Privacy policy

 

I. Data of the Personal Data Administrator

We would like to kindly inform you that the administrator of your personal data is Karol Rogalski, operating under the company Wall Steals Karol Rogalski, NIP: 855-159-49-85 with headquarters in Świnoujście, WOJSKA POLSKIEGO, No. 2/89, 72-600, Świnoujście post office, POLAND. In the matter of personal data protection, contact via email address: info@wallsteals.com

 

II.  Goals and basics of personal data processing

To provide services in accordance with the business profile, the Company processes your personal data - for various purposes, but always in accordance with the law. Below you will find the specified purposes for processing personal data together with legal grounds.

 

In order to perform the service - publication of an advertisement, we process personal data such as:

• Name and surname of the entrepreneur;
• E-mail adress,
• Registered office / residence address,

 

And in order to perform the service - publication of an advertisement, we process personal data such as:

• Name and surname of the entrepreneur;
• E-mail adress,
• Headquarters / residence address,
• NIP

 

The legal basis for such data processing is Art. 6 clause 1 lit. b GDPR, which allows you to process personal data if it is necessary to perform the contract or take steps to conclude the contract; if you decide to provide a telephone number, we believe that you have agreed to the processing of your telephone as well - then the legal basis for such processing is Art. 6 clause 1 lit. a GDPR, which allows you to process personal data on the basis of voluntarily consent;

In order to process the complaint, we process personal data such as:

• Name and surname / company
• E-mail adress,

 

The legal basis for such data processing is Art. 6 clause 1 lit. b GDPR, which allows you to process personal data if it is necessary to perform the contract or take steps to conclude the contract;

To send notifications, an email containing information we process personal data such as:

• E-mail adress,

 

The legal basis for such data processing is Art. 6 clause 1 lit. f GDPR, which allows you to process personal data if in this way the Personal Data Administrator carries out its legitimate interest (in this case, the Company's interest is to inform the customer about activities related to the service in order to increase the comfort of using the website);

To send sms notifications containing information we process personal data such as:

• Phone number,

 

— if you are interested in receiving such notifications (we do not require a mandatory phone number). The sms sent do not contain any marketing content. The legal basis for such data processing is Art. 6 clause 1 lit. a GDPR, which allows you to process personal data on the basis of voluntarily consent;

 

In order to issue an invoice and meet other obligations arising from the provisions of tax law, such as e.g. storage of accounting records for 5 years, we process personal data such as:

• First name and last name,
• Firm,
• Residential address or registered office address,
• NIP,
• Order number.

The legal basis for such data processing is Art. 6 clause 1 lit. c GDPR, which allows you to process personal data if such processing is necessary for the Administrator to fulfill his obligations under the law;

 

In order to measure satisfaction with the services offered, we process personal data such as:

• E-mail adress,

 

The legal basis for such data processing is Art. 6 clause 1 lit. f RODO, which allows you to process personal data if in this way the Personal Data Administrator carries out its legitimate interest (in this case, it is the Company's interest to learn the opinions of customers about the services provided to adapt them to the needs and expectations of those interested);

 

In order to determine, investigate or defend against claims, we process personal data such as:

• Name and surname (if the surname was given) or, if applicable, the firm,
• Residential address (if provided),
• PESEL or NIP (if provided),
• E-mail adress,
• IP,

 

The legal basis for such data processing is Art. 6 clause 1 lit. f GDPR, which allows you to process personal data, if in this way the Personal Data Administrator pursues its legitimate interest (in this case, the Company's interest is to have personal data that will allow to determine, assert or defend against claims, including customers and third parties);

 

For archival and evidential purposes, we process personal data such as:

• First name and last name,
• E-mail adress,
• IP

— for the purpose of securing information that can be used to demonstrate facts of legal significance. The legal basis for such data processing is Art. 6 clause 1 lit. f GDPR, which allows you to process personal data, if in this way the Personal Data Administrator pursues its legitimate interest (in this case, the Company's interest is to have personal data that will prove certain facts related to the implementation of services, e.g. when a state authority requests it) ;

 

For analytical purposes, i.e. researching and analyzing activity on the website belonging to the Company, we process personal data such as:

• Date and time of visiting the website,
• Type of operating system,
• Approximate location,
• The type of web browser used to view the page,
• Time spent on the site,  
• Visited subpages,
• Subpage where the contact form was filled out.

The legal basis for such data processing is Art. 6 clause 1 lit. f RODO, which allows you to process personal data if in this way the Personal Data Administrator carries out its legitimate interest (in this case, the Company's interest is to know the clients' activity on the website);

 

In order to use cookies on the website, we process such text information (cookies will be described in a separate section). The legal basis for such processing is Art. 6 clause 1 lit. a GDPR, which allows you to process personal data on the basis of consent voluntarily (when you first visit the website, you will be asked to agree to the use of cookies);

 

In order to administer the website, we process personal data such as:

• IP address
• Server date and time,
• Information about the web browser,
• Information about the operating system

- these data are automatically saved in so-called server logs whenever you use the website belonging to the Company. Administering the website without using a server and without this automatic saving would not be possible. The legal basis for such data processing is Art. 6 clause 1 lit. f GDPR, which allows you to process personal data if in this way the Personal Data Administrator carries out its legitimate interest (in this case the Company's interest is website administration);

 

In order to post a comment on the website under the published article, we process personal data such as:

• name or nickname,
• IP number.

