Privacy Policy

© All rights to the content of the privacy policy reserved.

According to Art. 13 sec. 1 and paragraph. 2 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as GDPR), we inform you that:

1. Personal data administrator
The administrator of your personal data, hereinafter referred to as “the Administrator”, “We” or “the Company”, is
Ecotec Polska Sp. z o.o. with its registered office: 02-229 Warsaw, ul. Światowa 22.

2. Contact Us
Contact details of the Administrator:
E-mail address: gdpr@ecotec-polska.pl
correspondence address: 02-229 Warsaw, ul. Światowa 22.

Use of our contact details
The use of contact data published as part of the required legal notice by third parties for the purpose of sending unsolicited advertising and marketing material is hereby expressly prohibited. The Administrator reserves the right to take legal action against unwanted advertisements or marketing information, including spam.

3. The purpose of data processing by the administrator, the legal basis for processing, the period for which personal data will be stored and information whether the provision of personal data is a statutory or contractual requirement or a condition for concluding a contract
General
We use the personal data obtained only for the specific, legitimate purposes for which the data was collected. The scope of personal data, the purpose of their processing, the legal basis for such processing, the period of processing and the categories of recipients of the data are set out in this privacy policy.

Purpose of personal data processing: Legal basis for processing: Duration of storage and information on whether the provision of personal data is a statutory or contractual requirement or a condition for entering into a contract, whether the data subject is obliged to provide it and what the possible consequences of not providing the data are:
(a) conducting communication, in particular answering questions asked using the contact form on the https://www.ecotec-polska.pl/pl/kontakt website or sent to us in an e-mail Art. 6 sec. 1 letter b) of the GDPR (taking action at your request, i.e. answering your question, contact request made by you using the form on the website or by e-mail) Personal data is stored for the period of limitation of claims resulting from the provisions of law, when a complaint, demand, etc. is submitted in the case. (as a rule, 3 years, maximum 6 years counted from the date of termination of the contract/relationship), unless there is another legal basis for further processing, e.g. processing of data by us in the scope of handling possible complaints or requests and compliance with the principle of accountability referred to in Art. 5 sec. 2 GDPR. Providing data is voluntary, but failure to provide them makes it impossible to communicate electronically.
(b) communication with people who contact us via social networks (replying to comments and messages, etc.) Art. 6 sec. 1 letter f) of the GDPR (“legitimate interests of the Controller”) The data is stored for the period of existence of the legitimate interest pursued by the Administrator and for the period after which any claims expire (as a rule, 3 years, maximum 6 years counted from the date of termination of the relationship/contract). Providing data is voluntary, but failure to provide it prevents communication via social networking sites.
(c) marketing of the Controller’s products and services Art. 6 sec. 1 lit. a) GDPR (your consent to the processing) and/or Art. 6 sec. 1 letter f) of the GDPR (“legitimate interests of the Controller”) The data is stored until you withdraw your consent. The consent given can be withdrawn at any time by contacting the Administrator. In this case, providing data is voluntary, but failure to provide them prevents you from receiving marketing messages.
(d) storing cookies or using other similar technologies on the user’s end device (PC, laptop, tablet, phone/smartphone, Smart TV) Art. 6 sec. 1 lit. a) GDPR (your consent to the processing) The data is stored until the data subject withdraws consent to further processing of his or her personal data. The provision of data is not a contractual or statutory requirement. Failure to provide them (blocking the installation of cookies) may result in limiting the functionality of the website.
(e) conducting direct marketing of the Administrator’s products and services Article 6(1)(f) of the GDPR (“legitimate interests of the Controller”), which is an independent premise legalizing the processing of personal data and consent is not required. Recital (47) of the GDPR preamble states that “The processing of personal data for direct marketing purposes may be considered as an activity carried out on the basis of a legitimate interest.”). The data is stored for the period of existence of the legitimate interest pursued by the Administrator, or until an objection is expressed to further processing of personal data for marketing purposes (Art.21 sec.3 GDPR). The data subject objects to the processing of their data (e.g. e-mail address, name, surname, name of employer) for direct marketing purposes, the Controller will no longer process their personal data for this purpose.
(f) entering into and performing a contract (including quality assurance) Art. 6 sec. 1 lit. b) GDPR (data subject is a contracting party) The data is stored for the period necessary for the performance, termination or expiration of the contract and settlements and for the period after which any claims expire (as a rule, 3 years, maximum 6 years counted from the date of termination of the contract/relationship), unless there is another legal basis for further processing, e.g. data processing by us in the scope of considering possible complaints or demands and meeting the principle of accountability, referred to in Article 5 sec. 2 GDPR. Providing data is a statutory requirement (Comparison of the parties to the contract), failure to provide them makes it impossible to receive, conclude and/or perform the contract.
(g) inserting, collecting and storing invoices and accounting documents and keeping accounting books Art. 6 sec. 1 lit. c) GDPR (“compliance with a legal obligation”) in connection with Art. 74 sec. 2 of the Accounting Act and in connection with Art. 86 § 1 of the Tax Ordinance Act. The data is stored for the period in which the regulations require the storage of accounting books and accounting documents (i.e. for 5 years, counting from the beginning of the year following the financial year to which the data relates) and for the period after which any tax liabilities expire. Providing data is a statutory requirement, failure to provide them makes it impossible to comply with the legal obligation.
(h) Fraud detection and prevention Art. 6 sec. 1 lit. c) GDPR (“compliance with a legal obligation”) The data is stored for the duration of the contract and then for the period after which the claims arising from the contract expire. In the event of the Administrator pursuing claims or notifying the competent authorities – for the duration of such proceedings and “for 5 years from the beginning of the year following the financial year in which the operations, transactions and proceedings were finally completed, paid, settled or time-barred”
(i) Responding to complaints within the time limit and form provided for by law Art. 6 sec. 1 lit. c) GDPR (“compliance with a legal obligation”) The data is stored for a period of 1 year after the expiry of the warranty or settlement of the complaint, and then for the period after which any claims expire. Providing data is a contractual requirement, failure to provide them makes it impossible to process the complaint.
(j) establishing, defending and pursuing claims raised by or against the Administrator Art. 6 sec. 1 letter f) of the GDPR (“legitimate interests of the Controller”)

