PRIVACY POLICY 

 

General provisions

The following Privacy Policy contains the rules for the processing of personal data by the Administrator on the Website, including the grounds, purposes and period of personal data processing and the rights of data subjects, as well as information on the use of analytical tools and cookies on the Website.

The administrator of personal data (within the meaning of REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC general Data Protection Regulation – hereinafter referred to as the GDPR) in relation to Users’ personal data is

KE Trade s.c.

Address: Wschodnia 37, 97-310 Moszczenica, Polska

Correspondence address: as above

e-mail:  karandeli.contact@gmail.com

The company is entered into the Central Register and Information on Economic Activity (CEIDG) under the number: NIP: 7712913858, UE VAT Reg. No.: PL 7712913858

(Hereinafter referred to as the Administrator)

1. Providing personal data as well as consent to their processing are completely voluntary. All personal data provided to us are processed only to the extent and for the purpose for which the User has consented. At the same time, the Administrator reserves that if the User does not provide the data necessary to process the inquiry or order and does not consent to their processing, it may be impossible to complete the feedback or order.

2. Concluding contracts with the Administrator is conditional on consenting to the processing of personal data in the required scope. Providing personal data is in this case a contractual requirement and if the data subject wants to conclude a given contract with the Administrator, he is obliged to provide the required data. Each time the scope of data required to conclude a contract is indicated by the Administrator. Providing personal data may also be a statutory requirement resulting from generally applicable legal provisions imposing an obligation on the Administrator to process personal data, and failure to provide them will prevent the Administrator from performing these obligations.

3. The Administrator ensures the security of the transferred data and the implementation of Users’ rights resulting from the GDPR Regulation and ensures that the data collected by him are processed in accordance with the law; collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed; stored in a form enabling the identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing and processed in a manner ensuring adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organizational measures.

 

Purpose, grounds and period of personal data processing

1. The administrator is entitled to process personal data in cases where at least one of the following conditions is met (and to the extent to which):

– the data subject has consented to the processing of his personal data for one or more specific purposes;

– processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract;

– processing is necessary to fulfill the legal obligation incumbent on the Administrator;

– processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party (except where these interests are overridden by the interests or fundamental rights and freedoms of the data subject, requiring protection of personal data, in particular when the data subject is a minor).

2. Each time the purpose, basis and scope as well as the recipients of personal data processed by the Administrator result from actions taken by a given User on the Website. The Administrator may process personal data on the Website for the following purposes, on the following grounds and for a period in accordance with the following list:

a. Contact

– Purpose: Contact with the Administrator (including the provision of services by electronic means, e.g. via the contact form or e-mail) in order to take action at the request of the data subject, before concluding the contract. When a Contact Form is used on the Website, it will specify which data is collected in its case. These data are stored and used exclusively for the purpose of responding to your request or establishing contact and the related technical administration.

– Legal basis: The legal basis for data processing is our legitimate interest in responding to your request in accordance with Art. 6 sec. 1 lit. f GDPR – processing is necessary to answer your request or make contact and the related technical administration.

– Data retention period: The data will be deleted after the inquiry has been finally processed, this is the case when it can be concluded from the circumstances that the matter in question has been finally resolved and provided that there are no legal retention obligations to the contrary.

b. Performance of the contract

– Purpose: Performance of the contract (including the contract for the provision of Electronic Services) concluded with the Administrator or taking action at the request of the data subject before concluding the contract.

– Legal basis: Article 6 para. 1 lit. b) GDPR Regulations (performance of the contract) – processing is necessary for the performance of the contract to which the data subject is a party, or to take action at the request of the data subject, before concluding the contract.

– Data storage period: The data is stored for the period necessary to perform, terminate or otherwise terminate the contract concluded with the Administrator. The duration of the storage of personal data depends on the respective statutory retention period (e.g. commercial and tax data retention period).

c. Marketing

– Purpose: Marketing.

