PRIVACY AND COOKIES USAGE POLICY

Protecting the privacy of visitors to our website is our top priority. Therefore, we make every effort to secure the personal information of visitors to our website. This privacy policy clearly presents and explains the principles and scope of processing of all personal data. It also includes the procedure for the use of cookies. State-of-the-art technical and organizational measures are used to ensure a high level of protection for the processing of personal data.

The privacy policy is addressed to all persons using the website https://innpro.bg It is effective as of June 30, 2023.

DEFINITIONS:

1. Administrator – an entity that independently determines the purposes and methods of processing personal data. The administrator of personal data of persons is INNPRO Robert Błędowski Sp. z o.o., 65c Rudzka Street, 44-200 Rybnik.
2. Personal data – information about an identified or identifiable natural person,
3. Website: internet service available at: https://innpro.bg
4. RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC,
5. Viewer/User – visitors to our website,
6. Policy – this privacy policy, effective June 30, 2023.
7. Cookies – computer data, text files stored on users’ devices (e.g. on a laptop, computer, tablet or phone) sent by websites.

WHO IS THE PERSONAL DATA ADMINISTRATOR AND HOW CAN THEY BE CONTACTED?

The Administrator of the Personal Data of all users of the website, within the meaning of the Regulation of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (RODO) is INNPRO Robert Błędowski Sp. z o.o., which is the administrator of the website available at: https://innpro.bg

HOW TO CONTACT THE DATA ADMINISTRATOR?

In all matters concerning the processing of personal data within the framework of the use of the https://innpro.bg/ website, you can contact the administrator via e-mail address: dane.osobowe@innpro.pl or by correspondence to the indicated address: INNPRO, Rudzka 65c Street, 44-200 Rybnik

HOW DO WE OBTAIN YOUR PERSONAL DATA AND WHAT TYPE OF YOUR DATA DO WE PROCESS?

We obtained your personal data from you when you entered the site, filled out the contact form, in connection with inquiries you made, or subscribed to the newsletter. In addition, we obtain data from you as part of an account registration form on the site. The administrator processes your following personal data:

1. a) name/company name, email address, phone number, information contained in the body of the message via our website and via email address for the purpose of filling out a contact form and contacting us,
2. b) name, email address in order to set up a subscription to our newsletter,
3. c) company name, TIN, first and last name, address, e-mail, phone number and login for account registration,
4. d) in connection with the use of cookies: IP address, domain name, browser type, operating system type, and data about the User’s navigation path and the time he/she stayed on certain subpages,
5. e) data necessary for placing an order and issuing an invoice or bill: name, surname, company name, address, nip, telephone number, e-mail address when placing an order,

FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?

Your Personal Data is processed for purposes:

– Communicating with you. We use your personal information to communicate with you in connection with the services we provide through various channels, such as by email or through a contact form

– Sales and delivery of products, services and full use of https://innpro.bg/. We use your personal data to accept and fulfill marketing orders.
– Your data is processed for direct marketing activities, as well as for sending newsletters with information about offers or content that constitute commercial information sent electronically.
– Ensuring security of services. We use your personal information to ensure the security of the services we provide electronically,
– Preventing fraud. We use your personal information to prevent and detect fraud and abuse in order to protect the security of users,
– Complying with legal obligations. We collect and use your data to comply with the law,
– Handling complaints and inquiries. We use your personal information to handle complaints you make or in connection with our site, and to respond to inquiries you direct,
– Recommendations and personalization. We process your personal data to recommend products and services that may be of interest to you.

ON WHAT BASIS DO WE PROCESS YOUR DATA?

In accordance with the Regulation of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, we process your data:

1. When the processing is necessary to fulfill a legal obligation (Article 6(1)(c) RODO). The Administrator processes your personal data on the basis of, among other things:

• consumer regulations, 
• tax law, 
• civil law,
• telecommunications law regulations, 
• regulations on provision of electronic services

1. When the processing is necessary for the purposes of the legitimate interests pursued by the administrator (Article 6(1)(f) RODO),
2. When the processing is based on your consent (Article 6(1)(a) RODO). Your consent to the processing of your personal data is voluntary. You have the right to withdraw your consent at any time. The withdrawal of consent also does not affect the compatibility with the processing carried out on the basis of consent before its withdrawal.

