The operator of the website www.alhar.pl and the data controller of your personal information is Alhar sp. z o.o., conducting business at ul. Kochanowicka 89a, 42-713 Kochcice. You can contact us via telephone at +48 537 884 558 or +48 660 425 332, as well as through email at email@example.com. The personal data collected by the Data Controller is processed in accordance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR”), the Act of 10 May 2018 on the protection of personal data (Journal of Laws of 2018, item 1000), the Act of 18 July 2002 on the provision of electronic services (consolidated text Journal of Laws of 2019, item 123), and the Act of 16 July 2004 – Telecommunications Law (consolidated text Journal of Laws of 2018, item 1954).
The website collects information about users and their behavior in the following ways:
- Through voluntarily provided information in the contact form.
- By storing cookies (also known as “cookies”) on users’ end devices.
Additionally, the website may collect information about connection parameters, such as IP address, proxy server, session name, user’s device, operating system, and browser, as well as location and names of internet service providers or mobile service providers for technical purposes related to server administration, contract performance, where the data subject is a party to the contract (based on Article 6(1)(b) of the GDPR), and for generating aggregated and statistical information (e.g., about the region from which the connection originates) that does not allow the identification of the user, as well as for security purposes.
As part of the process of submitting data through the form to facilitate the purchase process, the user receives information as referred to in Article 13(1) and (2) of the GDPR and gives consent to the collection and processing of personal data by the Data Controller in the manner and for the purposes described in the relevant consent clauses and this document.
The user is responsible for providing inaccurate personal data. The Data Controller does not process personal data of users using automated decision-making tools, including profiling.
Purposes of Data Processing
The Data Controller processes personal data for the purpose of contacting individuals interested in its services. Personal data processed for other purposes require the user’s consent, given through active actions after being informed about the purpose, duration, and scope of processing. By fulfilling a legally justified purpose, in particular direct marketing of its own products or services, while respecting your rights and freedoms, the Data Controller may process data within the scope indicated in the form when submitting an inquiry:
- For the duration of conducting correspondence initiated by the user through the form until its completion.
- For the duration corresponding to the life cycle of the cookies stored on the user’s devices, in the case of processing personal data of users who solely browse the content of the website. The Data Controller also retains the personal data of users when necessary to fulfill its legal obligations, resolve disputes, enforce user obligations arising from concluded agreements, maintain security, prevent fraud and abuse, until the expiry of the limitation period for claims against the user.
Scope of processed data
The processing of User data encompasses:
- conducting direct marketing (the scope of data depends on voluntarily provided information by the User and data regarding User activity recorded and stored through cookies) – based on Article 6(1)(f) of the GDPR, i.e., due to the fact that the processing is necessary for the purposes of the legitimate interests pursued by the Controller or a third party;
- sending commercial information electronically in accordance with Article 10(2) of the Act on the Provision of Electronic Services dated July 18, 2002 (the scope of data voluntarily provided by the User) – based on separately granted consent;
- using telecommunication end devices and automatic calling systems for direct marketing purposes in accordance with Article 172 of the Telecommunications Act dated July 16, 2004 (the scope of data voluntarily provided by the User) – based on separately granted consent;
- fulfilling legal obligations imposed on the Controller in connection with conducting business activities (the scope of data voluntarily provided by the User) – based on Article 6(1)(c) of the GDPR, i.e., due to the fact that the processing is necessary for compliance with a legal obligation to which the Controller is subject.
Every User has the right to:
- access their personal data,
- rectify their personal data,
- restrict the processing of their personal data,
- erase their personal data,
- transfer their personal data,
- withdraw their consent at any time; however, withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal,
- lodge a complaint with the supervisory authority, i.e., the President of the Personal Data Protection Office.
In addition, every user has the right to object to the processing of their personal data. To exercise these rights, the user should contact the Controller by sending an email to: firstname.lastname@example.org. The Controller will promptly fulfill the user’s request within the scope provided for by applicable laws. Deleting, restricting, transferring, or objecting to the processing of data will affect the services provided and may result in the inability to perform these services properly. The Controller ensures that the User’s data is processed solely for the purpose of contacting the interested party regarding the offer or for other purposes based on individually granted consents. The Controller will review the submitted request immediately, but no later than 30 days from its receipt. However, if due to the complex nature of the request or the number of requests, the Controller is unable to process the user’s request within the aforementioned period, it will do so within the next two months, informing the User in advance of the intended extension of the deadline. The Controller informs each recipient to whom personal data has been disclosed about rectification or erasure of personal data or restriction of processing carried out in accordance with the User’s request unless this proves impossible or requires a disproportionate effort.
Depending on the processes related to the type of service, the Controller may provide data to entities necessary for the proper execution of the process. In the case of customer service (inquiries and claims), data is provided to entities providing support within the specified scope.
Data Processing Agreement
Please note that the processed personal data is not subject to automatic profiling.
Security of Personal Data
To minimize the risks associated with unauthorized access to personal data collections, we make every effort to ensure the proper level of privacy and security of your data. The tools we use have been selected to provide appropriate protection for the processing of personal data in accordance with legal requirements. The Administrator carefully selects and applies appropriate technical measures, both of a technical and organizational nature, to ensure the protection of processed data that is appropriate to the risks and categories of data covered by the protection. In particular, the Administrator secures data against unauthorized disclosure, loss, destruction, unauthorized modification, as well as processing in violation of applicable law.
- The Administrator has the right to change this document, and the User will be notified in a manner that allows them to familiarize themselves with the changes before they come into effect, for example by posting relevant information on the main page of the Service, and in the case of significant changes, also by sending a notification to the User’s email address provided.
- In the event of User objections to the introduced changes, they may request the deletion of their personal data by the Administrator and stop using the Service. Continued use of the Service after the publication or notification of changes to this document is considered as consent to the collection, use, and sharing of the User’s personal data according to the updated content of the document.
Cookies and Their Use on the Website
- Mozilla Firefox
- Internet Explorer
- Please note that some types of cookies are necessary for the proper functioning of websites. Disabling cookies may cause certain website features to stop working. What is the purpose of using cookies on the www.alhar.pl website? The purposes of using cookies are as follows:
- Displaying a website tailored to the individual needs and preferences of the user
- Increasing the usability of the website for the convenience of its users
- Ensuring the proper functioning and security of website usage
- Storing session data, collecting information about user behavior on the website, conducting analyses and statistics
- Sharing collected data with cooperating partners of the Administrator, including for advertising and marketing purposes. What types of cookies do we use on the website? We use the following types of cookies:
- Session cookies, which are temporary files that remain on the user’s device only until they log out of the website or close the browser
- Persistent cookies, which are stored for a longer specified period or until manually deleted by the user
- Cookies enabling the use of services available on the website
- Cookies used to ensure the security of the website
- Cookies enabling the collection of information about the usage of the website
- Cookies enabling the “remembering” of user-selected settings.