Privacy, cookies and personal data

Find out how we care about your privacy

The privacy policy

This Privacy and Cookies Policy defines the rules of processing
personal data obtained through
the website (hereinafter referred to as: “The website”).

Personal data of the Website Users is collected automatically,
processed in compliance with the requirements of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR). Users have rights granted to them in individual provisions of the GDPR.

§ 1

Data Controller

The owner of the Website and, at the same time, the Data Controller
is Fabryka Cukierków „Pszczółka” Sp. z o.o. KRS 0000370450, TIN 9462616622

§ 2

Type of data processed, purposes

and legal grounds

  1. Users’ personal data is collected for the purposes of the contact form
    via the Website.

  2. Your data is processed on the basis of Article 6, section 1 letter b GDPR – i.e.
    implementation of the services provided via the Website.

  3. When filling out the contact form mentioned in section 1,
    the User must obligatorily provide: full name, e-mail address, message content and confirmation of acceptance of the Website’s privacy policy.

§ 3

Data sharing and entrusting

  1. The User’s personal data, which is used by the Controller when running the Website, is transferred to the service providers. Suppliers of
    services to whom personal data is transferred are subject to Controller’s instructions as to the purposes and methods of processing this data (processing entities).

  2. Processors include Industi Sp. z o. o. seated in
    Lublin, ul. Narutowicza 77/3, 20-019 Lublin in order to use the Website hosting services.

  3. In the event of a request, the Controller provides personal data
    to authorized state authorities, in particular common courts,
    the prosecutor’s office, the police, the President of the Personal Data Protection Office or the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communication.

§ 4

Rights of the User

  1. The right to delete data, the so-called “right to be forgotten” (Article 17 of the GDPR).

The User has the right to request the deletion of all or some personal data if:

  1. personal data is no longer necessary for the purposes for which they were collected or processed;

  2. the personal data is unlawfully processed;

  3. personal data must be removed in order to comply with a legal obligation provided for in the law of the European Union or the law of a Member State, which the Controller is subject to;

  4. the personal data has been collected in relation to the offering of information society services.

Despite the request to delete personal data, in connection with the objection,
the Controller may keep certain personal data to the extent to which processing is necessary to establish, pursue or defend claims, as well as to comply with a legal obligation that requires processing under the EU law or the law of the Member State, which the Controller is subject to. This applies in particular to personal data including: first name, last name, e-mail address, the data which is stored for
complaints and claims processing purposes related to the use of the Controller’s services.

  1. The right to limit data processing (Article 18 of the GDPR).

Submitting a request, pending its consideration, prevents the use of certain functionalities or services, the use of which will involve the processing of data covered by the request.

The user has the right to request the restriction of the use of personal data in the following cases:

    1. when they question the correctness of their personal data – then
      the Controller restricts their use for the time needed to
      check the correctness of data, but not longer than 7 days;

    2. when data processing is unlawful, and instead of deletion
      of the data, the User will request the restriction of their use;

    3. when personal data is no longer necessary for the purposes for which they were collected or used but they are needed by the User for the purpose of establishing, pursuing or defending claims;

    4. when they objected to the use of their data – then
      the restriction occurs for the time needed to consider whether – due to the special situation – protection of interests, rights and freedom of the User outweighs the interests pursued by the Controller processing the User’s personal data.

  1. The right to access the data (Article 15 of the GDPR).

The User has the right to obtain confirmation from the Controller as to whether they are processing personal data, and if this is the case, the User has the right to:

  1. access their personal data;

  2. obtain information about the purposes of processing, categories of the personal data being processed, about the recipients or categories of recipients of this data, planned period of storage of the User’s data or about the criteria determining this period (when determining the planned period of processing
    data is not possible), about the rights of the User under
    GDPR and the right to lodge a complaint with the supervisory authority, about the source of that
    data, about automated decision making, including profiling, and
    about the security measures used in connection with the transfer of this data, except for
    The European Union;

  3. acquire a copy of their personal data.

  1. The right to rectify the data (Article 16 of the GDPR).

    The User has the right to request the Controller to immediately
    rectify incorrect personal data concerning them. Taking into account the purposes of processing, the User has
    the right to request the completion of incomplete personal data, including by
    submitting an additional statement by sending a request to the email address in accordance with § 8 of the Privacy Policy.

  1. In the event of the User withdrawing from the right resulting from
    the above rights, the Controller fulfils the request or refuses to fulfil it immediately, but no later than one month after its
    receipt. However, if – due to the complexity of the request or
    number of requests – the Controller will not be able to fulfil the request within a
    month, they will fulfil them within the next two months by informing
    the User within one month from receiving the request – about
    the intended extension of the deadline and its reasons.

  2. The User may submit complaints, inquiries and requests to the Controller
    regarding the processing of their personal data and implementation of
    their rights.

  3. The User has the right to request the Controller to provide a copy of
    standard contractual clauses, directing the inquiry in the manner indicated in § 6 of the
    Privacy Policy.

  4. The user has the right to lodge a complaint with the President of the Office of
    Personal Data Protection, in the scope of violation of their rights to protection of
    personal data or other rights granted under the GDPR.

Cookies Policy

§ 5

Cookies mechanism

  1. The website uses cookies. They are saved on
    the end device of the person visiting the Website, if
    the web browser allows it. The cookies usually contain a name of
    the domain it comes from, its “expiry time” and individual,
    randomly selected number identifying this file.

  2. The information collected using this type of file is for the purpose of:

  1. adjusting the content of the Website to the User’s preferences
    and optimizing the use of the Website; in particular these files
    allow to recognise the User’s device and properly display the webpage, tailored to their individual needs,

  2. to maintain User’s session,

  3. statics, in particular allowing the Controller to analyse
    the manner in which users use the Website.

  1. When using the
    Website additional information may be downloaded, in particular:

  1. an IP address assigned to the User’s computer or an external IP address
    Internet providers, domain name, browser type, access time, type of the operating system.
  2. section permissions: location, contacts and phone.
  3. It uses analytical type of cookies. In the case of this kind of
    cookies the Website uses Google’s solutions and tools, i.e. Google Analytics. More information on the Google Analytics code and cookies can be found in the Google Analytics Policy
    regarding security and privacy

§ 6

Final provisions

  1. Questions and doubts regarding this Privacy Policy and Cookies, as well as
    Website Users
    can be reported to the Controller electronically
  2. In the event of a change in the current Privacy and Cookies Policy, appropriate modifications to the above rules will be made available on the Website.