DO WE SHARE YOUR PERSONAL DATA?

Your personal information is shared with the administrator’s subsidiaries. They observe an equally high standard of care for the security of your personal information. Sharing is done for specific purposes and in the manner described below:

• We share your personal data with public authorities and entities performing public tasks or acting on behalf of public authorities, only to the extent and for the purposes that result from the provisions of generally applicable law, 
• We share your personal data with entities cooperating with the administrator, who process personal data on the basis of relevant agreements,
• We share your personal data with entities performing the administrator’s tasks, among others, a software provider,
• We share statistical information about our users with third parties; third parties are not able to identify any specific user based on this information.

DO WE TRANSFER YOUR DATA TO COUNTRIES OUTSIDE THE EEA?

For the most part, the entities that process and collect personal data on our website are from Poland and countries in the European Economic Area (EEA). Outside the EEA, only the cooperating entity for the provision of statistical services of our website, which uses the Google Analytics tool – Google Inc. is based in the USA. In accordance with the guidelines of the European Commission, we have made an individual assessment of the degree of data protection provided in the cross-border transfer of data to Google. In our assessment, the Privacy Policy provided by Google contains all necessary contractual clauses so that an adequate degree of protection of this data can be ensured. By using our service, you consent to the transfer of your statistical data to Google Inc. which has its servers and headquarters in the USA. If you do not consent to the transfer of your data you should stop using our service.

HOW LONG DO WE PROCESS YOUR PERSONAL DATA?

We will retain the data for the period of time necessary for the above purposes; no less than the period specified in the archiving regulations or other laws. We will also retain electronic documents containing personal data if:

1. the data may be relevant to any pending or future legal proceedings, 
2. will be required by law, 
3. we deem that the data may be relevant in the course of establishing, enforcing or defending our rights,

WHAT RIGHTS DO YOU HAVE AGAINST THE PROCESSING OF YOUR PERSONAL DATA?

The processing of your personal data involves respecting your rights regarding the protection of your privacy.

How to exercise your rights: In order to ensure the exercise of your rights, you can contact the Administrator of the service by sending an email to: dane.osobowe@innpro.pl. By contacting the designated person, you can receive a copy of your data, or obtain other information about its processing. Concerned about the security of your personal data, we have applied internal procedures that will easily allow us to fulfill your rights.

If you wish to exercise any of the rights described below contact the Administrator at dane.osobowe@innpro.pl

• Right of access to your personal data. Exercising this right allows us to let you know whether we are processing personal data related to you, and if so, you are then entitled to receive a copy of your personal data. In addition, it will also allow you to verify that we are processing your data lawfully.

• Right to rectify your personal information. If you notice that your data is incomplete, untrue or outdated you have the opportunity to request the correction of the indicated information. Remember that in fulfilling your request we are obliged to verify the correctness of the new personal data provided to us related to you.
• Right to restrict the processing of your personal data. Please note that when you raise an objection to further processing, we must verify that we still have an overriding and legitimate basis to continue processing your personal data. Exercising this right allows you to request restriction of further processing of your personal data in the following cases:

• When you question the accuracy of your personal data,
• When you find that our processing does not comply with applicable laws,
• When you need your data to establish, assert or defend claims.

• The right to delete your personal data. We are required to delete your personal information immediately:

• When your data is no longer necessary for the purposes for which it was collected or otherwise processed, 
• When you have exercised your right to object to the processing, 
• When you have withdrawn the consent on the basis of which we processed your personal data, 
• When we have processed your data unlawfully or we are obliged to delete your personal data in order to comply with an obligation imposed by applicable law.

Remember that we are not always obliged to delete your data, especially when processing is necessary to fulfill a legal obligation.

