Languages list
Privacy Policy

1. DEFINITIONS

  1. 1.Controller – „BRATKI” private partnership, Emil Kowalczyk, Robert Makowski, tax identification number NIP: 799-19-03-295, conducting business activity under the name „Bratki” s.c. E. Kowalczyk, R. Makowski.
  2. Personal data - m any information relating to a natural person, identified or identifiable by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, including IP number, location data, online identifier and information gathered through cookie files and similar technologies.
  3. Policy - this Privacy Policy.
  4. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  5. Website - the Website managed by the Controller at http://www.sklep.firmabratki.pl
  6. User - any natural person visiting the Website or using one or more services or functionalities described in the Policy.

2. DATA PROCESSING IN ASSOCIATION WITH USE OF THE WEBSITE

In association with use of the Website by the User, the Controller gathers data as necessary for the purpose of rendering of individual services offered, as well as information on activity of the User on the Website. Described below are the detailed rules and objectives of processing of personal data gathered as the User visits the Website.

 3. OBJECTIVES AND LEGAL BASIS FOR PROCESSING OF DATA ON THE WEBSITE

USE OF THE WEBSITE www.sklep.firmabratki.pl

  1. Personal data of all persons using the Website (including the IP address or other identifiers and information gathered via cookie files or similar technologies), who are not registered users (having no profiles on the Website) is processed by the Controller:

a) for the purpose of rendering of services via electronic means with regard to providing Users with access to the Website content, contact forms - in such case, the legal basis for data processing is the necessity to process data to perform the agreement (art. 6 section 1 letter b GDPR);

b) for the purpose of handling of purchases made without registering on the Website - in such case, the legal basis is the necessity to process data to perform the agreement (art. 6 section 1 letter b GDPR);

c) for the purpose of handling of complaints - in such case, the legal basis is the necessity to process data to perform the agreement (art. 6 section 1 letter b GDPR);

d) for analytical and statistical purposes - in such case, the legal basis for processing is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of analyses of User activity, as well as User preferences in order to enhance the functionalities used and services rendered;

e) for the purpose of potential determination and pursuing of claims or defence against claims - the legal basis is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of protection of their rights;

f) for marketing purposes of the Controller and other entities, in particular, associated with presentation of behavioural advertising - the rules of processing of personal data for marketing purposes have been described in section „MARKETING”.

User activity on the Website, including their personal data, is recorded in system logs (a special computer program used for storage of chronological record of events and actions concerning the IT system used by the Controller to render services). Information gathered in the logs is processed in association with services rendered. The Controller also processes information for technical purposes, in particular, data can be periodically stored and processed in order to ensure security and proper functioning of IT systems, e.g. in association with preparation of backup copies, tests of changes in IT systems, detection of errors or protection against abuse and attacks.

REGISTRATION ON THE WEBSITE www.sklep.firmabratki.pl

  1. Persons registering on the Website are asked to provide their data necessary for creation and handling of their account. To facilitate use of the Website, the User may provide additional data, thus giving consent for its processing. Such data can be erased at any time. Provision of data marked as compulsory is required for the purpose of establishing and handling of the account, and if the data is not provided, the account cannot be created. Disclosure of other data is voluntary.
  2. Personal data is processed:

a) for the purpose of rendering of services associated with managing and handling of the account on the Web site - the  legal basis for data processing is the necessity to process data to perform the agreement (art. 6 section 1 letter b GDPR), and with regard to data provided voluntarily, the legal basis for data processing is the consent given (art. 6 section 1 letter a GDPR); 

b) for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of analyses of User activity on the Website and the mode of use of the account, as well as User preferences in order to enhance the functionalities used; 

c) for the purpose of potential determination and pursuing of claims or defence against claims - the legal basis is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of protection of their rights. 

d) for marketing purposes of the Controller and other entities, in particular, sellers using the Marketplace service - the rules of processing of personal data for marketing purposes have been described in section „MARKETING”.

3. If the User places on the Website any personal data of other persons (including their first name and surname, phone number or e-mail address), they may only do so under the condition of non-violation of the legal provisions in force and personal rights of these persons.

