1. en

GENERAL PROVISIONS

The administrator of personal data collected through the website univi.net.pl is Michał Przygoda-Żarczyński, conducting business activity under the name UNIVI Michał Przygoda-Żarczyński, with its registered office at ul. Kwiatów Polnych 10, 05-083 Borzęcin Mały, Poland, mailing address: ul. Kwiatów Polnych 10, 05-083 Borzęcin Mały, Poland, NIP: PL1182181047, REGON: 381344371, entered into the Central Register and Information on Economic Activity (CEIDG), email address: info@univi.net.pl, hereinafter referred to as the “Administrator,” who is also the Service Provider.

Personal data collected by the Administrator through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, as well as the Polish Personal Data Protection Act of 10 May 2018.

TYPES OF PERSONAL DATA, PURPOSES, AND SCOPE OF DATA COLLECTION

PURPOSE AND LEGAL BASIS FOR PROCESSING

The Administrator processes personal data through the website univi.net.pl in the following cases:

  • When the user uses the contact form – personal data are processed based on Article 6(1)(f) of the GDPR as the legitimate interest of the Administrator.

  • When the user subscribes to the newsletter to receive commercial information electronically – personal data are processed upon separate consent, pursuant to Article 6(1)(a) of the GDPR.

TYPES OF PROCESSED PERSONAL DATA

The Administrator processes the following categories of user data:

  • First name and surname,

  • Address (residence),

  • Email address.

DATA RETENTION PERIOD

Personal data of users are stored by the Administrator:

  • If the legal basis for processing is the performance of a contract, data are stored as long as necessary for the execution of the contract, and thereafter for the period corresponding to the limitation period for claims. Unless otherwise provided by law, the limitation period is six years, and for periodic claims and claims related to business activity – three years.

  • If the legal basis for processing is consent, data are stored until the consent is withdrawn, and after withdrawal, for the period corresponding to the limitation period for claims that may be raised by or against the Administrator. Unless otherwise provided by law, the limitation period is six years, and for periodic claims and business-related claims – three years.

During the use of the website, additional information may be collected, such as the IP address assigned to the user’s computer or the external IP address of the Internet provider, domain name, browser type, access time, and operating system type.

Navigational data may also be collected from users, including information about links and references clicked or other activities undertaken on the website. The legal basis for such processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting of facilitating the use of electronic services and improving their functionality.

Providing personal data by the user is voluntary.

Personal data may also be processed automatically, including profiling, if the user consents pursuant to Article 6(1)(a) of the GDPR. The consequence of profiling will be assigning a specific profile to an individual to make decisions concerning them or to analyze or predict their preferences, behaviors, and attitudes.

The Administrator takes special care to protect the interests of persons whose data are processed, ensuring in particular that the collected data are:

  • processed lawfully,

  • collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes,

  • factually correct and adequate to the purposes for which they are processed,

  • stored in a form that permits identification of the data subjects no longer than necessary to achieve the purposes of processing.

DISCLOSURE OF PERSONAL DATA

Personal data of users are provided to service providers used by the Administrator in the operation of the website. Depending on contractual arrangements and circumstances, these service providers either act on the instructions of the Administrator regarding the purposes and methods of processing (data processors) or determine the purposes and methods of processing themselves (data controllers).

User personal data are stored exclusively within the European Economic Area (EEA).

RIGHTS OF DATA SUBJECTS

The data subject has the right to:

  • access their personal data,

  • rectify, delete, or restrict the processing of their data,

  • data portability,

  • object to processing,

  • withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Legal basis for user requests:

  • Access to data – Article 15 GDPR

  • Rectification of data – Article 16 GDPR

  • Erasure of data (“right to be forgotten”) – Article 17 GDPR

  • Restriction of processing – Article 18 GDPR

  • Data portability – Article 20 GDPR

  • Objection – Article 21 GDPR

  • Withdrawal of consent – Article 7(3) GDPR

To exercise the above rights, a relevant email should be sent to: info@univi.net.pl.

When a user exercises any of the above rights, the Administrator fulfills or refuses to fulfill the request without undue delay, but no later than within one month after its receipt. However, if the request is complex or there are multiple requests, the Administrator may extend the time limit by another two months, informing the user within one month of receiving the request about the extension and the reasons for it.

If a data subject believes that the processing of personal data violates GDPR provisions, they have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO).

“COOKIES” FILES

The Administrator’s website uses “cookies.”

The installation of “cookies” is necessary for the proper provision of services on the website. Cookies contain information essential for the correct functioning of the website and enable the preparation of general visit statistics.

The website uses the following type of cookies:

  • Session cookies – these are temporary files stored on the user’s end device until logging out (leaving the website).

The Administrator uses its own cookies to better understand user interactions with the website’s content. These files collect information about how users use the site, the type of site from which they were redirected, the number of visits, and the duration of the visit. This information does not record specific personal data but serves to compile statistics on website usage.

The user has the right to determine how cookies access their computer by configuring their browser settings accordingly. Detailed information about the possibilities and methods of handling cookies is available in the software (browser) settings.

FINAL PROVISIONS

The Administrator applies technical and organizational measures ensuring the protection of processed personal data appropriate to the risks and categories of data being protected, and in particular safeguards data against unauthorized access, retrieval by an unauthorized person, processing in violation of applicable laws, alteration, loss, damage, or destruction.

The Administrator provides appropriate technical means to prevent the acquisition and modification of personal data sent electronically by unauthorized persons.

For matters not covered by this Privacy Policy, the provisions of the GDPR and other applicable Polish laws shall apply accordingly.

SUBSCRIBE TO OUR NEWSLETTER

LEAVE YOR MESSAGE HERE

CONTACT INFO: