1. General Provisions
- The administrator of personal data is NAV24 limited liability company with its registered office in Bielsko-Biała at ul. Gen. Maczka 9, 43-300 Bielsko-Biała, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in Bielsko-Biała, III Commercial Department of the National Court Register under the number KRS: 0000481874, NIP: 5472148066, REGON: 243394657, share capital in the amount of PLN 33,000.00, tel. (33) 333 94 24, e-mail: email@example.com („Administrator”).
- In matters of personal data protection, you can contact administrator by e-mail: firstname.lastname@example.org, by phone at: (33) 333 94 24 and by post to the address of the administrator’s seat: ul. Gen. Maczka 9, 43-300 Bielsko-Biała.
- The administrator follow the rules set out in Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC („GDPR”), in particular, it properly protects personal data against unlawful access to personal data by third parties, in particular, encrypts personal data, archives personal data, assesses personal data safeguards, ensures confidentiality, integrity, availability and resilience of systems and processing services.
- Personal data provided on the website at: https://nav24.pl/ and its subdomains („Website”) are treated as confidential and are not visible to unauthorized persons. Data protection is carried out in accordance with the requirements of generally applicable law, and their storage takes place on secured servers.
2. Personal data
- Providing personal data is voluntary, but necessary for the proper performance of the contract for the provision of functionalities of the Website and the use of these functionalities, managing the sales process and service, including handling of inquiries via e-mail and telephone service provided by the Administrator. Failure to provide personal data in a given case will result in the inability to conclude and perform the abovementioned contract, using the functionality of the Website, as well as the inability to manage the sales process and service by the Administrator.
- User data entered into the Website are the property of the User. The Users’ use of the Website and its functionalities, as well as the use of e-mail and telephone services may involve the collection and processing of data by the Administrator – some of the data collected and processed by the Administrator is personal data. The administrator may also process aggregate information about Website Users.
- The administrator collects and processes personal data in the following areas:
a.) data contained in forms available on the Website, such as: name, surname, telephone number, e-mail address, company name and other personal data provided in the form, e.g. regarding the submitted inquiry;
b.) data regarding the use of the Website, in particular the IP address; type of browser used, language, type of operating system, Internet service provider, time and date information, location
c.) data regarding the use of the Website saved in the so-called cookies, such as clicks, navigation or browsing history, preferences or behaviour data when browsing the Website;
d.) data related to the use of e-mail and telephone service;
e.) other data related to the use of Website functionalities by users, for example additional personal data regarding e.g. filed complaints.
- The administrator processes personal data in order to conclude and perform a contract for the provision of functionalities of the Website, to provide services under the said contract, to manage the sales process and service, as well as to possibly determine, investigate or defend against claims, for analytical, archival, accounting purposes , as well as to offer the Users of the Website products and services directly by the Administrator (direct marketing), including matching them in terms of their needs with the help of profiling, which, however, will not significantly affect the situation or have legal effects on these entities.
- Personal data in the scope of ordinary data are processed by the Administrator for the following purposes:
a.) conclusion and implementation of the contract or taking action at the request of the data subject before the conclusion of the contract (legal basis: art.6 par.1 lit. b GDPR);
b.) fulfilment of the obligations incumbent on the Administrator arising from legal provisions (legal basis: art.6 par.1 lit. c GDPR);
c.) implementation of the Administrator’s legitimate interests, in particular for archival, evidentiary, statistical, reporting purposes, for the purpose of pursuing claims or defending against them, as well as for the purposes of marketing and promotion of the Administrator’s products and services (legal basis: Article 6 paragraph 1 lit. f GDPR);
d.) in other cases, personal data in the field of ordinary data will be processed only on the basis of previously granted consent, to the extent and for the purpose expressed in its content (legal basis: art.6 par.1 lit. a GDPR) – if Website users agree to receive marketing messages to an email address, the legal basis will also be Art. 10 of the Act of July 18, 2002 on the provision of electronic services.