 ORDER PLACEMENT

  1. Placement of an order (for purchase of goods or services) by the Website User is associated with processing of their personal data. Provision of data marked as compulsory is required for the purpose of acceptance and handling of the order, and if the data is not provided, the order cannot be completed. Disclosure of other data is voluntary. Placement of an order by the User in the Marketplace service system results in disclosing personal data of such User, which is necessary for completion of the order, to the seller for the purpose of performance of the agreement.
  2. Personal data is processed:

a) for the purpose of completion of the order - the  legal basis for data processing is the necessity to process data to perform the agreement (art. 6 section 1 letter b GDPR), and with regard to data provided voluntarily, the legal basis for data processing is the consent given (art. 6 section 1 letter a GDPR); 

b) for the purpose of performance of statutory obligations of the Controller, based, in particular, on tax and accounting legislation - the legal basis for data processing is the legal obligation (art. 6 section 1 letter c GDPR); 

c) for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of analyses of User activity on the Website, as well as User shopping preferences in order to enhance the functionalities used; 

d) for the purpose of potential determination and pursuing of claims or defence against claims - the legal basis is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of protection of their rights.

CONTACT FORMS

  1. The Controller can be contacted using electronic contact forms. To use the form, the User has to provide personal data necessary to contact the User and answer the User's inquiry. The User may also provide other data to facilitate communication or handling of inquiries. Provision of data marked as compulsory is required for the purpose of acceptance and handling of the inquiry, and if the data is not provided, such handling is not possible. Disclosure of other data is voluntary.
  2. Personal data is processed:

a) for the purpose of identification of the sender and handling of their inquiry, sent via the form made available - the legal basis for data processing is the necessity to process data for the purpose of performance of the agreement for services (art. 6 section 1 letter b GDPR); 

b) for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Controller (art. 6 section 1 letter f GDPR), consisting of maintaining of statistics of inquiries made by Users via the Website in order to enhance the functionalities used.

4. MARKETING

  1. The Controller processes personal data of Users for the purpose of performance of marketing activities, which may include: 

a) displaying of marketing content to the User, which is not adapted to user preferences (context advertising); 

b) displaying of marketing content to the user, which is consistent with their interests (behavioural advertising); 

c) sending of e-mail notifications on interesting offers or content, which in some cases contains commercial information; 

d) conducting of other kinds of activity associated with direct marketing of goods and services (sending of commercial information via electronic mail and telemarketing activity).

2. For the purpose of performance of marketing activity, the Controller in some cases uses profiling. This means that thanks to automatic data processing, the Controller assesses the selected factors pertaining to natural persons for the purpose of analysis of their behaviours or to develop forecasts for the future.

CONTEXT ADVERTISING

The Controller processes personal data of Users for marketing purposes in association with context advertising addressed to Users (that is, advertising, which is not adjusted to User preferences). In such case, processing of personal data takes place in association with legitimate interest of the Controller (art. 6 section 1 letter f GDPR).

BEHAVIOURAL ADVERTISING

The Controller processes personal data of Users, including personal data gathered via cookies and other similar technologies, for marketing purposes in association with behavioural advertising addressed to Users (that is, advertising, which is adjusted to user preferences). In such case, processing of personal data includes User profiling. Use of personal data gathered through this technology for marketing purposes, in particular, for the purpose of promotion of goods and services of third parties, takes place on the basis of the legitimate interest of the controller, only if the User has given consent for use of cookies. The consent for use of cookies may be expressed by providing a proper configuration of the browser, and it may be withdrawn at any time, in particular, by clearing the cookies history and disabling cookies in the browser settings. This consent may be withdrawn at any time.

DIRECT MARKETING

If the User has given consent for receiving marketing information via e-mail, text messages and other means of electronic communications, personal data of the User will be processed for the purpose of sending of such information. The basis for processing of data is the legitimate interest of the Controller, which consists of sending of marketing information within the scope of the consent given by the User (direct marketing). The User has the right to object to the processing of information for direct marketing, including profiling. The data will be stored for this purpose for the period of validity of the legitimate interest of the Controller, unless the User objects against receiving marketing information.

