PRIVACY POLICY
Following the entry into force of the EU Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Official Journal of the European Union L 119 p.1) on 25 May 2018 throughout the European Union, including Poland, called the GDPR, we commit ourselves to respecting your right to privacy online and making every effort to properly safeguard any data you provide (‘Personal Data’). Please also note that you can browse the website without giving any personal details.
- Your personal data controller is STARK Partner Sp. z o.o., Urszulin 6, 05-825 Grodzisk Mazowiecki.
- Please contact the Controller regarding the GDPR:
- by regular post to the address of the registered office given above,
- or by e-mail to: rodo@plast-box.com
- We undertake to take appropriate measures to ensure protection against unauthorised access or disclosure of data to third parties. We would like to inform you that the databases of the Website operator are protected against access by third parties.
- Your personal data, such as company name, address, full name, email address and telephone number, is processed for the purpose of:
- providing services by electronic means and sending commercial information – on the basis of your consent (Article 6(1)(a) of the GDPR in conjunction with Article 10(2) of the Act on the provision of services by electronic means),
- direct marketing of products or services, including establishing contact, presenting an offer, carrying out measurements and analyses, including profiling (i.e. using personal data to create your profile with a view of products and services which you may be interested in), storing data in cookies and collecting data from websites – based on your consent (Article 6(1)(a) of the GDPR in conjunction with Article 172 of the Telecommunications Law),
- concluding and performing agreements, including the execution of transactions, resolution of issues and the fulfilment of your requests to us, since processing is necessary for the conclusion and performance of agreements (Article 6(1)(b) of the GDPR),
- responding to enquiries made, transmitting the requested offer and sending correspondence required to handle the matter, based on the consent given and the Controller’s legitimate interest consisting in fulfilling customer/user requests (Article 6(1)(a) and (f) the GDPR),
- complying with the Controller’s legal obligations under EU or Polish law (e.g. towards the President of the Office for Competition and Consumer Protection, tax authorities) – as processing is necessary for the fulfilment of legal requirements that we are subject to (Article 6(1)(c) of the GDPR).
- The Controller makes the personal data of customers/users available to entities authorised under applicable law, e.g. courts and state authorities.
- Your data will be processed in the event of:
- the conclusion and performance of agreements – until the termination or expiry of a given agreement, provided that the data may sometimes also be processed after the expiry of the given agreement, but only if this is permitted or required under applicable law, e.g. processing for statistical or billing purposes,
- providing services by electronic means and sending commercial information – until you withdraw your consent,
- direct marketing of products or services, including establishing contact, providing you with an offer, carrying out measurements and analyses, including profiling (i.e. using your personal data to create your profile with a view of products and services which you may be interested in), storing data in cookies and collecting data from websites and mobile applications – until you withdraw your consent,
- complying with our legal obligations under European Union and Polish law – until our data retention obligations under the law expire,
- handling payment services, ensuring the security of the services we provide electronically, handling your requests made e.g. via the contact form when they are not directly related to the performance of an agreement, debt recovery, conducting judicial, administrative and mediation proceedings, storing data for archival purposes and ensuring accountability – until the statute of limitations for claims under the agreements or claims related to the processing of personal data has expired, or until you raise an objection.
- You have the following rights:
- to access your personal data, which includes obtaining a copy of the data, with the first copy being free of charge and taking into account that the Controller may charge a reasonable fee for subsequent copies based on administrative costs (Article 15(3) of the GDPR),
- to data modification (rectification, supplementation, updating) – Article 16 of the GDPR,
- to withdraw consent at any time in cases where data is processed on the basis of a previously given consent – Article 17 of the GDPR,
- to restrict processing at any time, due to a particular situation, unless processing is required by law – Article 18 of the GDPR, when:
- the data subject questions the accuracy of the personal data – for a period allowing the Controller to verify the accuracy of the data,
- processing is unlawful and the data subject objects to the erasure by requesting restriction of use,
- the Controller no longer needs that data but the data subject needs it to establish, assert or defend claims,
- the data subject has objected to the processing – until it is established whether the legitimate grounds on the part of the Controller override the grounds of the data subject’s objection;
- to object to the processing of personal data where processing is carried out on the basis of legitimate interest or for statistical purposes and the objection is justified by a particular situation – Article 21 of the GDPR,
- to request the erasure of personal data where the Controller no longer has a legal basis for its processing or the data is no longer necessary for the purposes of the processing (Article 17 of the GDPR),
- to portability of personal data, i.e. to receive that personal data in a structured, commonly used, machine-readable format and you have the right to send that personal data to another controller – Article 20 of the GDPR.
In order to exercise the aforementioned rights, the data subject should contact the Controller using the contact details provided under item 2 and inform it of which right she/he wishes to exercise and to what extent.
Lodge a complaint to the supervisory authority in charge of personal data protection, which is the Inspector General for the Protection of Personal Data (address: Stawki Str. 2, 00-193 Warsaw).
- In any case, the data subject may also directly contact the Controller’s Protection Group Coordinator:
- by e-mail to the address rodo@plast-box.com
- by post Urszulin 6, 05-825 Grodzisk Mazowiecki, marked: Personal Data Protection Group Coordinator.
- Providing data is voluntary but necessary for contact for the above purposes.
- The STARK Partner Sp. z o.o. services also use cookies stored on the Users’ terminal equipment. Cookies are small text files sent by the visited website to the User’s device.
- The STARK Partner Sp. z o.o. websites use two types of cookies:
- ‘Necessary’ – are cookies which are necessary for the website to work and which allow access to the secure areas of the website; these cookies are primarily session cookies and are deleted when the session ends, e.g. when the User leaves the website, when deleted by the User or when the browser is closed,
- ‘Functional’ – these are used to remember your selected privacy preferences, to fill in the online forms we provide and to remember your website settings.
- By default, the web browser allows the use of cookies on the visitor’s device www.stark.pl. When you visit the www.stark.pl website, you will be prompted with a message informing you that it uses cookies. On your first visit, we will ask you to agree to the use of cookies.
- In most web browsers, you can delete cookies from your computer’s hard drive (in the browser settings), block all cookies sent or set a warning before they are stored on the drive. Changes to the settings of these files consisting in restricting their use may affect some functionalities available on websites that use them.
- The Privacy Policy may be supplemented or updated in accordance with the Controller’s ongoing needs to ensure that customers/users are kept up to date and informed about their personal data and information. Any changes to the privacy policy will be communicated to customers/users via e-mail at the address provided to complete the contact form.