- Personal data protection policy
At karolweber.com, we offer our clients the promotion of websites around the world. The protection of personal data is an important part of our work. We make every effort to keep the personal data of our clients private. Therefore, we publish below the principles and method of collecting, processing and using information in the field of personal data. - Provisions governing the processing of personal data
On May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data comes into force and repeal of Directive 95/46/EC (commonly referred to as “GDPR”). The GDPR applies to the same extent in all European Union countries, including Poland. - Personal data administrator The
personal data administrator is karolweber.com – Karol Weber.
In all matters related to the protection of personal data, in particular in terms of questions regarding the processing of personal data and your rights, please contact us at email napiszdo@karolweber.com. - Purposes of personal data processing
In order to provide services in accordance with the business profile, karolweber.com processes personal data for various purposes, but always on a legal basis and in accordance with the law. We process personal data for the purpose of:- performance of services provided by karolweber.com (Article 6(1)(b) of the GDPR, which allows you to process personal data if they are necessary to perform the contract or take steps to conclude the contract)
- verification of the Customer’s identity, i.e. the Service Provider (legal basis: Article 6(1)(c) of the GDPR)
- consideration of complaints (Article 6(1)(b) of the GDPR, which allows the processing of personal data if they are necessary to perform the contract or take steps to conclude the contract)
- sending e-mail notifications containing commercial information (Article 6(1)(a) of the GDPR, which allows the processing of personal data, if the person has previously given such consent; Article 6(1)(f) of the GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator pursues its legitimate interest)
- financial settlements and accounting reporting, such as e.g. storing accounting documentation for 5 years (Article 6(1)(c) of the GDPR, which allows the processing of personal data, if such processing is necessary for the Personal Data Administrator to fulfill its obligations under laws)
- creating registers and records related to the GDPR (Article 6(1)(c) of the GDPR, which allows the processing of personal data if such processing is necessary for the Personal Data Controller to fulfill its obligations under the law; Art. 6(1)(c) of the GDPR, which allows the processing of personal data f of the GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator pursues its legitimate interest)
- establishing, investigating or defending against claims (Article 6(1)(f) of the GDPR, which allows the processing of personal data if in this way the Personal Data Administrator pursues its legitimate interest, as a rule up to 10 years due to the applicable limitation periods for claims (legal basis: Article 118 et seq. of the Civil Code)
- analytical, i.e. researching and analyzing activity on the website (Article 6(1)(f) of the GDPR, which allows the processing of personal data, if in this way the Personal Data Administrator pursues its legitimate interest)
- use of cookies on the website (Article 6(1)(a) of the GDPR, which allows the processing of personal data on the basis of voluntary consent)
- posting your opinion about the services (Article 6(1)(a) of the GDPR, which allows you to process personal data on the basis of your voluntarily given consent – in this case, we assume that posting an opinion is a simultaneous consent to the processing of personal data).
- Type of data processed
The data we process is: name(s), surname, e-mail address, telephone number, business or correspondence address, bank account number (for financial settlements), nickname (in order to post your opinion). In addition, for analytical purposes, the date and time of visiting the website, type of operating system, approximate location, type of web browser, time spent on the website, visited subpages, subpage where contact forms were completed, and data allowing identification of the device you use on the website may be processed for analytical purposes. the needs of websites and mobile applications offered by karolweber.com. - Recipients of personal data
Like most entrepreneurs, we use the help of other entities in our business, which often involves the need to provide personal data. In connection with the above, if necessary, we transfer your personal data to entities cooperating with us that provide services for karolweber.com (e.g. payment service companies, legal advice company on complaints, hosting company or insurance company if it is necessary to repair the damage. In addition, on the basis of a legal provision or a decision of an authority, we may also be obliged to provide personal data to other entities, public or private.In each case, we analyze with the utmost care so as not to provide information to an unauthorized person. - Transfer of data outside the European Economic Area
In order to perform the contract concluded with karolweber.com, it may happen that data will be transferred to a third country outside the EEA, in which the data may be less protected than in the EEA. However, at all times, the transfer will be done in a controlled and secure manner, and only to the minimum extent permitted by law. You can check a detailed list of the degree of protection in individual countries at https://giodo.gov.pl/. - Duration of storage/processing of personal data
In accordance with the applicable provisions of the GDPR, personal data will be stored / processed for the period necessary to achieve the designated purpose. After this period, personal data will be irreversibly deleted or destroyed. Below are the individual periods of personal data processing:- in order to conclude and perform a service contract for the duration of the contract
- in order to establish, pursue or defend claims for a period of 3 or 10 years (the length of the period depends on whether both parties are entrepreneurs)
- in order to meet tax law obligations for a period of 5 years
- on the basis of the legitimate interest of the Personal Data Administrator or for marketing purposes until the objection is successfully raised or the purpose of processing is achieved, but not longer than 5 years
- for analytical purposes, the use of cookies and the administration of the website until it becomes outdated or loses its usefulness, but not longer than 3 years
- until the consent is withdrawn or the purpose of processing is achieved, but not longer than 5 years
- Rights of data subjects
We respect your rights resulting from the provisions on the protection of personal data and we try to facilitate their implementation to the highest possible extent. Please note, however, that the above-mentioned rights are not absolute, which means that in some situations we may lawfully – when the refusal to comply with the request is necessary – refuse to comply with them. Your rights:- the right to request access to and rectification of your personal data (Articles 15 and 16 of the Regulation),
- the right to transfer data (Article 20 of the Regulation),
- the right to delete data in the cases specified in the Regulation (Article 17 of the Regulation)
- the right to limit their processing (Article 18 of the Regulation).
- the right to object to the processing of your personal data (Article 21 of the Regulation). In the event of an objection submitted before or during the performance of the contract, the submission will result in the inability to perform some or all of the services under the contract, and may be treated as termination of the contract.
- the right to withdraw consent in cases where the processing is based on consent (Article 6(1)(a) of the Regulation). In this case, please send us an e-mail at napiszdo@karolweber.com.
- the right to submit a complaint to the supervisory authority if it is found that the processing of your personal data violates the provisions of the Regulation
- The requirement to provide personal data
We obtain data from you when booking a service. Where the booking is not made in person, it may be obtained from the person booking the services for you. We can also obtain personal data using contact forms or special applications. Providing personal data is voluntary and depends on you. However, providing certain personal data is necessary to meet your expectations regarding the use of the services we offer. - Final provisions
The data protection policy enters into force on May 25, 2018. We will inform you about any changes to the privacy policy that may result from new provisions in Polish law, the development of Internet technologies, or the development and creation of new products and services of karolweber.com, by updating the privacy policy on the website.