Privacy Policy
WWW.FORCELL.PL
§ 1
GENERAL PROVISIONS
1. The administrator of personal data collected through the website www.forcell.pl is PartnerTele.com Sp. z o.o. Sp. k., located at 22 Sołtysowska Street in Krakow. email address: kontakt@forcell.pl, telephone number: +48 721 808 007, hereinafter referred to as the “Administrator” and also the “Service Provider”.
2. Personal data collected by the Administrator through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the GDPR.
3. All words or phrases written in uppercase in this Privacy Policy should be understood according to their definition contained in the Regulations of the website www.forcell.pl.
§ 2
TYPES OF PROCESSED PERSONAL DATA, PURPOSE AND SCOPE OF DATA COLLECTION
1. PROCESSING PURPOSE AND LEGAL BASIS. The Administrator processes personal data of visitors to the www.forcell.pl website in the following cases:
- Using the Opinion System, to know the Customer’s opinion on the concluded Sales Agreement with the Administrator, based on Article 6(1)(f) of the GDPR (legitimate interest of the entrepreneur),
- Subscribing to the Newsletter for the purpose of sending commercial information electronically. Personal data is processed after separate consent is given, based on Article 6(1)(a) of the GDPR,
- Using the Contact Form to send a message to the Administrator, based on Article 6(1)(f) of the GDPR (legitimate interest of the entrepreneur).
2. TYPES OF PROCESSED PERSONAL DATA. The Service Recipient provides, in the case of:
- Account: email address,
- Orders: first and last name, address, tax identification number (NIP), email address, telephone number,
- Opinion System: first and last name,
- Contact Form: first and last name, email address.
3. DATA ARCHIVING PERIOD. Personal data of Service Recipients are stored by the Administrator:
- In the case where the processing of data is based on the performance of a contract, for as long as necessary to perform the contract, and thereafter for a period corresponding to the statute of limitations for claims. If a special provision does not state otherwise, the limitation period is six years, and for claims related to periodic benefits and claims related to business activity, three years,
- In the case where the processing of data is based on consent, until the consent is withdrawn, and after the withdrawal of consent for a period corresponding to the statute of limitations for claims that the Administrator may raise or may be raised against him. If a special provision does not state otherwise, the limitation period is six years, and for claims related to periodic benefits and claims related to business activity, three years.
4. During the use of the website, additional information may be collected, in particular: IP address assigned to the Service Recipient’s computer or external IP address of the Internet provider, domain name, type of browser, access time, type of operating system.
5. After separate consent is given, based on Article 6(1)(a) of the GDPR, data may also be processed for the purpose of sending commercial information electronically or making telephone calls for direct marketing purposes – respectively in connection with Article 10(2) of the Act of 18 July 2002 on the provision of electronic services or Article 172(1) of the Act of 16 July 2004 – Telecommunications Law, including those directed as a result of profiling, if the Service Recipient has given appropriate consent.
6. Data navigation may also be collected from Service Recipients, including information about links and references they decide to click on or other actions taken on the website. The legal basis for this type of activity is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting of facilitating the use of services provided electronically and improving the functionality of these services.
7. Providing personal data by the Service Recipient is voluntary.
8. The Administrator takes special care to protect the interests of the persons whose data it processes, and in particular ensures that the data collected by it are:
- processed lawfully,
- collected for specified, lawful purposes and not subject to further processing incompatible with those purposes,
- factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows identification of the persons to whom they relate, no longer than is necessary to achieve the purpose of processing.
§ 3
SHARING OF PERSONAL DATA
1. Personal data of Service Recipients are transferred to service providers used by the Administrator in operating the website, in particular to:
- hosting providers,
- providers of software enabling business operations,
- entities providing mailing systems,
- providers of software necessary for operating the website.
2. Service providers mentioned in point 1 of this paragraph, to whom personal data are transferred, depending on contractual agreements and circumstances, either follow the instructions of the Administrator regarding the purposes and methods of processing this data (data processors) or independently determine the purposes and methods of their processing (administrators).
3. Personal data of Service Recipients are stored exclusively within the European Economic Area (EEA), with the exception of § 5 point 5 and § 6 of the Privacy Policy.
§ 4
RIGHT TO CONTROL, ACCESS TO OWN DATA CONTENT, AND THEIR CORRECTION
1. The person whose data is concerned has the right to access the content of their personal data and the right to rectify, delete, limit processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
2. Legal bases for the Service Recipient’s request:
- Access to data – Article 15 of the GDPR.
- Rectification of data – Article 16 of the GDPR.
- Erasure of data (the right to be forgotten) – Article 17 of the GDPR.
- Restriction of processing – Article 18 of the GDPR.
- Data portability – Article 20 of the GDPR.
- Objection – Article 21 of the GDPR.