The data is stored for the period of:

  • after which the claims arising from the agreement expire,
  • or time-barred”,
  • for the time during which the Administrator may suffer the legal consequences of failure to perform the obligation, e.g. receive an administrative penalty,
  • in the case of pursuing claims by the Administrator in civil proceedings or covered by criminal or tax proceedings, accounting documents (which may contain personal data) must be stored “for 5 years from the beginning of the year following the financial year in which operations, transactions and proceedings have been finally completed, paid off, settled.
(k) to deal with possible complaints or requests, processing for archiving and security purposes, Art. 6 sec. 1 letter f) of the GDPR (“legitimate interests of the Controller”) The data is stored for the period of existence of the legitimate interest pursued by the Administrator.
The data is stored until the final conclusion of the proceedings and for the period after which any claims expire (as a rule, 3 years, maximum 6 years from the date of termination of the relationship/contract).
In the event that personal data and the content of correspondence constitute evidence in proceedings conducted on the basis of the law or the Administrator has become aware that they may constitute evidence in proceedings, the data storage period is extended until the final conclusion of the proceedings.
(l) Recruitment Article 6(1) 1 lit. c) GDPR (“legal obligation to which the controller is subject”), Labour Code, Article 6 para. 1 (a) GDPR and Article 9 (a) of the GDPR Article 2(a) of the GDPR (“data subject consent”) The data is stored for up to 9 months from the end of the recruitment process.
Providing data is a statutory requirement, failure to provide them makes it impossible to take part in the recruitment process
(m) Keeping records related to employment Article 6(1) 1(c) GDPR (“legal obligation to which the controller is subject”) The data is stored for a period consistent with current regulations, i.e.: 10 years or 50 years.
Providing data is a statutory requirement, failure to provide it makes employment impossible.