• Right to object to the processing of your personal data is appropriate when you consider that the processing affects your rights or freedom. You can justify your right to object on the basis of your particular situation from which it follows that the processing of your personal data violates your rights or freedom. In some specific situations, we can demonstrate that we have a legitimate basis for processing your personal data that overrides your rights and freedoms. Mainly in the case of ensuring website security and preventing fraud. In the cases indicated, this right is not combined with the right to erasure.

• Right to portability of your personal data. If you wish to receive personally or provide to a third party you designate, your personal data in a common machine-readable format, you may exercise the right to transfer your data.

• Right to file a complaint. Remember also that you have the right to file a complaint regarding our processing of your personal data to the supervisory authority, which is the President of the Office for Personal Data Protection (address: President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw). Although you have the right to complain, we would be very grateful if, before filing a complaint, you would give us a chance to address your case and concerns about our processing of your personal data. For this reason, we strongly urge you to contact the Data Administrator.

We endeavor to respond to all legally legitimate requests as quickly as possible. If your request is particularly complex or you have submitted several requests, it may take us longer than is standard to recognize them. In this case, we will inform you of the extension of the deadline and provide you with up-to-date information regarding the processing of your request.

HOW SAFE IS MY INFORMATION?

• We strive for the highest possible level of security for website users, so we are constantly working to secure and protect your personal information during transmission with specialized encryption protocols and dedicated software.

• On an ongoing basis, we organize, maintain and update physical, electronic and procedural data security measures related to the acquisition, storage and disclosure of our users’ personal information. The safeguards implemented give you the highest level of feeling of security for your personal information,

• We store all the information about you that we process on properly encrypted and secured servers. The administrator regularly evaluates the degree of security within its network and ensures that it monitors the internal regulations and procedures used to protect your data from all possible negative consequences.

• Remember that even the highest security standards implemented, based on the most modern technologies used, do not provide complete security of your personal data when the information is shared via the Internet or publicly accessible networks. Thus, there is a risk that your personal information may be accessed by unauthorized third parties.

THE USE OF COOKIES

What are cookies? They are nothing more than any IT data, especially text files that users store on their terminal devices sent by various websites. Cookies allow you to recognize your device and appropriately display a website tailored to your individual preferences. Cookies usually contain: the name of the website from which they come,

For what purpose do we use cookies? We use Cookies and other technologies (collectively referred to as „Cookies“) to perform recognition of your browser or device to learn more about your interests and to provide necessary functions. Specifically, we use Cookies for purposes such as:

• Preventing fraudulent activity,
• Improving security,
• Reporting (this will allow us to measure and analyze the performance of our services),

What cookies do we use? We use two main types of cookies on the website: „session“ so-called session cookies and „permanent“ so-called persistent cookies. Session Cookies are temporary files that are stored on your device until you turn off your web browser. Permanent cookies are stored on your device for a specific period of time in the parameters of cookies or until you delete them. The website uses the following types of Cookies:

• Necessary – enable the use of services available on the website, e.g. authentication cookies – used for services that require authentication on the website,
• Performance – allow you to collect any information about the method of using the website,
• Functional – they allow you to remember the configurations you have chosen and personalize your interface, e.g. with regard to the language or region you have chosen, the font size, the look of the website, etc,
• Used for security – they are used to detect authentication fraud within the website,

What security rules should he apply? Your device should have an antivirus program with an up-to-date virus definition database, an up-to-date and secure version of your web browser, and a „firewall“ enabled. It is also advisable to enable anti-phishing filters in your browser to check whether a website is authentic and not used for phishing. You should also be careful what attachments you open and what links you click on. Users should only use trusted wireless networks.

Do cookies contain personal data? Although cookies do not contain and do not constitute personal data, some information stored in cookies, such as preferences, may be treated as personal data. Personal data obtained through the use of cookies may be processed, only for the purpose of performing certain functions for the user as described above. Such data is encrypted in a way that prevents unauthorized access.

How do we ensure security? In order to keep the processing of your personal data secure, we use mechanisms for storing and reading Cookies that do not allow any sensitive information to be downloaded from your Device. Transfer of any viruses, Trojan horses and other worms from our servers to your Device is impossible.

