The administrator of personal data contained in the Website is IFB Sp. z o. o. with its registered office in Szczucin, 91-089 Łódź, ul. Ossowskiego 4 lok. 7u, NIP: 727-285-32-46, hereinafter referred to as the Administrator.
The website obtains information about Users entered in the forms based on their consent.
The data provided is processed in order to:
– Establishing, shaping the content, changing, performing or terminating the contractual relationship between the Service Provider (Seller) and the Service Recipient (Client) consisting in the provision of Electronic Services via the Website or the conclusion and performance of the Product Sales Agreement and their delivery to the Customer.
– Direct marketing of the Administrator’s own products or services
– In the case of a Customer who uses the Website with the method of delivery by post or courier, the Administrator provides the collected personal data of the Customer, to the extent and no longer than it is necessary for the delivery, to the selected carrier performing the shipment at the request of the Administrator.
– The Administrator processes the following personal data of Service Recipients (Clients): name and surname; e-mail address; contact phone number; address (street, house number, apartment number, postal code, city, country) and the address for the sales document. In the case of Customers who are also entrepreneurs, the Administrator additionally processes the company name and NIP.
– Providing the personal data referred to above is necessary for the Service Provider to provide Electronic Services or to conclude the Agreement. Each time, the scope of the required data is indicated before the commencement of the provision of a specific Electronic Service or the conclusion of the Agreement.
The user who entered the data in the form has the right to:
– access, modification, deletion of personal data,
– restriction of processing and requests to stop processing your data at any time,
– withdrawal of consent at any time – withdrawal of consent does not affect the legality of the processing carried out before its withdrawal,
– transferring data to another Personal Data Administrator
– submit a complaint to the supervisory authority.
Personal data provided by the User in the form will be processed for a period not longer than it is necessary for the purposes for which they were provided and until the Administrator’s legal, accounting and tax obligations exist, as well as until any claims expire. If consent has been given to the processing of personal data – until the consent is withdrawn.
The Administrator shall exercise due diligence in order to properly secure the personal data provided, and in particular against their disclosure to unauthorized persons:
– Personal data is sent via a secure SSL protocol,
– Personal data stored on the Administrator’s servers are encrypted, protection against physical access to servers where personal data is stored is provided by the server provider.
– The administrator uses technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular protects data against unauthorized access, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.
– The personal data provided may be made available only to entities that have a legal basis resulting from the provisions of Polish law.
Entities collecting and processing personal data on the Website come mainly from Poland and the countries of the European Economic Area (EEA). Some of the providers are based outside the EEA (e.g. Google Inc. is based in the USA and provides a website statistics service called Google Analytics). These entities are required to comply with the principles set out in the EU-US Privacy Shield program regarding the collection, use and storage of personal data of European Union citizens (Commission Implementing Decision (EU) 2016/1250 of July 12, 2016 on the adequacy of protection provided by the EU-US Privacy Shield) and contractual clauses adopted by the EU Commission.
Legal basis related to the processing of personal data:
– Act of 18 July 2002 on the provision of electronic services (uśude);
– Act of 16 July 2004 Telecommunications Law (PrTel);
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC; (GDPR);