4. Data recipients
The Administrator uses the services of external entities cooperating with him. Personal data is transferred to third parties only if and to the extent that it is necessary to achieve the purpose of the processing. External entities may use the provided (entrusted) personal data only for the purpose of performing the task commissioned by the Administrator.
Personal data may be transferred to the following recipients cooperating with the Administrator:

  • entities providing technical support services to the Administrator and providers of IT solutions enabling the Administrator’s business (for example, software providers, e-mail and hosting providers),
  • entities conducting postal, courier and similar activities (e.g. courier brokers) – to the extent necessary to carry out delivery and correspondence,
  • selected entities acting on behalf of the Administrator in handling accounting, tax, advisory, translation, legal matters – to the extent necessary to achieve a specific purpose of processing,

5. Transfer of data outside the European Economic Area
Your personal data will not be transferred outside the EEA or made available to international organizations. In exceptional situations, your personal data may also be transferred to third countries, i.e.: outside the European Economic Area, if it is necessary for the provision of Services to you or if it is conditioned by another valid legal basis. In this case, the transfer of data is based on appropriate safeguards in accordance with the provisions on the protection of personal data. For more information about how we can protect ourselves, how to obtain a copy of these safeguards and where they are available, please contact us at the details above.

6. Your rights (rights of the person whose data is processed by the administrator)
If the consent is necessary to be able to process personal data for a specific purpose, the Administrator obtains such consent. The consent given can be withdrawn at any time by contacting the Administrator. In the event of withdrawal of consent, the data will no longer be processed to the extent to which the consent referred, but the withdrawal of consent will not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.
The processing of personal data does not always require consent. Consent to the processing of data is not required if any other prerequisite legalizing their processing is met in accordance with Art. 6 sec.1 GDPR, e.g. if the processing is necessary for the implementation of the legitimate interest of the Controller (e.g. defence against claims) or we take action at your request or on your initiative.
On the terms set out in the GDPR, you also have the following rights:

  • the right to request the administrator to access your personal data processed by the Administrator,
  • the right to rectification of such personal data,
  • the right to delete personal data (“to be forgotten”) or to limit the processing of such personal data (unless there are legitimate grounds for further processing),
  • the right to object to the processing, and
  • the right to transfer this personal data.

If your personal data is processed for direct marketing purposes, you can object to the processing of this data for this purpose at any time.
If you want to exercise the above rights, you should submit the application to the Administrator. The Administrator’s contact details are provided in point (2). To ensure that the person submitting the application is entitled to submit it, the Administrator may ask for additional information confirming the identity of the applicant.
The Data Controller is obliged to provide relevant information in writing. The provisions of the GDPR indicate to what extent each of these rights can be exercised. This will depend in particular on the legal basis and purpose of the processing of personal data by the Administrator.
You also have the right to lodge a complaint with the supervisory authority, i.e.: to the Office for Personal Data Protection if, in your opinion, the processing of your personal data is carried out in violation of the law.

7. Server Log Files
Our server saves certain information that your browser transmits automatically. This applies in particular to the following data:

  • IP address of your device,
  • the time and date of the server request,
  • information about the browser used (type/name, version),
  • operating system
  • referring URL.

Server log file data records are analyzed in order to:

  • bug fixes,
  • server performance management,
  • protection against DDoS attacks,
  • content customization.

We cannot assign this information to a specific individual; We do not compare them with other data sources. However, we reserve the right to review this information at a later date if there is a reasonable suspicion of a violation of law.

8. Cookies
Cookies are small text files that are placed on your computer by websites that you visit. They are commonly used to make websites work better or more efficiently, as well as to provide information to the owners of the website. The use of cookies is now standard for most websites. If you do not want to use cookies, you can manage and control them through your browser, including deleting cookies by deleting them from your “browser history” (cache) when you leave the site.

Managing cookies on your device
We use cookies to personalize content and provide you with a better user experience. By using this website or app, you consent to the use of cookies. You can control and manage cookies through your browser (see below). Please note that deleting or blocking cookies may affect your user experience and some features may no longer be available.

Using your browser to control cookies
Most browsers allow you to view, manage, delete and block cookies on a website. Please note that if you delete all cookies, all preferences you have set will be lost, including the ability to opt-out of cookies, as this feature alone requires an opt-out cookie to be placed on your device. Guidance on how to control cookies in popular browsers is provided below:

Google Chrome
Mozilla Firefox
MacOS Safari
Microsoft Internet Explorer

For information on additional browsers and device types, please visit http://www.aboutcookies.org/ or http://www.cookiecentral.com/faq/.

