SAFETY POLICY OF THE SUPERSTORAGE.PL INTERNET SERVICE
1. GENERAL PROVISIONS
1.1. The Controller of personal data collected via Online Shop is COMSET S.A., with its registered office: ul. Okulickiego 66, postal code: 31-637 Kraków; VAT No.: 6781322812; REGON (Business Registration) No.: 351090497, the District Court - District Court for Kraków-Nowa Huta in Kraków, the 11th Commercial Department of KRS, the KRS number: 0000034946. Share capital of 500 000 PLN; The branch serving online store - www.superstorage.pl -ul. Łutnia 7, postal code: 30-799 Kraków. E-mail address: email@example.com, phone number: +48 12 44 66 140 - hereinafter referred to as "Controller" and being the Online Shop Service Provider and the Seller at the same time.1.2 The Service Recipient 's (Customer's) personal data are processed in compliance with Act on the Personal Data Protection dated on the 29th of September 1997 (Dz.U [Journal of Laws], No 133, item 883, as amended) and Act on the Provision of Electronic Services dated on the 18th of July 2002 (Dz.U [Journal of Laws], No 144, item 1204, as amended) as well.1.3 The Controller has been taking due diligence aimed at those individuals' interests protection whom the data concern, assuring in particular that the collected data by him are processed in compliance with Law; collected on the indicated purposes lawfully and not subjected to further proccessing that is not compliant with those purposes; appropriate on merits and adequate towards the purposes on which they are processed and stored in the way enabling identification of individuals to whom they relate, no longer than it's necessary on the purpose of processing.
2. PURPOSE AND DATA COLLECTION SCOPE
2.1. The personal data are collected by the Controller on the purpose:2.1.1. establishing, content shaping, alteration, fullfilment or termination of an agreement between Service Provider (Seller) and Service Recipient (Customer) regarding E-services providing via Online Shop or the Products Sales Agreement concluding and providing them to the Customer.2.1.2. having documented contractual relationships, being referred to in Paragraph 2.1.1. for evidentiary purposes in the claims' period of prescription.2.2. In case of the Customers who use the Product to Customer delivery service the Controller passes the collected personal data of the Customers in the scope that is necessary for making the delivery by the selected carrier.2.2.1. UPS Polska Sp. z o.o. with its registered office in Warszawa (the office address: ul. Prądzyńskiego 1/3; 01-222 Warszawa), National Court Register (KRS) number: 00000366126.96.36.199. DHL EXPRESS (POLAND) Sp. z o.o. with its registered office in Warszawa (the office address:ul. Wirażowa 37; 02-158 Warszawa), National Court Register (KRS) number: 0000047188.8.131.52. FEDEX EXPRESS POLSKA Sp. z o.o. with its registered office in Warszawa (the office address: ul. Krucza 16/22; 00-526 Warszawa), National Court Register (KRS) number: 00000379184.108.40.206. DPD Polska Sp. z o.o. with its registered office in Warszawa (the office address: ul. Mineralna 15; 02-274 Warszawa), National Court Register (KRS) number: 00000283220.127.116.11. General Logistics Systems Poland Sp. z o.o. with its registered office in Głuchowo (the office address: ul. Tęczowa 10, Głuchowo, 62-052 Komorniki), National Court Register (KRS) number: 0000005009.2.3. The Controller processes the following personal data of the Service Recipients (Customers): name and surname; company name; e-mail address; contact phone number; adress (street, house number, premises number, postal code, city, country); VAT No in case of business entities.
2.4. Providing personal data referred to in Paragraph 2.3 there is necessary to provide Electronic Services by the Service Provider in Online Shop or to conclude the Products Sales Agreement.2.5 The Controller collects data included in Cookies files automatically during using the Online Shop website. There are text files saved on computer of the Service Recipient while using the Online Shop (they enable among others remembering shopping cart content). Cookies' mechanism is not used for gathering any information about the Online Shop Service Recipients nor their navigation tracking. There is a possibility of unabling the data included in the Cookies files collection via using the suitable functions of internet browser (here it would be advisable to use Help file of the particularl browser or contact with its producer).
3. DATA PROCESSING BASIS
3.1. Using the Online Shop and concluding the agreements on Electronic Service providing via Online Shop or the Products Sales Agreements connnected with providing personal data is fully non-mandatory. The individual whose the data regard, takes a decision by themselves whether to start using the E-Services providing by the Service Provider or conclude Sales Agreement following the Store Rules.
3.2 Referrring to the Art.23 of the Act on the personal data protection dated on the 29th of August 1997 (Dz.U. [[Journal of Laws], No 133, item 883, as amended)data processing is permisible among others when:
3.2.1. the individual whom the data regard to, gives concern unless the subject is deleting the data:
3.2.2. it's necessary to complete an agreement while an individual, whome the data refer to, is its party or it's necessary for taking actions before entering into agreement, on the demand of the individual whose the data regard.
3.3. The personal data processing by the Controller is carried out always within the basis of allowance their processing mentioned in the Privacy Polisy Paragraph 3.2. The processing of data will be connected with the agreement performance or the neccesity of taking actions before entering into agreement, on the demand of the individual whose the data regard ( Paragraph 3.2.2). Additionally, before the agreement concluding on the E-Serces providing available via the Online Shop further Service Recipent (Customer) is informed about the necessity of the Rules approval.
4. RIGHT TO CONTROL, ACCESS AND AMEND DATA
4.1. The Service Recipient has the right to access his/her personal data and amend them.
4.2. Each individual has the right to control the data processing included in the Controller data storage which relate to them, the right refers to in particular:
4.2.1. Requesting for completing, updating and emendation of the personal data, temporary or permanent holding on data processing or their erasing if they are incomplete, outdated, false or they were collected as the result of violation of Act or they are redundant on the purpose which they were collected for.
4.3. In order to exercise the rights as referred to in Paragraph 4.1 and 4.2. one can use the option in the scope of Account or send relevant e-mail message to the adress: firstname.lastname@example.org or in writing to the Controller's address.
5. FINAL PROVISIONS
5.2. The Controller uses technical and organisational means providing the processed personal data protection that is suitable for threats and the category of the protected data, preventing the data from making them available for unathorised persons, processing that results in violation of regulations and adaptation, lost, damage and distruction in particular.
5.3. The Service Provider provides the following technical means preventing from aquiring and modifying personal data sent via e-mail by unauthorized persons:
5.3.1. Passwords of the Service Recipients are encrypted.
5.3.2. Safe password containing min. 7 signs is required.
5.3.3. Personal data files securing towards unauthorised access.
5.3.4. The access to Account only after individaul login and password creating by the Service Recipient.