Privacy policy regarding the website of promar.pl
effective as of 20.01.2025. (“Privacy Policy”)
Introduction
Data protection, and in particular the protection of your personal data, is extremely important to us. Therefore, we present our data protection policy as clearly as possible. In the following Privacy Policy, we explain how we process your personal data within the promar.pl website (the “Site”).
Personal data is processed in accordance with the principles set forth in data protection laws, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (the “GDPR”) and Polish laws enacted in connection with the GDPR, including the Polish Data Protection Act of 10 May 2018.
PROMAR keeps personal data confidential and secures them against unauthorized access by third parties as provided for under the aforementioned legal acts and the Privacy Policy.
Terms not separately defined in the Privacy Policy have the meaning set forth in the GDPR.
Our Website may contain links to other websites. The controllers of these websites are responsible for their own privacy policies and the processing of personal data. We encourage you to read the data protection policies of these websites before providing your personal data.
Who are we?
The controller of the personal data is:
“PROMAR” PRZEDSIĘBIORSTWO PRODUKCYJNO HANDLOWE SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Zawiercie (ul. Cerefisko 2, 42-400 Zawiercie), entered in the register of entrepreneurs kept by the District Court for Katowice-Wschód in Katowice, VIII Economic Division, under number: 183150, with the share capital of PLN 1,000,000, REGON: 008052670, NIP: 1180010695, PROMAR has the status of a large enterprise within the meaning of the provisions of the Act on Counteracting Excessive Delays in Commercial Transactions and Annex No. 1 to the Commission Regulation (EU) No. 651/2014.
(“Controller”, “PROMAR”, communication conducted in the first person – e.g. we, us).
Contacting the Controller
The Controller can be contacted by sending an email at info@promar.pl or in writing to the address of the Controller’s registered office indicated above..
Who does the privacy policy apply to?
The Privacy Policy is addressed to users of the Website, i.e. all individuals visiting the Website, including users using forms available on our Website. In the Privacy Policy, we may also address users directly, e.g. using the phrase “you, your”.
When you visit our website, your personal data is generally not collected. This is done only in cases where data is voluntarily provided to us for further processing, such as through online forms, including a contact form or a recruitment form.
However, some so-called metadata is analyzed and stored in the form of cookies on your device or on our server according to the information we provide on the cookie wall page, where you can set your individual preferences.
This may include your IP address, the individual pages visited on our website and the amount of data transferred during the visit. The date and duration of the visit and the website or link from which you accessed our website are also recorded.
Purposes, bases and periods of personal data processing
The personal data processed on the Website will be processed for the following purposes, based on the legal bases listed below and for the period indicated therein. We have also indicated whether the provision of personal data is voluntary and whether it is a contractual or legal requirement.
A.CONTACTING THE CONTROLLER
Purpose: The Controller processes personal data for the purpose of establishing contact or conducting correspondence, through an electronic contact form, as well as by email, telephone, regular mail or instant messaging.
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR – the processing is necessary for the purposes of the Controller’s legitimate interest, which is to maintain contact with persons interested in the Controller’s business activity, to timely conduct all communications in connection with the business activity, to ensure the quality of cooperation with customers and contractors and other interested parties.
Processing period: Personal data will be processed for the period necessary to maintain contact (handle the inquiry), unless an effective objection to such processing is submitted earlier.
Voluntariness of providing data: Provision of data is voluntary, but failure to provide it may result in a limitation of the Controller’s ability to provide a comprehensive response / conduct correspondence.
B.PRESENCE IN SOCIAL NETWORKS (SOCIAL MEDIA)
Purpose: The Controller processes personal data in connection with the administration and management of its profile (fanpage) on the LinkedIn platform and channel on YouTube, in particular for the purpose of: publishing videos and sharing content (including informational, promotional, marketing, educational, etc.), responding to comments and messages posted by visitors, ensuring proper communication and interaction with users (those following the fanpage/channel), analyzing fanpage users’ activity (such as. number of interactions: likes, shares, comments, views, subscriptions, etc.) for statistical and analytical purposes (better understanding of users’ needs, market and improvement of communication strategy), marketing and promotion of the Controller’s products or services (identifying users interested in a given topic, conducting activities to increase involvement and number of fans observing the fanpage), moderating and supervising published content (ensuring order and security of users, preventing fraud and ensuring protection of the ICT environment).
