Polityka Prywatności

The protection of Users' privacy is particularly important to us. For this reason, users of the online store stabitech.pl (hereinafter referred to as the Online Store) are guaranteed the highest standards of privacy protection. AWD Wojciech Dudek, as the administrator of personal data, takes care of the security of personal data provided by Users.

Taking into account the above and in view of the requirements introduced by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L.2016.119.1 of 2016.05.04) (hereinafter referred to as GDPR), in order to ensure the security of personal data by AWD Wojciech Dudek, this Privacy Policy has been adopted.

This Privacy Policy defines the rules for processing and protecting personal data provided by Users in connection with their use of the Online Store and other websites, communications, and services related to it.

A User is any person whose data is concerned, using the Online Store and other websites, communications, and services related to it. (hereinafter referred to as the User).

The administrator of personal data collected in the Online Store is AWD Wojciech Dudek, ul. Tęczowa 84, 53-603 Wrocław, NIP: 5751806203, REGON: 527763655 (hereinafter referred to as the Administrator).

To the extent necessary to perform the agreement concluded by the User with the Administrator, and also to the extent necessary to take actions by the Administrator at the User's request, and to the extent necessary to fulfill the legal obligation incumbent on the Administrator - the processing of the User's personal data takes place on the basis of a legal provision, i.e., Article 6(1)(b) and (c) of the GDPR, without the need for the User to consent to the processing of their personal data. In the remaining scope, the provision of personal data by the User is voluntary. However, to the extent that consent to the processing of the User's personal data has been given by them exclusively for marketing purposes, the provision of the User's personal data is voluntary, but refusal to give consent or withdrawal of consent will prevent the Administrator from informing the User about new offers and discounts.

I. USER'S CONSENT

Using the Online Store by the User means acceptance by the User that the Administrator collects, uses, and discloses non-personal and personal data in accordance with this Privacy Policy. However, the User has control over the way their data is used and disclosed, which is described in detail in Chapter V of this Privacy Policy "User's Rights".

In the case of processing personal data based on the User's consent, they have the right to withdraw the previously given consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal. The Administrator informs the User about the possibility of withdrawing consent before the User gives consent.

In the event of a change in this Privacy Policy, and the User continues to use the Online Store, this action is considered as consent to the current terms of the Privacy Policy.

II. PERSONAL DATA PROCESSED BY THE ADMINISTRATOR

1. How personal data is obtained
   1. Personal data obtained directly from the User
      The Administrator obtains personal data in two ways. The first way is to obtain personal data directly from the User, through:
      • sending a message by the User via the contact form provided in the Online Store,
      • creating a customer account by the User in the Online Store,
      • placing an order for goods or services in the Online Store,
      • contacting the User with the Administrator to obtain technical support, file a complaint, or for another purpose.
   2. Personal data obtained from other sources
      The Administrator also obtains personal data from sources other than directly from the User, i.e.:
      by recording the way the User uses the Online Store via cookies and other technologies, and receiving error reports or usage data from software running on the User's device,
      • from partners with whom the Administrator offers goods and services or conducts joint marketing activities.
2. Personal data processed by the Administrator
   The scope of personal data collected by the Administrator regarding Users may vary depending on the purpose of processing personal data.
   The Administrator collects, among others, the following personal and non-personal data:
   • Login name,
   • Name and surname / company name / name and surname of the entrepreneur or names and surnames of entrepreneurs operating in the form of a civil partnership,
   • Correspondence address,
   • Phone number,
   • Email address,
   • NIP,
   • REGON,
   • Computer IP,
   • Payment data, if the User makes a purchase in the Online Store.
   • Information contained in Cookies and similar technologies regarding the User's interaction with the Administrator's Online Store.

Additionally, the Administrator collects data regarding the content of files and messages of the User when required to fulfill the placed order, provide the customer account service, including collecting: the subject and content of the email, text or other content of the instant message, audio and video recording of the message, audio recording and transcription of the voice message received by the User or dictated by them text message.

The Administrator also collects information provided by the User, including opinions and ratings of goods and services, and information provided to obtain technical support. Furthermore, in the case of establishing contact, the Administrator collects the content of the message.

III. METHOD OF DATA PROCESSING - PURPOSES OF PROCESSING PERSONAL DATA BY THE ADMINISTRATOR

The method of processing personal data concerning the User by the Administrator depends on the scope of the User's use of the Online Store.

