Dinx gadżety - gadżety reklamowe

Privacy Policy and Use of Cookies by Dinx Group Sp. z o.o.

Personal Data Administrator:

The administrator of personal data is Dinx Group Sp. z o.o. located at Senatorska 6 Street, 93-192, Łódź, registered in the National Court Register under the KRS number 0000457715, NIP: 7252066835, REGON: 101585614.

Purpose and Legal Basis for Data Processing

The purpose of data processing is to conclude and execute an agreement of which you are a party. We process your data because it is necessary to perform the agreement concluded between us, including for the following purposes:

handling orders placed by you and processing complaints,

handling inquiries directed to us by you.

The legal basis for data processing in the above is Article 6(1)(b) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as GDPR), i.e. the necessity of performing the agreement.

We also process your data for:

• informing about our own products or services, changes in the scope and manner of their provision (in this case, the legal basis is Article 6(1)(f) GDPR, i.e. our legitimate interest),
• enforcing our rights and protecting against claims (the legal basis is Article 6(1)(f) GDPR, i.e. our legitimate interest),
• conducting settlements with customers (the legal basis is Article 6(1)(c) GDPR, i.e. fulfilling legal obligations),
• fulfilling obligations related to public order (the legal basis is Article 6(1)(c) GDPR, i.e. fulfilling legal obligations).

In the case of consenting to the processing of personal data, this consent will be the basis for data processing (Article 6(1)(a) GDPR), and the content of this consent will specify the purpose of data processing each time. Consent to the processing of personal data can be withdrawn at any time.

Contact Forms

The administrator provides the opportunity to contact them through the website using electronic contact forms. Using the contact form requires providing personal data necessary to respond to the inquiry contained in the form. The user may also provide other data to facilitate contact or handle the inquiry. Providing data marked as mandatory is required to accept and process the inquiry, and failure to provide them results in the inability to process it. Providing other data is voluntary. In such a case, the data are processed for the purpose of identifying the sender and handling their inquiry through the provided form – the legal basis for processing is the legitimate interest of the administrator (Article 6(1)(a) GDPR), consisting of conducting correspondence directed to them in connection with the conducted business.

Email and Traditional Correspondence

In the case of directing email or traditional correspondence to the administrator unrelated to an agreement concluded with the administrator, personal data contained in this correspondence are processed solely for the purpose of communication and settling the matter to which this correspondence relates. The legal basis for processing is the legitimate interest of the administrator (Article 6(1)(f) GDPR), consisting of conducting correspondence directed to them in connection with the conducted business. The administrator processes only personal data relevant to the matter to which the correspondence relates. The entire correspondence is stored in a manner ensuring the security of the personal data contained therein and disclosing it only to authorized persons.

Phone Contact

In the case of contacting the Administrator by phone regarding matters unrelated to a concluded agreement or provided services, we may request personal data only when necessary to handle the matter related to the contact. The legal basis for processing is the legitimate interest of the administrator (Article 6(1)(a) GDPR), consisting of the necessity to handle the reported matter related to the administrator’s business activities.

Social Media

The administrator processes data of individuals who have liked their social media profiles managed within popular social media platforms. The data are processed to enable the management and ongoing administration of our profiles, including communicating with the community and organizing events or contests according to the functionalities defined by individual social media platforms and their terms of service. Community members’ data may also be processed for statistical and analytical purposes and may be processed for the purpose of asserting claims and defending against claims. The legal basis for processing in this case is our legitimate interest (Article 6(1)(a) GDPR).

Marketing

The administrator may also process personal data to carry out marketing activities, which may involve sending email notifications about interesting offers or content, which in some cases may contain commercial information (sending commercial information electronically). If you have consented to receiving marketing information via electronic means, including email correspondence, your personal data will be processed for the purpose of sending such information. The legal basis for processing data is the legitimate interest of the administrator in sending marketing information within the limits of the consent provided by you (direct marketing, newsletter). The user has the right to object to the processing of data for direct marketing purposes. Data will be stored for this purpose for the duration of the administrator’s legitimate interest, unless the user objects to receiving marketing information.

Recruitment

In the course of recruitment processes, the Administrator expects the provision of personal data (e.g., in CVs or resumes) only to the extent defined by labor law regulations. Therefore, information should not be provided to a broader extent. In the event that submitted applications contain additional data of this kind, the Administrator will consider that the candidate consents to the processing of the provided data for recruitment purposes.

