PRIVACY POLICY FOR THE PROTECTION OF PERSONAL DATA
RULES FOR THE PROCESSING OF PERSONAL DATA
Information on the principles of personal data processing and your related rights in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)
I. PERSONAL DATA ADMINISTRATOR
The administrator of personal data is Global Trade Solution Sp. z o. o.
Address: 00-532 Warszawa, ul. Wilcza 2/4 premises 24
NIP 7010623930, KRS 0000642470
II. CONTACT THE PERSONAL DATA ADMINISTRATOR
Contact with the Personal Data Administrator is possible both electronically to the following e-mail address: office@globaltradesolution.pl, or by post to the following address: 00-532 Warszawa, ul. Wilcza 2/4, Lokal 24 or by phone: +48 691238146
III. PERSONAL DATA INSPECTOR
The Personal Data Inspector is Ryszard Malinowski, who can be contacted using the e-mail address: office@globaltradesolution.pl or by post to the following address: 00-532 Warszawa, ul. Wilcza 2/4 premises 24
IV. LEGAL BASIS AND PURPOSE OF PROCESSING PERSONAL DATA
1. Personal Data are processed based on the provisions of generally applicable law, in particular the GDPR and the provisions of the Act of May 10, 2018 on the protection of personal data (Journal of Laws of 2019, item 1781).
2. Personal Data is processed for the following purposes in accordance with the GDPR:
1) the processing of personal data is necessary to conclude and perform a contract for the provision of services by electronic means or to take actions preceding the conclusion of the contract, in particular for the purposes of: ensuring the proper functioning and use of the Portal, handling complaints, establishing contact in connection with the performance of the contract (Article 6(1)(b) of the GDPR);
2) in order to fulfill the legal obligations imposed on the Administrator, e.g. tax, accounting and warranty obligations (Article 6(1)(c) of the GDPR);
3) for purposes resulting from the legitimate interests of the Administrator (Article 6(1)(f) of the GDPR), in particular:
a) archiving data and documenting the fulfillment of obligations related to the protection of personal data;
b) handling notifications not directly related to the performance of the contract;
c) ensuring the security of the services provided and a high level of User service;
d) preparation of internal statistics and analyzes for the purposes of marketing and development of the Portal;
e) marketing of services offered by the Administrator;
f) considering complaints and complaints regarding the services provided;
g) to pursue and defend against potential claims;
h) in order to send commercial information electronically within the meaning of the Act of 18 July 2002 on the provision of electronic services.
3. Personal Data are processed for the purpose of providing services described in the Regulations, implementing the contract for the provision of electronic services, for commercial and marketing purposes – based on consent.
4. The User’s voluntary use of the Portal is deemed to consent to the processing of Personal Data by the Administrator, which also constitutes acceptance of this Privacy Policy.
V. SCOPE AND CATEGORIES OF PROCESSED PERSONAL DATA
1. Personal Data processed in connection with the use of the Portal by unregistered Users:
• IP address,
• cookies,
• data regarding sessions using the Portal related to user profiling and conducting analytical activities.
2. Personal Data processed in connection with the use of the Portal by registered Users:
• first name and last name
• address
• e-mail adress
• Phone number
• PESEL number
• type and number of the document confirming identity – in the case of Users who do not have a PESEL number
• date of birth
• IP address
• cookies
• data regarding sessions using the Portal related to user profiling and conducting analytical activities
3. Personal Data processed in connection with the consideration of a complaint submitted by the User:
• first name and last name,
• e-mail adress,
• address,
• bank account number, if the claim involves the obligation to refund the amount due to the account of the User/payer of the Service;
4. Users’ Personal Data processed for the purpose of establishing, pursuing or defending against claims:
• first name and last name,
• address,
• PESEL number,
• e-mail adress,
• IP number,
5. Users’ Personal Data processed for analytical purposes:
• date and time of visiting the Portal,
• type of operating system,
• approximate location,
• type of web browser used to browse the Portal,
• time spent on the Portal,
VI. DATA PROCESSING TIME
1. Users’ Personal Data are processed by the Administrator for the time necessary to achieve the purpose for which they were collected from Users.
2. The Administrator processes Personal Data throughout the entire duration of the contract for the provision of electronic services. After the end of the contract, Personal Data will be stored for the period of limitation, investigation or defense of possible claims.
3. Personal Data processed on the basis of the data subject’s consent will be processed until the consent is withdrawn, and after its withdrawal, it will be excluded for the purpose of defending against or pursuing any claims.
VII. RECIPIENTS OF PERSONAL DATA
The recipients of Personal Data are entities that we use to process Personal Data, e.g. administrative employees, accounting companies, law firms, providers of online payment systems, delivery of IT services and systems. Personal data are also made available to relevant public authorities to the extent that the Administrator is obliged to provide them with Personal Data.