- Withdrawal of consent – Article 7(3) of the GDPR.
3. To exercise the rights mentioned in point 2, you can send a relevant email to: reklamacje@forcell.pl
4. If the Service Recipient exercises a right arising from the above rights, the Administrator fulfills the request or refuses to fulfill it immediately, but no later than within one month of its receipt. However, if – due to the complexity of the request or the number of requests – the Administrator cannot fulfill the request within one month, they will fulfill it within the next two months, informing the Service Recipient in advance within one month of receiving the request – about the intended extension of the deadline and its reasons.
5. If it is found that the processing of personal data violates the provisions of the GDPR, the person whose data is concerned has the right to lodge a complaint with the President of the Office for Personal Data Protection.
§ 5
COOKIES FILES
1. The Administrator’s website uses “cookies” files.
2. The installation of “cookies” files is necessary for the proper functioning of the website. The “cookies” files contain information necessary for the proper functioning of the website and also allow for the development of general statistics of website visits.
3. Two types of “cookies” files are used within the website: “session” and “persistent”.
- “Session” cookies are temporary files that are stored on the Service Recipient’s end device until logging out (leaving the website).
- “Persistent” cookies files are stored on the Service Recipient’s end device for the time specified in the parameters of the “cookies” files or until they are deleted by the Service Recipient.
4. The Administrator uses their own cookies files to better understand the interaction of Service Recipients with the website content. The files collect information about how the Service Recipient uses the website, the type of website from which the Service Recipient was redirected, and the number of visits and the time of the Service Recipient’s visit to the website. This information does not record specific personal data of the Service Recipient but is used to develop statistics on website usage.
5. The Administrator uses external cookies files to collect general and anonymous statistical data through Google Analytics analytical tools (external cookies administrator: Google LLC. based in the USA).
6. Cookies files can also be used by advertising networks, especially the Google network, to display ads tailored to the way the Service Recipient uses the website. For this purpose, they may retain information about the Service Recipient’s navigation path or the time spent on a given page.
7. The Service Recipient has the right to decide on the scope of access to “cookies” files on their computer by:
- choosing the types of cookies files to be collected immediately after entering the website and appearing of the message regarding cookies,
- changing settings in their browser window. Detailed information on the possibilities and methods of handling “cookies” files is also available in the software settings (web browser).
§ 6
ADDITIONAL SERVICES RELATED TO USER ACTIVITY on the website.
1. On the website, so-called social plugins (“plugins”) of social media services are used. By displaying the website www.forcell.pl, containing such a plugin, the Service Recipient’s browser will establish a direct connection to the servers of Facebook and Google.
2. The content of the plugin is transmitted by the respective service provider directly to the Service Recipient’s browser and integrated into the website. Thanks to this integration, service providers receive information that the Service Recipient’s browser has displayed the www.forcell.pl website, even if the Service Recipient does not have a profile with the respective service provider or is not currently logged in. This information (along with the Service Recipient’s IP address) is sent directly to the server of the respective service provider by the browser (some servers are located in the USA) and stored there.
3. If the Service Recipient logs into one of the above social media services, this service provider will be able to directly assign the visit to the www.forcell.pl website to the Service Recipient’s profile on that social media platform.
4. If the Service Recipient uses a specific plugin, for example, by clicking the “Like” button or the “Share” button, the corresponding information will also be transmitted directly to the server of the respective service provider and stored there.
5. The purpose and scope of data collection and its further processing and use by service providers, as well as the possibility of contact and the rights of the Service Recipient in this regard and the possibility of making settings to ensure the protection of the Service Recipient’s privacy, have been described in the privacy policies of the service providers:
6. If the Service Recipient does not want social media services to directly associate data collected during visits to the www.forcell.pl website with their profile on that social media platform, they must log out of that service before visiting the www.forcell.pl website. The Service Recipient can also completely prevent the loading of plugins on the website by using appropriate extensions for their browser, such as blocking scripts using “NoScript”.
7. The Administrator uses remarketing tools on their website, such as Google Ads, which involves the use of cookies by Google LLC for the Google Ads service. As part of the cookie settings management mechanism, the Service Recipient has the option to decide whether the Service Provider will be able to use Google Ads (external cookies administrator: Google Inc. based in the USA) in relation to them.
§ 7
FINAL PROVISIONS
1. The Administrator implements technical and organizational measures to ensure the protection of processed personal data appropriate to the risks and categories of data covered by the protection, in particular securing the data against unauthorized access, acquisition by an unauthorized person, processing in violation of applicable law, as well as alteration, loss, damage, or destruction.
2. The Administrator provides appropriate technical measures to prevent unauthorized access to and modification of personal data transmitted electronically.
3. Matters not regulated by this Privacy Policy are governed by the provisions of the GDPR and other relevant provisions of Polish law.