1. GENERAL PROVISIONS
1.2. Nature Science sp. z o.o. with registered seat at Olsztyn, ul. Armii Krajowej 3/160, NIP: 7393909106, REGON: 36926125200000, e-mail: firstname.lastname@example.org is the controller of personal data collected via website and is hereinafter referred to as “Controller”.
1.3. Customers’ personal data is processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”).
1.4. The Controller shall make every effort to protect the interest of persons who are data subjects, in particular, the Controller shall make sure that the data collected by the Controller is processed in accordance with valid provisions of law; it is collected for particular, lawful purposes and is not processed any further for any other purposes; it is substantively correct and adequate to the purposes for which it is processed and archived in a form allowing identification of the data subjects, for the time not longer than necessary for achieving the purpose for which the data is processed.
2. PURPOSE AND RANGE OF COLLECTING DATA; DATA RECIPIENTS
2.1. Personal data included in the Contact Form shall be processed for the purpose of communication with the Controller, i.e. sending replies to questions and commercial information regarding an offer and available products / services to an e-mail address and in order to process the data in Cookie files while users visit the website.
2.2. Personal data collected on the basis of consent for the purpose of communication shall be processed until the Customer withdraws their consent for their personal data to be processed or they object to processing of their data. The Customer’s personal data shall be processed throughout the whole term of the Agreement until the website account is deleted. The time the data is archived may be prolonged by the period of claim expiry every time the personal data processing is necessary to pursue possible claims or defend against such claims by the Controller.
2.3. Personal data processing includes the following data: name, surname, e-mail address and telephone number.
2.4. Giving data included in the order form and contact form is voluntary but necessary to execute the Agreement and make contact. In case the Customer does not agree to give their data, there will be no possibility to reply to their questions.
2.5. Handing over Customers’ personal data to third parties may take place only if it is in line with the purpose for which the data is collected by the Controller.
2.6. Personal data is not handed over to any third countries.
3. BASIS OF DATA PROCESSING
3.1. Giving personal data by the Customer is voluntary, however, refusal to give the data required in the online contact form, which is necessary for communication with Nature Science sp. z o.o., shall result in lack of possibility to contact the Customer and reply to their questions.
3.2. Processing the data for the purpose of communication shall be done upon prior consent of the Customer, which is also the basis for such processing (art.6, point 1a of GDPR); the consent is also necessary for the Controller to comply with the Controller’s legal obligations, in particular, those pursuant to the Accounting Act and Tax Acts (art.6, point 1c of GDPR).
4. RIGHT OF CONTROL, ACCESS TO CONTENT REGARDING DATA AND MODIFICATION OF DATA
4.1. The Customer shall have the right to access the content of their personal data and to withdraw the consent at any moment. Withdrawal of the consent shall not affect anyhow the legality of processing, which was done on the basis of the consent before its withdrawal.
4.2. In case of Customer’s consent to process their data for the purpose of direct marketing of Controller’s own products or services, the consent may be withdrawn anytime.
4.3. Each person who is data subject shall reserve the right to control processing of the data included in the Collector’s archives, in particular, the right to: request to complement the data, update the data, correct the data, limit processing the data if the data is incomplete, invalid, false or it has been collected with violation of the provisions of law.
4.4. Each person who is data subject shall reserve the right to transfer the data to another Controller who manages the archives and processes it in an automated manner (without records in a paper form).
4.5. Each person who is data subject shall reserve the right to delete their data if it is no longer necessary for the purposes for which it was collected or if the person who is data subject has withdrawn their consent for their data to be processed for the marketing purpose of the Controller and there is no other reason to process the data, or in case the personal data was processed illegally.
4.6. Each person who is data subject shall reserve the right to raise objection to processing of their data, which should be justified by the Customer’s particular situation. The objection does not have to include the justification if the processing is done exclusively for the purpose of marketing of Controller’s own products or services.
4.7. In order to exercise the rights stipulated hereinabove, the Customer shall contact the Controller by sending a written notice or email to the Controller’s address given in General Provisions hereof.
4.8. The Controller appointed a Data Protection Officer, Ms. Katarzyna Muzyka, who the Customer can contact in order to exercise their rights stipulated hereinabove via email: email@example.com or phone: +48 539 995 459.
4.9. Each person who thinks that processing of their personal data violates provisions of GDPR shall have the right to file a complaint to the President of Personal Data Protection Office in Warsaw.
5. COOKIES AND OPERATIONAL DATA
5.1. A Cookie File is a small piece of information in the form of a text file, sent by a server and stored in a device of a person visiting a website (e.g. on hardware of their computer, laptop or a memory card of their smartphone, depending on the type of device they use to visit our website).
5.2. The Controller may process data included in Cookie Files while visitors use the website for the following purpose:
5.2.1. Conducting anonymous statistics to analyse the way the visitors use the website.
5.3. As a standard, most browsers available on the market are set to accept Cookie Files by default. Each person has the possibility to stipulate terms of using Cookies on the basis of setups of their own browser, i.e. the option to archive Cookie Files may be partially (e.g. for a certain period of time) or entirely blocked.
5.5. Detailed information regarding changes in Cookie File setups and the ways to delete Cookies in most popular internet browsers are available in browser helpdesk and on the following websites (just click a given link):
6. FINAL PROVISIONS
2. Data Controller guarantees high level of safety of personal data processing in the IT system.
3. The Controller applies technical and organisational means guaranteeing protection of the processed personal data which is relevant to threats and the category of the protected data, in particular, the Controller secures the data against making it available to third parties, taking it by an unauthorised person, processing the data in a way that infringes valid provisions of law, any change, loss, defect or damage.