I DEFINITIONS

Administrator – means a person who comes from or is a research body, known or other entity that is independently or an entity with a different determination of the purposes and systems of processing personal data.
The administrator of your data is ALUPROJECT Polska Sp. z o. o. Wola Łącka 55, 09-520 Łąck.
Processing – means or a set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting or eliminating, downloading, penetrating, spreading, through application, application or other type of release, matching or switching, limiting, deleting or destroying. Profiling – means the definition of automated processing of personal data, which includes personal data regarding certain individual factors, in which there are analyses or forecasts regarding the effects of this person’s actions, their economic situation, health, use, control, reliability, behavior, or movement. Recipient – means a person or body known, known or other entity, disclosing personal data, whether it is disclosed. Public bodies that may be connected to the master data within the framework of the application of Union law or the assumption of the establishment, are not accessible to users; the transmission of this data by these public bodies must comply with the dissemination of data protection applicable to the purpose of dissemination. “Consent” of the data subject, the meaning that has occurred, informed and the demonstration of will, which contains data, in the form of a set or confirmed affirmative action, authorizes the confirmation concerning his personal data. Personal data – all information about the location identified or identifiable by one of several specific indicators specified, basic, genetic, psychological, economic, cultural or identity determination, including IP device, location data, internet identifier and information collected by cookies and other version of technology. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of legal persons with regard to the use of personal data and on the free access to such data and their use by 95/46/EC. Service – the website operated by the Administrator at https://aluproject.eu/
User – any natural person visiting the Service or accessing one of several services.

II. PURPOSES AND LEGAL BASIS FOR DATA PROCESSING

1. Personal data of all persons using the Website (including IP address or other identifiers and information collected via cookies) and who are not registered Users are processed by the Administrator for the purpose of:a) providing services electronically in the scope of placing and fulfilling an order and making the content collected on the Website available to Users, – the legal basis is processing for the purpose of concluding and performing a contract (art. 6 sec. 1 letter b of the GDPR); b) handling complaints – the legal basis for processing as a necessity for performing a contract (art. 6 sec. 1 letter b of the GDPR); c) for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (art. 6 sec. 1 letter f of the GDPR)d) the possibility of establishing and pursuing claims or defending against them – the legal basis for processing is the legitimate interest of the Administrator (art. 6 sec. 1 letter f of the GDPR) consisting in protecting its rights; e) provision of marketing services by the Administrator – the legal basis for processing is the legitimate interest of the Administrator (Article 6, paragraph 1, letter f of the GDPR).

III. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES

1. The Administrator processes the personal data of Users in order to carry out marketing activities, which may consist of: a) sending e-mail notifications about interesting offers or content, which in some cases contain commercial information, b) sending newsletters to Users who have given the Administrator consent to receive them. 2. If the User has agreed to receive marketing information via e-mail, SMS and other means of electronic communication, the User’s personal data will be processed for the purpose of sending such information.

IV. USE OF SOCIAL MEDIA PORTALS BY THE ADMINISTRATOR

1. The Administrator processes the personal data of Users visiting various profiles of the Administrator maintained in social media (Facebook, Instagram, Linkedin). 2. This data is processed solely in connection with maintaining the profile, including for the purpose of informing Users about the Administrator’s activities. The legal basis for the processing of personal data by the Administrator in this case is its legitimate interest (art. 6 sec. 1 letter f of the GDPR) consisting in promoting its own brand in social media.

V. PERIOD OF PERSONAL DATA PROCESSING

1. The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. The fundamental principle is that the administrator processes data for the duration of the service provision or order fulfillment or until the withdrawal of the expressed consent. There is also a possibility that the processing will continue until an objection to data processing is filed, but only in cases where the legal basis for data processing is the legitimate interest of the Administrator. 2. The period of data processing may also depend on the situation in which the processing is necessary to establish, pursue and defend claims or, and after that time only in the case and to the extent required by law. After the processing period has elapsed, the data will be deleted.

VI. RIGHTS OF PERSONS WHOM THE DATA CONCERN

On the basis of the provisions on the protection of personal data, data subjects have the following rights:1) The right to obtain a copy of the data – the Administrator provides a copy of the processed data concerning the person who submits such a request; 2) The right to rectify the data – the Administrator removes inconsistencies or errors concerning personal data, if necessary, makes the necessary corrections or updates at the request of the data subject; 3) The right to be forgotten (the right to delete data) – the data subject has the right to request the deletion of the data, this right is not always possible for the Administrator to exercise; 4) The right to limit processing – the Administrator ceases to perform operations on personal data, with the exception of operations to which the data subject has consented; 5) The right to transfer data – the data subject has, among other things, the right to transfer data from one administrator to another administrator. It should be noted that the possibility of exercising this right may be limited by technical problems originating both from the current administrator and the administrator to whom the data is to be transferred; 6) The right to object – this right consists in the fact that the data subject will be able to object to the processing of personal data; 7) The right to access information – this right consists in the fact that the Administrator provides information on the processing of personal data to the data subject, including in particular the purposes and legal basis of processing, as well as the scope of the data held, potential recipients of the data, and indicates the planned date for deletion of the data; 8) The right to withdraw consent – ​​if a situation occurs in which the processing is based on consent, the data subject has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before the withdrawal of this consent; 9) The right to file a complaint – if you believe that the processing of personal data violates the provisions of the GDPR, the data subject may file a complaint with the President of the Personal Data Protection Office.