1. Orders, customer account (performance of the agreement)
   If the User decides to place an order for goods or services presented in the Online Store, the Administrator will process the User's personal data to the extent necessary to conclude the sales agreement or service provision agreement and ensure proper performance of the agreement concluded with the User.
   If the User creates a customer account in the Online Store, the Administrator uses the User's personal data to properly perform the electronic services agreement, including authentication and authorization of the User's access to the customer account.
2. Communication (performance of the agreement, legitimate interest pursued by the Administrator)
   The Administrator uses the User's personal data for personalized communication with them. This communication involves sending emails, placing notifications on websites, and other means within the conducted Online Store and provided customer account service, including text messages and push notifications. The content communicated to the User concerns offered goods and services, i.e., availability of services and how to use them, personal data security, network updates, reminders, but also suggested offers from the Administrator.
   Communication with the User also concerns user support. Personal data is used to help the User, solve problems, and respond to their complaints.
   The Administrator also uses the User's personal data to enable them to comment on the activity, Online Store, services, and goods of the Administrator.
3. Advertising (consent, legitimate interest pursued by the Administrator)
   The Administrator uses the User's personal data to offer them personalized advertisements if the User has consented to such actions or in the case of the formation of a business relationship between the Administrator and the User. These advertisements concern both the Administrator's offers and entities cooperating with them.
   The advertisements presented to the User are individually tailored to each User (so-called "profiling") by using:
   • data provided directly by the User,
   • data collected when the User uses the Online Store,
   • information provided by third parties,
   • data from advertising technologies such as cookies,
   • navigation signals, pixels, advertising tags, and mobile identifiers.
   The Administrator does not disclose the User's personal data to third-party advertisers or advertising networks without the User's consent. However, if the User clicks on a displayed advertisement, the advertiser will be informed about it.
4. Improving the Online Store (legitimate interest of the Administrator)
   The Administrator uses the User's personal data for conducting analytical and statistical activities to continuously improve the Online Store, goods and services offered by the Administrator, provide better solutions, add new features, and capabilities.
   Personal data concerning Users is also used by the Administrator for market research, public opinion research, and economic analysis to continuously improve the Online Store.
5. Security (legitimate interest of the Administrator)
   The Administrator uses the User's personal data to monitor, prevent, detect, and combat fraud and abuses, protect other Users from such abuses, and to ensure network and information security. In the event of a reasonable suspicion of a crime being committed, the User's personal data will be used to investigate the probable commission of a crime or other violation of this Privacy Policy by undesirable persons.
6. Pursuit of claims (legitimate interest of the Administrator)
   In the case where the User decides to use the Online Store, in particular by creating a customer account, placing an order for goods or services through it, the Administrator may process the User's personal data to the extent necessary to pursue potential claims from the conducted business activity, as well as to analyze potential violations of the rules of using the Online Store.
7. Tax documentation (fulfillment of legal obligation)
   In the case where the User places an order for goods or services through the Online Store, the Administrator will process the User's personal data to the extent necessary to maintain tax documentation and settlements for the executed orders.

IV. DISCLOSURE OF PERSONAL DATA BY THE ADMINISTRATOR

The User's personal data is or may be transferred to the following categories of recipients:

1. entities performing certain services in the sales process, i.e., courier/postal service providers, payment institutions intermediating in making payments by Users for placed orders for goods or services;
2. advertising or marketing service providers, in the case of realizing the purpose of direct marketing of the Administrator's own services;
3. legal and advisory service providers and those supporting the Administrator in pursuing due claims (in particular law firms, debt collection companies);
4. entities processing personal data on behalf of the Administrator, e.g., technical service providers maintaining the technical infrastructure necessary to operate the Online Store;
5. entities authorized to obtain data based on applicable law, e.g., courts or law enforcement authorities, when they make a request based on an appropriate legal basis.

V. USER'S RIGHTS

The User has the right to decide about their personal data by making a choice regarding the disclosure of individual personal data, including privacy settings. However, in such a situation, the User must be aware that they will not be able to fully use some functionalities of the Online Store or services offered by the Administrator.

In the case of the User's desire to exercise their rights as a data subject, they may contact the Administrator via an email sent to info@stabitech.pl. Some rights as a data subject can be exercised by the User through the customer account in the Online Store.