5. SOCIAL MEDIA PORTALS

The Controller processes personal data of Users visiting profiles of the Controller in the social media (Facebook, YouTube, Instagram, Twitter, Google +, Pinterest). This data is processed exclusively in association with management of the profile, as well as in order to inform the Users of activity of the Controller, and to promote various events, services and products, as well as to communicate with users via functionalities, which are available in the social media. The legal basis for processing of personal data by the Controller for this purpose is their legitimate interest (art. 6 section 1 letter f GDPR), consisting of promotion of own brand and building and maintaining of the community associated with the brand.

6. COOKIES AND SIMILAR TECHNOLOGIES

Cookies are small text files, installed in the device of the User browsing through the Website. Cookies gather information that facilitates use of the Web page - e.g. by saving information on User visits on the Website and the activities performed.

SERVICE COOKIES

The Controller uses the so-called service cookies mainly for the purpose of delivering services to Users via electronic means and to enhance the quality of these services. As a result, the Controller and other entities rendering analytical and statistical services on their behalf use cookies, storing information or obtaining access to information already stored in the telecommunications end device of the User (computer, phone, tablet etc.). Cookie files used for this purpose include:

  1. User input cookies, containing data entered by the User (session identifier) for the period of session duration; 
  2. authentication cookies used for services requiring authentication during the session; 
  3. user centric security cookies, used e.g. to detect authentication violations; 
  4. multimedia player session cookie (e.g. flash player cookies), used for the duration of the session; 
  5. user interface customization cookies, used during the session or for a slightly longer time, 
  6. shopping cart cookies used to save the shopping cart content during the session;
  7. cookies used to monitor Website traffic, that is, data analytics, including Google Analytics cookies (these files are used by Google company for the purpose of analysis of the mode of use of the Website by the User, to develop statistics and reports on functioning of the Website). Google does not use the data gathered to identify Users and does not combine this information to enable identification. Detailed information on the scope and rules of data collection in association with this service can be used at: https://policies.google.com/technologies/partner-sites?hl=en-GB

MARKETING COOKIES

The Controller also uses cookie files for marketing purposes, e.g. in association with behavioural advertising addressed to users. For this purpose, the Controller stores information or obtains access to information already stored in the User's telecommunications end device (computer, phone, tablet etc.). Use of cookies and personal data collected via cookies for marketing purposes, in particular, for promotion of services and goods of third parties, requires the consent of the User. Such consent may be expressed by providing a proper configuration of the browser, and it may be withdrawn at any time, in particular, by clearing the cookies history and disabling cookies in the browser settings.

7. THE PERIOD OF PROCESSING OF PERSONAL DATA

  1. The period of processing of personal data by the Controller depends on the type of service rendered and the objective of processing. In principle, the data is processed for the period of rendering of a service or completion of an order, until withdrawal of the consent given or raising of an effective objection against data processing in cases, in which the legal basis for processing of data is the legitimate interest of the Controller.
  2. The data processing period may be extended, if processing is necessary to determine and pursue potential claims or for defence against claims, and after this time, only in the case and to the extent, in which it is required by legal provisions in force. After the expiry of this period, data is irrevocably erased or anonymised.

8. USER'S RIGHTS

1. The data subjects have the following rights:

a) The right to being informed of processing of personal data - on this basis, a person, who makes such demand, is provided by the Controller with information on processing of personal data, including, in particular, the purposes and legal basis for processing, the scope of data held, entities that obtain access to such data and the planned date of erasure of data; 

b) The right to obtain copies of data - on this basis, the Controller provides a copy of data processed, pertaining to the person making the claim; 

c) The right to rectification of data - on this basis, the Controller removes any discrepancies or errors in personal data being processes, complements or updates the data, if it is incomplete or has changed; 

d) The right to erase the data - on this basis, it is possible to demand erasing of data, which is no longer necessary for any of the purposes, for which the data has been collected; 

e) The right to limit processing - on this basis, the Controller ceases to perform any operations using the personal data, except for operations, for which the data subject has given consent and storage of data, in accordance with the applicable retention rules, or until the reasons for limitation of data processing have ceased to exist (e.g. a decision has been issued by the supervisory authority, allowing for further processing of data); 

