PRIVACY POLICY AND COOKIES POLICY
PERSONAL DATA PROTECTION
MARTOM SP. Z O.O. with its registered office in Świdnica
ADDRESS: ul. Piaskowa 10, 66-008 Świdnica
KRS 0000574675,
NIP 9731023138
-
1. GENERAL INFORMATION
1.1.
The Privacy Policy sets out the rules and principles for the processing of personal data by Martom sp. z o.o., in particular with regard to Customers’ use of the online shop available at https://martom-shop.com, as well as with regard to the processing of data of job applicants and in connection with the processing of data of the Company’s employees or associates.
1.2.
This Privacy Policy, available at http://martom-hurtownia.pl/, sets out the rules for the processing of personal data and the conditions for maintaining the confidentiality of Customers’ data, including Users and recipients of the MARTOM Shop NEWSLETTER.
1.3.
The controller of personal data is:
MARTOM sp. z o.o., with its registered office at ul. Piaskowa 10, 66-008 Świdnica, registered in the Register of Entrepreneurs of the National Court Register under KRS number 0000574675, whose registration files are kept by the District Court in Zielona Góra, 8th Commercial Division of the National Court Register, with share capital of PLN 20,000.00 (NIP number 9731023138, REGON number 362437274), hereinafter referred to as “MARTOM”, operating the Shop at the following address:
ul. Osadnicza 35
65-001 Zielona Góra
E-mail address: [email protected]
www.martom-shop.com
In the event of any problems concerning personal data, you may contact our Customer Service Department, whose details are indicated above.
1.4.
The purpose of the Privacy Policy is to inform you what data we collect, for what purpose we do so and what we use it for. All information entrusted to us by you is extremely important to us, which is why we secure it at the highest level.
2. WHAT DATA DO WE COLLECT?
2.1.
The data collected by Martom sp. z o.o. is provided by the Customer to whom it relates by completing the contact forms available in the Online Shop, in connection with creating a user account on the Website/Shop on our website (www.martom-hurtownia.pl), processing orders and payments for orders, or subscribing to our NEWSLETTER, during contact by e-mail or telephone, and is also collected automatically by the IT system used by the personal data Controller during the Customer’s visit to our website https://martom-shop.com/.
When you enter our website, we automatically recognise the IP address of the computer or other mobile device you are using. An IP number is a number by which each computer connected to the Internet is identified. If you use the Website via a mobile device with geolocation enabled, we may also recognise data concerning your location.
Upon registering on our Website and completing the user form in the “MY ACCOUNT” tab, we begin processing your data. In this connection, we collect your data in the form of: first name(s), surname, electronic address – e-mail. In order to place an order, we collect the following data from you: first name and surname/company name, address (country, city, postal code, street and number), telephone number, e-mail address, it is possible to provide an alternative delivery address, information about the payment method (payment card number, payment card holder’s details, card expiry date), and in the case of a person conducting business activity – the NIP number. In connection with your use of our Website, we also collect the IP addresses of computers or other mobile devices that you use.
If an order is placed, MARTOM sp. z o.o. collects your personal data using the form available in the “ORDERS” tab, also without the need to create a user account. On this occasion, we also collect the data indicated above, collected as part of registration, except for information collected for the purpose of creating a user account.
The information that we collect and that is necessary for us to be able to respond to your requests and orders is indicated in the link to the forms being completed. If you do not complete the mandatory fields, we will not be able to respond to your requests and orders.
Providing your personal data is completely voluntary, but necessary for the performance of the agreement, its supervision, and in order for you to receive our NEWSLETTER. Each time, in order to conclude a sales agreement, providing a certain minimum amount of personal data is a condition for its conclusion.
2.2.
Customers’ personal data is used for the purpose of handling and processing orders, as well as for the performance of agreements for the provision of electronic services, including the NEWSLETTER service.
2.4.
Personal data as well as information about orders and payments are protected against access by unauthorised persons through technical security systems. Data transfer takes place using the secure SSL (Secure Socket Layer) transmission protocol with a 256-bit key. This technology offers the highest level of security and is therefore also used, for example, by banks to protect online banking data. The transmission of encrypted data can be recognised by the display of encrypted keys or key symbols in the lower status bar of the browser.
2.5.
