Privacy Policy – Cookies

Privacy Policy

Date of the latest modification: May 15^th, 2018.

1. About us

The limited liability company BART sp. z o. o. with its registered seat in Sulnowo with the following address: Sulnowo 53 G, 86-100 Świecie, Poland, entered into the register of entrepreneurs maintained by the District Court in Bydgoszcz, Commercial Division no. XII of the National Court Register, under no. KRS 0000105247, tax identification number NIP: 5591835146, Polish REGON identification number: 093037278 (hereinafter referred to as: „Administrator”, „we”/”us”/”our”/) – is a subject liable for processing personal data obtained from you or about you (“you”, “your”). Our seat is located within the territory of the European Union, therefore we process personal data in accordance with the European legal provisions within the scope of data protection and in accordance with other binding legal provisions.

2. What is personal data?

Personal data is any information, which allow the indirect or direct identification of you as a natural person (“indirectly”, that is together with other pieces of information) on the basis of elements like: a name and surname, a home address, an email address, a phone number or a unique identifying number of a device.

3. The usage of personal data

We use your personal data for the purposes described below. We do not gather or process bigger quantity or other types of personal data than those that is necessary for the completion of relevant purposes. We use personal data solely according to the provisions of the Privacy Policy, unless you give separate consent to your personal data being used. If we plan using your personal data processed with your consent for purposes other than those specified in the consent, we will notify you well in advance, after which – if you give appropriate consent – we will start processing the data for these purposes.

1. Personal data

We gather your personal data, which are necessary to provide you with our services. The data include: a name and surname, a home address, a phone number and an email address, a tax identification number (NIP), a number of a bank account. We use the data to communicate with you, present our service offer, out terms and conditions, to conclude and perform a contract, to perform financial clearing. The personal data and the content of communication are also used to answer your questions that appear while in contact.

2. Legal obligations and protection

We may be obliged to use and archive personal data for legal purposes in accordance with binding legal provisions – for instance, to help prevent crimes, detect them, for investigation, prevent the loss of data and frauds, as well as fighting other symptoms of the misuse of our services and IT systems. We are also entitled to use your personal data in order to meet internal and external monitoring requirements, ensure the safety of information, the protection and fulfilment of our rights, to protect our privacy, to ensure the safety of persons or assets or to protect assets of other persons.

3. The use of website (“Portal”)

The Privacy Policy concerns also the use of our website: http://bart-packaging.pl (“Portal”), that is the following elements related with privacy:

• Log files: At Portal we gather data, including personal data, which are generally accessible and concern your device when it connects with the Internet. The data amongst others include: an IP address (the Internet Protocol address), a type and version of the operating system and a browser, and also – if possible – the producer and model of a device and a date and time when every question was sent to our servers.

4. Obtaining data from other sources

Generally, if we obtain your personal data from other sources, we determine whether a given company has already contacted you to inform you that the data was transmitted or we will inform you about it during the first contact, simultaneously giving other information required by law.

5. Making personal data available

We disclose the users’ personal data for the above described purposes solely to subjects described above – unless on your explicit consent to transmit your personal data to third parties of other types enumerated elsewhere. We take all steps necessary to ensure that your personal data are processed, protected and transmitted in accordance with law.

1. External service providers

When necessary we subcontract to other companies and persons the completion of certain tasks on our behalf related with our services in accordance with contracts on data processing. We may, for instance, transmit personal data to representatives, contractors or partners to ensure hosting of our databases and applications, providing services of data processing or sending you information that you have required. Data shall be transmitted to external service providers only within the scope necessary for the completion of a given purpose. External service providers cannot use the personal data obtained from us for any other purpose, in particular for their own benefit or for the benefit of third parties. External service providers are obliged with a contract to respect the confidentiality of your personal data.

2. Transfer of assets

In case of reorganization, restructuring, a merger or a sale or any other transfer of assets (collectively referred to as “transfer of assets”) we may transmit information, including personal data, to an acceptable extent and if necessary, on condition that the party receiving your data gives consent to process your data in accordance with binding legal provisions concerning data protection. We commit ourselves to protect the confidentiality of personal data and undertake to inform appropriate users when their personal data becomes the object of different privacy policy.

3. Public administrative bodies

We disclose your personal data to public administrative bodies, if it is necessary according to binding legal provisions. For instance, we respond to court summons, requests from law enforcement authorities, regulatory authorities and other public administration institutions, including institutions outside your country of residence.

4. Abroad transmission of personal data

In some cases it might be necessary to transmit your personal data to countries outside the European Union (EU) and the European Economic Area (EEA), which are the so called “third countries”. The privacy policy shall be binding even if we send personal data to third countries, where personal data might be protected to a different extent than in your country of residence.

6. Safety

We take data protection very seriously. We use appropriate safety measures and imply suitable physical, electronic and administrative procedures to safeguard the gathered data from them being randomly or illegally destroyed, lost, modified, illegally disclosed and to ensure that no one gains access to the transmitted, archived or processed personal data. The principles of our policy and procedures concerning the safety of information have been tailored to commonly accepted international rules. They are regularly reviewed and updated concerning business needs, technological changes and legal requirements. The access to your personal data is granted only to the employees, service providers and subjects that need the access to your personal data due to their duties.

