We hereby declare that we respect the rules of personal data protection and all the regulations under the Act on Personal Data Protection and under Regulation 2016/46/EC of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to personal data processing and on the free movement of such data as well as the repeal of Directive 95/46/EC.
A person whose personal data are processed may contact us to obtain comprehensive information as to how we use their personal data. We always care to clearly inform about the data we collect, the way we use them, for what purposes and to whom we transfer it, how we protect the data while transferring them to other entities and we inform about the institutions that should be contacted in case of doubt.
The Seller applies technical measures such as physical protection measures of personal data, IT and telecommunication infrastructure hardware measures, protection measures under software tools and databases, and organizational measures to ensure adequate protection of personal data being processed, and in particular protect personal data against being disclosed to unauthorized third person, obtained by an unauthorized person and used for an unknown purpose, as well as an accidental or intentional change, loss, damage or destruction of such data.
We have exclusive access to the data under the terms set out in this document. Access to personal data may also be provided to other entities through which payments are made, which collect, process and store personal data in accordance with their Terms and Conditions and the entities responsible for processing orders. Access to personal data is provided to the above mentioned entities to the extent necessary to ensure provision of service.
Personal data are processed only for the purposes to which you agreed by clicking appropriate fields in the form available on the website or in another express manner. The legal basis for processing your personal data is your consent to processing personal data or the requirements resulting from service provision (e.g. ordering a Product) that you ordered us (pursuant to Article 6(1)(a)(b) of Regulation (EU) No 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to personal data processing and on the free movement of such data as well as the repeal of the Directive 95/46/EC (General Data Protection Regulation).
We take privacy seriously. We have respect for privacy and we care to provide the fullest and guaranteed convenience of using our services.
We value the trust the Users place in us by entrusting their personal data for processing their orders. We always use the personal data fairly, not to betray their trust, only to the extent necessary to fulfil and process the orders.
The user is entitled to obtain clear and comprehensive information about how their personal data are used and the purposes for which they are required. We always clearly inform about the data we collect, how and to whom we transfer them, and about the entities that should be contacted in case of doubt, questions and remarks.
In case of doubt about the way we use the personal data of the User, we shall take immediate measures to clarify and dispel such doubts, we will answer all the questions in a detailed and exhaustive manner.
We shall take all reasonable measures to protect the data of the User against misuse and uncontrollable use and to secure them thoroughly.
The administrator of your personal data is Mastermix Mirosław Madra, Tax Identification Number (NIP): 9121669965, address: ul. Bolesława Prusa 9, Jelcz-Laskowice 55-220, mail: firstname.lastname@example.org
The legal basis for processing personal data is Article 6(1)(b) of the General Data Protection Regulation. Providing the data is not mandatory, but is necessary to take the measures that lead to entering into the agreement and its implementation. We shall transfer your personal data to other recipients to whom we entrust the personal data processing on our behalf and our benefit. Your data shall be transferred under Article 6(1)(f) of the General Data Protection Regulation where the legitimate interest is due performance of the agreements/orders. Furthermore, we will make your personal data available to other business partners. We store collected personal data within the European Economic Area (EEA), but they can also be sent to a country outside this area and processed there. Every operation of sending personal data is performed in accordance with the applicable law. If the data are transferred outside the EEA, we apply standard contractual clauses and the privacy shield as security measures for the countries where the European Commission has not found an adequate level of data protection.
Your personal data related to the conclusion and implementation of agreements will be processed for the period of their implementation as well as for a period not longer than it is provided by law, including the provisions of the Civil Code and the Accounting Act, i.e. no longer than 10 years from the end of the calendar year in which the last agreement was performed.
Your personal data processed in order to conclude and perform future contracts will be processed until you raise an objection.
You have the right to: access your personal data and receive a copy of the personal data being processed, rectify your incorrect data; request a removal of the data (right to be forgotten) in the event of circumstances provided for in Article 17 of the GDPR, request limiting of the data processing in the cases referred to in Article 18 of the GDPR, raise an objection against the data processing in the cases referred to in Article 21 of the GDPR, transfer the data provided, processed in an automated manner.
