1. General information
This policy applies to the website, functioning at the url: https://apinstruments.pl.
The Operator of the service and the Administrator of personal data is: A.P. Instruments Sp. z o. o. Sp. k. Buszycka 18B, 02-869 Warsaw
Operator’s e-mail contact address: email@example.com.
The Operator is the Administrator of your personal data in relation to the data provided voluntarily in the Service.
The Service uses personal data for the following purposes:
Keeping a newsletter
The service performs the functions of obtaining information about users and their behaviour in the following way:
By means of data voluntarily entered in the forms, which are entered into the Operator’s systems.
By storing cookies (so-called “cookies”) in the terminal equipment.
2. Selected data protection methods used by the Operator
The places for logging in and entering personal data are protected in the transmission layer (SSL certificate). This ensures that the personal and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
Personal data stored in the database is encrypted in such a way that only the operator who has the key can read it. Thanks to this, the data is protected in case the database is stolen from the server.
The Operator periodically changes his administrative password.
In order to protect the data, the Operator regularly makes security copies.
An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.
The service is hosted (technically maintained) on the operator’s server: linuxpl.com
Registration data of the hosting company: H88 S.A. with the seat in Poznań, Franklina Roosevelta 22, 60-829 Poznań, entered into the National Court Register by the District Court Poznań – Nowe Miasto and Wilda in Poznań, VIII Commercial Department of the National Court Register under the number KRS 0000612359, REGON 364261632, NIP 7822622168, share capital 210,000.00 PLN fully paid in.
applies data loss protection measures (e.g. disk arrays, regular security copies),
applies adequate measures to protect processing sites in case of fire (e.g. special extinguishing systems),
applies adequate measures to protect processing systems in the event of a sudden power failure (e.g. dual power lines, generators, UPS backup systems),
applies measures to physically protect access to data processing sites (e.g. access control, monitoring),
applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g. environmental conditions control, specialized air conditioning systems),
applies organisational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.),
has appointed a Data Protection Officer.
In order to ensure technical reliability, the hosting company maintains logs at the server level. The logs may be subject to registration:
resources defined by a URL identifier (addresses of requested resources – pages, files),
time of the inquiry,
time of sending the answer,
client station name – identification implemented by the HTTP protocol,
information about errors that occurred during the execution of HTTP transactions,
the URL of the page previously visited by the user (referer link) – in the case when the access to the Service was made via a link,
information about your browser,
information about the IP address,
Diagnostic information related to the process of self-ordering of services through recorders on the website,
information related to the handling of electronic mail addressed to and sent by the Operator.
4. your rights and additional information about the use of the data
In some situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the Administrator’s obligations. This applies to such groups of recipients:
authorized employees and associates who use the data in order to achieve the purpose of the website
Your personal data is processed by the Administrator no longer than it is necessary to perform the related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
You have the right to request from the Administrator:
access to personal data concerning you,
and data transfer.
You have the right to object to the processing indicated in point 3.3 c) to the processing of personal data in order to exercise legitimate interests pursued by the Administrator, including profiling, but the right of objection will not be exercised if there are valid legitimate grounds for processing, interests, rights and freedoms overriding your interests, in particular to establish, pursue or defend claims.
The Administrator’s actions may be complained about to the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw.
Providing personal data is voluntary, but necessary to operate the Service.
In relation to you, activities consisting in automated decision making, including profiling, may be undertaken in order to provide services under the concluded agreement and in order for the Administrator to conduct direct marketing.
Personal data is not transferred from third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.
5. information in the forms
The Service collects information voluntarily provided by the user, including personal data, if any.
The service may save information about connection parameters (time stamp, IP address).
The service, in some cases, may save information to facilitate linking the data in the form with the e-mail address of the user filling in the form. In this case, the user’s e-mail address appears inside the url of the page containing the form.
The data provided in the form are processed for the purpose resulting from the function of a particular form, e.g. to handle the service request or business contact, register services, etc. Each time, the context and description of the form clearly indicate what it is used for.
6 Administrator’s logs
Information about user behavior on the site may be subject to login. This data is used to administer the service.
7 Important marketing technics
8 Information about cookies
The entity that places cookies on the User’s terminal equipment and access to them is the Operator of the Service.