7. Your rights

Every data subject shall have certain laws concerning the personal data that is being gathered, which concerns the whole of data processing that is described in our Privacy Policy. We respect rights of individuals and properly treat your reservations.

The following list comprises information on your rights stemming from provisions on personal data protection:

Right to withdraw consent: If personal data is being processed upon your consent, you may withdraw it at any moment, using the procedure described in provisions of an appropriate consent form. We guarantee that the way of consent withdrawal shall be the same as the way of giving consent, e.g. by electronic means.

Right to data rectification: You may obtain from us the rectification of data that concern you. We try our best to ensure that the personal data that we own, which is under our control and recently used, is precise, complete, up-to-date, relevant and based on the latest available information. In appropriate cases we grant access to the portal, where the user may review and rectify their personal data.

Right to limit data processing: You may receive from us the assurance that the processing of your personal data is limited, if:

• you question the accuracy of the information at the time when we have to verify its appropriateness,

• data processing is illegal and you have submitted a motion to limit data processing instead of a motion to delete the personal data,

• we no longer need your personal data, but you need it to specify, execute or protect legal claims, or

• you do not agree to your personal data being processed while we are checking whether our rights take precedence over your rights.

Right to the access to personal data: You may ask us to give information on your personal data that we own, including information concerning the categories of personal data that we own or control, relating to purposes for which the data is used, where we have obtained them from (if not directly from you) and to whom we have disclosed them (if applicable). You may receive from us one copy of the personal data that we own and that concerns you. We reserve a right to charge fees for every next issued copy.

Right to data transmission: Upon your motion we shall transmit your personal data to another administrator, if it is technically possible, on condition that processing is upon your consent and is necessary for the performance of a contract. Instead of receiving a copy of your personal data you may opt for your data being transmitted by us to another administrator pointed directly by you.

Right to data erasure: You may receive from us an assertion that your personal data has been erased, if:

• the data is no longer needed for the completion of purposes for which it was gathered or processed;

• you are entitled to object to your personal data being further processed (see below) and you decide to exercise that right;

• data is processed upon your consent, which you have withdrawn and there no longer is legal basis for your data being processed;

• personal data processing was illegal;

• data processing is not necessary as far as legal provisions are concerned which might oblige us to process your data; especially binding legal obligations concerning the archiving of data, which is related to establishing, exercising and protection of legal claims.

Right to object: You have a right to object – at any moment – to your personal data being processed due to a specific situation, on condition that data processing is not undertaken upon your consent, but on the basis of our legal interest or the interest of the third party. In this case we stop your personal data processing, unless we are able to present convincing legal evidence and prove an overriding interest concerning processing or establishing, executing or protection of legal claims. If you object to your personal data being processed, you have to specify whether you want it to be erased or if you want us to limit its processing.

Right to lodge a complaint: In case of a suspicion of violation of binding law related to data protection, you may bring a complaint before a body supervising data protection in the country of residence or in a country where the alleged violation occurred.

Period: We shall try to meet your request within 30 days. However, the period may be extended for reasons related to specific legal provisions or the complexity of the motion.

Restrictions on access: In some cases we cannot provide you with the access to all or part of your personal data due to legal provisions. Should we deny access to data, we give reason for this decision.

No possibility of identification: In some cases we are unable to verify your personal data due to identifiers you have given in a motion. Among personal data, which we cannot find if you give your first name and surname and your e-mail address are: data obtained through cookie files in a browser.

In case we are unable to identify you as a data subject, we cannot meet your request to execute your rights in accordance with the provisions of the division – unless we receive additional information enabling this kind of identification.

Fulfilment of your rights: to fulfil your rights, please contact us in writing, e.g. via electronic or traditional mail. Contact information is included at the end of the Privacy Policy.

8. Storage of your personal data

In general, we delete your personal data when it is no longer needed for the completion of purposes, for which it was gathered. However, legal provisions may oblige us to store your personal data for a prolonged period, e.g. the obligation to notify adverse actions.

Furthermore, we do not delete all your personal data, if you ask us not to contact you in the future. For this purpose we hold registers with information on persons, who do not want any contact with us in the future (e.g., via bulletins, e-mail). We consider motions of this kind as consent to store your personal data, unless you express different will.

9. Changes to the Privacy Policy

We reserve a right to introduce changes – as we see fit – to actions we undertake to ensure privacy and to make the corrections to the Privacy Policy at any moment. Due to this, we encourage you to review the provisions of our Privacy Policy regularly. The Privacy Policy is valid to the day indicated as the date of “latest modification” included above. If you do not have a user’s account at our Portal, in case of any changes, we will inform you about them via email or traditional mail and send you an up-to-date version of the Privacy Policy. We oblige ourselves to manage your personal data respecting the Privacy Policy, in accordance with which the data has been received, unless we obtain your consent to manage it in a different way.

10. Contact information

Should you have any questions on data protection, as well as motions concerning the fulfilment of your rights, please send them to the e-mail address: rodo@bart-packaging.pl