Privacy Policy

CONTENTS:

  1. General provisions
  2. Basics of data processing
  3. The purpose, basis, period and scope of data processing on the Portal
  4. Profiling on the Portal
  5. Cookies on the Portal, operational data and analytics
  6. General provisions

 

  1. General provisions
    • The controller of personal data processed via the website https://www.hartum.com.pl/ (hereinafter referred to as the ” Portal “) is an entrepreneur conducting business activity under the name HARTUM spółka z ograniczoną odpowiedzialnością in Bilcza, ul. Szafirowa 46, 26-026 Morawica, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court in Kielce under the KRS number 0000654761, REGON: 366146415, NIP: 6572927505, hereinafter referred to as the ” Service Provider “. Detailed contact details can be found on the ” Contact ” page. The personal data indicated are protected in accordance with the requirements of generally applicable law, and are stored on secured servers.
    • This privacy policy of the https://www.hartum.com.pl/ portal, referred to as the ” Privacy Policy ,” is for informational purposes only, meaning it does not constitute a source of obligations for Users. The Privacy Policy primarily contains principles regarding the processing of personal data by the Service Provider, including the basis, purposes, and scope of personal data processing and the rights of data subjects, as well as information regarding the use of cookies and analytical tools on the Portal.
    • For the purposes of better understanding of the Privacy Policy, the term ” GDPR ” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. Official text of the GDPR Regulation: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679
    • The Service Provider respects the privacy of users visiting the Portal. Like most website publishers, the Service Provider collects the IP addresses of users’ computers and necessary information about their use of the site. However, this data is used solely for technical and administrative purposes (with the exception of the user’s geolocation service , which allows them to be directed to the appropriate subpages of city-specific services). The Service Provider does not attempt to identify users. Among other things, a secure communication encryption protocol (SSL) is used.
    • Personal data provided in the form on the landing page page are treated as confidential and are not visible to unauthorized persons.
    • Using the Portal, including making purchases, is voluntary. Similarly, providing personal data by the User using the Portal is voluntary, subject to exceptions in the form of statutory obligations of the Administrator – providing personal data is a statutory requirement resulting from generally applicable laws imposing on the Administrator an obligation to process personal data (e.g., processing data for the purpose of maintaining tax or accounting records), and failure to provide such data will prevent the Administrator from fulfilling these obligations.
    • The Administrator takes special care to protect the interests of persons whose personal data he processes, and in particular is responsible and ensures that the data he collects are:
      • processed in accordance with the law;
      • collected for specified, lawful purposes and not subject to further processing incompatible with those purposes;
      • factually correct and adequate in relation to the purposes for which they are processed;
      • stored in a form which permits identification of data subjects for no longer than is necessary to achieve the purpose of processing;
      • processed in a way that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organisational measures.
    • Taking into account the nature, scope, context, and purposes of processing, as well as the risk of varying likelihood and severity of violations of the rights and freedoms of natural persons, the Controller implements appropriate technical and organizational measures to ensure that processing is carried out in accordance with this Regulation and to be able to demonstrate this. These measures are reviewed and updated as necessary. The Controller implements technical measures to prevent unauthorized access and modification of personal data transmitted electronically.
  1. Basics of data processing
    • The Service Provider is the controller of Users’ personal data. This means that if a User uses the Portal’s services, the Service Provider may process their personal data to the extent referred to in paragraph 3.2.
    • The Administrator is entitled to process personal data in cases where – and to the extent that – at least one of the following conditions is met:
      • the data subject has consented to the processing of his or her personal data for one or more specific purposes;
      • processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject before entering into a contract;
      • processing is necessary to fulfil a legal obligation incumbent on the Controller;
      • processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.
    • The processing of personal data by the Administrator requires each time the existence of at least one of the grounds indicated in paragraph 2.1. The specific grounds for processing the personal data of Portal Users by the Administrator are indicated in the next section of the privacy policy – in relation to the given purpose of personal data processing by the Administrator.
  2. The purpose, basis, period and scope of data processing on the Portal
    • Each time, the purpose, basis, period and scope as well as the recipients of personal data processed by the Administrator result from the actions undertaken by a given User.
    • Every data subject (if the Service Provider is the controller) has the right to access data, rectify, erase or limit processing, the right to object, the right to lodge a complaint with the supervisory authority, in accordance with the Information on personal data protection.
    • The Service Provider reserves the right to process User data only to the extent necessary to pursue possible claims in court or if national, EU or international law obliges us to retain data.
    • The Service Provider has the right to disclose the User’s personal data and other data to entities authorized under applicable law (e.g. law enforcement authorities).
    • Personal data may be deleted as a result of withdrawal of consent or filing a legally permissible objection to the processing of personal data.
    • The Service Provider informs that the Customer may only anonymously browse the Portal’s content. The User may not use the services offered by the Service Provider anonymously or under a pseudonym. To place an order, it is necessary to provide the personal data specified in this Policy.
    • In order to exercise the rights referred to in this point of the privacy policy, you can contact the Controller by sending an appropriate message in writing or by e-mail to the Controller’s address indicated at the beginning of the privacy policy or by using the contact form available on the Portal.
  3. Profiling on the Portal
    • The GDPR requires the Controller to provide information about automated decision-making, including profiling, as referred to in Article 22(1) and (4) of the GDPR, and – at least in these cases – relevant information about the principles underlying such decision-making, as well as the significance and anticipated consequences of such processing for the data subject. With this in mind, the Controller provides information about possible profiling in this section of the privacy policy.
    • The Administrator may use profiling on the Portal for direct marketing purposes, but the decisions made on its basis by the Administrator do not concern the conclusion or refusal to conclude a sales contract or the possibility of using electronic services on the Portal.
    • Profiling on the Portal involves the automatic analysis or forecast of a given person’s behavior on the Portal.
    • The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or significantly affects him or her in a similar manner.
  4. Cookies on the Portal, operational data and analytics
    • The website https://www.hartum.com.pl/ uses cookies . These are small text files sent by a web server and stored by the browser’s software. When the browser reconnects to the site, the site recognizes the type of device the user is connecting from. These parameters allow only the server that created them to read the information contained within them. Cookies therefore facilitate the use of previously visited websites. Detailed information about cookies , as well as the history of their creation, can be found here: http://pl.wikipedia.org/wiki/Ciasteczko.
    • The Administrator may process data contained in cookies when visitors use the Portal for the following purposes:
      • keeping anonymous statistics showing how the Portal is used;
      • remarketing , i.e. research on the behavior of visitors to the Portal through anonymous analysis of their activities (e.g. repeated visits to specific pages, keywords, etc.) in order to create their profile and provide them with advertisements tailored to their expected interests, also when they visit other websites in the advertising network of Google Inc. and Facebook Ireland Ltd.
    • By default, most web browsers accept cookies by default . Everyone can specify the terms of cookie use through their own web browser settings. This means, for example, that you can partially restrict (e.g., temporarily) or completely disable the ability to save cookies . However, this may affect some of the Website’s functionalities (for example, it may be impossible to complete the ordering process via the order form due to the failure to remember products in your shopping cart during subsequent ordering steps).
    • Your web browser’s cookie settings are important for consenting to the use of cookies by the Portal. According to the regulations, such consent can also be expressed through your web browser settings. If you do not consent, you must change your web browser’s cookie settings accordingly .
    • Users should be aware that disabling cookies may affect how the website is displayed in their browser. Failure to change cookie settings means that they will be stored on the user’s end device, and therefore the Service Provider may access them.
    • The User’s use of the Portal without changing browser settings constitutes acceptance of the above-mentioned rules on the use of cookies and consent to their use by the Service Provider.
    • Customers can disable or restore cookie collection at any time by changing their browser settings. Cookie management instructions are available at: http://www.allaboutcookies.org/manage-cookies
  • Detailed information on changing cookie settings and deleting them yourself in the most popular web browsers is available in the help section of your web browser and on the following websites (just click on the link):