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR – the Controller’s legitimate interest, which is: to carry out marketing and promotional activities for its own products or services, to ensure continuity of business communication and maintain contact with current and potential clients and contractors, to take care of the Controller’s brand image.
Processing period: Personal data processed within the fanpage will be processed by the Controller for as long as the fanpage is maintained, unless an effective objection to such processing is submitted earlier.
Personal data processed as part of the YouTube Channel are kept for the period of the Channel’s maintenance by the Controller or until an effective objection to such processing is submitted. Data published in the form of comments and other user actions may remain visible until they are deleted (by the user or the Controller, if technically possible).
Voluntariness of providing data: Providing data when using the fanpage is voluntary. Failure to provide data may prevent the use of some features of the platform (e.g. posting comments, sending messages).
Provision of data in the use of the YouTube Channel is voluntary (resulting, among other things, from Google/YouTube account settings). However, failure to provide data (e.g., failure to log in to your YouTube account) may limit your ability to use certain features of the service (e.g., inability to add comments, subscribe to the Channel).
Co-controllership on LinkedIN: With respect to the processing of statistical data on fanpage activity (so-called LinkedIn Page Insights), in addition to the Controller, the controller is also LinkedIn Ireland Unlimited Company with its registered office at Gardner House, Wilton Place, Wilton Plaza, Dublin 2, Ireland (hereinafter “LinkedIn”), jointly acting as co-controllers in this respect. For details on LinkedIn’s data processing rules, please refer to LinkedIn’s Privacy Policy available at https://pl.linkedin.com/legal/privacy-policy.
In other respects, the Controller has no control over the purposes, scope or duration of LinkedIn’s processing of your data for its own purposes – this processing is carried out based solely in accordance with LinkedIn’s terms and policies.
LinkedIn is responsible for enabling users to enforce their rights under the GDPR to the extent that it processes data itself and to the extent of co-controllership with respect to Page Insights statistics.
Co-controllership (YouTube Analytics / YouTube Channel):
To the extent that the Controller receives aggregated statistical data from YouTube (Google Ireland) regarding the activity of visitors to the Channel (e.g., as part of YouTube Studio / Analytics), Google Ireland may act as a co-controller or (more often) a separate controller of the data processed for its own purposes. For details on Google / YouTube’s data processing, please refer to Google’s Privacy Policy available at: https://policies.google.com/privacy?hl=pl.
In other respects, the purposes and means of data processing are determined solely by YouTube (Google Ireland) – in particular with regard to data collected through cookies, monitoring pixels, server logs or other similar technologies.
Google Ireland is responsible for enabling users to exercise their rights under the GDPR with respect to the processing it performs on its own platforms.
C.ARCHIVING, CLAIMS
Purpose: Personal data will be processed for the purpose of archiving documentation and communications, including correspondence produced by the Controller in the course of its business activity, and for the purpose of pursuing, establishing or defending against claims.
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR – the processing is necessary for the purposes of the Controller’s legitimate interest, which is the necessity to document evidence of the business activity conducted in accordance with applicable regulations and to use the archived material for the purpose of pursuing, establishing or defending against claims.
Processing period: Personal data will be processed for the period specified by the statute of limitations for claims, unless an effective objection to such processing is submitted earlier.
Voluntariness of providing data: Provision of data is voluntary, but failure to provide it may result in a limited use of the Website’s services or functions.
D.INTERNAL ADMINISTRATIVE PURPOSES
Purpose: Personal data will be processed for internal administrative purposes arising from the Controller’s capital, personal or organizational relationship with other entities.
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR – the processing is necessary for the purposes of the Controller’s legitimate interest, which is to share data within the group to which the Controller belongs for internal administrative purposes.