Due to the fact that the Customer provides their personal data voluntarily, they have the right to access their personal data, correct it, rectify it, supplement it, and may also request the personal data Controller to delete the previously provided personal data from the data sets maintained by the Controller. This may be done by contacting the data Controller by e-mail at: [email protected], or in writing to the Company’s address provided in the Privacy Policy. The Controller may refuse to delete the data if the Customer’s previous conduct in the Online Shop has violated the provisions of the Privacy Policy or the Shop Terms and Conditions or applicable legal provisions, and retaining the data is necessary to clarify these circumstances and establish the Customer’s liability.
2.6.
If the Customer subscribes to the NEWSLETTER, the personal data Controller will send messages to the e-mail address provided by the Customer containing information about products and services available in the Online Shop, as well as information about organised competitions and promotions.
2.7.
MARTOM sp. z o.o. informs about the possibility of exercising the right to collect and/or publish information concerning the statistical characteristics of users of our Shop, without disclosing the personal data of our Customers, in particular for the purpose of determining sales statistics, the manner of using individual tabs, the country from which an order was placed, etc., which is intended to serve market analysis and Customer preferences, in particular in order to improve the quality of services and develop services in line with market trends.
-
PROVISIONS OF THE SECURITY POLICY. PURPOSES AND LEGAL BASES FOR THE PROCESSING OF THE CUSTOMER’S PERSONAL DATA AND THE PROCESSING PERIOD
3.1.
The Customer voluntarily provides the personal data listed in the Shop Terms and Conditions and forms, which are necessary to complete the transaction concluded via the Shop. From the moment you use our Website or in connection with placing an order, your personal data is processed for the purpose of fulfilling your order by MARTOM sp. z o.o. and its service providers, to whom we may entrust the processing of this data for the purpose and to the extent necessary to perform the sales agreement or the NEWSLETTER service.
3.2.
The data of Customers who have placed an order and Customers who have registered an account in the Online Shop and/or ordered the NEWSLETTER are processed with their consent, but this is necessary for the purposes of concluding and performing the agreement.
3.3.
Personal data provided during e-mail and/or telephone contact with the personal data Controller will be used solely for the purpose of responding to the Customer’s inquiry in connection with the performance of the sales agreement and/or the NEWSLETTER service, as well as for the direct marketing of MARTOM sp. z o.o. services and products.
3.4.
The personal data Controller does not disclose personal data to third parties without the Customer’s prior consent to the purpose and scope of data disclosure.
3.5.
The personal data Controller contacts the Customer mainly by e-mail and/or, where applicable, by telephone or letter in matters related to the performance of sales agreements concluded with Martom sp. z o.o.
3.6.
The data Controller uses the latest technologies and special procedures for the protection of personal data. Personal data is stored in a database in which technical and organisational measures have been applied to ensure the protection of processed data in accordance with the requirements specified by generally applicable legal provisions concerning personal data protection.
3.7.
Only persons with written authorisation to process personal data in the Controller’s system have access to the personal data processed in the personal data Controller’s system.
3.8.
Personal data is stored for the period necessary due to the purposes for which it is collected, as provided for by law, in particular:
|
No. |
Purposes of data processing: |
Legal bases: |
Processing period: |
|
1. |
Performance of the sales agreement between the Company and the Customer, hereinafter referred to as “performance of the Service” |
Article 6(1)(b) GDPR – necessity for the performance of a contract to which the User or Customer is a party. |
until the expiry of the given agreement between the Company and the Customer, with the reservation that, in some cases, this data may also be processed after the expiry of that agreement, but only if this is permitted or required under applicable law, e.g. processing for statistical or accounting purposes or for the purpose of pursuing claims |
|
2. |
Marketing, including analysing and profiling data for marketing purposes, of the controller’s products and services, hereinafter also referred to as “direct marketing”. |
Article 6(1)(f) GDPR – the legitimate interest of the controller. |
until an effective objection is raised or consent is withdrawn. |
|
3. |
Marketing, including analysing and profiling data for marketing purposes, in particular purchase history and IP address, concerning products and services of third-party entities – Partners. |
Article 6(1)(a) |
until consent is withdrawn. |
3.9.
Personal data is processed on the basis of consent until the consent is withdrawn, and after withdrawal of consent for the period provided for by law in the scope of pursuing possible rights and claims and in accordance with accounting regulations. You may do this by sending a declaration of intent to the address [email protected]. After receiving the withdrawal, your data will not be used for any purposes other than solely for the fulfilment of your order.
