GDPR

RULES OF PERSONAL DATA PROCESSING BY ARPAK SP Z OO

Article 1. Personal data controller
1. The administrator of personal data is Arpak Sp. z oo with its seat in Koźmin Wielkopolski, Poland (correspondence address: Arpak Sp. z oo 63-720 Koźmin Wlkp; ul. Wierzbowa 30), entered into the register of entrepreneurs under the KRS number: 0000141619 (hereinafter referred to as the "Administrator").
The administrator attaches great importance to the protection of the privacy and confidentiality of the personal data processed, in particular, with due diligence, selects and applies appropriate technical measures
and organizational ones ensuring protection of processed personal data. Only persons duly authorized by the Administrator have full access to the databases.
3. The Administrator can be contacted by traditional mail to the address given in par. 1 above, or by e-mail to the address info@arpak.pl

Article 2. The basis for the processing of personal data
1. The provision of personal data to the Administrator is voluntary, however, failure to provide them or lack of consent to their use may make it difficult or impossible to undertake activities for the purpose of communication, providing an offer or taking actions in connection with the conclusion of a contract.
2. Personal data is processed by the Administrator in accordance with the provisions of law, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ("GDPR") in order to:
a.performing activities related to the performance of the concluded contract or taking actions prior to the conclusion of the contract, in particular providing an offer at the request of the data subject (in accordance with Article 6 (1) (b) of the GDPR);
b. fulfillment of the legal obligation incumbent on the Administrator (in accordance with Article 6 (1) (c) of the GDPR);
c. marketing of own products or services, including personalized ones (in accordance with Article 6 (1) (f) of the GDPR);
d. pursuing or securing claims (pursuant to Article 6 (1) (f) of the GDPR).
3. The legal basis for the processing of personal data may be: (a) consent, (b) contract, or (c) the legitimate interest of the Administrator (pursuant to Article 6 (1) of the GDPR).
4.Personal data is collected by the Administrator from persons who (a) have expressed in writing or orally an interest in establishing a business relationship with the Administrator, (b) have expressed direct or indirect (e.g. by providing their business card) consent to the processing of personal data for the purpose of presenting the offer commercial by the Administrator, (c) participate in the implementation of the contract concluded with the Administrator, (d) represent the Administrator's contractors.
5. The administrator may process data of persons provided by the persons indicated in sec. 4 in order to contact the Administrator or purchase products or services offered by the Administrator. The person providing the Administrator with the data of third parties should have the appropriate consent of third parties to transfer their data to the Administrator. In this case, the Administrator makes every effort to properly fulfill the information obligation (in accordance with Article 14 of the GDPR), but the Administrator is not responsible for any unauthorized transfer of third party data. i.e. without their proper consent.

Article 3. Scope of personal data processing
1. Personal data is processed only to the extent necessary to perform correct communication (name and surname, position, e-mail address, telephone number, company and address of the company), including sending information about the Administrator and its services, sale of products or services provided by Administrator and to perform the contract.
2. Personal data may be made available to entities authorized to receive them under applicable law, including the competent judicial authorities.
3. Personal data may be made available to authorized employees of the Administrator, entities processing data at the request of the Administrator, i.e. carriers, postal operators, entities servicing accounting, partners providing technical services (developing and maintaining IT systems, performing mailing), debt collection companies, entities providing legal services, trusted cooperating entities - subcontractors in order to provide a specific service.
4. In justified cases, the data may be made available or entrusted to entities from the Arpak Sp. z oo, if there is an important legal basis for it - consent, e.g. in the case of marketing, a contract or a legitimate interest, in particular to subsidiaries, affiliates, on the basis of a co-administration agreement or for entrusting personal data.
5. Personal data may be subjected to activities consisting in profiling - including the use to make an automatic decision that may cause legal effects - only with the consent of the data subject.
6. Personal data will not be transferred to a third country.
7. If, as part of the processing, personal data will be transferred to recipients in third countries (outside the EEA), e.g. in the United States, such data transfer may take place on the basis of a decision on the appropriate level of protection taken by the European Commission, i.e. for participating organizations in the Privacy Shield program, or on the basis of standard contractual clauses in accordance with the decision of the European Commission or on the basis of the express consent of the data subject.

Section 4. Retention of Personal Data
1. Personal data processed in order to perform the contract and fulfill the Administrator's legal obligation will be kept for the duration of the contract, and after its expiry for the period necessary to:
a. after-sales service (e.g. handling complaints);
b. securing or pursuing claims;
c. fulfillment of the Administrator's legal obligation (e.g. resulting from tax and accounting regulations).
2. Personal data processed for the purposes of marketing of own products or services offered by the Administrator on the basis of a legitimate legal interest, will be processed until an objection is raised or the scope is changed by the data subject.
3. Personal data processed on the basis of a separate consent will be kept until its revocation.

Article 5. Control of the processing of personal data
1.Everyone whose personal data is processed by the Administrator has the right to access the data being processed and the right to rectify, delete, limit processing, the right to transfer data, the right to object to data processing based on the Administrator's legitimate interest or to processing for the purpose of direct marketing, the right to withdraw consent at any time without affecting the lawfulness of processing. The administrator will cease processing personal data and delete the data, unless the law requires further processing.
2. Using the powers indicated above in sec. 1, is implemented by enabling contact with the Administrator in the manner indicated in art. 1 clause 3 of these Rules.
3. Persons whose data is processed by the Administrator have the right to lodge a complaint with the supervisory body - the Office for Personal Data Protection, if they consider that the processing of personal data violates the law.

COOKIES POLICY OF THE LEGE.COM.PL SERVICE

1. The "cookie" peaks should be understood as IT data stored in users' end devices, intended for the use of websites. In particular, these are text files containing the name of the website they come from, their storage time on the end device and a unique number.
2. The website does not automatically collect any information, except for information contained in cookies.
3. Cookies are intended for using the website pages. The operator uses these files for:
a) the ability to log in and maintain user sessions on each subsequent page of the website
b) matching the content of the website to the individual preferences of the user, first of all, these files recognize his device in order to display the page according to his preferences
c) to create anonymous statistics, excluding the possibility of user identification.
4. Cookies used by the website operator's partners, including in particular website users, are subject to their own privacy policy.
5. In the interest of the security of the data entrusted to us, we have developed internal procedures and recommendations to prevent disclosure of data to unauthorized persons. We control their performance and constantly check their compliance with the relevant legal acts - the Act on the protection of personal data, the Act on the provision of electronic services, as well as all types of executive acts and Community legislation
6. By default, the software used for browsing websites allows cookies to be placed on the User's end device by default. These settings can be changed by the User in such a way as to block the automatic handling of "cookies" in the web browser settings or to inform about their every transfer to the user's devices.
7. The Website Users can change their cookie settings at any time. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
Examples of editing options in popular browsers:
- Mozilla Firefox: www.support.mozilla.org/pl/kb/ciasteczka
- Internet Explorer: www.support.microsoft.com/kb/278835/pl
- Google Chrome:
www.support.google.com/chrome/bin/answer.py?hl=pl&answer=95647
- Safari:
www.safari.helpmax.net/en/time-saving/blocking-content/
8. The Website operator informs that changes to the settings in the user's web browser may prevent the proper operation of the Websites.