Processing period: Personal data will be processed until the purpose is achieved, unless an effective objection to such processing is submitted earlier.
Voluntariness of providing data: Provision of data is voluntary, but failure to provide it may result in a limited use of the Website’s services or functions.
E.ANALYTICAL AND STATISTICAL ACTIVITIES
Purpose: The Controller may process personal data for analytical and statistical purposes (conducting activity analyses, monitoring traffic on the Website, determining shopping preferences, and improving the functionality and quality of the Controller’s services).
The Controller uses so-called marketing and analytical profiling – as part of partially automated data processing (e.g., browsing history), it evaluates selected factors in order to improve the Website and better tailor the content displayed to the user’s individual preferences.
However, we do not make fully automated decisions that produce legal effects or similarly materially affect you (pursuant to Article 22 GDPR).
This means that any potential marketing or analytical activities are merely statistical in nature and personalize the content displayed without causing serious legal consequences.
The Controller’s ability to process data collected through cookies and similar technology for analytical and statistical purposes is subject to your consent to store such information on your end device (e.g. computer, phone).
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR in conjunction with your consent to the use of cookies or similar technologies (in accordance with the provisions of the Electronic Communications Law of 12 July 2024) – the processing is necessary for the purposes arising from the Controller’s legitimate interest, which is the analysis of user activity in order to improve the functionality and quality of the Controller’s services, including the development of the Website’s functionality. You can withdraw your consent to the use of cookies and similar technologies for this purpose at any time by displaying the cookie banner again and adjusting your settings.
Processing period: Personal data will be processed for the period indicated in the wall cookie banner, unless an effective objection to such processing is submitted earlier or unless prior consent to the use of cookies or similar technologies is withdrawn.
Voluntariness of providing data: Provision of data is voluntary, but failure to provide it may result in a limited use of the Website’s services or functions.
F.SECURITY
Purpose: Personal data will be processed to ensure the security of the Website (services provided electronically) and to prevent violations, including activities that violate the Terms of Use or generally applicable laws.
Basis: Personal data will be processed on the basis of Article 6(1)(f) GDPR – processing is necessary for the purposes of the Controller’s legitimate interest, which is the need to ensure the factual and legal security of the Website and its users.
Processing period: Your personal data will be processed for the duration of your use of the Website, unless an effective objection to such processing is submitted earlier.
Voluntariness of providing data: Provision of data is voluntary, but failure to provide it may result in a limited use of the Website’s services or functions.
We use technical and organizational security measures to protect the data provided to us from accidental or intentional manipulation, loss, destruction and unauthorized access. These measures are constantly developed and improved in accordance with technological progress.
Transfer and disclosure of personal data
In the course of our processing of personal data, it may happen that the data will be transferred to other recipients, i.e. entities that provide services to the Controller, e.g. IT support services, including website maintenance and servicing, data hosting and cloud services, postal operators and couriers, law firms, auditors, banks and payment service providers, insurers, entities responsible for archiving or destroying data, authorized employees and associates of the Controller. We may also transfer personal data to other companies in our group.
When you click on the links provided on the Website, you may be redirected to websites or services that are managed by entities independent of the Controller. In such cases, the processing of personal data is subject to the rules set by the providers of these websites or services.
Data processing in third countries
If we process data in a third country (i.e., outside the European Union (EU), European Economic Area (EEA)), or if the processing takes place in the context of using third parties or disclosing or transferring data to other persons, authorities or companies, this will only be done in accordance with legal requirements.
The Controller performs the aforementioned processing on the basis of standard safeguard clauses (pursuant to Article 46(2)(c) or (d) GDPR) or ensures another mechanism that is lawful and legalizes such transfer and will provide adequate data protection guarantees for personal data in accordance with the applicable legal provisions in this regard. The transfer to the United States may take place on the basis of a decision of the European Commission dated 10.07.2023, finding an adequate level of personal data protection provided under the EU-US data protection framework (Article 45 GDPR).