– Legal basis: Article 6 para. 1 lit. a) GDPR Regulations (consent) – the data subject has consented to the processing of his personal data for marketing purposes by the Administrator.

– Data storage period: The data is stored until the data subject withdraws the consent.

d. Direct marketing

– Purpose: Direct Marketing.

– Legal basis: Article 6 para. 1 lit. f) GDPR Regulations (legitimate interest of the administrator) – processing is necessary for the purposes of the Administrator’s legitimate interests – consisting in caring for the interests and good image of the Administrator and striving to sell products and services.

– Data storage period: The data is stored for the duration of the legitimate interest pursued by the Administrator, but no longer than for the period of limitation of claims against the data subject due to the business activity conducted by the Administrator. The limitation period is determined by the law, in particular the Civil Code (the basic limitation period for claims related to running a business is three years). The administrator may not process data for the purpose of direct marketing in the event of an effective objection in this regard by the data subject.

e. Determining, investigating or protecting claims that may be raised by the Administrator or which may be raised against the Administrator

– Purpose: Determining, investigating or protecting claims that may be raised by the Administrator or that may be raised against the Administrator.

– Legal basis: Article 6 para. 1 lit. f) GDPR Regulations – processing is necessary for the purposes of the Administrator’s legitimate interests – consisting in establishing, investigating or protecting claims that may be raised by the Administrator or which may be raised against the Administrator.

– Data storage period: The data is stored for the duration of the legitimate interest pursued by the Administrator, but no longer than for the period of limitation of claims that may be raised against the Administrator (the basic limitation period for claims against the Administrator is six years).

f. Using the Website and activities to ensure its proper functioning

– Purpose: Use of the Website and activities to ensure its proper functioning.

– Legal basis: Article 6 para. 1 lit. f) GDPR Regulations – processing is necessary for the purposes of the Controller’s legitimate interests – consisting in running and maintaining the Website.

– Data storage period: The data is stored for the duration of the legitimate interest pursued by the Administrator, but not longer than for the period of limitation of the Administrator’s claims against the data subject due to the economic activity conducted by the Administrator. The limitation period is determined by the law, in particular the Civil Code (the basic limitation period for claims related to running a business is three years).

g. Website traffic analysis and statistics

– Purpose: Website traffic analysis and statistics.

– Legal basis: Article 6 para. 1 lit. f) GDPR Regulations – processing is necessary for the purposes of the Administrator’s legitimate interests – consisting in conducting analysis and traffic statistics on the Website for the purpose of the Website’s functionality.

– Data storage period: The data is stored for the duration of the legitimate interest pursued by the Administrator, but not longer than for the period of limitation of the Administrator’s claims against the data subject due to the economic activity conducted by the Administrator. The limitation period is determined by the law, in particular the Civil Code (the basic limitation period for claims related to running a business is three years).

 

Personal data and external recipients

1. In order to maintain the proper functionality of the Website, it is necessary for the Administrator to use the services of external entities (e.g. software providers, hosting). The administrator uses only the services of such processors that provide the required guarantees of the implementation of appropriate technical and organizational measures to meet the requirements of the GDPR Regulation and protect the rights of data subjects.

2. The transfer of data by the Administrator does not take place in every case and not to all recipients or categories of recipients indicated in the Privacy Policy. The administrator provides data only when it is necessary to achieve the given purpose of personal data processing and only to the extent necessary to achieve it.