in Chrome

in Firefox

in Internet Explorer

in the Opera browser

in Safari browser

in the Microsoft Edge browser

  • The information collected includes IP address, browser type, language, operating system type, internet service provider, time and date information, location and information sent to the website via the contact form.
  • The collected data is used to monitor and understand how users use our websites, to improve their performance and ensure more efficient and seamless navigation. We monitor user information using Google Analytics , which records user behavior on the website.
  • Cookies identify users, allowing us to tailor the content of the website they’re using to their needs. By remembering their preferences, they enable targeted advertising. We use cookies to ensure the highest standard of user experience on our website, and the collected data is used only within the Service Provider’s organization to optimize operations.
  • cookies on our website :
    • “essential” cookies , enabling the use of services available on the website, e.g. authentication cookies used for services that require authentication on the website;
    • cookies used to ensure security, e.g. used to detect abuse of authentication within the website ;
    • “performance” cookies , enabling the collection of information on how the website pages are used;
    • “functional” cookies , which enable “remembering” the settings selected by the user and personalising the user interface, e.g. in terms of the selected language or region the user comes from, font size, website appearance, etc.;
    • “advertising” cookies , enabling the provision of advertising content to users that is more tailored to their interests.
  • The Service Provider, as the Controller, may use the Google Analytics and Universal Analytics services on the Portal provided by Google Inc. (1600 Amphitheatre Parkway , Mountain View , CA 94043, USA) and the Facebook Pixel service provided by Facebook Ireland Limited (4 Grand Canal Square , Grand Canal Harbor, Dublin 2, Ireland). These services help the Administrator analyze traffic on the Portal. The collected data is processed anonymously as part of the above services (these are so-called operational data that prevent individual identification) to generate statistics helpful in administering the Portal. This data is aggregated and anonymous, meaning it does not contain any identifying features (personal data) of visitors to the Portal. By using the above Portal services, the Administrator collects data such as the sources and means of acquiring visitors to the Portal, their behavior on the Portal, information about the devices and browsers they use to visit the site, IP address and domain, geographic data, demographic data (age, gender), and interests.
  • It is possible for a given person to easily block the provision of information about their activity on the Portal to Google Analytics – for this purpose, you can install a browser add-on provided by Google Inc., available here: https://tools.google.com/dlpage/gaoptout?hl=pl
  1. Final provisions
    • The Portal may contain links to other websites. The Service Provider encourages users to review the privacy policies posted on other websites after visiting them. The Privacy Policy applies only to the Service Provider’s Portal.
    • The Service Provider reserves the right to change the privacy and cookie policy at any time. The consolidated text of the privacy and cookie policy will be available on the Portal in the “Privacy Policy” tab. Any changes to the privacy and cookie policy will be visible in the “Privacy Policy” tab on the Portal’s home page.