If you claim that your personal data is being processed unlawfully, you can lodge a complaint with the supervisory authority (Personal Data Protection Office, ul. Stawki 2, Warsaw). If you need additional information on the protection of personal data or want to exercise your rights, please contact us by post, at the correspondence address.
We take care to protect you against unauthorized access, unauthorized modification, disclosure and destruction of the information under our control, particularly:
We control the methods of collecting, storing and processing information, including physical security measures, to protect against unauthorized access to the system.
We grant access to personal data only to employees, contractors and representatives for whom the access is necessary. In addition, under the agreement they are obliged to maintain strict confidentiality to enable us to control and check how they perform their duties, and in the event of failure to comply with these obligations they may suffer the consequences.
We will comply with all applicable data protection laws and regulations and will cooperate with data protection authorities and law enforcement agencies. In the absence of data protection provisions, we will comply with generally accepted principles of data protection, principles of social coexistence and established customs.
The detailed method of personal data protection is included in the personal data protection policy (DPP: security policy, personal data protection regulations, IT system management instructions). For security reasons, due to the procedures described in it, it can be only made available to the state control authorities.
The Users may always notify us if they:
no longer want to receive information or messages from us in any form;
would like to receive a copy of their personal data that we possess;
correct, update or delete their personal data contained in our records;
wishes to report violations, improper use or processing of their personal data.
To help us respond to the information given, please provide your name and surname, and further details.
§3 Scope and purpose of collecting personal data
We collect and process the necessary personal data using the form on the website to provide services and for accounting purposes and only such and in order to:
place an order,
handle requests via the contact form,
implement the service ordered,
present the offer or information,
enter into the agreement, complain and withdraw from the agreement,
issue a VAT invoice or other receipt,
monitor traffic on our websites,
collect anonymous statistics to determine how the users use our website,
determine the number of anonymous users of our webpages,
control how often a selected content is displayed to users and which one is displayed the most frequently,
examine subscriptions to newsletters and contact options,
use tools for communication both via email and subsequently on the phone,
integrate with social network,
pay online (possibly),
We collect, process and store the following user data:
name and surname,
address for service (if different than the address of residence),
tax identification number (NIP),
e-mail address (e-mail),
telephone number (mobile, landline),
information about the web browser used,
other personal data voluntarily provided to us.
Providing the above data is completely voluntary but also necessary for the full implementation of services.
The purpose of collecting and processing or using data by us:
direct marketing, archival purposes of advertising campaigns,
compliance with obligations imposed by law by collecting information on undesirable activities;
of those related to implementation and provision of services, making the Product available to you and those related to the necessity of providing you the possibility of participation in Website actions (we collect and use the data especially in order to contact persons who have ordered and use the Product, persons who participate in the events organized by us or other forms of activity, e.g. contact for considering complaints, assessing applications, etc.)
to verify the quality of services provided, to conduct market statistics and for user profiling purposes (see Profiling and “cookies” below)
(upon the user’s prior consent) for commercial and promotional purposes (e.g. sending the newsletter to the e-mail address provided by the user, sending the user commercial information about various products and services offered by us and our trusted partners, sending information about various competitions, promotional campaigns organized by us and our trusted partners).
Importantly, each time the consent to the processing of personal data in this manner is voluntary and the use of our services is not depended on it; each scope of using data for marketing and commercial purposes depends on what the user has agreed to.
We store your personal data no longer than necessary for the proper quality of service, no longer than necessary to perform the related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years. Depending on the mode and purpose of their acquisition, we store data for:
Performance of the obligations arising from the law, tax and accounting regulations,
Marketing activities for the time of duration of the agreement and of the consent to processing such data – until complementation of the activities related to handling transaction, raising a complaint against such processing or withdrawal from the consent,
Operational activity – until the limitation period of obligations imposed by the GDPR Regulation and relevant national provisions in order to demonstrate reliability in the processing of personal data
Bearing in mind the fact that in many countries to which this personal data is sent, the same level of legal protection of personal data as in the country of the user does not apply. The user’s personal data stored in another country may be accessed in accordance with the law applicable there, for example: courts, law enforcement authorities and national security, in accordance with the regulations in force in that country. Subject to lawful requests for disclosure of data, we undertake to require from the entities processing personal data outside your country to take measures to protect data in a manner adequate to regulate their national law.