3. Personal data may be transferred by the Administrator to a third country, and the Administrator ensures that in this case it will take place in relation to a country that provides an adequate level of protection – in accordance with the GDPR Regulation, and the data subject has the option of obtaining a copy of his data. The administrator provides the collected personal data only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

4. Personal data of the Website Users may be transferred to the following categories of recipients:

– providers of technical, technological, IT and organizational services, enabling the Administrator to run a business, including the functioning of its Website (such as: computer software providers for running the Website, e-mail and hosting providers and software providers for company management and providing technical assistance to the Administrator ). The administrator provides the collected personal data to a selected supplier acting on his behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

– providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (such as: an accounting office, law firm or a debt collection company). The administrator provides the collected personal data to a selected supplier acting on his behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

– transport service providers (such as: courier companies, transport companies, shipping companies) who provide the Administrator with the possibility of performing the contract, if delivery was commissioned in its scope. The administrator provides the collected personal data to a selected supplier acting on his behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this Privacy Policy.

– providers of services placed on the Website from social plugins, scripts and other similar tools enabling the browser of the Website User to download content from the providers of the said plugins and transferring personal data of the visitor for this purpose, including:

Facebook Ireland Ltd. – The Administrator uses the social plug-ins of Facebook and Instagram on the Website and therefore collects and provides personal data of the User using the Website to Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland) to the extent and in accordance with the privacy principles available here: https://www.facebook.com/about/privacy/ (this data includes information about activities on the Website, including information about the device, visited websites, purchases, displayed advertisements and using the services, regardless of whether the User has an account on Facebook or Instagram and is logged in to Facebook or Instagram).

Youtube – which belongs to Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland – “Google”). The Administrator’s Website uses the built-in YouTube function to display and play videos from the provider “Youtube”. The extended data protection mode is used, which, according to the service provider’s data, only stores information about the user during the playback of videos. In the case of starting the playback of permanently placed videos from Youtube, the operator uses “Youtube” cookies to collect information about the Users’ behavior. According to the information provided by “Youtube”, they are used, inter alia, to collect video statistics, to improve user satisfaction and to prevent abuse. If the User is logged in to Google, the data will be assigned directly to his account after clicking on the video. Users have the right to object to the creation of User profiles, but in order to exercise this right, please contact YouTube. More information on data protection on “YouTube” can be found in the service provider’s personal data protection declaration at: https://www.google.com/intl/pl/policies/privacy

Google Maps – The Website uses Google Maps (API) from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland – “Google”). Google Maps is an interactive map display service to visually represent geographic information. Using this service will display our premises and make it easier for you to get there. When the User visits the subpages that contain Google Maps, information about the use of our website (e.g. IP address) is transmitted to and stored by Google servers in the USA. If the User is logged in to Google, his data is directly associated with his account. The User has the right to object to the creation of User profiles, but in order to use it, please contact Google. Google’s terms of use can be found at http://www.google.com/intl/pl/policies/terms/regional.html, additional terms of use for Google Maps can be found at https://www.google.com/intl/en_PL/help/terms_maps.html Detailed information on data protection in connection with the use of Google Maps can be found on the Google website (“Google Privacy Policy”): https://policies.google.com/privacy

 

Profiling Functions on the Website

1. In accordance with the GDPR Regulation, which imposes an obligation on the Administrator to inform about automated decision-making and the essential principles under which it operates, as well as the significance and anticipated consequences of such processing for the data subject, including the so-called profiling referred to in art. 22 sec. 1 and 4 of the GDPR Regulation, the Administrator informs that he may use profiling on the Website for direct marketing purposes, but the decisions made on its basis by the Administrator do not concern the conclusion or refusal to conclude a contract or the possibility of using electronic services on the Website. The effect of using profiling on the Website may be, for example, sending a commercial proposal that may correspond to the interests or preferences of a given person or offering better conditions compared to the standard offer on the Website. Despite profiling, a given person makes a free decision whether they want to use the offer received in this way and conclude a contract with the Administrator.

2. Profiling on the Website consists in an automatic analysis or forecast of a given person’s behavior on the Website. The condition for such profiling is the Administrator having personal data of a given person in order to be able to send it, e.g. an offer. The data subject has the right not to be subject to a decision which is based solely on automated processing, including profiling, and produces legal effects or significantly affects the person in a similar way.

