Privacy policy of the online store chromeauto.eu

1. GENERAL PROVISIONS

  1. Administrator of personal data collected through the website chromeauto.eu is Martig Marcin Czyż, registered office address: Bogumiłowice 273, 33-121 Bogumiłowice, NIP: 8732988819, entered into the Central Records and Information on Business Activity, hereinafter referred to as the "Administrator";, being at the same time the Service Provider. Place of business: Bogumiłowice 273, 33-121 Bogumiłowice, an address for service: Bogumiłowice 273, 33-121 Bogumiłowice, e-mail address: info@chromeauto.eu.

  2. Personal data collected by the Administrator via the website shall be processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the PDCA and the Personal Data Protection Act of 10 May 2018.

2. THE TYPE OF PERSONAL DATA PROCESSED, THE PURPOSE AND EXTENT OF DATA COLLECTION

  1. The controller processes personal data via the chromeauto.eu website in the case of:
  • use of the contact form by the user. Personal data shall be processed pursuant to Article 6(1)(f) of the GDPR as the legitimate interest of the Administrator.
  • subscribe to the Newsletter by the user in order to send commercial information by electronic means. Personal data shall be processed after separate consent has been given pursuant to Article 6(1)(a) of the GDPR
  • registration in the chromeauto.eu online shop by means of the registration form. Personal data shall be processed pursuant to Article 6(1)(f) of the GDPR as the legitimate interest of the Administrator.
  • make a purchase as a guest without registering and providing the data necessary to complete the order. Personal data shall be processed pursuant to Article 6(1)(f) of the GDPR as the legitimate interest of the Administrator.
  1. The administrator processes the following categories of personal data of the user:
  • Company name,
  • Name and surname,
  • Date of birth,
  • Address (residence),
  • E-mail address,
  • Telephone number,
  • NIP
  1. Users personal data is stored by the Administrator:
  • where processing is based on performance of a contract, for as long as is necessary for the performance of the contract and thereafter for a period corresponding to the limitation period for claims. Save as otherwise provided in a special provision, the limitation period shall be six years and, in the case of claims for periodic benefits and claims relating to establishment, three years.
  • where the basis for processing the data is consent, as long as the consent is not revoked, and after revoking the consent, for a period of time corresponding to the period of limitation of claims which the Administrator may raise and which may be raised against him/her. Save as otherwise provided in a special provision, the limitation period shall be six years and, in the case of claims for periodic benefits and claims relating to establishment, three years.
  1. When using the website, additional information may be collected, in particular: the IP address assigned to your computer or external IP address of your Internet service provider, domain name, browser type, access time, operating system type.
  2. We may also collect navigational information from you, including information about the links and references you choose to click on or other actions you take on the website. The legal basis for this type of activity is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), which consists in facilitating the use of electronic services and improving the functionality of these services.
  3. The provision of personal data by the user is voluntary.
  4. Personal data will also be processed automatically in the form of profiling, subject to the user's consent pursuant to Article 6(1)(a) of the GDPR. Profiling will result in a person being assigned a profile in order to make decisions about him or her or to analyse or predict his or her preferences, behaviours and attitudes.
  5. The controller shall take special care to protect the interests of the data subjects, and in particular shall ensure that the data collected by the controller are accurate:
  • lawfully processed,
  • collected for specified, legitimate purposes and not further processed in a way incompatible with those purposes,
  • substantially correct and adequate in relation to the purposes for which they are processed and kept in a form which permits identification of the data subjects no longer than is necessary to achieve the purpose of the processing.

3. MAKING PERSONAL DATA AVAILABLE

  1. Personal data of users are transferred to service providers, which are used by the Administrator to manage the website. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, either are subject to instructions from the Administrator as to the purposes and methods of processing such data (processing entities) or independently determine the purposes and methods of their processing (administrators).

  2. Your personal data will only be stored in the European Economic Area (EEA).

4. THE RIGHT TO CONTROL, ACCESS AND CORRECT THE CONTENT OF ONE'S OWN DATA

  1. The data subject shall have the right of access to the content of his personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of a processing carried out on the basis of consent prior to its withdrawal.

  2. Legal grounds for the user's request:

    • Access to data - Article 15 of the GDPR
    • Data rectification - Article 16 of the GDPR.
    • Deletion of data (the so-called right to be forgotten) - Article 17 GDPR.
    • Restriction of processing - Article 18 of the GDPR.
    • Data transfer - Article 20 of the GDPR.
    • Opposition - Article 21 of the GDPR.
    • Withdrawal of consent - Article 7(3) GDPR.
  3. In order to exercise the rights referred to in point 2, an appropriate e-mail message may be sent to the address: info@chromeauto.eu.

  4. In the event of the user exercising the right resulting from the above rights, the Administrator shall either fulfill the request or refuse to fulfill it immediately, but no later than one month after its receipt. If, however, due to the complexity of the request or the number of requests, the Administrator is unable to meet the request within one month, it will meet the request within two months, informing the user about the intended extension of the deadline and its reasons within one month of receiving the request.

  5. In the event that it is found that the processing of personal data violates the regulations of the person, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.

5. COOKIES

  1. The Administrator's website uses cookies

  2. The installation of cookies is necessary for the proper provision of services on the website. Cookies contain information necessary for the proper functioning of the website, as well as the possibility of developing general statistics on website visits.

  3. The website uses the types of session and permanent cookies:

    • session cookies are temporary files that are stored in the user's terminal equipment until the user logs out (leaves the website).
    • permanent cookies are stored in the user's terminal device for a period of time specified in the parameters of cookies or until they are deleted by the user.
  4. The Administrator uses his own cookies in order to better understand how the user interacts with the content of the website. The files collect information about your use of the website, the type of website from which you have been redirected, the number of visits and the duration of your visit to the website. This information does not record specific personal information about you, but is used to compile statistics about your use of the website.

  5. The user has the right to decide on the access of cookies to his computer by prior selection in his browser window. Detailed information about the possibilities and methods of using cookies are available in the settings of the software (web browser).

6. FINAL PROVISIONS

  1. The Administrator shall apply technical and organizational measures ensuring protection of the personal data processed, appropriate to the risks and categories of data covered by the protection, and in particular shall protect the data against unauthorised disclosure, takeover by an unauthorised person, processing in violation of the applicable regulations and change, loss, damage or destruction.

  2. The Administrator shall make available appropriate technical measures to prevent unauthorised persons from obtaining and modifying personal data sent electronically.

  3. In matters not regulated by this privacy policy, the provisions of GDPR and other relevant provisions of Polish law shall apply accordingly.