Privacy and personal data protection policy.
- For the purposes of this document:
- "Personal Data Administrator" means the company InnoGIO. with its registered office in Warsaw at Ostrodzka street 74H, postal code: 03-289, VAT PL 5252760351, running the store Internet INNOGIO.COM (hereinafter also referred to as the "Store");
- "Personal data" means information about an identified or identifiable natural person ("data subject"); an identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of an identifier such as name and surname, identification number, location data, online identifier or one or more specific factors determining physical, physiological, genetic, mental, the economic, cultural or social identity of the natural person;
- "Password" means a string of letters, digits or other characters known only to the person authorized to work in the IT system;
- "User identifier (login)" means a string of letters, numbers or other characters that uniquely identifies a person authorized to process personal data in an information system;
- "User account" means a place available to the user on the innogio.com website, through which he makes purchases in the online store, registration of the user account requires the indication of the user ID and password;
- "Newsletter" means the electronic form of the newsletter, used to inform Store Users, among others about promotional campaigns and new products in the Store innogio.com
- "Personal data breach" means a breach of security leading to accidental or unlawful destruction, loss, modification, unauthorized disclosure or unauthorized access to personal data sent, stored or otherwise processed;
- 'Recipient' means a natural or legal person, public authority, entity or other entity to whom personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data as part of a specific procedure under Union or Member State law are not considered to be recipients; the processing of these data by these public authorities must comply with the data protection rules applicable to the purposes of the processing;
- 'Restriction of processing' means the marking of stored personal data in order to limit their future processing;
- "Supervisory authority" means an independent public authority established by a Member State in accordance with Article 51 of the Regulation, which is the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw;
- "Processor" means a natural or legal person, public authority, entity or other entity that processes personal data on behalf of the controller;
- "Data confidentiality" means the property that ensures that data is not shared with unauthorized entities;
- "Processing" means an operation or set of operations carried out on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, disseminating or other types of sharing, matching or combining, limiting, deleting or destroying;
- "Regulations" means the Regulations of the online store INNOGIO.com located at https://innogio.com/regulations;
- "Regulation" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Regulation on data protection) ("GDPR");
- "Deletion of data" means the destruction of personal data or a modification thereof that does not permit the identification of the data subject ("anonymisation");
- "Authentication" means an action the purpose of which is to verify the entity's declared identity;
- "User" means a natural person with full or limited legal capacity, a legal person or an organizational unit without legal personality but having legal capacity, having a user account in the INNOGIO.com online store, to which he logs in via the user's individual identifier (login ) and passwords;
- "Consent of the data subject" means a voluntary, specific, informed and unequivocal demonstration of the will to which the data subject, in the form of a statement or explicit confirmation action, authorizes the processing of personal data concerning him.
Personal Data Administrator. Purposes, scope and basics of processing
- The administrator of the Personal Data of the Users of the innogio.com online store is InnoGIO with its registered office in Warsaw at Ostrodzka street 74H, postal code: 03-289, VAT PL 5252760351.
- Contact with the Personal Data Administrator in all matters related to the protection of User's personal data is possible by post at the following correspondence address at Ostrodzka street 74H, by e-mail at: email@example.com with the note "Personal data" and by phone at + 48 508 311 775.
The user's personal data is processed only for the purposes of:
- setting up and managing a User's account;
- implementation of sales contracts concluded with the Personal Data Administrator;
- implementation of complaints reported to the Personal Data Administrator;
- providing warranty services;
- sending commercial and marketing information;
- accounting and tax obligations resulting from legal obligations incumbent on the Personal Data Administrator;
- establishing, investigating or defending the claims of the Personal Data Administrator, including for debt collection purposes and for conducting court proceedings;
- The User provides his data voluntarily, agreeing to their processing when registering the User's account, the basis for data processing in the case of purchase is Art. 6 clause 1 point b) of the Regulation. Providing personal data by the User is a prerequisite for the conclusion and performance of the contract. If the User fails to provide personal data, the order will not be processed.
The basis for the processing of Users' personal data for marketing and promotional purposes is the User's voluntary consent, collected in accordance with the provisions of the Act of 18 July 2002 on the provision of electronic services and the Act of 16 July 2004 - Telecommunications Law. The User's consent to receive commercial and marketing information is not required to process the order.
The Personal Data Administrator processes the following User's personal data:
- first name and last name;
- The consent expressed by the User for the processing of his personal data is voluntary and can be withdrawn at any time. Withdrawal of the consent does not affect the lawfulness of the processing which was carried out on the basis of the consent expressed by the User before its withdrawal. Withdrawal of consent is tantamount to deleting the User's email address from the address database maintained by the innogio.com store.
- The User has the right to request the Personal Data Administrator to immediately correct data that is incorrect about him, and to request incomplete data to be completed, including by submitting an additional statement.
- Uthe user has the right to delete his data ("the right to be forgotten"), and the Personal Data Administrator is obliged to delete it immediately if:
User's personal data are no longer necessary for the purposes for which they were collected,
The User withdrew his consent based on which the processing of his data is based,
The User has objected to the processing of personal data concerning him,
User's personal data are processed unlawfully,
deleting User's personal data is required to comply with a legal obligation provided for by law,
- The User has the right to limit the processing of his personal data in cases where he questions the correctness of the data being processed, the processing is unlawful and the User opposes the deletion of data, the Personal Data Administrator no longer needs the User's data, however they are needed by the User to determine, investigate or defending claims and when the User objected to the processing.
- The User has the right to object at any time to the processing of personal data concerning him, and the Personal Data Administrator may no longer process his personal data, unless he demonstrates the existence of valid legitimate grounds for further processing.
