purposes and on the basis of the following criteria for determining the duration of personal data processing:

1. for the purpose of compliance with the statutory obligations to which the Controller is subject, in particular those arising from tax regulations and accounting regulations – the legal basis for the processing is a legal obligation (Article 6(1)(c) of GDPR),
2. for the purpose of establishing, vindicating or contesting claims, if any - the legal basis for the processing is a legitimate interest pursued by the Controller (Article 6(1)(f) of GDPR), involving the protection of the Controller’s rights.

III. The User’s rights

1. The User has the right to obtain access to and demand rectification, erasure, restriction of the processing of his or her data, the right to data portability, and the right to object to the processing of his or her data, as well as the right to lodge a complaint with the personal data protection supervisory authority. Where the User’s data are being processed on the basis of his or her consent and are not being processed for any other purposes, the consent may be withdrawn at any time by contacting the Controller via electronic channels of communication at the e-mail address: info@remtor.com, or by posting a letter to the address: Remtor Sp. z o.o., ul. Koronowska 22, 89-400 Sępólno Krajeńskie.
2. The User has the right to object at any time to the processing of his or her data where the processing is based solely on a legitimate interest pursued by the Controller, as referred to in Article 6(1)(f) of GDPR. Also, the User has the right to object, on grounds relating to his or her particular situation, at any time to the processing of his or her data where the legal basis for the processing is a legitimate interest pursued by the Controller. Where the provided personal data have not been used to conclude a contract (e.g. where the parties failed to conclude the contract), the User also has the right to withdraw his or her consent to data processing, at any time, without any effect on the lawfulness of the processing done on the basis of the consent prior to its withdrawal.
3. The data subject has the right to obtain from the Controller, without undue delay, the erasure of personal data concerning the data subject (“the right to be forgotten”), where one of the following grounds applies:

a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,

b) the data subject withdraws consent on which the processing is based according to Article 6(1)(a) of GDPR or Article 9(2)(a) of GDPR, and where there is no other legal ground for the processing,

c) the data subject objects to the processing pursuant to Article 21(2) of GDPR,

d) the personal data have been unlawfully processed,

e) the personal data have to be erased for compliance with a legal obligation in Union or Polish law,

f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of GDPR.

IV. Recipients of the data:

In relation to the provision of services, personal data will be disclosed to external entities, in particular to suppliers responsible for operating the IT systems used in the provision of the services, to entities such as banks and payment service providers, to entities rendering accounting services, to couriers (in relation to the fulfilment of an order).

The Controller reserves the right to disclose information concerning the User to competent authorities or to third parties which make a request for this information on the appropriate legal basis and in accordance with the law.

V. Transfer of personal data outside the European Economic Area

The Controller does not transfer any personal data outside the European Economic Area, unless it is required by appropriate legal regulations and the transfer of data takes place at the request of competent authorities.

VI. Security of personal data

The Controller performs a continuous risk analysis to ensure that the Users’ personal data are being processed in a secure manner and lawfully and that the data are only accessible to authorized individuals and to the extent necessary for the performance of their tasks. All operations on personal data are being registered. Prior to any transfer of personal data to the Controller’s subcontractors, contracting parties or other entities cooperating with the Controller, the Controller makes every effort to ensure that those recipients guarantee appropriate protection of the personal data.

Moreover, the Controller takes special care that personal information is:

• correct and processed lawfully,
• obtained for specific purposes only and not processed any further in a manner incompatible with those purposes,
• adequate, appropriate and not excessive,
• accurate and updated,
• not stored any longer than necessary,
• processed in compliance with the rights of data subjects, including the right to prevent their data from being made available to third parties,
• stored in a secure manner,
• not transferred without appropriate protection.

VII. HTTP Cookies

The Controller does not automatically collect any personal data in relation to the use of the website. However, certain other data contained in http cookies are collected while the website is being used. For this purpose, the Controller uses Google Analytics tools.

Http cookies are small text files stored on the end user’s device, e.g. computer, smartphone, which enable the web page to be displayed correctly.

The Users may control the way in which http cookies operate by means of mechanisms embedded in the software for browsing www pages (web browsers). However, blocking certain http cookies may affect the website functionality.

Http cookies collect information about the Users for the following purposes:

1. to enable the Users to view Internet advertisements that match their individual preferences and interests and are related to the Users recent online purchases.
2. for analytical and statistical purposes.

Http cookies do not contain any data identifying the User. They cannot be used to establish anyone’s identity. Http cookies are not in any way harmful to the end device and do not modify its settings nor the settings of any software installed on it. The content of http cookies is only readable to the server which created them.

The Controller does not directly display any advertisements concerning the Controller’s online services. The responsibility for the choice of advertisements that match the User’s preferences lies with Google Inc.

VIII. Final provisions

Any modification of this Privacy Policy will be notified by the Controller through including a note to that effect in the text of the Policy.

If in doubt or to obtain additional information, please contact us at the e-mail address: info@remtor.com