3.10.
Data processed on the basis of legitimate interest for marketing purposes is stored for the duration of the agreement, and then for the limitation period for claims arising from the provision of services and for the period resulting from legal obligations under accounting regulations, regulations concerning the provision of sales services, and in accordance with the consents received, as well as until an objection to data processing is lodged, depending on which of these events occurs first. The Controller and the data Processor will cease processing data used for profiling and analytical purposes earlier upon your objection to the processing of your data for these purposes, if legal provisions entitle you to lodge such an objection, e.g. for direct marketing purposes.
We process or store your data during the term of the sales agreement or NEWSLETTER service, as well as after its termination, for the purpose of:
-
pursuing claims and rights for the period provided for by the legal provisions on limitation of claims;
-
fulfilling obligations under tax and accounting regulations in accordance with the law,
-
statistical and archiving purposes;
-
accountability for demonstrating compliance with personal data protection laws for the period during which the Controller is obliged to retain data or documents that document compliance with legal requirements and enable inspections by supervisory authorities.
3.11.
The legitimate interests relating to direct marketing pursued by us consist in offering you services as part of our business activity.
The Controller may also process information concerning your preferences, which may sometimes constitute personal data and which has been provided to the Controller by you voluntarily, in particular through the functionality of the Controller’s website, including for the purpose of limiting the services presented or promoting products and services.
This allows us to maintain contact with you for purposes related to direct marketing, in particular through personal, telephone, e-mail or postal contact.
We also process your data for analytical purposes, conducting research and analyses, including statistical analyses, regarding the operation of our systems and website, improving the manner of providing services, including profiling for the purpose of monitoring and analysing the offer of products and services in order to ensure the possibility of proposing products and services best suited to the requirements and needs of our Customers. The basis for processing is the necessity to pursue a purpose resulting from the legitimate interest pursued by the Controller, which is to offer you the product most appropriate to your requirements and needs (Article 6(1)(f) GDPR), in particular in the scope of monitoring your activity related to searching for so-called keywords, presenting offers and managing your activity on our website, including matching advertisements according to the content viewed by you in relation to the products and services we offer.
We process your data and then store it for our archiving purposes and to fulfil the principle of accountability in the processing of your data.
We process your data in order to pursue claims by us or to defend against claims made, related to the insurance product offer presented to you. The legal basis for the processing of such data is the necessity of processing to pursue the legitimate interest of the controller or processor, which is to ensure the possibility of pursuing and defending against claims.
You have the right to object to the processing of data for profiling purposes.
-
What data do we process?
The Company processes personal data in the form of first name and surname, business name, telephone number, account number, e-mail address, residential address or business address, correspondence details, information about the IP address held, NIP number, information received from the person directly or via electronic or telephone means of communication, the date and time of the visit to the Shop website, viewed products and services, as well as the history of service orders, on the basis of data profiling, as well as any necessary information constituting personal data required to conclude and perform the sales agreement for goods, in particular in the scope of information provided in correspondence concerning the order and performance of the agreement.
The Controller processes your personal data to the extent to which it is made available by publicly available sources and obtained from publicly available sources, i.e. including from the Register of Entrepreneurs of the National Court Register (KRS), the Central Register and Information on Economic Activity (CEIDG), and the Statistics Poland (GUS).
If you choose to pay for the order using electronic payment instruments or other banking instruments, such payment involves the processing of personal data for the purpose and to the extent necessary to verify the security of the payment transaction, including entrusting the processing of personal data to entities specialised in detecting online payment fraud, and to protect the rights of MARTOM sp. z o.o. in the scope of pursuing claims and confirming payment terms.
-
SHARING DATA ON SOCIAL MEDIA “FACEBOOK”.
MARTOM sp. z o.o. informs you that you have the option to share information or content contained on the Website on social media (Facebook). Such content is subject to the legal reservations formulated by Martom sp. z o.o. and disclosed on the Website. By clicking the appropriate button on our Website relating to social media, the content selected by the user is transferred from the MARTOM sp. z o.o. server and sent to the social media website. The use of such content after it has been transferred as a result of the user’s actions is governed by the terms of use of the website to which the link leads. We recommend that you read them. The transfer of content from our Website to a social media website takes place solely on your initiative and at the sole responsibility of the User. Martom sp. z o.o. is not responsible for the use or exploitation of the transferred content or any other action related to the content from the moment the content from our Website is sent to another website.