VII. PROCESS AND METHOD OF EXERCISING THE RIGHTS OF DATA SUBJECTS

You have the right to submit an application to exercise the rights of data subjects. 2. The application can be submitted:a) in person at the Administrator’s registered office; b) in writing to the following address: ALUPROJECT Polska Sp. z o.o. Wola Łącka 55, 09-520 Łąck
c) electronically to the following e-mail address: provide the address
3. The application should indicate what the request concerns, i.e. in particular:a) the right that the applicant wishes to exercise; b) indication of the appropriate processing process; c) indication of the purposes of processing the request. 4. In order to ensure the highest possible level of security of personal data protection, the Administrator may request additional information necessary to properly determine and identify the person submitting the application. 5. The response will be provided without undue delay, but no longer than within one month of its receipt. If a situation occurs in which the Administrator is unable to fulfill the request of the person submitting the application within one month, it will inform the applicant of the reasons for such extension. 6. The response will be provided depending on the form of the submitted application: a) in writing, at the Administrator’s registered office; b) by e-mail, to the e-mail address from which the application was sent; c) in the case of applications sent by post, by registered mail to the address indicated by the applicant.

VIII. DATA RECIPIENTS

1. In connection with the provision of services, personal data may be transferred to external entities, including IT companies responsible for the operation of IT systems, entities implementing online payments, entities providing legal services, courier companies (in connection with the execution of the order). 2. The Administrator also has the right to transfer the data of persons who are processed to the competent state authorities who have a legal basis to transfer personal data to them.

IX. TRANSFER OF DATA OUTSIDE THE EEA AND TO INTERNATIONAL ORGANIZATIONS

The Administrator does not plan to transfer your personal data to entities outside the European Economic Area or to international organizations.

X. DATA PROCESSING SECURITY

1. The Administrator implements appropriate technical and organizational measures so that data processing meets the requirements of applicable legal provisions regarding the protection of personal data, including the provisions of the GDPR and the Personal Data Protection Act of 10 May 2018. 2. The Administrator takes all possible and necessary actions, not only in relation to the business it conducts, but also in relation to entities processing data so that they also provide a guarantee of applying appropriate security measures in every case when they process personal data on behalf of and for the benefit of the Administrator.

XI. COOKIE POLICY

In order to comply with the requirements of legal provisions, including the Telecommunications Act of 16 July 2004 (Journal of Laws No. 171, item 1800, as amended), ALUPROJECT Polska Sp. z o.o. Wola Łącka 55, 09-520 Łąck presents information on the use of cookies by the Administrator. 1. The Administrator declares that it uses cookies on its website. 2. Cookies are computer files that are stored on the device of the user using a given website. 3. Cookies are saved on the user’s device by the web browser when the website is first accessed. By saving cookies in the memory of the user’s device, each time the user connects to a given website, the website can determine that the user has already used this website in the past and can adjust its content to the user. 4. The Administrator uses cookies, among othera by the Website do not make it possible to determine and store the user’s personal data. 6. The Administrator declares that using its Website without changing the settings regarding cookies is tantamount to expressing consent to saving these files in the memory of the device with which the user uses the Website. 7. Each user has the option to change the way cookies are used by the Administrator. 8. In order to change the way cookies are used, block them or delete them, appropriate changes should be made to the web browser settings. 9. The Administrator uses the following cookies on its website: a) “necessary” cookies, enabling the full use of the services available within the website, b) cookies, enabling the collection of information on the way the website pages are used, e.g. time spent on a specific subpage or the number of visits, c) “functional” cookies, enabling the “remembering” of settings selected by the user and personalizing the user interface, e.g. in terms of the selected language or region from which the user comes, font size, appearance of the website, etc.

XII. CONTACT

All information regarding contacting the Administrator is available in the contact tab. In matters related to the protection of personal data, it is possible to contact the Administrator at the following e-mail address: info@aluproject.eu

 

INFORMATION CLAUSE FOR CUSTOMERS

In accordance with Article 13 paragraphs 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), GDPR, informs that:

1. The administrator of your personal data is ALUPROJECT Polska Sp. z o.o., Wola Łącka 55, 09-520 Łąck
2. Contact with the Administrator in matters of personal data can be made by post to the following address: Wola Łącka 55, 09-520 Łąck, as well as by e-mail to the e-mail address: rodo@aluproject.eu
3. Your personal data may be processed for the purpose of:
   performance of the contract, i.e. its preparation, conclusion and performance (Article 6, paragraph 1, letter b) of the GDPR),
   in order to settle the remuneration resulting from the contract (Article 6, paragraph 1, letter c) of the GDPR),
   in order to conduct marketing activities and, if necessary, to pursue claims or defend against claims (Article 6, paragraph 1, letter f) of the GDPR).
   Other Data provided to the Administration are processed on the basis of the consent of the Client or Contractor (Article 6, paragraph 1, letter a) of the GDPR), which may be withdrawn at any time.
4. Your personal data may be transferred to:
   entities conducting postal or courier activities,
   state authorities or other entities authorized under the provisions of the law, entities providing services necessary for conducting business and performing the contract, including entities providing IT services, hosting, accounting firms.
5. Your personal data will not be transferred outside the European Economic Area (EEA) or to international organizations.
6. Personal data of Clients or Contractors, their proxies, procurators, managers, contact persons, representatives, employees will be Processed: until the withdrawal of the Consent to their Processing in a situation where the basis for their Processing was the Consent or until the expiry of the deadlines provided for by law obliging the ADO to Process the data of Clients or Contractors or the limitation of public law claims or the limitation of civil law claims. The data is subject to deletion within one month from the date of expiry of the legal basis for their Processing.
7. Providing your personal data is a requirement for concluding a contract. The consequence of not providing personal data will be the inability to perform the contract or provide the service. In other cases, the processing of your personal data is voluntary and in order to process your data, we will require your consent.
8. You have the right to access the content of your data and the right to rectify, delete, limit processing, the right to a copy of the data, the right to transfer the data, the right to object.
9. Your data will not be processed in an automated manner, including in the form of profiling.
10. You have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office.