The list of recipients of Users’ personal data is presented in the table below:
| Akcion | Data recipients | Transfer of data outside the European Union |
| Every actionin connection with the Portal | Hosting providerEntity providing technical/IT support to the AdministratorPeople cooperating with the Administratorbased on civil law contracts, supporting the Administrator’s current activities | There is no space |
| Being on the Portal with settings enabling marketing activities | Entity providing marketing services | There is no space |
| Being on the Portalwith allow settings | Entity enabling analytical activities on the website | There is no space |
| for the leadanalytical activities | ||
| Submit an orderin the Portalon Paid services | Payment providerProvider provision of servicesProvider of standard office software (including e-mail boxes)accounting Office | There is no space |
| Subscription to the newsletter orconsent to sending marketing messages | The entity responsible for sending the newsletteror marketing messages | There is no space |
| Usingfrom the messenger available on the Portal | The entity providing the messengeravailable on the Portal | There is no space |
| The User’s use of the services provided to the Administratorin connection with the Portalthrough social networking sites | Social media | There is no space |
| Taking partin a satisfaction survey with the Administrator’s paid services | Posting opinions about the Portal or products and comparing them | There is no space |
| Establishing contact with the Administrator (e.g. asking a question) | Provider of standard office software (including e-mail boxes) | There is no space |
VIII. RIGHTS OF THE PERSONAL DATA SUBJECT
1. In connection with the processing of Personal Data by the Administrator, each User has the right to request:
• access to your Personal Data, including obtaining a copy thereof (Article 15 of the GDPR or – if applicable – Article 13(1)(f) of the GDPR),
• withdrawal of consent to the processing of Personal Data at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal (Article 14(2)(d) of the GDPR),
• rectification (correction) of your Personal Data (Article 16 of the GDPR),
• deletion of Personal Data (Article 17 of the GDPR),
• restrictions on the processing of Personal Data (Article 18 of the GDPR),
• transfer of Personal Data to another administrator (Article 20 of the GDPR),
• object at any time to the processing of your Personal Data:
– for reasons related to the User’s specific situation – for the processing of personal data concerning him, based on Art. 6 section 1 letter f GDPR (i.e. on the legitimate interests pursued by the Administrator), including profiling (Article 21(1) of the GDPR);
– if personal data are processed for the purposes of direct marketing, including profiling, to the extent that the processing is related to such direct marketing (Article 21(2) of the GDPR).
2. In order to exercise their rights, each User may contact the Administrator via the e-mail address: office@globaltradesolution.pl
3. The User may object to the Administrator’s use of cookies, in particular by using appropriate browser settings.
4. If it is considered that Personal Data is being processed illegally, the User has the right to submit a complaint to the President of the Office for Personal Data Protection.
IX. DATA SECURITY AND TECHNICAL CONDITIONS
1. When processing Users’ Personal Data, the Administrator applies organizational and technical measures in accordance with applicable legal provisions, including Art. 32 GDPR. The administrator ensures:
a. pseudonymization and encryption of Personal Data,
b. the ability to continuously ensure the confidentiality, integrity, availability and resilience of processing systems and services,
c. the ability to quickly restore the availability and access to Personal Data in the event of a physical or technical incident,
d. regularly testing, measuring and assessing the effectiveness of technical and organizational measures to ensure the security of processing.
2. The administrator in particular uses encryption of the connection using an SSL certificate.
3. The Administrator takes steps to ensure that any natural person acting under the authority of the Administrator who has access to Personal Data processes them only on the instructions of the Administrator and after prior authorization for this purpose, unless he or she is required to do so by Union or state law. Member State.
X. PROFILING
1. The Administrator performs profiling and collects analytical data in order to offer personalized services, taking into account the User’s preferences. Processing it type of data is based on the consent expressed by the User via the appropriate function on the Portal.
2. The User has the right not to consent to profiling and the collection of analytical data, which will not affect his ability to use the Portal.
3. In order to perform profiling, the Administrator processes information about the content displayed by the User.
4. Profiling involves automatic assessment of what products or services the User may be interested in. Profiling will ensure that the displayed advertisements for products or services as part of the online services used by the User are more tailored to the User’s interests and needs.
5. Profiling carried out by the Administrator within the Portal does not result in decisions having legal effects for the User or affecting the User in a similarly significant way.
XI. ANALYTICAL ACTIVITIES
As part of the Portal, the Administrator conducts analytical activities aimed at increasing its intuitiveness and accessibility. In relation to the User, this will take place if he allows such activities. As part of the analysis, the Administrator will take into account, among others, the way the User navigates the Portal, the amount of time spent on a given subpage, and which places on the Portal the User clicks. Analytical activities undertaken by the Administrator will allow the layout and appearance of the Portal and the content posted there to be adjusted to the needs of Users.
XII. COOKIES
1. The website uses cookies. These files:
• are saved in the memory of the User’s device (computer, tablet, telephone, etc.);
• do not change the User device settings.
2. The website uses cookies for the following purposes:
• remembering the User’s session,
• statistical,
• marketing,
• providing Portal functions.
3. The user, using the appropriate options of his browser, can at any time:
• deleting cookies,
• blocking the use of cookies in the future.
4. If you delete cookies or block their use in the future, the Administrator will no longer process them.
XIII. FINAL PROVISIONS
1. In matters not regulated by the provisions of this Privacy Policy, the relevant provisions of the GDPR, the Act of May 10, 2018 on the protection of personal data or other provisions of generally applicable EU and national law shall apply.
2. The Administrator has the right to make changes to the provisions of the Privacy Policy. Changes to the content of the Privacy Policy are published directly on the Portal in the “Privacy Policy” tab. About every time changes to the Privacy Policy, the Administrator will inform registered Users via information sent in e-mail correspondence within an appropriate period allowing them to become familiar with the changes introduced before they enter into force.
3. The User may contact the Administrator to obtain information regarding the applicable principles of Personal Data protection or the content of the Privacy Policy by sending a message to the Administrator’s e-mail address: office@globaltradesolution.pl
