PRIVACY POLICY OF THE WEBSITE www.printwave.pl
DOCUMENT VERSION: [1.0]
LAST UPDATE: [06.08.2023]
Protecting the privacy of Users is of particular importance to PRINTWAVE. Therefore, we provide Users of the www.printwave.pl website with appropriate security measures aimed at protecting their personal data.
The Administrator’s goal is also to inform Users properly about their rights and obligations related to the processing of personal data, especially in light of the provisions on the protection of personal data specified in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).
In order to ensure the protection of Users’ privacy, the Administrator provides information in this document about the legal bases for processing personal data provided by Users in connection with their use of the www.printwave.pl website (hereinafter referred to as the “Website”), methods of collecting, processing, and protecting personal data, as well as Users’ rights.
A User is any natural person whose data is concerned and who uses the www.printwave.pl website or electronic services available through the Website.
DATA CONTROLLER, CONTACT DETAILS
The Data Controller of personal data provided by Users on the www.printwave.pl website is REFLOACTIVE sp. z o.o. with its registered office in Bydgoszcz (85-503), ul. Rynkowska 2, NIP 5542932613 (hereinafter referred to as the “Administrator”).
To obtain any information regarding the processing of personal data by the Administrator and the exercise of their rights, Users may contact the Administrator by sending a message to the email address: sklep@printwave.pl or by postal mail to the address:
Fabryka CMYKa Niciak Spółka Jawnaul. Rynkowska 1, 85-503 Bydgoszcz, with the note “PERSONAL DATA.”
In order to verify whether the person requesting a specific operation on personal data is authorized to do so, the Administrator may request additional data to verify the identity of the person submitting the request.
PERSONAL DATA PROCESSED BY THE CONTROLLER
The Controller obtains personal data directly from the User through the Website, including registration by the User on the Website or completing a contact form available on the Website and sending a message to the Controller through it.
The Controller collects the following personal data concerning the User through the Website: Name and surname, phone number, email address, business name.
PURPOSES AND LEGAL BASIS FOR DATA PROCESSING
The purposes of processing the User’s personal data by the Controller depend on the User’s use of the Website and its functionalities.
Primarily, the Controller processes the User’s personal data to establish and perform a contract for the provision of services electronically, concluded based on the Website’s Terms and Conditions, as well as to fulfill a sales contract concluded through the Website (legal basis: Article 6(1)(b) of the GDPR). Due to the sales contract, the Controller has public law obligations, including tax obligations, which is why the Controller may process the User’s personal data to fulfill these obligations (legal basis: Article 6(1)(b) and (c) of the GDPR, and relevant tax regulations).
In case the User submits a complaint or reports other issues, the Controller will process their personal data to handle complaints, inquiries, and provide responses (legal basis: Article 6(1)(c) and Article 6(1)(f) of the GDPR, i.e., the legitimate interest of the Controller and the User in mutual communication and resolving disputes).
If the User has given voluntary consent (e.g., by using a contact form or subscribing to a newsletter), the Controller may process their personal data for marketing purposes, including conducting marketing communications via email or telephone calls (legal basis: Article 6(1)(a) and (f) of the GDPR, the Act on the Provision of Electronic Services, and the Telecommunications Law).
The Controller reserves the right to retain Users’ personal data for the purpose of establishing, investigating, enforcing claims, or defending against claims, as a legitimate interest pursued by the Controller, as well as to prevent abuse and fraud (legal basis: Article 6(1)(f) of the GDPR).
DATA RETENTION PERIOD
The retention period for the User’s personal data is dependent on the purposes of processing by the Controller, specifically: a) Personal data necessary for the conclusion and performance of contracts will be retained for the duration of these contracts; b) Personal data necessary for the performance of public law obligations will be retained until the time specified by the relevant legal regulations, and for tax obligations, for 5 years; c) Personal data provided for marketing purposes will be processed until the withdrawal of consent or objection is expressed. The data retention period may be extended if justified by applicable legal provisions or the legitimate interest of the Controller in establishing, investigating, enforcing claims, or defending against claims.