Rights of data subjects
Data subjects (you) have:
right to request from the Controller access to or a copy of their personal data,
right to rectify data,
right to erase data,
right to restrict processing,
right to data portability (if the Controller processes personal data by automated means, on the basis of consent or in the performance of a contract, the data subject (you) may request that his or her own data provided by him or her be transferred in a structured, commonly used machine-readable format. If a person requests direct transfer of data to another responsible person, this will only be done if technically feasible),
right to object to the processing of personal data for the purpose of pursuing the Controller’s legitimate interests, whereby the right to object will not be exercised if there are valid legitimate grounds for processing overriding interests, rights and freedoms of the data subject. In the case of objecting to processing for direct marketing purposes, personal data will no longer be processed for that purpose,
right to withdraw consent at any time, which will not affect the legality of the processing carried out on the basis of consent before its withdrawal.
Data subjects may also lodge a complain concerning the actions of the Controller with the competent supervisory authority, in particular in the country of your habitual residence, your place of work or the place where the alleged breach was committed. In Poland, the supervisory authority is the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.
Automated decisions in individual cases
No automated decisions, i.e. decisions that are based solely on automated processing, including profiling, and that produce legal effects for the data subject (e.g. you) or similarly significantly affect the data subject (e.g. you) will be made with respect to the personal data processed on the website.
Use of cookies
Cookies are text files that contain data from the websites you visit and are stored on your computer by your browser. A cookie is primarily used to store information about you during or after your visit to online services. The stored data may include, for example, your language settings on a website, your login status, your shopping cart or where you watched a video. The term “cookies” also includes other technologies that perform the same functions as cookies (for example, when user information is stored via online identifiers, also known as “user IDs”).
The following types and functions of cookies are distinguished:
• Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest when the user leaves the website and closes the browser.
• Permanent cookies: Permanent cookies are saved even when you close your browser. For example, login status may be saved or preferred content may be displayed directly when a user revisits the website. User interests may also be stored in such a cookie to measure reach or for marketing purposes.
• First-Party Cookies: First-party cookies are set by us.
• Third-Party Cookies (also: third-party provider cookies): Third-party provider cookies are mainly used by advertisers (so-called third parties) to process user information.
• Essential cookies: These cookies are absolutely necessary for the operation of the website (e.g., to save login data or other data entered by the user or for security reasons) and cannot be deactivated on user systems. You can set your browser to block these cookies or to be informed about these cookies. However, some areas of the Website may then not function properly. These cookies do not save any personal information.
• Analytical, statistical cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of the Website. They provide information on which pages are most popular, which are least used, and how visitors navigate the website. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you visited our website.
• Functional cookies: These cookies allow the Online Store to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we use on our websites. If you do not allow these cookies, some or all of these services may not function properly.
• Marketing cookies: These cookies may be set by our advertising partners through the Website. They may be used by these companies to profile your interests and show you relevant ads on other websites. They do not store personal information directly, but rely on the unique identification of your browser and device. If you do not allow these cookies, you will see less targeted advertising.
• Social media cookies: These cookies are set by providers of social media that we use on the Website so that you can share our content with your friends and networks. These cookies can track your browser on other websites and create a profile of your interests. This may affect the content and messages you see on other websites. If you do not allow these cookies, you may not be able to use or see these sharing tools.
During each visit to our website, data such as IP address, subpages visited, time of visit and source of access to the website are automatically collected. This data is processed to ensure the security and stability of the system and to analyze website traffic.
Before we process data in the context of the use of cookies, we ask the user for consent, which can be withdrawn at any time via the cookie banner. Before giving your consent, cookies that are absolutely necessary for the operation of the website are used if necessary.
Cookie settings/right to object
You can change the Website cookie settings at any time using the link at the top of the page under Cookies Settings.
You can find more about the cookies used in our cookie banner and in the Cookie Policy available in a separate section.
Changing and updating the Privacy Policy
The content of the Privacy Policy may be changed by the Controller in the event of factual or legal changes regarding the processing of personal data on the Website. You will be informed of the change in the content of the Privacy Policy, in particular by publishing the new content on the Website.