 

Rights of the data subject

1.The person whose data is processed by the Administrator has the following rights:

– The right to access, rectify, limit, delete or transfer – the data subject has the right to request the Administrator to access his personal data, rectify it, delete (“the right to be forgotten”) or limit processing and has the right to object to processing, and also has the right to transfer their data. Detailed conditions for the exercise of the above-mentioned rights are set out in Art. 15-21 of the GDPR Regulation.

– The right to withdraw consent at any time – a person whose data is processed by the Administrator on the basis of expressed consent (pursuant to art.6 par.1 lit.a) or art. 9 sec. 2 lit. a) of the GDPR Regulation), it has the right to withdraw consent at any time without affecting the lawfulness of the processing which was made on the basis of consent before its withdrawal.

– The right to lodge a complaint to the supervisory body – the person whose data is processed by the Administrator has the right to lodge a complaint with the supervisory body in the manner and mode specified in the provisions of the GDPR Regulation and Polish law, in particular the Personal Data Protection Act. The supervisory body in Poland is the President of the Personal Data Protection Office.

– Right to object – the data subject has the right to object at any time – for reasons related to his particular situation – to the processing of his personal data based on art. 6 sec. 1 lit. e) (public interest or tasks) or f) (legitimate interest of the administrator), including profiling based on these provisions. In such a case, the administrator is no longer allowed to process this personal data, unless he demonstrates the existence of valid legitimate grounds for processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims .

– Right to object to direct marketing – if personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of his personal data for such marketing purposes, including profiling, to the extent in which processing is related to such direct marketing.

2. In order to exercise the rights referred to in the point of the Privacy Policy: The rights of the data subject, you can contact the Administrator by sending an appropriate message in writing or by e-mail to the Administrator’s address indicated at the beginning of the Privacy Policy or using the contact form provided on Website. The Administrator may refuse to delete the User’s data only in the cases indicated by applicable regulations, in particular if the User has not paid all amounts due to the Administrator.

 

Policy on the use of cookies

This Policy sets out the rules for creating, storing and accessing information on the User’s devices using cookies in order to provide the services requested by the User electronically.

II. GENERAL PROVISIONS

1. In order to provide services by electronic means, the Administrator creates and stores temporary files and gains access to selected information on the User’s devices.

2. Cookies – means binary data, usually small text files, saved and stored on the User’s devices, which are used in programming languages for more efficient communication of the website and the User.

3. Cookies created on the User’s devices may come from both the Administrator’s system (so-called own cookies) and from external programs supervising communication on the Internet (so-called external cookies, e.g. from Google and other websites).

4. The User has the option to limit or disable the access of cookies to his Device. If you use this option, the use of the Website will be possible, except for functions which, by their nature, require cookies.

II. PURPOSES OF USING COOKIES

1. Cookies and similar technologies are used on websites to ensure correct data transmission between connected computers. They are widely used, help to adjust the content of the website to the settings on the recipient’s computer, remember the preferred appearance of the website, e.g. the font size set, and ensure that the User performs several stages (e.g. adding an article, making a purchase in an online store). Cookies can also be used to match the displayed advertisements to the interests of website visitors. It can be said that the “cookie” technology is necessary for the proper display of interactive pages.

2. In addition to cookies sent from the website we connect to, cookies may also be sent from the servers of websites they refer to, e.g. Google, YouTube or social networking sites such as Facebook, Instagram, Twitter and others.

3. Cookies can be divided into two types of files due to their storage period on the device of the visitor to the Website:

– session cookies: they are stored on the User’s device and remain there until the end of the browser session. The saved information is then permanently deleted from the device memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the User’s device;

– persistent cookies: they are stored on the User’s device and remain there until they are deleted. Ending a browser session or turning off the device does not delete them from the User’s device. The persistent cookies mechanism does not allow the collection of any personal data or any confidential information from the User’s device.