The legal basis for such processing is Art. 6 clause 1 lit. a GDPR, which allows you to process personal data on the basis of voluntarily consent (in this case, we assume that posting a comment is a simultaneous consent to the processing of personal data);

 

 

III. Cookies

1. The company on its website, like other entities, uses so-called cookies, i.e. short text information saved on a computer, telephone, tablet or other user's device. They can be read by our system, as well as by systems belonging to other entities whose services we use (e.g. Facebook, Google).

2. Cookies perform many functions on the website, usually useful ones, which we will try to describe below (if information is insufficient, please contact us):

• Ensuring security - cookies are used to authenticate users and prevent unauthorized use of the customer panel. They are therefore used to protect your personal data against access by unauthorized persons;

• Impact on the processes and efficiency of using the website - cookies are used to make the website work efficiently and that you can use the functions available on it, which is possible, among others, by remembering the settings between subsequent visits to the website. Thanks to them, you can efficiently navigate the website and individual subpages;

• Session status - information on how visitors use the website is often stored in cookies, e.g. which subpages are most often displayed. They also allow identifying errors displayed on some subpages. Cookies used to save so-called "Session state" thus help to improve services and increase the comfort of browsing the pages;

• Maintaining session status - if the customer logs in to his panel, cookies enable the session to be maintained. This means that after switching to another subpage, you do not need to re-enter your login and password each time, which promotes the comfort of using the website;

• Creating statistics - cookies are used to analyze how users use the website (how many open the website, how long they stay on it, which content attracts the most interest etc.). Thanks to this, you can constantly improve the website and adapt its operation to users' preferences. To track activity and create statistics, we use Google tools such as Google Analytics; in addition to reporting site usage statistics, pixel Google Analytics may also be used, along with some of the cookies described above, to help display more relevant content to users in Google services (e.g. Google search engine) and the entire web;
• Using social functions - on the website we have the so-called Facebook pixel that lets you like our fanpage on this site while using the site. However, for this to be possible, we must use cookies provided by Facebook.

 

3. Your web browser allows the use of cookies on your device by default, so please agree to the use of cookies on your first visit. However, if you do not wish to use cookies while browsing the website, you can change the settings in your web browser - completely block the automatic handling of cookies or request notification whenever cookies are placed on your device. Settings can be changed at any time.

4. Respecting the autonomy of all people using the website, we feel, however, obliged to warn you that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, e.g. in the form of having to log in to each subpage, a longer page loading period , restrictions on the use of functionality, restrictions on liking the Facebook page, etc.

 

IV. The right to withdraw consent

1. If the processing of personal data is based on consent, you can withdraw your consent at any time - at your own discretion.

2. If you would like to withdraw your consent to the processing of personal data, it is enough to:

• Send an email directly to the Company to info@wallsteals.com or traditional mail to Wall Steals, Boczna 12, 72-500, Lugin gm. Międzyzdroje, POLAND

3. If the processing of your personal data was based on consent, its withdrawal does not mean that the processing of personal data has been illegal until then. In other words, until you withdraw your consent, we have the right to process your personal data and its withdrawal does not affect the lawfulness of the current processing.

 

V. Requirement to provide personal data

1. Providing any personal data is voluntary and depends on your decision. However, in some cases, providing personal information is necessary to meet your expectations regarding the use of services.

2. To order a service on the site, it is necessary to provide your name and email address - without this we are not able to conclude and perform the contract.

3. In order for you to be able to receive an invoice for services, it is necessary to provide all the data required by tax law, and therefore your name, surname or business name, address of residence or registered office, tax identification number - without this we are not able to properly issue an invoice.

4. In order to be able to contact you by phone in matters related to the service, it is necessary to provide a phone number - without this we are not able to contact you by phone.

5. If you wish to receive text notifications about messages in the customer panel, you must provide a phone number - without this we are unable to send messages

6. In order for you to receive discounts for future services, it is necessary to provide your name and email address - without this we are unable to send discount codes.

 

VI. Automated decision making and profiling

1. We would like to kindly inform you that we do not make automated decisions, including based on profiling. The content of the inquiry, which is sent via the contact form, is not evaluated by the IT system. The proposed price of the service is by no means the result of an assessment made by any IT system.

 

VII. Recipients of personal data

1. Like most entrepreneurs, in our activities we use the help of other entities, which often involves the need to provide personal data. Therefore, if necessary, we transfer your personal data to lawyers cooperating with us who provide services, fast payment companies, an accounting company, a hosting company.

2. In addition, it may happen that, e.g. on the basis of a relevant law or decision of a competent authority, we will also have to transfer your personal data to other entities, whether public or private. Therefore, it is extremely difficult for us to predict who can make a request to provide personal data. However, we assure you that we analyze every case of a request for personal data very carefully so as not to accidentally pass on information to an unauthorized person.