Personal data of candidates are processed for:

fulfilling obligations arising from labor law regulations related to the employment process, particularly the Labor Code – the legal basis for processing in this case is the legal obligation incumbent on the Administrator (Article 6(1)(c) GDPR),

conducting the recruitment process in terms of data not required by law, as well as for future recruitment processes for a maximum period of 24 months – the legal basis for processing in this case is consent (Article 6(1)(a) GDPR),

establishing or defending against potential claims – the legal basis for processing data in this case is the legitimate interest of the Administrator (Article 6(1)(f) GDPR).

Data Collection in Business Relationships

In connection with the conducted business activities, the Administrator also collects personal data in other cases – e.g., during business meetings, at industry events, or through the exchange of business cards – for purposes related to establishing and maintaining business contacts. The legal basis for processing in this case is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting of networking in connection with the conducted activities.

In the context of the Administrator’s cooperation with business partners, including business clients and service providers, the Administrator processes contact details of individuals designated as business contacts in relation to the Administrator, such as individuals responsible on the partner’s side for executing the agreement with the Administrator. The Administrator processes the contact details of such individuals for ongoing communication with business partners and maintaining contact with them. The legal basis for processing in this case is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting of communication with business partners.

Personal data collected in such cases are processed solely for the purpose for which they were collected, and the Administrator ensures their proper protection.

Processing of data in IT systems

Personal data is processed in an IT environment, which means that they may also be temporarily stored and processed to ensure the security and proper functioning of IT systems, e.g., in connection with making backup copies, testing changes in IT systems, detecting irregularities, or protecting against abuse and attacks.

Principles of personal data processing

By adhering to the principles of personal data processing, Dinx Group Sp. z o.o. ensures that data is:

• processed lawfully, fairly, and in a transparent manner to the data subject (“lawfulness, fairness, and transparency”),
• collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes (“purpose limitation”),
• adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”),
• accurate and, where necessary, kept up to date; Dinx Group takes all reasonable steps to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”),
• kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”),
• processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).

The processing of personal data is possible if one of the conditions specified in Article 6(1)(a)-(f) of the GDPR is met, namely when:

• the data subject has given consent to the processing of his or her personal data for one or more specific purposes,
• processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract,
• processing is necessary for compliance with a legal obligation to which the controller is subject,
• processing is necessary to protect the vital interests of the data subject or of another natural person,
• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller,
• processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

The Administrator guarantees respect for the rights of data subjects, in particular the right to obtain information about:

• the controller,
• the purpose, scope, and manner of processing personal data,
• the period for which and the personal data are processed,
• the source from which personal data originate,
• the manner of disclosing personal data and their recipients.

What personal data do we process?

In order to properly perform services, Dinx Group Sp. z o.o. may collect the following data:

• first and last name,
• email address,
• phone number,
• data enabling the issuance of a VAT invoice for purchased goods and services,
• data enabling the shipment of goods to the location indicated by the Customer,
• other data required by law.

Who do we share personal data with?

If necessary, we will share your personal data to perform our services. We will provide data to two groups:

• persons authorized by us, our employees and associates who need to access the data to perform their duties,
• data processors, to whom we will assign the execution of specific services, e.g., companies providing IT system support services or providing us with IT tools, postal and courier companies, payment operators, companies providing advisory and settlement services on our behalf.

If it is necessary to transfer your data to a processor, it will be done based on a data processing agreement that prevents any processing of data other than that done by the Administrator.

We assure you that your data will not be sold or otherwise transferred to other entities for commercial purposes unless the data subject gives consent to it. Your data will also not be transferred to third countries.

How long do we process personal data

Your personal data is stored for no longer than is necessary for the purposes for which they are processed.

Your personal data will be processed for the duration of the agreement, and after its termination, for the period of asserting claims (according to the Civil Code, the general limitation period for claims is 6 years, and for claims for periodic benefits and related to conducting business activity – 3 years, unless a specific provision provides otherwise, with the end of the limitation period falling on the last day of the calendar year, unless the limitation period is shorter than 2 years). Data related to settlements in accordance with tax regulations will be kept for up to 6 years after the completion of service provision. In the case of consent to the processing of data for marketing purposes, achieving the purpose of processing personal data is not a process that can be completed within a specific period; data is processed until consent is withdrawn or objection is raised by the data subject.

Your rights

All individuals whose personal data is processed by Dinx Group Sp. z o.o. have the following rights arising from the GDPR:

• the right to access personal data (information about data processed by Dinx Group Sp. z o.o., including the right to obtain copies of this data),
• the right to request rectification (correction) of personal data when the data is incorrect or incomplete,
• the right to request erasure of personal data (“right to be forgotten”) when the data is no longer necessary for the purposes for which it was collected or otherwise processed, the data subject has objected to the processing, the data subject has withdrawn the consent on which the processing is based and there is no other legal basis for the processing, the data is processed unlawfully, the data must be erased to comply with a legal obligation,
• the right to request restriction of processing of personal data when: the data subject disputes the accuracy of personal data, the processing of data is unlawful and the data subject opposes erasure, requesting instead restriction, the controller no longer needs the data for its purposes but the data subject needs it to establish, exercise or defend claims, the data subject has objected to the processing of data – until it is determined whether the legal grounds on the controller’s side override the objection basis,
• the right to data portability to another controller.