- The User also has the right to transfer data, then the Personal Data Administrator is obliged to provide data to the User in a structured, commonly used machine-readable format. The User has the right to send the data obtained in this way to another entity without hindrance by the Personal Data Administrator in accordance with the terms of the Regulation.
- The User's personal data will be processed by the Personal Data Administrator in the following periods:
the User having a user account in the online store innogio.com and within 30 days of sending the User's request to delete his account;
in the case of a complaint submitted by the User during the period necessary to examine it, but not longer than for a period of 2 years from the purchase;
in the case of a guarantee given to the User during the period for which the guarantee was granted;
for accounting purposes for a period of 5 years counted from the end of the calendar year making a purchase in the Store;
- however, in each of the above cases, the Personal Data Administrator processes only the data that is necessary for the purposes listed. Exceptions to the above periods are described in paragraph 12.
- The User has the right to lodge a complaint with the supervisory body: the President of the Office for Personal Data Protection - ul. Stawki 2, 00-193 Warsaw, in the event of a breach of the protection of personal data by the Personal Data Administrator or the processing of User's data in breach of the provisions on the protection of personal data.
- The Personal Data Administrator ensures that it makes every effort to ensure that its processing of personal data is carried out with the greatest respect for the privacy of persons whose data is processed and with the utmost care for the security of personal data being processed, and in particular ensures that it has taken all measures of physical protection provided for by law, IT and organizational, aimed at securing personal data sets, which are described in detail in the Personal Data Policy implemented by the Personal Data Administrator and the IT System Management Manual. The physical, ICT and organizational measures used by the Personal Data Administrator to ensure the protection of processed personal data appropriate to the threats and categories of data protected, in particular, protects the data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of the Regulation and their change, loss, damage or destruction.
Providing Users' personal data
- The Personal Data Administrator has the right to disclose the User's personal data, without his consent, only to entities authorized under specific provisions (e.g. Courts, law enforcement authorities).
- The Store does not disclose Users' personal data to other entities, with the exception of entities performing postal and transport services for the Store or other services necessary to perform the order, to the extent necessary for its implementation.
If the User uses the option to make a payment via t-payl on the terms set out in the regulations of tpay.com, Innogio.com does not become the Administrator of Personal Data provided by the User to tpay.com and the User's data is used by the company that supports above. transaction, without the participation of the innogio.com Store.
User comments and opinions
- Comments and opinions left by the User on the Store's website may be made available on the innogio.com online store and disseminated only on the basis of the consent given by him by checking the consent clause below the form.
- The User may receive the Newsletter only by leaving his e-mail address in the newsletter form and consenting to the processing of personal data, processing personal data for marketing purposes in accordance with the Act of 16 July 2004 - telecommunications law and consent to receive commercial information. electronically in accordance with the Act of 18 July 2002 - on the provision of electronic services.
- You can opt out of receiving marketing and promotional information as well as commercial information via the newsletter by selecting the link deactivating the service in the footer of each email.
Deleting a User Account registered in the online store
- The user has the right at any time to request the deletion of an account registered in the online store innogio.com.
- The account deletion request should be sent via e-mail to firstname.lastname@example.org from the address used to register the user account.
- The Personal Data Administrator will delete the user's account within 30 days from the date of receipt of the request, unless special provisions require further processing, of which the User will be notified to the e-mail address from which the request was sent.
- The user is responsible for the correctness and compliance with the facts of the personal data provided.
- In order to ensure the protection of the User's personal data protection, he is obliged to protect the login and password used to log in to the Online Store. Users using the Online Store are responsible for providing the third party with the login and password used to log in to the Online Store.
- The website does not automatically collect any information, except for the information contained in cookies.
- Cookie files (so-called "cookies") are IT data, in particular text files, which are stored on the Store User's end device and are intended for using the Store's websites. Cookies usually contain the name of the website from which they originate, their storage time on the end device and a unique number.
- The entity placing and accessing cookies on the Store User's end device is the online store innogio.com and the company InnoGIO Sp. z o.o. with its registered office in: 03-289 Warsaw, ul. Ostrodzka 74H.
- Cookies are used to:
adapt the content of the Store's websites to the User's preferences and optimize the use of websites; in particular, these files allow to recognize the Store User's device and properly display the website, tailored to his individual needs;
creating statistics that help understand how Store Users use websites, which allows improving their structure and content;
maintaining the Store User's session (after logging in), thanks to which the User does not have to re-enter the login and password on each subpage;
- The Store uses two basic types of cookies: "session" cookies and "persistent" cookies. Session cookies are temporary files that are stored on the User's end device until logging out, leaving the website or turning off the software (web browser). Persistent cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.
- The Store uses the following types of cookies:
- "Necessary" cookies, enabling the use of services available within the Store, e.g. authentication cookies used for services that require authentication within the Store;
- "Performance" cookies, enabling the collection of information on how to use the Store's websites;
- "Functional" cookies, enabling "remembering" the settings selected by the User and personalizing the User's interface, eg in terms of the selected language or region of the User, font size, website appearance, etc .;
- "Advertising" cookies, enabling users to provide advertising content more tailored to their interests.
- In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies on the User's end device. Store Users can change cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about them every time they are placed in the Store User's device. Detailed information about the possibilities and ways of handling cookies is available in the software (web browser) settings.
- Cookies placed on the Store User's end device may also be used by advertisers and partners cooperating with the Store's operator.
Annex 1: "Application form for sharing personal data" - download by clicking on the link below