Types of cookies

  • Strictly necessary cookies: This type of cookie is necessary for the website to function and cannot be switched off in our systems. Necessary cookies are typically used in response to actions you make, such as setting privacy options, logging in or filling in forms. You can change your browser settings to block them, but the website will not function properly
  • Analytical cookies: This type of cookie allows us to measure visits and collect information about traffic sources so that we can improve how our website works. They also help us to know which pages are most popular or how visitors move around our website. If you block these cookies, we will not be able to collect information about your use of the website and we will not be able to monitor its performance.
  • Functional cookies: This type of cookies helps us to improve the effectiveness of our marketing activities and adapt them to your needs and preferences, e.g. by remembering all the choices you make on the websites.
  • Advertising cookies: In order to promote certain services, articles or events, we may use advertisements that are displayed on other websites. This type of cookie is used to make advertising messages more relevant and tailored to your preferences. Cookies also prevent the same ads from appearing again. These ads are only used to inform about the activities carried out. For more information, please see our privacy policy.
  • Session cookies: This is temporary information stored in the browser’s memory until the browser session ends, i.e. until the browser is closed. These cookies are mandatory for certain applications or functionalities to function properly.
  • Persistent cookies: They make it easier to use frequently visited websites (e.g. they provide optimal navigation, remember the selected resolution, content layout, etc.). This information remains in your browser’s memory for a longer period of time. This time depends on the choice that can be made in the browser settings. This type of cookie allows information to be sent to the server each time a given website is visited.

The table below explains how we use cookies on this website:

Name: Purpose: Kind: Store:
_fbp This cookie is set by Facebook to display ads on Facebook or the Facebook Display Network to users who have previously visited our website. Advertising, First Category, Fixed 3 months
Fr A cookie is set by Facebook to show users relevant ads and to measure and improve ads. The cookie also tracks user behavior on pages that have the Facebook pixel or a Facebook social plugin. Advertising, Third Party, Permanent (Facebook, Inc.) 3 months
_Ga This cookie is set to allow Us to track individual visitors and their use of the website. It is set on the first visit to the website and updated on subsequent visits. We do not use Google Analytics to collect personal information other than the IP address from our visitors. Analytical, First-Class, Fixed 2 years from set-up/upgrade
_ga_container-id Used to maintain session state. Analytical 2 years
test_cookie Test_cookie is set by doubleclick.net and is used to determine whether your browser supports cookies. Advertising 15 minutes
_gcl_au Provided by Google Tag Manager to experiment on the advertising effectiveness of websites using their services. Analytical 3 months

9. Automated decision-making and profiling
Personal data will not be used for automated decision-making that would have legal effects on you, including profiling.

10. Final provisions
The Administrator’s websites may contain links to external websites of third parties, the content of which we have no influence on. We can therefore not assume any liability for third-party content. The provider or operator of the website is solely responsible for the content of the linked pages. The linked pages were checked for possible violations of law at the time the links were created. At that time, no illegal content could be identified. However, a permanent control of the content of the linked pages is not reasonable without concrete evidence of a violation of law. If we become aware of such a violation of law, we will remove the respective links or links immediately.

© This document is protected by copyright. The author as the author uses exclusive moral and economic copyrights and disposes of these rights. The document is the author’s “trade secret” within the meaning of the Act on Combating Unfair Competition. The document has been developed for use only by the recipient of the document (customer). The author does not authorize, without his prior written consent, any other communication, use, reproduction, distribution or resale of this document or any part of it. Violation of the above conditions may result in liability, including criminal liability, as specified in the Act on Combating Unfair Competition, the Penal Code and/or the Act on Copyright and Related Rights. In particular, but not exclusively, the author has the right to demand in such a situation the cessation of prohibited activities, removal of the effects of prohibited activities, redress of the damage caused, return of unjustly obtained benefits, making a single or multiple statement of appropriate content and in an appropriate form. Without the prior written consent of the author, it is also forbidden to send or otherwise make this document available to persons or entities that may provide services competitive to the services provided by the author – e.g. attorneys, auditors, advisors, IT specialists, consultants, accountants, controlling persons, legal advisors, lecturers, persons providing trainings, trainers, etc.