Deleting cookies and changing preferences. The website’s authority to store and obtain Cookies is based on your consent. This consent is given when you configure your web browser or when you access the website. You have the ability to configure your settings at any time and in any way you wish, and to specify the conditions for storing Cookies. Standard web browsing software allows cookies to be placed on your terminal device by default. You can block the automatic handling of Cookies at any time yourself in your browser settings. Below are links to the websites of various browsers with detailed instructions on Cookies, including how to delete them:

• Google Chrome – https://support.google.com/chrome/answer/95647?hl=en
• Mozilla Firefox – https://support.mozilla.org/pl/kb/usuwanie-ciasteczek
• Opera – https://help.opera.com/pl/latest/web-preferences/#cookies
• Edge – https://support.microsoft.com/pl-pl/help/10607/microsoft-edge-view-delete-browser-history
• Safari – https://support.apple.com/pl-pl/guide/safari/sfri11471/mac
• Internet Explorer – http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11

If you disable all cookies in your browser, neither we nor third parties will transfer cookies to your browser. If you do this, you may need to manually adjust some preferences each time you visit the website, and some features and services may not work.

In order to exercise your right to object, which is granted by the RODO, it is necessary to log out of all devices and delete Cookies from them. The update process may take up to 48 hours.

COMMERCIAL INFORMATION – MARKETING & NEWSLETTER

We may use your contact data and information about your activities on the portal to promote our goods and services. The data processed and the regulations applied based on your consent are always regulated accordingly. We also provide you with the opportunity to withdraw your consent to the processing of your personal data for marketing purposes and the opportunity to object to the processing of your data for such purposes.

The rationale for marketing activities is primarily your consent and the Administrator’s legitimate interest in promoting services. Remember that your permission to the Administrator for marketing activities is fully voluntary. We will process your data for marketing purposes as long as you do not withdraw your consent to receive commercial information from the Administrator.

The services of innpro.eu may include third-party advertisements and links to their websites. Third-party advertising partners may collect information about you only when you interact with their content, advertisements and services.

PRIVACY POLICY CHANGE

The Privacy Policy may be changed or updated by us, in particular in the event that the need or obligation to make changes arises from a change in the law. Any material changes will be posted on this page, and we will additionally inform you about them through our website.

FINAL STATEMENTS

You will receive additional information about the processing of your personal data, including answers to questions about the entire scope of the Privacy Policy, by contacting the administrator.

This Policy reflects the requirements under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the „General Data Protection Regulation“) („GDPR“).

Personal Data Controller

The administrator of your personal data is Robert Błędowski, conducting business activity under the name Robert Błędowski Limited Liability Company based in Rybnik, registered in the Central Registration and Information on Business Activity at the address 44-200 Rybnik, ul. Rudzka 65c and identifying himself with the NIP number 6423040197, REGON 243139422, having an e-mail address: dane.osobowe@innpro.pl, tel. 533 234 303 („Administrator“).

Processing of personal data

Purpose and basis of data processing

The personal data you provide to us, i.e. your name, email address, your data posted on your blog, social media profile or web portal that you make available to us, data provided in your message sent to us, if any, data obtained from you as a result of your use of our Website, i.e. server event logs (data obtained on the basis of the network protocol used, e.g. date and time of your visit, addresses visited, type and version of the Internet browser used, type and operating system of the terminal equipment used and your IP address) are processed, depending on the situation, for the following purposes:

• To establish, shape the content, change, terminate and correctly execute the cooperation for the sale or marketing of products (Article 6(1)(b) of the RODO);
• making a product available to you for the purpose of you conducting a product test as part of your blog, social media activity, or web portal (Article 6(1)(b) of the DPA);
• part of your blog, social media activity, or web portal (Article 6(1)(b) of the DPA);
• collecting product reviews (Art. 6(1)(f) RODO);
• handling requests or queries you may send to us (Article 6(1)(b) of the DPA);
• tracking your activity on social media, as part of information made publicly available (Article 6(1)(f) of the RODO);
• direct marketing, sending newsletters containing commercial information about products and brands and news on the Website, including promotional offers, provided you have given your consent (Article 6(1)(a) of the DPA); 
• remarketing by using information about your online behaviour (so-called tracking) and subjecting this information to automated analysis in order to display advertisements tailored to your likely needs and preferences, provided that you have consented to this (Article 6(1)(a) of the RODO) – for more information on this topic, please see the section on marketing cookies later in this Policy;