Right to object:

At any time, you may object – for reasons related to your particular situation – to the processing of personal data based on the legitimate interest of Dinx Group Sp. z o.o. or public interest (Art. 6 (1) (e), (f) of the GDPR). Dinx Group Sp. z o.o. will no longer process this personal data unless we demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or unless there are grounds for establishing, pursuing or defending claims.

If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data for such marketing, to the extent that the processing is related to direct marketing. After objecting, we will no longer process your data for such purposes.

Right to give and withdraw consent:

If the Customer has given consent to additional activities related to the processing of their data (e.g., to use electronic means of communication to send commercial information), the consent may be withdrawn at any time, while the processing performed based on the consent before its withdrawal remains lawful.

Complaint to the supervisory authority:

You have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office – regarding the processing of personal data by Dinx Group Sp. z o.o.

Is providing data mandatory

Providing personal data is a condition for concluding an agreement. If required by law, we may require the provision of data required by these provisions, e.g., VAT identification number. Refusal to provide data to the extent necessary for the conclusion or performance of the agreement and to the extent required by law will prevent its conclusion. In the case of collecting personal data based on consent, providing personal data is voluntary.

Do we transfer your data to countries outside the European Economic Area?

We do not transfer your personal data outside the European Economic Area.

Information about Cookies

For individuals using websites administered by Dinx Group Sp. z o.o., we process User data to take necessary actions related to concluding a service agreement, responding to inquiries, or fulfilling orders, and to conduct statistical analysis of User behavior within the portal.

Cookies are text files sent from servers of visited websites and stored by web browsers on personal computers and other devices. Their main task is to facilitate the use of websites: previous actions are remembered, clicking on a specific information block, filling in fields (suggestions) in contact forms, screen resolution, and adapting the appropriate Adobe Flash plug-in. Cookies used on Dinx Group services are safe and have no harmful effect on end devices. Only the data that a given website or application saves and has access to are stored in cookies.

By using Dinx Group Sp. z o.o. websites, you agree to the use of cookies in accordance with this Policy. In this case as well, you can withdraw your consent at any time by changing the settings in your browser; however, please note that the processing we have carried out before withdrawal remains lawful.

What cookies do we use

The cookies used by Dinx Group Sp. z o.o. can be divided into two main categories:

• Session cookies,
• Persistent cookies.
• Session cookies

These are essential cookies that enable easy navigation within the website and the use of its basic functions. They are used within one session and serve to:

• identify the user as logged in,
• ensure connectivity as logged in when using the website.

Persistent cookies

Persistent cookies provide specific functions not only within one session but throughout the entire time the file is stored on the device. These are files related to the service’s performance and its functionalities. Performance-related cookies collect information about how the website is used, including data about the subpages visited by the user and any errors encountered. Cookies related to this functionality facilitate the provision of services and remember settings aimed at facilitating users in using our services. Persistent cookies do not collect any information that could reveal the user’s identity: they are processed as anonymous data and serve solely to improve the operation of the website or application.

Managing cookies

Cookies used on Dinx Group websites can be managed through the settings of the internet browser.

In Internet Explorer: tools /internet options /privacy. Then, in the Settings area, move the slider to the highest position to block all cookies, or to the lowest position to allow all cookies, and then click OK.

In Firefox: tools /options /privacy. From the Firefox menu drop-down: select “Use custom settings for history,” uncheck the “Accept cookies” option to disable cookie support, or check it to re-enable it.

In Chrome: settings /content settings

In the “Cookies” section, you can change the following file settings:

• Deleting cookies
• Default blocking of cookies
• Blocking all cookies
• Blocking only third-party cookies
• Default allowing cookies

In Opera: “Opera” button /settings /preferences /advanced /cookies

You should select the appropriate option depending on your preferences:

• Accept cookies
• Accept cookies only from the site I visit
• Never accept cookies
• In Safari: Safari /preferences /privacy
• Then, check “Block all cookies.”

The changes made will not affect cookies already stored on the computer. These files can also be deleted through the browser settings. Internet users can freely manage the cookies used. However, it should be remembered that blocking “cookies” may result in limited or no access to services on websites.

Contact

To exercise your rights, you can contact us at tel. 723 989 006, email: rodo@dinxgroup.pl