1. WITTCHEN S. A. with headquarters in Palmiry, ul. Gdańska 60, 05-152 Czosnów NIP: 9511022154, REGON: 011664266, KRS: 0000352760 (hereinafter referred to as „Controller”) is a controller of the personal data which is processed in the provisions of services.
· postal address: Palmiry, ul. Gdańska 60, 05-152 Czosnów,
· e-mail address: firstname.lastname@example.org,
· phone: 22 266 88 00.
2. The purpose of the processing of the personal data is to provide services, including to perform a contract and sell products, and, if necessary for the purposes of the legitimate interests pursued by the Controller, to directly market own products or services. The personal data may also be processed for other purposes to which the user gives his/her consent if such consent is required under the applicable laws. In particular, the consent may be given to receive, by means of electronic communication and by phone, correspondence and commercial information on the Controller’s own products and services. The data subject has a right to withdraw his/her consent at any time.
3. The Controller processes the data according to the law, collects it for lawful purposes and does not process it for any other purposes. The data is collected only as appropriate and necessary to pursue the purposes of processing. The data is provided on a voluntary basis, but it is necessary for the provision of services.
4. The Controller takes all necessary steps to protect the personal data of its customers and users against unauthorised access by third parties. To this end, a high standard of organisational and technical security measures is applied. The Controller does not provide the personal data to any unauthorised parties. By way of an agreement concluded in writing, the Controller may entrust another party with processing the personal data on behalf of the Controller. The personal data may be disclosed to the Controller’s employees or partners, and to parties assisting the Controller as part of the commissioned services and according to the concluded data processing agreements. The personal data may also be provided to entities which are authorised to receive such data under mandatory provisions of the law.
5. The Controller stores the data for a period necessary to perform a contract and for a period stipulated by the applicable laws, but not longer than necessary for the purposes of the legitimate interests pursued by the Controller or a third party, including but not limited to for the purpose of making claims in connection with the pursued activity. If an account is deleted, the personal data will be stored until the period of limitation for possible claims has expired. The data in a bill or an invoice for the purchases made will be stored until the expiry of the tax liability or until the period of limitation for possible claims has expired or until the end of the warranty period. The data of an individual who has given consent to the processing of his/her personal data for specific purposes, e.g. for specified marketing measures, will be stored until the consent is withdrawn.
6. The data subject has a right to demand that the Controller provide access to his/her personal data, and to demand rectification, erasure or restriction of processing, and a right to object to processing in the situations stipulated by the law as well as a right to data portability. Furthermore, the data subject has a right to lodge a complaint with a supervisory authority upon identifying that his/her data has been unlawfully processed.
7. If the data subject gives consent to the processing of his/her personal data for one or more specific purposes, he/she has a right to withdraw the consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.
8. The personal data is provided on a voluntary basis, but if the data identified as mandatory is not provided, it will not be possible to register or place an order. If the processing of the personal data is necessary in order to perform a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract, it is necessary to provide the required and specified scope of the data.
9. In order to deliver an offer that provides the most value and is personalised to meet the interests of Customers and Users, and for the purposes necessary to enter into or conclude a contract between the data subject and the Controller, and also with express consent of the data subject, the Controller may use profiling, which is a form of automated processing of personal data consisting in the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s personal preferences and interests. If the data is processed for the purposes of direct marketing, including profiling based on the legitimate interests pursued by the Controller, and for the purposes of scientific, historical and statistical research, data subjects have a right to object on grounds of a particular situation of the data subject. The Controller does not make decisions based solely on automated processing, including profiling, which significantly affects the data subject. The Controller implements suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests.
· Keep the Customer logged in, and, as a result the Customer is not required to re-enter the login and password on every subsite;
· Adapt and optimise the website to the needs of the Customers and other individuals using the website; · Create subsite traffic statistics;
· Personalise marketing communications;
· Ensure the security and reliability of the website operation.
The website uses session cookies, which are deleted once the browser window is closed, as well as persistent cookies, saved on the devices used by the user/Customer to access the website at certain times. The website user or the Customer may at any time change cookie settings on their own by defining the conditions of their storage and Cookie access to the User's Device. The User can make the changes to settings referred to in the previous sentence through web browser settings or through service configuration. These settings may be modified in particular in such a way as to block automatic cookie management in the web browser settings or to report any cookies being saved on the User’s device. For more details on how to manage cookies see the software (web browser) settings.
The User may delete cookies at any time using the available functions of their web browser.Limiting cookies may affect some of the functionalities available on the Store’s website.
The Store may use the RTB Personalised Retargeting. The User is able to unsubscribe from the retargeting at http://www.rtbhouse.com/privacy/