1. Right of access to data
   The User is entitled to obtain from the Administrator confirmation whether their personal data is being processed, and if so - they are entitled to access information regarding the details of the processing of their data, including in particular information about what the purpose of processing is and the categories of processed data.
   The User also has the right to request the delivery of a copy of the personal data subject to processing.
2. Right to rectification of data
   The User has the right to rectify personal data that are inaccurate. They have the right to request the replacement, supplementation, or removal of errors, defects, and misleading information in the entire data set that concerns them.
   The subject of supplementation cannot be personal data that are incorrect, i.e., the User cannot request the replacement or supplementation of existing data with incorrect data.
   In the situation where the processed personal data are incomplete, the User may submit an additional statement to supplement them. It is permissible to submit such a statement in any form, also using electronic means.
3. Right to erasure of data (right to be forgotten)
   The User has the right to request the erasure of their personal data if one of the following circumstances occurs:
   1. the User's personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
   2. the User has withdrawn consent on which the processing is based and there is no other legal basis for processing;
   3. the User objects to the processing of personal data concerning them;
   4. the personal data were processed unlawfully;
   5. the personal data must be erased to comply with a legal obligation provided for in Union law or the law of the Member State to which the Administrator is subject;
   6. the personal data were collected in connection with the offering of information society services.
   The right to be forgotten belongs to the User only in the case of exercising the right to erasure of personal data and only in the situation where the personal data concerning them have been made public by the Administrator.
4. Right to restriction of processing
   The User has the right to restriction of processing of their personal data in the following cases:
   1. the User contests the accuracy of personal data - for a period allowing the Administrator to verify the accuracy of those data;
   2. the processing is unlawful and the User opposes the erasure of personal data, requesting instead the restriction of their use;
   3. the Administrator no longer needs the User's personal data for the purposes of processing, but they are needed by the User to establish, exercise, or defend claims;
   4. the User has objected to processing - until it is established whether the legally justified grounds on the Administrator's side are overriding the grounds of the User's objection.
   In the case of restriction of processing, the Administrator may process personal data, except for storage, only:
   1. with the User's consent or
   2. for the purpose of establishing, exercising, or defending claims, or
   3. for the protection of the rights of another natural or legal person, or
   4. due to important considerations of public interest of the Union or a Member State.
5. Right to data portability
   The User has the right to receive in a structured, commonly used format the personal data concerning them that they provided to the Administrator and has the right to transmit those data to another administrator.
   The User also has the right to request that their personal data be transmitted by the Administrator directly to another administrator, provided that this is technically possible.
6. Right to object
   The User has the right to object at any time, for reasons related to their particular situation, to the processing of their personal data:
   1. in the public interest, within the exercise of public authority entrusted to the Administrator,
   2. to the processing for the purposes of direct marketing including profiling insofar as it is related to such direct marketing,
   3. in the justified interest of the Administrator.
   The procedure for considering the objection and all communication is free of charge, and it is also possible to lodge an objection electronically.
7. Right to lodge a complaint
   The User has the right to lodge a complaint with the Personal Data Protection Office, in particular in the Member State of their habitual residence, place of work, or place of the alleged infringement.

VI. COOKIES AND OTHER TECHNOLOGIES USED BY THE ADMINISTRATOR

The Administrator uses cookies and other similar technologies to ensure optimal service of the User's visit to the Online Store, enable faster and easier access to information, and propose to Users increasingly perfect functionalities of the Online Store, as well as for marketing and remarketing purposes (including necessary analytical activities and profiling for marketing profiles based on the User's activity on individual subpages of the Online Store). Cookies ("cookies") are code fragments that are text files corresponding to HTTP requests directed to the Administrator's server. The Online Store also uses other available technologies that allow saving information in the browser in appropriate data storages (Session Storage, Local Storage), and also places code fragments of analytical tools provided by other suppliers, which enable saving cookies in the domains of these services. The stored information or access to it does not cause configuration changes in the User's device and software installed on it. Information contained in cookies and similar technologies is considered personal data only in connection with other personal data available about a given User. If the User does not agree to saving and receiving information in cookies or similar technologies, they can change the rules regarding cookies using their web browser settings or apply the so-called opt-out option on the website of the provider of a given technological solution. Detailed information regarding the technologies used by the Administrator is available in the Cookie Policy.

VII. OTHER IMPORTANT INFORMATION

1. Protection of personal data security
   The Administrator implements various measures to ensure the security of the User's personal data. Safe use of the offered services is ensured by systems and procedures protecting against access and disclosure of data to unauthorized persons. Furthermore, the systems and procedures used by the Administrator are regularly monitored to detect potential threats. Personal data obtained by the Administrator are stored in computer systems to which access is strictly limited.
2. Storage of personal data
   The period of storage of Users' personal data may differ because different processing purposes may be determined for the personal data of different Users.
   The Administrator stores personal data for such a period as is necessary to achieve the specified purposes, i.e.:
   1. in the case of analytical and statistical purposes - for the period necessary to achieve goals related to the effective functioning and development of the Online Store;
   2. in the case of fulfilling orders, providing services to the User - for the duration of the agreement and the limitation period for claims;
   3. for the period required by law in relation to the purpose of maintaining tax documentation and settlements for executed agreements;
   4. in the case of processing personal data for marketing purposes - for the duration of the business relationship with the User, unless the User objects to processing for these purposes earlier;
   In each of the above cases, after the expiry of the necessary processing period, the data may be processed only to secure the pursuit of claims or defense against them, and after that time only to the extent required by law.
   Users' personal data are stored in the Administrator's database, in which technical and organizational measures ensuring the protection of processed data in accordance with the requirements specified in applicable legal regulations have been applied. Access to the database is available only to the Administrator.
3. Changes to the privacy policy
   In order to update the information contained in this Privacy Policy and its compliance with applicable legal regulations, this Privacy Policy may be changed. With the change of the document's content, the date of its update, placed at the beginning of this Privacy Policy, will be changed. However, about any significant change, the User will be notified via information placed on the Online Store's website or directly. To obtain information about the way personal data is protected, the Administrator recommends that Users regularly familiarize themselves with these Privacy Policy principles.
4. Contact information
   In case of any doubts related to personal data protection issues or to obtain information regarding this Privacy Policy, the User may contact the Administrator via email info@stabitech.pl and by mail to the following address: ul. Tęczowa 84, 53-603 Wrocław.