RECIPIENTS OF PERSONAL DATA, INCLUDING RECIPIENTS OUTSIDE THE EEA
Data Processors The Controller uses services of other data processors who process personal data on its behalf, including administrative, accounting, IT, and server services, maintenance and support services for IT systems and databases. Additionally, employees of state authorities and offices authorized to control or supervise the Controller’s activities may have access to the User’s personal data.
Transfer of Personal Data Outside the EEA Due to the use of certain IT systems by the Controller, the User’s personal data may be transferred outside the European Economic Area (EEA), particularly to the United States. We assure that all entities the Controller cooperates with meet the security requirements imposed by the relevant data protection regulations. The transfer of data to the United States is conducted based on the standard contractual clauses issued by the European Commission. The Controller provides access to these clauses at its headquarters.
Disclosure of Data to Other Controllers In case the “Przelewy24” payment method is selected, the User’s personal data will be disclosed to the payment operator – PayPro S.A. based in Poznań (ul. Pastelowa 8, 60-198) for transaction processing.
USER RIGHTS
Regarding the processing of personal data by the Controller, the User has the right to:
Access their data and obtain a copy of it.
Correct (rectify) their personal data.
Restrict the processing of their personal data.
Erase their personal data.
Object to the processing of their personal data.
Data portability.
If processing is based on consent, the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
File a complaint with the President of the Office for Personal Data Protection (address: ul. Stawki 2, 00-193 Warsaw).
To exercise the above rights, please contact the Data Controller as described in the “Privacy Policy” above.
PROFILING
The Controller does not intend to profile the User’s personal data.
VOLUNTARY NATURE OF DATA PROVISION
Providing certain personal data by the User: a) for receiving marketing correspondence – is voluntary. b) for the conclusion and performance of contracts (for the provision of services electronically or for sales) – is necessary to establish a legal relationship between the User and the Controller. c) for compliance with legal obligations, including accounting obligations – is necessary to ensure compliance with the law.
COOKIES
A cookie is a small text file that is stored on a computer, tablet, or smartphone when you first visit the Website. The cookies we use are essential for the proper functioning and ease of use of the Website. They ensure the optimal performance of the Website. In the Website, we use: a) Technical cookies – these cookies are necessary for using the basic functions of the Website. b) Functional cookies – these cookies enable us to analyze the User’s use of the Website to assess and improve its performance. c) Marketing cookies – these cookies enable the display of advertising content tailored to the User’s preferences. To learn more about cookies, how to manage or delete them, you can visit the website: allaboutcookies.org or refer to the help section of your browser.
OTHER TECHNOLOGIES
Printwave also collects data about Website users in logs, system services, or through other technologies (e.g., Pixels, SDK codes). Through these technologies, we know which subpages of our portal have been visited or how many times the Website has been displayed. We use the above technologies to increase the effectiveness and security of the service, better adapt the service to your needs, and enable faster information retrieval. On our portal, we use Google Analytics provided by Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Thanks to this technology, Google may store information about the type/version of the browser, operating system, referring URL, truncated IP address, or server request time – in a cookie file. Information generated by the cookie about the use of the Website is usually transmitted to and stored on Google’s servers in the USA. Google Analytics does not collect data that would enable your identification. Therefore, the data collected within Google Analytics is not personal data. Google processes information about your use of the Website (within Google Analytics) on our behalf to assess how the service is used, create activity reports, and provide other services related to the use of the Website. The IP address sent by your browser as part of Google Analytics is not merged with other Google data. For more information about terms of use and data protection, please visit: https://support.google.com/analytics/answer/9019185?hl=en
CHANGES
In order to update the information contained in this Privacy Policy and ensure its compliance with applicable laws, this Privacy Policy may be subject to changes. In case of any changes to the content of the Privacy Policy, the updated date will be indicated at the beginning of this text. To obtain information about the protection of personal data, the Controller recommends that Users regularly review the provisions of the Privacy Policy.