§4 Cookies Policy
We automatically gather the information contained in cookies to store the User’s data. A cookie is a small piece of data sent to the User’s web browser and which the web browser sends back on the subsequent visits to the website. They are mainly used to maintain sessions, e.g. by generating and sending back a temporary identifier after logging in. We use “session” Cookies stored on the User’s end device until s/he logs out, turns off the website or the web browser and “permanent” Cookies stored on the User’s end device for the time specified in the parameters of Cookies or until they are deleted by the User.
Cookies adapt and optimize the website and its offer to the User’s needs through activities such as creating page view statistics and ensuring security. Cookies are also necessary to maintain the session after leaving the website.
The Administrator processes the data contained in Cookies each time the website is visited by visitors for the following purposes:
optimization of the website use,
securing the contact form on our website by Google reCAPTCHA. Its task is to prevent robots from entering data. For this reason, the Operator may disclose Google Inc. data such as: IP address, duration of the visit on the website or mouse movements made by the user,
identification of the Service Users as currently logged in;
adaptation of graphics, selection options and any other content of the website to the individual preferences of the Service Recipient;
remembering of the data filled in automatically and manually, entered in the Order Forms or login details provided by the visitor;
collecting and analysing anonymous statistics presenting how to use the site in the administrative panel and google analytics
creating remarketing lists based on the information about the preferences, behaviour, methods of using the Website by the interested persons and collecting demographic data, and then sharing these lists in AdWords and Facebook Ads.
creating data segments based on demographic information, interests, preferences in the selection of viewed products / services.
using the demographic and interest data in Analytics reports.
The User may at any time completely block and delete the collection of Cookies using his/her web browser.
Blocking of the possibility of collecting Cookies by the User on his device may hinder or prevent the use of certain functionalities of the website to which the User is fully entitled but in such a situation must be aware of the functionality restrictions.
A User who does not want to use “cookies” for the purpose described above can delete them manually at any time. To become acquainted with the detailed instructions of the procedure, please, visit the website of the manufacturer of the web browser which the User currently uses.
More information about Cookies is available in the help menu of each web browser. Examples of the web browsers supporting the above mentioned “Cookie” files:
Internet Explorer cookie settings
Chrome cookie settings
Firefox cookie settings
Opera cookie settings
Safari cookie settings
Cookies in Android
Cookies in Blackberry
Cookies in iOS (Safari)
Cookies in Windows Phone
§5 Rights and obligations
We have the right and, in cases specified by law, also a statutory obligation to provide selected or all information about personal data to public authorities or third parties who submit such a request for the information under applicable Polish law.
In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the agreement concluded with you or to fulfil the obligations incumbent upon the Administrator. This applies to groups of recipients such as Authorized employees and co-workers who use data to perform the site’s operations and to provide services, in particular accounting services and subcontractors.
The User has the right to access his/her personal data which s/he makes available, the User may correct or supplement the data at any time, and also has the right to request removal of the data from his/her database or ceasing their processing, without giving any reason. In order to exercise its rights, the User may at any time send a suitable message to the e-mail address or in any other way that enables delivery/transfer of such a request.
The processing of the personal data of natural persons who are our customers is based on:
legitimate interest as a data administrator (e.g. in the area of database creation, analytical and profiling activities, including activities related to the analysis of the use of products, direct marketing of own products, securing documentation to defend against possible claims or to pursue claims),
consent (including particularly the consent to e-mail marketing or telemarketing),
performance of the agreement concluded
The processing of the personal data of natural persons who are not our customers is based on:
consent (including particularly the consent to e-mail marketing or telemarketing).
A request of the User to delete personal data or to cease their processing may result in the total inability to provide services or their severe limitation.
We undertake to act in accordance with applicable law and principles of social coexistence.
Information on out-of-court settlement of the consumer disputes. The authorized entity within the meaning of the Act on extrajudicial consideration of consumer disputes is the Financial Ombudsman whose website address is as follows: www.rf.gov.pl.