- The administrator will process personal data for the period necessary to achieve the purposes for which they were collected, i.e.:
a.) In the scope of implementation of the contract concluded with the Administrator for the period of its validity, and after that time for the period resulting from legal provisions or for the implementation of the Administrator’s legitimate interests, including for securing and pursuing any claims.
b.) In the scope of implementing the legal obligation incumbent on the Administrator for the period and to the extent required by law.
c.) In the event that personal data is to be processed in order to implement the legitimate interests of the Administrator, referred to above for a period of time until the implementation of these interests or objection to such processing.
d.) In the event that personal data are processed on the basis of consent – until such consent is withdrawn. To the extent that data is processed on the basis of a separate consent, the person who gave their consent has the right to withdraw the consent at any time. This does not affect the lawfulness of data processing activities carried out prior to the withdrawal.
- Personal data may be made available by the Administrator to the following categories of recipients:
a.) authorized employees and associates of the Administrator;
b.) providers of services providing the Administrator with technical and organizational solutions enabling the provision of services (in particular courier and postal companies, entities providing IT services – including entities providing hosting services, the producer and supplier of the software offered, marketing entities, entities supporting accounting processes, banks, suppliers legal and consulting services and their authorized employees and associates);
c.) entities that perform data analytics to personalize ads, develop remarketing campaigns and are separate administrators in this respect
d.) entities providing tools for analysis, optimization and efficient operation of the Administrator’s services, being separate administrators in this respect;
e.) public authorities, provided that they are authorized to do so by applicable law (after the relevant request has been submitted by the authorities).
- The administrator will not transfer or allow the transfer of personal data outside the EEA, unless it takes the necessary measures to ensure that the transfer is in accordance with the GDPR. These measures may include, in particular, the transfer of personal data to a recipient in a country that, according to the decision of the European Commission, ensures adequate protection of personal data or a recipient in the United States who has certified compliance with the EU-US Privacy Shield program.
- The data subject has the right to access his/her data, the possibility to correct them, rectify, delete or limit their processing, and the right to transfer data and to object to data processing. In addition, he/she has the right to withdraw his/her consent to their processing at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. In addition, if the data subject believes that the Administrator is processing his/her data unlawfully, he/she may file a complaint to the President of the Office for Personal Data Protection or other competent supervisory authority.
3. Cookie files
- This website uses cookie files. These are small text files sent by a web server and stored by the browser computer software. When the browser reconnects to the site, the site recognizes the type of device the user connects to. Parameters allow reading the information contained therein only to the server that created them. Cookie files therefore facilitate the use of previously visited websites.
- The information collected relates to the IP address, type of browser used, language, type of operating system, Internet service provider, time and date information, location, and information sent to the site via the form by the User.
- The collected data is used to monitor and check how users use our websites to improve the functioning of the website by providing more efficient and trouble-free navigation. We monitor information about Users using the tools: Google Analytics, Sales Manago, Albacross, which record User behaviour on the Website.
- Administrator collects the following cookie files:
- „necessary” cookie files, enabling the use of services available as part of the Website, e.g. authentication cookies used for services that require authentication as part of the Website;
- cookies used to ensure security, e.g. used to detect fraud in the field of authentication on the Website;
- „performance” cookie files, enabling the collection of information on the use of Website pages;
- „functional” cookie files, enabling „remembering” the settings selected by the user and personalizing the User’s interface, e.g. in terms of the selected language or region of the User, font size, website appearance, etc;
- „advertising” cookie files, enabling to provide users with advertising content more adjusted to their interests.
- Website Users can change their cookie files settings at any time. These settings can be changed especially in such a way as to block the automatic handling of cookies in the web browser settings or to inform about them every time they are placed in the device of the Website User. Detailed information about the possibilities and ways of handling cookies is available in the software (web browser) settings.
- Information on managing cookie files in individual browsers can be found on pages dedicated to individual browsers:
a.) Firefox: http://support.mozilla.org/pl/kb/ciasteczka;
b.) InternetExplorer: http://support.microsoft.com/kb/196955/pl;
c.) Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647;
d.) Opera: http://help.opera.com/Linux/12.10/pl/cookies.html;
e.) Safari: http://support.apple.com/kb/HT1677?viewlocale=pl_PL&locale=pl_PL.
- The Administrator warns that restricting the use of cookie files may affect some of the functionalities available on the Website, and in extreme cases may prevent to use the Website.