§ 1. Personal data administrator
The administrator of personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of individuals about the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ( General Data Protection Regulation), from now on referred to as “GDPR,” is Clebre SA with its registered office in Olsztyn, ul. Artyleryjska 3K, 10-165 Olsztyn, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in Olsztyn, 8th Commercial Division of the National Court Register under KRS number 0000593607, NIP: 7010532653, REGON: 363340134, with a share capital of PLN 161,800.00, from now on referred to as “Administrator.”
The User’s data is processed in compliance with the security rules required by the provisions of the GDPR and other legal acts in force in Poland.
§ 2. Purposes and legal grounds for data collection
Based on Article. 6 sec. one lit. a) GDPR, i.e., based on the consent granted, the data will be processed for marketing purposes, including sending a newsletter or information about the Administrator’s and its partners’ promotions, products, and offers.
Based on Article. 6 sec. one lit. f) GDPR, in connection with the so-called Administrator’s legitimate interest, which is maintaining contact with Users, establishing and pursuing claims, and defending the Administrator’s rights, as well as developing and improving the quality of services provided by the Administrator and conducting direct marketing activities, personal data will be processed for the following purposes:
ensuring contact – the data provided by the User to contact the Administrator will be processed to answer the questions asked, including to provide information about their activities and about the products and services they offer, at the request of interested persons,
correct display of websites managed by the Administrator and visited by Users, as well as their adaptation and improvement,
conducting direct marketing activities,
keeping statistics and making analyses to improve the quality of products and services provided by the Administrator,
determination, investigation, and defense of claims; it should be noted that the Administrator is entitled to pursue claims for business activity and must also be ready to fend off any claims against him, which allows the Administrator to process personal data also for this purpose,
statistical, archival, and ensuring accountability (showing the Administrator’s fulfillment of obligations under the law).
§ 3. Data transfer
By applicable law, the Administrator may transfer Users’ data to entities processing them on his behalf, the so-called data recipients. They may be entities dealing with IT services and providing the Administrator with IT tools, dealing with management and entering data into databases, intermediaries in the implementation of marketing campaigns, entities participating in the performance of contracts (subcontractors, entities providing postal and courier services, companies dealing with the settlement of online transactions ), as well as providing consulting services (e.g., accounting, legal). By the law, data may be transferred based on applicable law, e.g., to courts or law enforcement authorities – of course, only if they make a request based on an appropriate legal basis.
Suppose the Administrator transfers data to entities based in countries outside the European Economic Area. In that case, he will require that these entities guarantee a high level of personal data protection and compliance with European data protection standards and that they conclude appropriate agreements based on model contractual clauses on the security of data adopted by the European Commission.
§ 4. Data retention
When the User agrees to data processing for marketing purposes, the data will be processed for the duration of the Administrator’s possession of products and services addressed to the persons whose data are processed or until the consent is withdrawn.
The data will be periodically checked for validity; if found to be outdated, they will be updated or deleted by the Administrator.
At the same time, to comply with the so-called accountability, the data will be stored for the period in which the Administrator is obliged to keep the data or documents containing them to document the fulfillment of legal requirements, including to enable control of their dignity by public authorities.
§ 5. Rights of the data subject
Each User has the right to access and correct or rectify their data.
The User also has the right to delete, transfer, limit processing, lodge, and link to the President’s Personal Data Protection.
If the proc Presidentessing is based on the User’s consent, he has the right to withdraw it at any time without affecting the lawfulness of the processing, which was made based on consent before its withdrawal.
The User has the right to object to the processing of their data when their processing is based on legitimate interest or for statistical purposes. The objection is justified by the situation in which the User has found himself.
In the case of data processing under art. six sec. One lit. f) GDPR to conduct direct marketing activities, the User may object to such processing at any time.
The User can make any changes in the scope of his data by sending an appropriate declaration of will to the Administrator’s address email@example.com
The Administrator reserves the right to refuse to delete data if their retention is necessary to pursue claims or in the event of other valid legitimate grounds for the processing, overriding the interests, rights, and freedoms of the data subject or if required by applicable law.
§ 6. Voluntary provision of data
Personal data was provided to the Administrator by the User voluntarily. Please remember that the Administrator did not oblige you to provide any data; providing them is not a statutory obligation.
However, personal data may be necessary to enable the use of the Administrator’s website and to contact you. Failure to provide data may result in, i.a., inability to use the website, answer the question asked via the contact form, and send the newsletter.
§ 7. Security and protection of personal data
The Administrator declares that it processes Users’ data by the provisions of the GDPR and that it applies technical and organizational measures to ensure the protection of processed data appropriate to the threats and categories of data protected, and in particular, protects Users’ data against disclosure to unauthorized persons, loss or damage.
The administrator monitors the adequacy of the data security applied to the identified threats. If necessary, the Administrator implements additional measures to increase data security.
Only authorized employees or associates of the Administrator and authorized persons handling clebre.com who have been granted appropriate authorizations have direct access to personal data collected by the Administrator.
The Administrator also takes all necessary actions to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process personal data at the request of the Administrator.
§ 8. Disclaimer
§ 9. Contact
§ 11. Cookies policy
The www.clebre.com website does not automatically collect information except in cookie files.
Cookie files (so-called “cookies”) are IT data, in particular in the form of text files stored in the Website User’s end device and intended for using the Website’s websites. Cookies usually contain the name of the Website they come from, their storage time on the end device, and a unique number.
The entity placing cookies on the Website User’s end device, accessing them, and administering the data contained therein is the Administrator (Clebre SA).
Cookies are used to:
a) adapting the content of the Website pages to the User’s preferences and optimizing the use of websites; in particular, these files allow to recognize of the Website User’s device and correctly display the Website, tailored to his individual needs;
b) creating statistics and analyses that help to understand how Website Users use websites, which allows for improving their structure and content;
c) maintaining the Website User’s session, thanks to which the User’s device is recognized when revisiting the Website.
a) “necessary” cookies, enabling the use of services available on the Website, e.g., authentication cookies used for services requiring authentication on the Website;
b) cookies used to ensure security, e.g., used to detect abuses in the field of authentication within the Website;
c) “functional” cookies, enabling “remembering” the settings selected by the User and personalizing the User’s interface, e.g., in terms of the chosen language or region from which the User comes, font size, website appearance, etc.;
d) “analytical” cookies, helping to determine how Users use the Website, which allows for analyzing Users’ behavior to take steps to improve the efficiency and convenience of using the Website. The Administrator uses them for statistical purposes to check how often the Website is visited and what actions users take. These data are used to optimize and develop the Website.