Privacy Policy - Hornval - offers interesting and original solutions for your home or company.

Privacy Policy

Firma Handlowo-Usługowo-Produkcyjna “BLACHODACH” Janusz i Bartosz Bochnak
Spółka Jawna, with its registered office in Tarnów, ul. Św. Trójcy 3, 33-100 Tarnów, KRS 0000083531, NIP: 8731005878, REGON: 850331888

Pursuant to Art. 13, section 1 and section 2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council
of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter also “GDPR”), we provide the following basic information on the principles for processing personal data in connection with visiting the website www.blachodach.pl, www.hornval.eu

Data identifying the Personal Data Controller

The Controller of your personal data is Firma Handlowo-Usługowo-Produkcyjna “BLACHODACH” Janusz i Bartosz Bochnak Spółka Jawna, with its registered office in Tarnów, ul. Św. Trójcy 3, 33-100 Tarnów, KRS 0000083531, NIP: 8731005878, REGON: 850331888.

The controller shall take special care to protect the interests of the data subjects and, in particular, ensure that the personal data it collects is:

  • processed in accordance with the law, fairly and in a manner which is transparent to the data subject;
  • collected for specified, explicit and legitimate purposes and not further processed in a way that is incompatible with those purposes;
  • adequate, relevant, and limited to what is necessary for the purposes for which it is processed;
  • correct and, if necessary, updated;
  • stored in a form which allows the identification of the data subject, for no longer than it is necessary for the purposes for which the data is processed;
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures.

Contact with the Personal Data Controller

in writing, at the address: Firma Handlowo-Usługowo-Produkcyjna “BLACHODACH” Janusz i Bartosz Bochnak Spółka Jawna, with its registered office in Tarnów, ul. Św. Trójcy 3, 33-100 Tarnów

electronically: [email protected]

by phone: +48 14 621 88 52

Purpose and scope of data collection

The Controller processes personal data in the form of the first and last name, e-mail address and telephone number in order to answer the questions submitted by the Website User via the contact form, and in particular questions regarding the Controller’s offer.

The Controller is entitled to entrust personal data to entities by means of which the Controller accomplishes the purposes of personal data processing specified in this policy,
and in particular to employees, contractors and other entities with whom the Controller cooperates, including in particular the website hosting provider. The Controller guarantees the protection of personal data entrusted to these entities on the principles set out in this policy and in the provisions of applicable law.

The basis for data processing

The legal basis for the processing of personal data in order to fulfil the obligation is the concluded contract (Art. 6 section 1(b) of the Regulation (EU) 679/2016 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – “GDPR”).

The legal basis for the processing of personal data in order to take action at the request of the data subject prior to the conclusion of a contract is voluntary consent (Art. 6 section 1(a) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – “GDPR”).

The Controller is also entitled to process personal data, regardless of the consent given, in a situation where:

  • processing is necessary to fulfil a legal obligation to which the Controller is subject;
  • processing is necessary to protect the vital interests of the data subject or of another natural person;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

The data subject has the right to withdraw the consent given to the processing of personal data at any time. The withdrawal of the consent does not affect the lawfulness of the data processing carried out based on the consent prior to its withdrawal. Withdrawal of consent may be made in writing to the Controller’s address or electronically to the e-mail address [email protected].

In case of withdrawal of the consent, a situation may occur where the Controller is still entitled to process personal data on the basis of generally applicable law. In such a situation, the Controller shall process personal data only for the purposes and to the extent permitted by law, despite the lack of the data subject’s consent.

Rights of the data subject

Access to data

The data subject is entitled to obtain from the Controller confirmation as to whether or not personal data concerning them is being processed, and if so, entitled to access that data and the following information:

– purposes of personal data processing

– categories of personal data processed;

– information on the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular the recipients in third countries or international organisations, as well as the safeguards applied in connection with the transfer of data to recipients in third countries or international organisations;

– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

– information on the right to request from the Controller rectification, erasure or restriction of processing of personal data concerning the data subject or to object to such processing;

– information on the right to lodge a complaint with the supervisory authority;

– if the personal data has not been collected from the data subject – any available information as to its source;

– information on the existence of automated decision-making, including profiling

Upon request, the Controller shall provide a copy of the personal data undergoing processing to the data subject. For any further copies requested by the data subject, the Controller may charge a reasonable fee based on administrative costs. If the data subject requests a copy by electronic means and unless otherwise indicated, the information shall be provided by electronic means, if possible.

RECTIFICATION

The data subject has the right to request the Controller to immediately rectify their personal data that is incorrect. Subject to the purposes of processing, the data subject has the right to request supplementing incomplete personal data, including by providing an additional statement.

DATA ERASURE

The data subject has the right to request the Controller to immediately erase their personal data, and the Controller shall be obliged to erase personal data without undue delay, provided one of the following conditions applies:

– personal data is no longer required for the purpose for which it was collected or processed in any other way;

– the data subject effectively withdraws consent on which the processing is based and there is no other legal basis for the processing;

– the data subject objects to the processing and there are no overriding legitimate grounds for the processing;

– the data subject objects to the processing of data for the purposes of direct marketing;

– personal data was processed against the law;

– personal data must be deleted in order to meet the legal obligations provided for in the EU laws or laws of a member state to which the Controller is subject;

– personal data has been collected in connection with offering information society services.

RESTRICTION OF DATA PROCESSING

The data subject has the right to request the Controller to restrict the data processing in the following cases:

– the accuracy of the personal data is contested by the data subject – for a period allowing the Controller to verify the accuracy of this data;

– the processing is unlawful and the data subject opposes to the deletion of the personal data, requiring that the use of such data be restricted instead;

– the Controller no longer needs the personal data for the purposes of the processing, but it is needed by the data subject for the establishment, exercise or defence of legal claims;

– the data subject has objected to the processing – until it is determined whether legally justified grounds on the part of the Controller prevail over the grounds of objection of the data subject.