The Administrator’s operations may be appealed against to the President of the Personal Data Protection Office, with address: ul. Stawki 2, 00-193 Warszawa (Warsaw).
§6 Basic safety rules
The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). Therefore, personal data and login data entered on the website are encrypted on the user’s computer and can be read only on the target server.
Each user should take care of their own data security and the security of their devices that are used to access the Internet. Such a device should absolutely be equipped with an antivirus program with a regularly updated database of definitions, types and types of viruses, a secure version of the internet browser in use and an enabled firewall. The user should check whether the operating system and the programs installed in it have the latest and compatible updates, because the attacks use errors found in the installed software.
Access data for services offered on the Internet are e.g. logins, passwords, PINs, electronic certificates, etc. and they should be secured in a place inaccessible to others and impossible to hack from the Internet network. They should not be disclosed or stored on the device in a form that allows unauthorized access and reading by unauthorized persons.
Caution is advised when opening strange attachments or clicking links in emails that we did not expect, e.g. from unknown senders or from the spam folder.
It is recommended to run anti-phishing filters in the web browser, i.e. tools that check whether the web page displayed is authentic and not for phishing, e.g. by impersonating a person or institution.
Files should be downloaded only from trusted places, services and websites. We do not recommend installing software from unverified sources, especially from unknown publishers with unverified opinions. This also applies to portable devices, e.g. smartphones, tablets.
When using a home Wi-Fi wireless network, it is important to set a password that is safe and difficult to crack, it should not be any pattern and string that is easy to guess (e.g. street name, host name, date of birth, etc.) . It is also recommended to use the highest possible encryption standards for Wi-Fi wireless networks, which can be run on your equipment, e.g. WPA2.
§7 Use of Social Media plugins
The so-called plug-ins of the social networks such as facebook.com and Twitter and others can be found on our pages. The related services are provided respectfully by Facebook Inc. and Twitter Inc.
Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To view the Facebook plugins go to: https://developers.facebook.com/docs/plugins
Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view the Twitter plugins go to: https://dev.twitter.com/web/tweet-button
The plugin only provides its supplier with information about which of our websites you had access to and at what time. If while viewing or being on our website, the user is logged into his/her account located e.g. on Facebook or Twitter, the supplier is able to combine your interests, information preferences, and other data obtained e.g. by clicking the Like button or leaving a comment, or entering the profile name in the search. Such information will also be transmitted by the browser directly to the supplier.
More detailed information on the collection and use of data by Facebook or Twitter and on the protection of privacy can be found on the following pages:
Data protection / privacy tips issued by Facebook: http://www.facebook.com/policy.php
Data protection / privacy tips issued by Twitter: https://twitter.com/privacy
To avoid recording a visit on a selected account of the user via Facebook or Twitter on our website, you must log out of your account before you start browsing our websites.
The website is hosted (technically maintained).
uses measures to protect against data loss (e.g. disk arrays, regular backups),
applies adequate measures to protect processing locations in the event of a fire (e.g. special fire extinguishing systems),
applies adequate measures to protect processing systems in the event of sudden power failure (e.g. dual power lines, aggregates, UPS voltage support systems),
applies physical security measures of the access to data processing sites (e.g. access control, monitoring),
applies measures to establish appropriate environmental conditions for servers, being the components of the data processing system (e.g. control of environmental conditions, specialized air-conditioning systems),
applies organizational solutions to ensure the highest possible level of protection and confidentiality (trainings, internal regulations, password policies, etc.),
appointed the Data Protection Officer.
The hosting company maintains logs at the server level to ensure technical reliability. The data subject to recording are as follows:
Resources identified by URL (addresses of requested resources – pages, files),
Time of request receipt,
Time of sending a response,
name of the customer station – identification by the HTTP protocol,
data about errors that occurred during the execution of the HTTP transaction,
URL address of the page previously visited by the user (referrer link) – if the Website was accessed via a link,
data about the user’s browser,
diagnostic data related to the process of self-ordering services via loggers on the website,
data related to the handling of electronic mail addressed to the Operator and sent by the Operator.