3. Personal data within a strictly defined scope may also be transferred after your consent to other entities - including business partners.

 

VIII. Transfer of personal data to third countries

1. Like most entrepreneurs, we use various popular services and technologies offered by entities such as Facebook, Microsoft, Google. These companies are based outside the European Union, and therefore in the light of the provisions of the GDPR are treated as third countries.

2. The GDPR introduces certain restrictions on the transfer of personal data to third countries, since, as a rule, European rules do not apply there, the protection of personal data of European Union citizens may, unfortunately, be insufficient. Therefore, each administrator of personal data is required to determine the legal basis for such transfers.

3. For our part, we ensure that when using services and technologies, we transfer personal data only to entities from the United States and only those who joined the Privacy Shield program, based on the European Commission implementing decision of July 12, 2016 - more on this topic read on the European Commission website available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en. Entities that joined the Privacy Shield program guarantee that they will comply with high standards in the field of personal data protection that are in force in the European Union, therefore the use of their services and offered technologies in the processing of personal data is lawful.

4. We will provide you with additional explanations regarding the transfer of personal data at any time, in particular when this matter raises your concern.

5. You have the right to obtain a copy of personal data transferred to a third country at any time.

 

IX. The period of personal data processing

1. In accordance with applicable law, we do not process your personal data indefinitely, but for the time that is needed to achieve the set goal. After this period, your personal data will be irreversibly deleted or destroyed.

2. In a situation where we do not need to perform other operations on your personal data than their storage (e.g. when we store the content of the order for the purposes of defense against claims), we secure it additionally - by pseudonymisation until it is permanently deleted or destroyed. Pseudonymisation consists in such encryption of personal data or a set of personal data that it cannot be read without an additional key, and therefore such information becomes completely useless to an unauthorized person.

3. Regarding individual periods of personal data processing, we kindly inform you that we process personal data for the period of:

 

• duration of the contract - in relation to personal data processed for the conclusion and performance of the contract;
• 3 years or 10 years + 1 year - in relation to personal data processed in order to determine, assert or defend claims (the length of the period depends on whether both parties are entrepreneurs or not);
• 6 months - in relation to personal data that was collected at the time of the valuation of the service, and at the same time there was no immediate conclusion of the contract;
• 5 years - in relation to personal data related to compliance with tax law obligations;
• until the consent is withdrawn or the purpose of processing is achieved, but not longer than for 5 years - in relation to personal data processed on the basis of consent;
• until the objection has been successfully lodged or the purpose of processing has been achieved, but not longer than for 5 years - in relation to personal data processed on the basis of the legitimate interest of the Personal Data Administrator or for marketing purposes;
• until they become outdated or lose their usefulness, but no longer than for 3 years - in relation to personal data processed mainly for analytical purposes, the use of cookies and website administration;

 

4. We count the periods in years from the end of the year in which we started processing personal data to improve the process of removing or destroying personal data. Separate calculation of the deadline for each contract concluded would involve significant organizational and technical difficulties as well as a significant financial outlay, which is why setting one date for the removal or destruction of personal data allows us to manage this process more efficiently. Of course, if you exercise your right to forget, such situations are considered individually.

5. The additional year related to the processing of personal data collected for the purposes of performing the contract is dictated by the fact that you may hypothetically file a claim just before the expiry of the limitation period, the request may be served with a significant delay or you may incorrectly specify the limitation period for your claim.

 

X. Permissions of data subjects

1. We would like to kindly inform you that you have the right to:

 

• access to your personal data;
• rectification of personal data;
• delete personal data;
• restriction on the processing of personal data;
• object to the processing of personal data;
• transfer of personal data.

 

2. We respect your rights arising from the provisions on the protection of personal data and try to facilitate their implementation to the greatest possible extent.

3. We would like to point out that these rights are not absolute, and therefore in certain situations we may lawfully refuse you to fulfill them. However, if we refuse to accept your request, then only after careful analysis and only if the refusal to accept the request is necessary.

4. Regarding the right to object, we explain that you have the right to object to the processing of personal data at any time on the basis of the legitimate interest of the Personal Data Administrator (they were listed in point III) in relation to your particular situation. However, you must remember that in accordance with the law, we may refuse to accept your objection if we prove that:

• there are legitimate grounds for processing that override your interests, rights and freedoms, or there are grounds for establishing, pursuing or defending claims.

5. In addition, you can object to the processing of your personal data for marketing purposes at any time. In such a situation, after receiving the objection, we will stop processing for this purpose.

6. You can exercise your rights by:

• Send an email directly to the Company to info@wallsteals.com or traditional mail to Wall Steals, Boczna 12, 72-500, Lugin gm. Międzyzdroje, POLAND

 

XI. Right to lodge a complaint

1.  If you think that your personal data is being processed contrary to applicable law, you can lodge a complaint with the President of the Office for Personal Data Protection.

 

XII. Final Provisions

1. To the extent not covered by this Privacy Policy, provisions regarding the protection of personal data shall apply.

2. You will be notified by e-mail about any changes introduced to this Privacy Policy.

3. This privacy policy applies from March 1, 2019.