Cookies are used for the following purposes:
maintaining the Service User’s session (after logging in), thanks to which the user does not have to re-enter his login and password on each subpage of the Service;
to achieve the objectives specified above in the section “Important marketing techniques”;
The Service uses two basic types of cookies: “session” cookies (session cookies) and “permanent” (persistent cookies). Session” cookies are temporary files that are stored in the User’s terminal device until the User logs out, leaves the website or turns off the software (web browser). “Persistent” cookies are stored in the User’s terminal equipment for the time specified in the parameters of the cookies or until the User removes them.
Software for web browsing (web browser) usually by default allows the storage of cookies in the User’s terminal equipment. Users of the Service can change the settings in this area. The Internet browser allows to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser.
Cookie files placed in the final device of the Website User may also be used by entities cooperating with the Website operator, in particular companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
9. management of cookies – how to give and withdraw consent in practice?
If you do not want to receive cookies, you can change your browser settings. We reserve that disabling the handling of cookies necessary for authentication processes, security, maintenance of user preferences may make it difficult, and in extreme cases may prevent the use of websites
To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:
The legal basis is Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016 (COD).
It also meets the information obligation of the controller in accordance with Article 13 of Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016 (COO).
Protection of customers’ personal data
When you send us application forms, inquiries, or when you contact us by phone or e-mail, you entrust us with your personal data in the form of a phone, e-mail address, first and last name.
The administrator of personal data is A. P. Instruments Sp. z o. o. Sp. k., 18B Buszycka Street, 02-869 Warsaw.
In this document you will find information about what personal data are processed, in particular:
data about our customers and users of our website,
whether we process personal data on the basis of your consent or any other legal basis,
for what purpose personal data are processed,
to whom we can pass them on,
what rights you have in connection with the processing of your personal data.
What personal data do we process?
When using our services we collect various types of data, including your username and password, your contacts and other settings. We keep track of which products from our website you are viewing and what kind of devices you are using, as well as which of our offers sent to you by e-mail are of interest to you, and from this we obtain further data about you. This allows us to present you with offers tailored to your needs and to improve our website in the future. If you make a purchase from us or make an inquiry, order a product or service, then both your name and surname and the data you set up in your account will be processed.
We process the following personal data:
Identification data, which means in particular first and last name, company name, REGON and NIP in case of persons conducting business activity;
Contact details, which means personal details enabling us to contact you, especially your e-mail address, telephone number, delivery address, invoice address and your contact to social networks;
Data about your orders, which is understood to mean, in particular, data about: goods and services ordered by you, method of delivery and payment, including bank account number and complaints submitted;
Data about your activity on the website, the way you navigate our website and screen tracking, as well as data about the device through which you visit our website, IP address and the resulting location, device identification, its technical parameters such as: operating system and its version, screen resolution, the browser used and its version, and data obtained from cookies and other technologies used to identify the device.
If you are the recipient of goods or services that you have ordered from us, we process your identification and contact details:
On the basis of our legitimate interest in the preparation, conclusion and performance of the contract with our customer. The performance of this contract is also in our legitimate interest;
Based on our legitimate interest in obtaining information to improve our services, or information to produce our internal statistics and reports; in this case, it is our legitimate interest to improve our services to our clients;
in order to satisfy our statutory obligations, in particular in accordance with the Law of March 11, 2004 on Goods and Services Tax and the Law of March 29, 2004 on the Tax on Goods and Services Tax and the Law of March 29, 2004 on the Tax on Goods and Services Tax.
To protect legal claims and our internal records and controls; in this case, it is our legitimate interest to protect legal claims and control the smooth running of our services.
For the preparation, conclusion and performance of the contract with our customer we process personal data for the time necessary to process the order. After the expiry of this period, we continue to store personal data on the basis of our legitimate interests to protect legal claims and our internal records and controls for the duration of the limitation period of 3 years and one year after the end of the limitation period due to claims applied at the end of the limitation period. If judicial, administrative or other proceedings are commenced, we process your personal data to the extent necessary for the entire duration of such proceedings and the remainder of the statute of limitations after the end of the statute of limitations. In this case, it is in our legitimate interests to protect legal claims and to control the smooth running of our services. In order to meet our statutory obligations, we process your personal data for a maximum of 10 years from your specific order.
You have the right to object to such processing based on our legitimate interest.
Who processes your data and to whom do we pass it on?
In most cases, we process your data for our own purposes as the data controller. In this case, we pass on your data to our partners for payment processing, transport and other aspects of your order. We also pass on your data to our contractors, who process the data on our request. With your consent, we may also provide your data to advertising and social networks for the purpose of displaying personalized advertising on other websites.