• offering social networking services, based on our legitimate interest (Article 6(1)(f) RODO) or your consent (Article 6(1)(a) RODO);
• to comply with obligations imposed on us by law, e.g. by the Accounting Act or tax legislation (Article 6(1)(c) of the RODO);
• the fulfilment of our legitimate interests (e.g. the assertion and defence of claims, prevention of fraud or abuse, response to inquiries, complaints, suggestions) (Article 6(1)(f) RODO).

Where our processing of your data is based on your consent (newsletter, direct marketing, remarketing), you have the right to withdraw consent at any time; withdrawal of consent does not affect the lawfulness of the processing we have carried out on the basis of consent before its withdrawal.

Provision of data

You provide us with your personal data voluntarily; however, failure to provide certain personal data (identity or address data) may prevent us from fulfilling the purposes indicated above (e.g., cooperating with you or responding to a message sent by you).

Processing period

We will only process your data for as long as we have a legal basis to do so, which is – whichever is applicable in your case and the latest – until:

• we cease to be under a legal obligation requiring us to process your data or
• we are no longer able to assert claims in connection with a contract entered into between you and us, or
• you withdraw your consent to the processing of your personal data – in the event that the processing of your data is based on the consent you have given us (newsletter, direct marketing, remarketing) or
• your objection to the processing of your personal data is accepted – in the case where the basis of the processing of your data was the legitimate interest of the Administrator.

Recipients of your personal data

We will transfer your data:

• to entities that act on our behalf, i.e. providers of IT services and solutions, marketing agencies, couriers, entities providing accounting, financial, insurance and administrative services, entities conducting customer satisfaction surveys on our behalf;
• Your social media account providers;
• to public authorities, including courts, upon their reasonable request;
• public authorities, including courts, and attorneys, insurers, and advisors, where necessary for our defense against claims or for us to pursue claims;
• to social media, advertising and analytics partners; these partners may combine this information with other data they receive from you or obtain when you use their services.

We will not transfer your personal information to countries outside the European Economic Area.

Your rights

In connection with our processing of your personal data, you have the following rights:

• obtain confirmation from the Administrator as to whether your personal data is being processed;
• request access to your personal data, rectification, erasure or restriction of processing;
• request a transfer of your personal data to another controller;
• object at any moment to the processing of your data, for reasons related to your particular situation – to the processing of your personal data based on Article 6(1)(f) of the RODO (i.e. on the legitimate interests pursued by the Administrator), and also – if your personal data are processed for the purposes of direct marketing – to the extent that the processing is related to such direct marketing

• lodge a complaint to the supervisory authority, i.e. the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw, kancelaria@uodo.gov.pl (if you think that by processing your personal data we are acting unlawfully).

Data security

When processing your personal data we use organisational and technical measures in line with the relevant provisions of the law, including encrypting the connection with the use of an SSL certificate. Your personal data is stored in a database in which technical and organizational measures have been applied to ensure the protection of the processed data in accordance with the requirements set out by generally applicable laws on the protection of personal data. Access to the database have only people who have the authorization granted by the Administrator.

Final provisions

We may amend this Policy from time to time, among other things, to keep pace with new technologies, industry practices, and legal requirements. We will provide you with reasonable notice of any changes by posting the new content of this document on our website at https://innpro.bg/privacy-policy/.

In matters not regulated, the provisions of the RODO and the Personal Data Protection Act of 10 May 2018 (Journal of Laws 2019.1781), the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2020.344 i.e.) and executive acts issued on their basis shall apply.