6. INFORMATION OBLIGATION
6.1.
Where personal data, the Controller of which is Martom sp. z o.o., is collected directly from the data subject for the purpose of concluding and performing an agreement, the personal data Controller is obliged to provide information about the address of its registered office and place of business, the purpose of processing such data, and in particular the recipients or categories of recipients of the data known to the Controller at the time of providing the information, the Customer’s right to access and correct their data, and the voluntary or obligatory nature of providing the data, together with the legal basis introducing the above obligation.
6.2.
If the Customer submits a written objection to the processing of their personal data by Martom sp. z o.o. for marketing purposes and advertising of its own products, the processing of the disputed personal data for the above-mentioned purpose shall be stopped.
6.3.
Martom sp. z o.o. processes the personal data of its customers in order to conduct business activities in accordance with the Company’s agreement, in the scope of providing services consisting in the sale of goods directly in brick-and-mortar stores and via the Martom sp. z o.o. online shop, as well as through sales platforms with which the Company cooperates.
6.4.
Martom sp. z o.o. processes data in order to ensure a proper personnel policy, compliant with the law and the objectives of Martom sp. z o.o., as well as the ongoing handling of employment relationships and other civil-law relationships established by Martom sp. z o.o., acting as an employer or party to other civil-law relationships, and also for the implementation of other justified purposes and tasks of Martom sp. z o.o. – with respect for the rights and freedoms of persons entrusting their data to Martom sp. z o.o.
6.5.
The business activities of Martom sp. z o.o. consist in:
-
concluding agreements for the sale of goods and services to customers in brick-and-mortar and online shops;
-
concluding agreements for the sale of goods and services for individual customers and entrepreneurs;
-
selling goods and services through online sales platforms with which Martom sp. z o.o. cooperates;
-
concluding employment contracts, cooperating with employees and associates of Martom sp. z o.o., and collecting data of candidates for employment or cooperation with Martom sp. z o.o.
6.7.
Personal data at Martom sp. z o.o. may be processed only for the purpose for which it was collected and no longer than is necessary to achieve these purposes, taking into account the requirements arising from provisions concerning sales agreements and the provision of services under the Civil Code, as well as claims arising from sales agreements and service agreements.
7. PROTECTION OF YOUR PERSONAL DATA.
7.1.
Before commencing the processing of personal data, Martom sp. z o.o. is obliged to apply appropriate technical and organisational measures ensuring the protection of data processed in IT systems, and in particular to secure the data against disclosure to unauthorised persons, access by unauthorised persons, or processing in violation of personal data protection regulations.
7.2.
The personal data Controller is responsible for monitoring the proper functioning of security measures in the Company.
8. COOKIES POLICY.
8.1.
When visiting the Martom sp. z o.o. Online Shop, the Controller’s system automatically collects so-called “cookies”. Accepting cookies is a condition for using the MARTOM sp. z o.o. Online Shop website. If the Customer blocks the use of cookies, the website and the online shop service will operate only to a limited extent. The term “cookies” should be understood as IT data, including text files, stored on the end devices of users and Customers of Martom sp. z o.o., intended for the use of websites. These files allow the User’s/Customer’s device to be recognised and the website to be displayed appropriately, adjusted to their individual preferences. “Cookies” usually contain the name of the website from which they originate, the time they are stored on the end device and a unique number. Such files are placed in the HTTP protocol used for communication between the web server and the web browser. It consists of: a key specifying the name of the value, the value, and the lifetime after which the browser should delete the cookie file. Their functions are mostly standard for the settings provided by browsers. Cookies are used to adjust website content to the preferences of the User/Customer of Martom sp. z o.o. and to increase the usefulness and personalisation of website content. Cookies are used to adjust the content of the Shop to the Customer’s preferences and to increase the usefulness and personalisation of the content of other websites.
8.2.