  • The restriction of personal data processing shall be understood as the storage of personal data in order to limit its further processing.
  • If processing is restricted pursuant to the aforementioned request, such personal data may be processed, with the exception of storage, only with the consent of the data subject, or for the establishment, exercise or defence of claims, or for the protection of the rights of another natural or legal person, or on compelling grounds of public interest of the EU or a member state. Before lifting the restriction of processing, the controller shall inform the data subject who requested the restriction about this.

DATA PORTABILITY

  • The data subject has the right to receive, in a structured, commonly used and machine-readable format, the personal data concerning them which they have supplied to the controller, and the right to transfer such personal data to another controller without interference from the controller to whom the personal data have been provided, where the processing is based on consent or on a contract and where the processing is carried out by automated means.
  • When exercising their right to data portability, the data subject has the right to have their personal data transferred by the Controller directly to another controller, provided this is technically feasible.
  • The data subject has the right not to be subject to a decision which is based solely on automated processing, including profiling, and has legal effects or substantially affects the person in a similar way.

OBJECTION

  • The data subject has the right to object at any time – on grounds relating to their particular situation – to processing of personal data concerning them which is based on the provisions of Art. 6 section 1(e)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, including profiling based on these provisions.
  • After an objection has been raised, the Controller shall no longer be permitted to process such personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of claims.
  • Where personal data is processed for the purposes of direct marketing, the data subject has the right to object at any time to processing of personal data concerning them for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing. If the data subject objects to processing for the purposes of direct marketing, the personal data must no longer be processed for such purposes.

EXERCISE OF RIGHTS

  • The exercise of the rights referred to above shall be carried out upon request submitted to the Controller in writing or electronically to the e-mail address [email protected]. The same e-mail address may be used to submit any queries regarding the rights to which the data subject is entitled. The Controller makes every effort to explain the rights to the data subject in a clear and understandable manner and to enable the data subject to exercise them.

COMPLAINT

The data subject has the right to lodge a complaint with the supervisory authority, in particular in the member state of their habitual residence, place of work or place of the alleged infringement, if they believe that the processing of personal data concerning them infringes this regulation.

The above-mentioned complaint should be lodged with the supervisory body, the President of the Office for Personal Data Protection, to the following address: ul. Stawki 2, 00-193 Warsaw, Poland.

Profiling

  • Personal data shall not be processed in an automated manner, including profiling.

Transferring data outside the European Economic Area

  • Personal data shall not be transferred to a third country / international organisation outside the European Economic Area.

Newsletter

The Controller provides the data subject (hereinafter: User) with the Newsletter service in accordance with the principles set out in this Privacy Policy, as well as in Newsletter Regulations made available on its website.

The Controller ensures that the use of the Newsletter is free of charge and voluntary.

The User may subscribe to the service by providing an e-mail address and giving the consent referred to in Art. 6 section 1(a) of the GDPR.

The Controller, with the prior consent of the User, has the right to send, via the Newsletter to the e-mail address provided, commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services.

The ordered Newsletter is sent only to the e-mail address provided by the User.

The User has the right to unsubscribe from the Newsletter service at any time. The subscription can be cancelled by using the deactivation link included in each Newsletter received or by sending the above-mentioned request to the e-mail address [email protected].

Detailed rules for the provision of the Newsletter service are specified by the Regulations, available on the Controller’s website www.blachodach.pl.

Cookies and other technologies

Please be advised that we use cookies (text files) and other technologies on our website to record information about the pages or subpages visited by the user as well as their activity.

Cookies are information stored by your browser. They have no effect on software or hardware. Cookies are only associated with the browser of a specific device, without providing the user’s first or last name (anonymous user). It is information stored by the server on the user’s device, which can be read by the server each time the user connects to the device.

We use cookies to guarantee that our website meets the highest standard of convenience and the collected data is used by our enterprise only to optimise the operations.

Our website uses the following cookies:

a) “essential” cookies, which enable the use of services available as part of the website, for example: authentication cookies used for services that require authentication within the website;

b) cookies used to ensure safety, e.g. for detecting authentication abuse on the website;

c) “performance” cookies, which enable collection of the information about the method of using websites of the service;

d) “functional” cookies, which enable “remembering” settings selected by the user as well as personalisation of the user interface, e.g. in terms of selected language or region
the user is from, font size, website layout, etc.;

  • The Controller also uses cookies to collect static data through analytical tools: Google Analytics (cookie administrator: Google Inc. USA)
  • The user may at any time disable or re-enable the option of collecting cookies by changing the web browser settings.
  • If you do not want to receive cookies, you can change your browser settings. At the same time, please be advised that disabling the cookies necessary for Authentication, Security and Preferences will make it more difficult and, in extreme cases, may make it impossible to use the websites.
  • Most browsers allow the users to control cookies by setting preferences. Users should read the privacy policies of these browsers in order to learn the principles of using cookies. Restricting the option to set cookies may impair the overall quality of your use of the websites.

Final stipulations

  • The extent to which the rights of the data subject may be exercised may be limited pursuant to provisions of law, in particular on account of the rights and freedoms of other persons or the public interest.
  • The data subject’s rights as detailed in this Privacy Policy arise under generally applicable law, and the provisions of this Privacy Policy do not limit these rights in any way.
  • In order to ensure a high level of protection of personal data, the Controller shall take regular steps aimed at reviewing and amending this Privacy Policy in the event of changes to the scope of personal data processed, the processing technology used with respect to such personal data, as well as in the event of changes to the applicable law or to the guidelines for its application.