f) The right to transfer data - on this basis, to the extent, in which data is processed in association with an agreement concluded or a consent given, the Controller issues the data submitted by the data subject in a machine-readable format. It is also possible to demand that the data is sent to another entity - however, provided that technical capabilities exist in this regard both on the part of the Controller and such other entity; 

g) The right to object against processing of data for marketing purposes - the data subject may at any time object against processing of personal data for marketing purposes, without having to give a justification for such objection; 

h) The right to object against other purposes of data processing - the data subject may, at any time, object against processing of personal data on the basis of legitimate interest of the Controller (e.g. for analytical or statistical purposes or due to reasons associated with protection of property). An objection i this regard should contain a justification and is subject to assessment by the Controller; 

i) The right to withdraw the consent - if data is processed on the basis of a consent, the data subject has the right to withdraw the consent at any time without prejudice to the lawfulness of the processing which was carried out on the basis of such a consent before its withdrawal; 

j) The right to submit a complaint - if the data subject decides that processing of personal data violates the GDPR provisions or other legislation regulating protection of personal data, they may submit a complaint to the President of the Office for Protection of Personal Data. 

2. An application for execution of rights of data subjects may be submitted: 

a) in writing to the following address: BRATKI s.c., ul. Brandta 19, 26-505 Orońsko 

b) via e-mail to the address: administrator@firmabratki.pl 

3. The application should, as much as possible, indicate precisely the subject of the demand, that is, in particular: 

a) specify the right referred to by the data subject (e.g. the right to receive a copy of data, the right to erase the data etc.); 

b) the process subject to the demand (e.g. use of a specific service, activity on a specific Website, receipt of a newsletter containing commercial information to a specific e-mail address, etc.); 

c) the processing purposes subject to the demand (e.g. marketing purposes, analytical purposes etc.). 

4. If the Controller is unable to determine the content of the demand or identify the applicant on the basis of the notification submitted, they will address the applicant, requesting additional information.

5. A reply to the demand will be given within one month after its receipt. If it is necessary to extend this time limit, the Controller will inform the applicant of the causes of such extension.

6. A reply will be given to the e-mail address, from which the application has been received, and in the case of applications sent by mail, with an ordinary letter to the address specified by the applicant, unless the content of the letter indicates willingness to receive the reply to an e-mail address (in such case, it is necessary to specify the e-mail address).

 9. DATA RECIPIENTS

  1. In association with performance of services, personal data will be disclosed to external entities, in particular, service providers responsible for handing of IT systems, such entities as banks and payment operators, entities rendering accounting, legal, audit and consulting services, couriers (in association with order completion), marketing agencies (in association with marketing purposes) and entities related to the Controller;
  2. If the User’s consent has been obtained, their data may also be disclosed to other entities for their own purposes, including marketing purposes.
  3. The Controller reserves the right to disclose selected information concerning the User to appropriate authorities or third parties, demanding disclosure of such information on the proper legal basis and in accordance with the legislation in force.

10. SECURITY OF PERSONAL DATA

  1. The Controller conducts risk analyses on an ongoing basis to make sure that personal data is processed in a safe manner - making sure, in the first place, that access to data has been granted only to authorised persons, exclusively to the extent, in which it is necessary for the purpose of their tasks. The Controller makes sure that all operations using personal data are recorded and performed exclusively by their authorised employees and business partners.
  2. The Controller makes all necessary efforts to make sure that their subcontractors and other cooperating entities provide a warranty of exercising of appropriate security measures whenever they are processing personal data as ordered by the Controller.

11. CONTACT DETAILS 

The Controller can be contacted via e-mail at: administrator@firmabratki.pl 

12. AMENDMENTS TO PRIVACY POLICY 

The policy is verified on a regular basis and updated as necessary.

 

Menu Search More More
    • Wholesale store addresses:
    • C.H.EACC.
      ul. Nadrzeczna 7A
      Hala 1 box B48
      05-552 Jabłonowo
      POLAND
      tel: +48 503 172 666, +48 508 354 654

      C.H. PTAK
      ul. Rzemieślnicza 35
      pasaż Wschodni 14Y
      95-030 Rzgów
      POLAND
      tel: +48 510 228 614

    • E-mail:sklep@firmabratki.pl
up
Shop is in view mode
View full version of the site
Sklep internetowy Shoper Premium