All the mentioned personal data are processed by us as the administrator. This means that we define in advance the purposes for which we collect your personal data, specify the means of processing and are responsible for its proper execution.
We may also transfer your personal data to other entities that act as the administrator:
in connection with the transfer of your order to our partners who are involved in its execution, in particular: partners operating payment systems for the provision of payments, advertising and social networks, in particular:
Mostly, we obtain personal information directly from you, through our website, or during communication with you. We may also receive some data from our partners, such as banks or transport companies.
In most cases, we process the personal data you provide to us when ordering goods or services or when communicating with us, for example through a call centre. We also collect personal data directly from you by tracking your activity on our website and when reading messages, notes from phone calls.
Your rights when processing personal data
You have a number of rights related to your personal data: rights of access, rectification, deletion, restriction of processing, transfer, objection and complaints.
Your rights are:
Right of access to data
You have the right to know which of your data we process, for what purpose, for how long, from where we obtain your personal data, to whom we transfer it, who is processing it in addition to us, and what other rights you have in relation to the processing of your personal data. You can find out all this in the document “Protection of your personal data”. However, if you are not sure which of your personal data we are processing, you can ask us to confirm whether your personal data is being processed on our part. If so, you have the right to access such personal data. As part of your right of access, you may request a copy of the personal data being processed.
Right to rectify personal data
If you notice that your personal data is incorrect or incomplete, you have the right to correct or complete it immediately.
Right to delete data (the so-called “right to be forgotten”)
In some cases you have the right to delete your personal data. Your personal data will be deleted if any of the following conditions are met:
Your personal data is no longer needed for the purposes for which it was processed by us;
you withdraw your consent to the processing of your personal data, which is data for the processing of which your consent is required, and at the same time we have no other reason why such data can be processed further;
you will exercise your right to object to the processing (see below under “Right to Object to the Processing”) of the Personal Data that we process on the basis of our legitimate interests and we will conclude that we no longer have any legitimate interest in processing such data or:
We conclude that the processing of Personal Data no longer complies with generally applicable law.
Do not forget, however, that even if this is one of the above reasons, it does not mean the immediate deletion of all your personal data. This law does not apply if the processing of your personal data is still necessary to fulfil our legal responsibility or to determine, execute or defend our legal claims.
Right to restrict data processing
In some cases, you may need to restrict the processing of personal data. This law allows you to mark your personal data so that it is not processed in any other way than that to which you consent. You can limit the processing of your personal data in case:
you deny the accuracy of your personal data until you have agreed jointly which data is correct;
We process your personal data without an appropriate legal basis (e.g. beyond what we need to process), while you choose to restrict your data before deleting it (e.g. if you expect to provide us with such information in the future);
We no longer need your personal information for the aforementioned purposes, but you require it to determine, execute or defend a legal claim, or:
you object to the processing. The right of objection is described in detail below under “Right to Object to Processing”. For as long as we verify the legitimacy of your objection, we are obliged to limit the processing of your personal data.
Right to data transfer
You have the right to recover from us all your personal data that you have submitted to us and that are processed on the basis of your consent and the performance of the contract. We will provide your personal data in a structured, standardized and machine-readable format. In order to transfer your data efficiently at your request, we will only transfer data that we process automatically in our electronic databases.
Right to object to the processing of personal data
You have the right to object to the processing of personal data that has been processed on the basis of our legitimate interest. If this includes marketing activities, we will stop processing your personal data; otherwise, we will do so unless we have serious reasons to continue such processing.
Right to complain
Enforcement by the above mentioned means does not affect your right to lodge a complaint with the relevant supervisory authority. You may apply this right, especially if you believe that we are processing your personal data in an unjustified manner or in violation of generally applicable law. Complaints about our processing of your personal data can be submitted to the Office of the Inspector General for Personal Data Protection (in the future the President of the Office for Personal Data Protection), which has its seat at the address:
Office of the Inspector General for the Protection of Personal Data
Stawki 2, 00-193 Warsaw
The administrator ensures that he protects any information disclosed in accordance with applicable regulations and security standards, in particular:
It applies security measures aimed at protecting personal data against: loss, misuse and modification. It also has appropriate documentation and has implemented appropriate procedures related to personal data protection in the company.
In accordance with Article 29 of the TYPE, only authorized employees, the Administrator’s associates and authorized persons dealing with the website who have been granted appropriate powers of attorney have direct access to the personal data collected by the Administrator.