Information concerning the processing of personal data

1. Identity and contact details of the controller

SMA Magnetics spółka z ograniczoną odpowiedzialnością seated in Zabierzów, ul. Krakowska 390, 32-080 Zabierzów, entered into the register of entrepreneurs kept by the National Court Register by the District Court for Kraków-Śródmieście in Kraków, XII KRS Economic Department under the number 281892, NIP: 5130141977, REGON 120483095, e-mail: office@sma-magnetics.com, tel.: +48 12 283 09 50, fax: +48 12 285 35 67.


2. Contact details of the Data Protection Officer

iod@sma-magnetics.com


3. Purposes, legal basis and period for which the personal data will be processed

Your data may be processed for the following purposes:

1) performance of a contract – on the basis of art. 6 sec. 1 letter b) of the Regulation of the European Parliament and the Council of the EU 2016/679 of 27th of April 2016 r. on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), [hereinafter: the Regulation], that is processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

2) compliance with the Controller’s legal obligations, e.g. tax obligations, accounting obligations, obligations with regard to the enforcement of claims – on the basis of art. 6 sec. 1 letter c) of the Regulation, that is:
processing is necessary for compliance with a legal obligation to which the controller is subject.

3) pursuing by the Controller his legitimate interests, e.g.:
a) management, exercise and defence in the case of reciprocal claims,
b) ensuring information security,
c) contact with the Client’s authorised employees in matters related to the performance of a contract,
d) ensuring security by monitoring of the Controller’s seat,
e) the Controller’s own direct marketing,
on the basis of art. 6 sec. 1 letter f) of the Regulation, that is:
processing is necessary for the purposes of the legitimate interests pursued by the controller.

4) replying to an inquiry made via e-mail, form or telephone – on the basis of art. 6 sec. 1 letter a) of the Regulation, that is:
the data subject has given consent to the processing of his or her personal data for one or more specific purposes.


4. Where do we gather your personal data?

Personal data are mainly collected directly from the data subject. The Controller also processes personal data which have not been collected directly from the data subject, e.g. data concerning business activities, data of the Client’s employees and persons representing the Client and acting in the name of the Client. Personal data are also collected, among others, from persons representing the Client, from the Business Activity Central Register (CEIDG), from the National Court Register (KRS) and from other entities authorised to process personal data.


5. Information about the categories of recipients of personal data

The recipients of personal data are entities cooperating with the Controller, including but not limited to: providers of software supporting business processes, postal operators and couriers, e-mail service providers, accounting office, law firms and consultancy firms.

In exceptional situations, in which binding legal provisions obligate the Controller to transfer the processed personal data to public authorities, the Controller will transfer those personal data.


6. Information about the rights of data subjects

You have the right to:

a) request from the Controller access to your personal data,
b) request from the Controller rectification, erasure of personal data or restriction of processing of your personal data,
c) object to the Controller to processing of personal data,
d) data portability (the right to have the personal data transmitted directly from one controller to another),
e) withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal

in accordance with the Regulation.


7. The right to object to processing

To the extent that personal data are processed on the basis of article 6 sec. 1 letter f), you have the right to object at any time – on grounds relating to your particular situation. The Controller shall then no longer process those personal data, unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.


8. Information about the right to lodge a complaint with a supervisory authority

You have a right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the Regulation. In Poland, the supervisory authority is the President of the Personal Data Protection Office seated in Warszawa, ul. Stawki 2, 00-193 Warszawa.


9. Information about whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and about the possible consequences of failure to provide such data.

Providing personal data in the indicated scope is a requirement for the conclusion of the Contract and is necessary for its performance. Providing these data is voluntary, however without providing them, the conclusion and performance of the Contract will not be possible.
Providing data within the contact form is voluntary, however without providing them, it will not be possible to answer the inquiry.


10. Cookies and other technologies policy

The Controller would like to inform that on his website there may be utilized cookie files or other technologies with the intent of improving the quality and content of the site. Thanks to the cookie files, the Controller receives information about how the Users are using the website, which allows the Controller to optimise his offer.

I. The Controller informs that while using the Controller’s websites, small pieces of IT data (so called “cookie files”) will be installed on your device.

II. Cookie files shall be understood as IT data, in particular text files, stored on the Users’ end devices, designed to assist with using websites. Those files allow identification of the Users’ device and properly display a website tailored to their individual preferences. Cookie files usually contain the name of the website from which they originate, storage time on the end device and a unique number. Data stored inside cookie files will not be linked to the website User’s personal data (name, address etc.).

III. Cookie files are used in order to tailor the contents of websites to the Recipient’s and User’s preferences and to optimise the use of websites. Additionally, they are used in order to generate anonymous, aggregated statistics, which help understand how Users use websites which in turn makes possible to improve the structure and contents of websites. Cookie files are not used to personally identify the User.

IV. By using the Controller’s website, the Users give their consent to install cookie files and store them on their end device and access the cookie files. The Users may at any time specify the conditions for storage and access of cookies, which includes disabling the ‘accept cookies’ option, by changing the settings of the software used to browse websites so that either the automatic handling of cookies is locked or the User is informed every time a cookie is transmitted to an end device. Detailed information on the possibility and ways of handling cookie files are available within the software (web browser) settings.

V. Restricting the use of cookies may affect some of the website features.

VI. The User may at any time after his visit on the website delete the cookie files stored on his device without risk. The detailed information about the possibility and ways of handling cookie files are available within the software (web browser) settings.

VII. Information about changing cookie settings in each particular browser is available on the following websites:
a) Chrome > support.google.com/chrome/answer/95647
b) Firefox >https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
c) Internet Explorer > support.microsoft.com/en-us/help/278835/how-to-delete-cookie-files-in-internet-explorer
d) Opera > help.opera.com/en/latest/web-preferences/
e) Safari > support.apple.com/kb/PH5042

VIII. On the Controller’s website are also used the following cookie files:
a) Google Analytics – helps the Controller measure how Users use the contents of the website. The following cookie files are used as part of this tool:
• _ga – used for distinguishing Users, expiry time: 2 years,
• _gid – used for distinguishing Users, expiry time: 24 hours,
• _gat – used for requesting limiting bandwidth, expiry time: 1 minute.

Information which is generated by Google Analytics (including IP address) are stored on servers located in the United States. Google, Inc. (hereinafter: Google) uses the collected data in order to assess how the Controller’s website is being used. Google may hand the collected information over to third parties if it is required by law. The User’s IP address is not linked with any other data stored by Google. By using the website, the User gives his consent for the processing of personal data by Google for the purposes described above. This consent may be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

On the Controller’s website is used the extension – („_anonymizeIp()”), which shortens all the IP addresses. In this way only shortened addresses are being processed, which ensures the anonymity of Users.

b) AWSALB – a tool which enables advanced http and HTTPS load balancing, simplifies and improves security of the application by ensuring that the newest SSL/TLS encryption and protocols are being used at all times.


11. Changing the Privacy Policy

The Controller reserves the right to change this privacy policy whenever it is required by the binding provisions of law, whenever technological conditions of operating the website change or whenever the change would introduce a standard higher than the minimum required by law. The Controller shall inform the Users of the website about such change via an appropriate message, displayed while first visiting the website after the change to the privacy policy has been introduced.