4. Cookies can be divided into four types of files depending on the purpose of their use:

– necessary (enabling the proper functioning of the Website)

– functional / preferential (enabling the adaptation of the Website to the preferences of the website visitor)

– analytical and performance (gathering information on how to use the Website)

– marketing, advertising and social media (collecting information about a person visiting the Website in order to display personalized advertisements to that person and conduct other marketing activities, including on websites separate from the Website, such as social networks

5. Under normal circumstances, the Cookies used are safe for the User. When used correctly, it is not possible for viruses or other unwanted software or malware to enter Users’ devices. These files allow to identify the software used by the User. Cookies usually contain the name of the domain they come from, their storage time on the device (limited) and an assigned value (key).

6. Cookies do not collect any personally identifiable information, including names and e-mail addresses.

7. The Administrator may process the data contained in Cookies when visitors use the Website for the following specific purposes:

– remembering data from completed forms and surveys (necessary and / or functional / preferential cookies)

– adjusting the content of the Website to the individual preferences of the recipient (e.g. regarding colors, font size, page layout) and optimizing the use of the Website (functional / preferential cookies)

– keeping anonymous statistics showing how to use the Website (statistical cookies)

– remarketing, i.e. research on the behavior of visitors to the Website by anonymous analysis of their activities (e.g. repeated visits to specific pages, keywords, etc.) in order to create their profile and provide them with advertisements tailored to their expected interests, also when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. (marketing, advertising and social cookies)

8. Each User can change cookie settings in the browser they use, including completely disabling the possibility of saving them. If the user does not disable the option of saving cookies from different websites, this means in practice that he agrees to their saving and storage on the computer.

9. The user may at any time delete cookies using the functions available in the web browser he uses.

10. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. They are available on the following links for individual browsers:

– Google Chrome – The default settings of the Google Chrome browser allow cookies to be stored. To change the settings, see the information on the website:

http://support.google.com/chrome/bin/answer.py?hl=pl&hlrm=pl&answer=95647

– Microsoft Internet Explorer – The default settings of Microsoft Internet Explorer allow the storage of cookies, but block files that may come from websites that do not apply the privacy policy. To change the settings, see the information on the website:

https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies

– Mozilla Firefox – The default settings of Mozilla Firefox allow the storage of cookies. To change the settings, see the information on the website:

https://support.mozilla.org/pl/kb/Wlaczanie-i-wylaczanie-obslugi-ciasteczek

– Opera – Opera’s default settings allow cookies to be stored. To change the settings, see the information on the website:

http://help.opera.com/Windows/10.20/en/cookies.html

– Safari – Safari’s default settings allow cookies to be stored. To change the settings, see the information on the website:

https://support.apple.com/kb/ph21411?locale=pl_PL

11. If you choose to decline all cookies, you will not be able to use some of the content and services available on the Site.

12. The user may at any time delete cookies using the functions available in the web browser he uses.

13. It should be noted that the Cookies technology is used by hackers to infect computers and introduce malicious software. The cookies technology, which is to ensure proper communication with the website server, is in this case used contrary to its intended use. Protection against such an attack as well as other forms of hacking attempts should always be provided by a good anti-virus protection program.

14. The Administrator points out that he may use Google Analytics and Universal Analytics services provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on the Website. These services help the Administrator keep statistics and analyze traffic on the Website. These data are collective. The Administrator, using the above services on the Website, collects such data as the sources of obtaining visitors to the Website and the manner of their behavior on the Website, information on devices and browsers from which they visit the website, IP and domain, geographic data and demographic data (age, sex). and interests.

15. It is possible for a given person to easily block information about their activity on the Website from being shared with Google Analytics – for this purpose, for example, you can install an add-on for the Google browser: https://tools.google.com/dlpage/gaoptout?hl=pl.

16. The website may contain links to other websites. The administrator urges that after switching to other websites, read the privacy policy established there. This privacy policy applies only to this Administrator’s Website and personal data processed in connection with its use.