Privacy policy

1. CONTROLLER POLICY CONTENTS

1. The Controller’s Privacy Policy shall mean information regarding personal data processing and handling other information with respect to Users of www.dmvplus.pl website (hereinafter referred to as the “Website”). In this Privacy Policy, the Controller has contained all the information the data subjects should receive pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR)..
2. The Privacy Policy also contains information about processing of data acquired through the Website. Detailed
information regarding the application of cookies or other similar technologies has been presented in the cookies policy available here >>>>https://dmvplus.pl/pl/polityka-cookie

2. DATA CONTROLLER

DRAHT – UND MATERIAL VERTRIEB DMV – PLUS SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Kokotów shall act as the Controller of personal data of the Website Users.
You can contact the Data Controller:
a) using the correspondence address: Draht-und Material Vertrieb DMV-PLUS Sp. z o.o. Kokotów 647 B, 32-002 Węgrzce Wielkie with annotation “personal data”
b) using the dedicated e-mail address: rodo@dmvplus.pl

3. OBJECTIVES OF PERSONAL DATA PROCESSING

The Controller shall process personal data of Website Users in particular for the purpose of::
a) performing services related to the Website;
b) assuring the reliability and security of Website operation,
c) assuring contact with Website users;
d) presenting information about one’s business;
e) presenting the multimedia content;
f) presenting the assorted goods and products;
g) conducting promotional and marketing campaigns, including popularisation of the Website, business, as well as goods and products using the social media;
h) gathering general and anonymous statistical data and their analysis;
i) settling, pursuing, or defending against claims.

4. LEGAL GROUNDS FOR PERSONAL DATA PROCESSING

Legal basis for personal data processing by the Data Controller is as follows:
a) granting consent to the application of specific cookies or other technologies, expressed by settings of the browser, pursuant to the Telecommunications Law (Article 6(1)(a) GDPR);
b) performance of the Website service pursuant to the Website regulations available here >>> https://dmvplus.pl/pl/regulamin (Article 6(1)(b) GDPR);
c) compliance with a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR);
d) legitimate interest of the Controller, including in the area of communication with the Users, placement of marketing and promotional information, conducting direct marketing activities, improving service quality, performing anonymous statistics, analyses, presenting multimedia content, presenting one’s business, assortment of goods and products, including their popularisation via the social media, as well as settling, pursuing, or defending against claims (Article 6(1)(f) GDPR).

5. EXTENT OF PERSONAL DATA PROCESSING

Within the framework of the Website, the Controller shall process, in particular, the following personal data:
a) information regarding users’ devices, device IP address, information contained in cookies or other similar technologies, data regarding consent for use of cookies and their management, data related to the session, website browser data, data related to activity on the Website, including particular sub-pages – such information does not contain data related to the users’ identity but, in conjunction with other information, they may constitute personal data and, therefore, the Controller covers them with full protection attributable according to GDPR.
b) data contained in the contact form, such as: full name, company name, phone number, e-mail address, message contents, data regarding Privacy Policy acceptance and consent to personal data processing.

6. RECIPIENTS OF PERSONAL DATA

In order to assure correct Website functioning, it is necessary for the Controller to outsource some services. The Controller can only use the services of such processors who assure sufficient guarantees of implementing relevant technical and organisational measures for the processing to meet GDPR requirements and to protect the rights of data subjects.
The Controller does not handover data in any case and not to all the recipients listed in the Privacy Policy. The Controller shall hand the data over exclusively when necessary to achieve a certain objective of personal data processing, and only to the extent necessary to achieve it.
Users’ personal data may be received by:
a) entities such as hosting and Website support providers, IT services providers,marketing services and promotional campaign providers;
b) legal and consulting services providers;
c) accountancy and tax services providers,
d) providers of services related to pursuing and defence against claims, and debt collection,
e) authorities operating under the law, including courts and other public administration authorities who have the right to request data disclosure.

7. DATA TRANSFER TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

By the rule, personal data shall not be transmitted to a third country or an international organisation outside the European Economic Area (EEA). Personal data transfer outside the EEA may, however, occur due to the Controller’s outsourcing of services. In such a case, the transfer shall usually occur to the United States of America (USA) pursuant to a decision on adequate level of protection made by the European Commission, the Privacy Shield, determining adequate level of personal data protection with respect to entities participating in the programme, or pursuant to standard contractual clauses according to the decision by the European Commission, or pursuant to express User’s consent..

8. TERM OF YOUR PERSONAL DATA STORAGE

Your personal data shall be kept for a period required by the law and until termination of the contract with the controller, as well as expiry of any related claims. In the event of any data pursuant to the consent, the data shall be processed until the consent is withdrawn. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. The data processed in the event of communication shall be processed until a party submits a justified objection thereto.

9. YOUR RIGHTS RELATED TO PERSONAL DATA PROCESSING

You shall have the following rights related to personal data processing:
a) where the processing is under the consent, you shall have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
b) you shall have the right to access your personal data and obtain a copy thereof, the right to rectification, erasure, restriction of processing, data portability, and the right to object against processing – exclusively on the terms stipulated in GDPR;;
In order to exercise any of the above rights, please, contact the Controller by using the contact data provided in section I, and inform the Controller which right you wish to exercise and to what extent.
c) submit a complaint to a supervisory authority in charge of data protection, namely President of the Data Protection Office, if you believe processing of your personal data is in breach of GDPR.

10. MANDATORY DATA PROVISION

The provision of your personal data is voluntary by nature but, to the extent it is necessary for entering into and performance of the contract with the Controller, if you fail to provide the data, it shall preclude the service delivery.

11. INFORMATION ABOUT AUTOMATED DECISIONMAKING AND PROFILING

Your data shall not be used for automated decisionmaking, including profiling.

12. AMENDMENTS TO THE PRIVACY POLICY

1. The Privacy Policy may be supplemented or updated according to the Controller’s current needs to assure that Users are provided with updated and reliable information regarding their personal data and information related thereto..
2. The Controller recommends reading this document in its applicable form.
3. This Privacy Policy shall enter into force starting from 1 May 2020.