General Provisions
This Privacy Policy is addressed to Users of the website located and operated at millup.pl (hereinafter referred to as the “Service”). This policy outlines the rules for collecting and processing personal data obtained by the Administrator during the use of the Service. This policy also applies to the processing of personal data by the Administrator of individuals who follow the Administrator’s profile on social media platforms.
Personal Data Administrator
The administrator of personal data is MILLUP Grzegorz Rajmus – NIP: 7532414823, ul. Podolska 22, 48-303 Nysa, hereinafter referred to as the “Administrator.” Other contact details for the Administrator are email: grr@millup.pl.
Legal Basis for Processing Personal Data
Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR). The legal basis for processing your personal data by the Administrator may include:
– Your consent to the processing of data (Art. 6(1)(a) GDPR);
– The necessity of performing agreements concluded with you by the Administrator, as well as taking actions before concluding such agreements at your request (Art. 6(1)(b) GDPR);
– Processing is necessary to comply with a legal obligation to which the Administrator is subject (Art. 6(1)(c) GDPR).
Providing your personal data based on the above points (a-c) is voluntary, however, refusal to provide data will prevent you from using the Service and services provided by the Administrator. Your personal data may be processed in connection with the legitimate interest of the Administrator to secure and pursue claims, as well as for direct marketing of services provided by the Administrator (Art. 6(1)(f) GDPR).
Purposes and Scope of Personal Data Processing
The personal data provided by you will be processed:
– To enable you to use the Service;
– For purposes and to the extent necessary in connection with the conclusion and performance of an agreement (e.g., submitting an inquiry about services provided);
– To fulfill a legal obligation imposed on the Administrator (e.g., arising from accounting and tax regulations);
– For purposes arising from the legitimate interests pursued by the Administrator (i.e., securing and pursuing claims, marketing of own products and services).
In connection with the implementation of the above processing purposes, the Administrator may process the following personal data: name and surname, company name, identification numbers such as NIP, email address, phone number, as well as other data from your social media profile through which you contact the Administrator. The Administrator will also process data such as cookies and IP address.
Sharing Personal Data
Your personal data will be shared with relevant state authorities or third parties if such an obligation arises from generally applicable law. The Administrator may share your personal data with entities supporting the Administrator in the proper implementation of services provided, such as hosting providers. The Administrator processes personal data obtained directly from you (data subjects).
Data Protection
The Administrator is obligated to protect your data collected during the use of the Service in accordance with applicable laws and the highest standards of security and data protection. The Administrator ensures the security of personal data through the implementation of appropriate technical and organizational measures to prevent unlawful data processing and accidental loss, destruction, or damage. The Administrator takes all possible measures to ensure that personal data are:
– Correct and processed lawfully;
– Obtained only for specified purposes and not further processed in a manner incompatible with those purposes;
– Adequate, relevant, and not excessive;
– Accurate and up-to-date;
– Not kept longer than necessary;
– Processed in accordance with the rights of the data subjects, including the right to restrict access;
– Securely stored;
– Not transferred without adequate protection.
Personal data sets are secured against access by third parties. Only persons authorized by the Administrator, trained in personal data protection, and obligated to maintain the confidentiality of your personal data, are permitted to process your personal data. Personal data collected for the purpose of concluding or performing an agreement and fulfilling a legal obligation by the Administrator are stored for the period necessary to: (1) secure or pursue any claims arising from the agreement, (2) perform the agreement (e.g., handling complaints), (3) comply with the legal obligation imposed on the Administrator (e.g., arising from accounting and tax regulations). Personal data processed for marketing purposes and other purposes not mentioned above will be processed until the previously given consent for processing is withdrawn or an objection is raised.
Rights
You have the right to request access to your personal data, rectification, deletion, or restriction of processing, the right to data portability, and the right to object to processing, as well as the right to data portability. You have the right to withdraw your previously given consent to the processing of personal data at any time. You have the right to obtain from the Administrator the following information:
– The purpose, scope, and manner of processing your personal data;
– Since when your data has been processed;
– The source from which your data originates;
– The recipients or categories of recipients to whom the data is disclosed.
Additionally, at your request, the Administrator will supplement, update, and correct your personal data, as well as temporarily or permanently stop processing or delete it if your data is incomplete, outdated, untrue, collected in violation of the law, or no longer necessary for the purpose for which it was collected. Moreover, in the case of processing your data by the Administrator for direct marketing purposes, you have the right to object at any time to the processing of personal data for such marketing, including profiling to the extent that it is related to such direct marketing. To exercise the rights mentioned in this section, you must submit a request to the Administrator at the email address specified in section 2. You have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data violates applicable regulations.
Cookies
The Administrator declares that they use “cookies.” Cookies are information sent by a server and saved on your device (e.g., computer hard drive or phone memory). Data obtained using cookies does not allow for your identification but enables the Administrator to determine whether a given device visited the Service (which is not equivalent to information about who visited the Service) and what preferences the user had at that time (what interested them the most in the Service). The Administrator uses internal cookies for:
– Ensuring the proper functioning of the Service;
– Statistical purposes;
– Adapting the Service to your preferences.
The Administrator may place both permanent and temporary cookies on your device. Temporary cookies are usually deleted when the browser is closed, while permanent cookies are not deleted when the browser is closed. Temporary cookies serve to identify the User as logged in. Permanent cookies ensure certain functions not only during a given session but also throughout the entire storage period on the device. Permanent cookies are used, for example, to collect information on how the Service is used, including data on visited subpages and any errors, or to check the effectiveness of the Service’s advertisements. The Administrator uses tools for online marketing and advertising. These tools may use cookies placed on your device. You can delete cookies left by the Service from your device at any time following the instructions provided by your browser manufacturer. It is also possible to block cookies from accessing your device by appropriately configuring your browser; however, in that case, the Service may not function properly. The Administrator uses a server that automatically records in server logs, for analysis of the system’s operation, information about the device you use to connect to the Service, i.e., the type of device and browser you use, your computer’s IP address, date and time of entry, a textual description of the event, and event classification. Access to log files is restricted to persons authorized to administer the IT system. Log files may be used to compile statistics on traffic in the application and the occurrence of errors that prevent identification.
Final Provisions
In the future, it may be necessary to update the principles set out in this Privacy Policy. The Administrator will inform you of any changes to the content of this Policy. Updated principles will be available on the Service’s website.