Most of the cookies used are automatically deleted from the user’s computer hard drive after the browser session ends, so-called session cookies, which are used to offer the Customer the basket function on many pages of the Online Shop. Martom sp. z o.o. also uses cookies stored on the Customer’s computer hard drive. During the Customer’s next visit to the Martom sp. z o.o. website, the online shop service automatically recognises the Customer and their preferred information and settings. Temporary and persistent cookies, with a storage period from 1 month to 10 years, are saved on the Customer’s computer hard drive and are automatically deleted after a specified time. “Cookies” collect personal data and may be collected only and exclusively for the purpose of performing specific functions for the Customer. In connection with the Privacy Policy, this data is encrypted, which prevents unauthorised persons from accessing it. Commonly used web browsing software allows cookies to be placed on the end device by default. These settings may be changed in such a way as to block the automatic handling of cookies in the web browser settings or to notify the user each time they are sent to the user’s device. Detailed information on the possibility and methods of handling cookies is available in the settings of the software, namely the web browser, that you use.
9. RECIPIENTS TO WHOM THE CUSTOMER’S PERSONAL DATA IS TRANSFERRED.
9.1.
The Customer’s data may be transferred to entities processing personal data on behalf of the controller, including, among others, IT service providers, marketing agencies, etc. These entities process data on the basis of an agreement with the controller and only in accordance with the controller’s instructions. The controller may transfer the Customer’s data to entities authorised to obtain it under applicable law, e.g. law enforcement authorities, if such an authority submits a request on an appropriate legal basis, for example for the purposes of ongoing criminal proceedings. In sporadic cases, the Customer’s data may be transferred to recipients from third countries, i.e. countries outside the European Economic Area, for example if this is necessary to provide Services to the Customer or if it is required by another valid legal basis.
10. WEBSITE STATISTICS ANALYSIS TOOL
10.1 Google Analytics 4
This website uses Google Analytics 4, a tool provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables the analysis of how websites are used.
When using Google Analytics 4, so-called cookies are used as standard. Cookies are text files stored on the user’s end device, which enable the analysis of how the user uses websites. Information collected by cookies regarding the user’s use of the website, including the shortened IP address transmitted by the user’s end device, see below, is generally transferred to a Google server, where it is stored and processed. This may also result in information being transferred to servers of Google LLC, a company based in the USA, where further processing of the information may take place.
When using Google Analytics 4, the IP address transmitted by the user’s end device when using the website is always collected and processed by default and automatically in an anonymised manner in order to exclude any direct association of the collected information with the user. This automatic anonymisation is carried out by Google by shortening the IP address transmitted by the user’s end device by the last digits within the Member States of the European Union (EU) or other countries that are parties to the Agreement on the European Economic Area (EEA).
On our behalf, Google uses this and other information to analyse how the website is used, to prepare reports on user activity on the website and to collect information about behaviour related to the use of the website, as well as to provide further services related to the user’s use of the website and the Internet. The shortened IP address transmitted by the user’s end device as part of Google Analytics 4 is not combined with other Google data. Data collected as part of the use of Google Analytics 4 will be stored for 2 months and then deleted.
Using a special function called “demographic features”, Google Analytics 4 also enables the creation of statistics together with reports concerning the age, gender and interests of website users based on the evaluation of personalised advertising and the use of information from third parties. This makes it possible to identify and distinguish groups of website users in order to target marketing activities at specific groups. However, data collected as part of “demographic features” cannot be assigned to any specific person and therefore cannot be personally attributed to the user. Data collected as part of the “demographic features” function will be stored for 2 months and then deleted.
The above processing, in particular the use of Google Analytics cookies to store and read information on the end device used to access the website, takes place only with the user’s express consent in this respect pursuant to Article 6(1)(a) GDPR. Google Analytics 4 services will not be used if the user has not given consent while using the website. The user may withdraw their consent at any time with effect for the future. To exercise the right to withdraw consent, this service should be deactivated from the cookie management panel (Cookie Consent Tool) located on the website.
This website may also use the “Google Signals” service as an extension of Google Analytics. Thanks to Google Signals, Google can create cross-device reports, so-called “cross-device tracking”. If you have activated “personalised ads” in your Google account settings and linked your internet-enabled devices to your Google account, Google may analyse user behaviour across different devices and create database models on this basis, provided that you have consented to the use of Google Analytics pursuant to Article 6(1)(a) GDPR (see above). The logins and device types of all website visitors who were logged into a Google account and completed a conversion are taken into account. This data shows, among other things, on which device you first clicked on an advertisement and on which device the related conversion took place. To the extent that Google Signals is used, we do not receive any personal data from Google, but only statistics prepared on the basis of Google Signals. In your Google account settings, you have the option to deactivate the “personalised ads” function and thereby disable cross-device analysis.
To do this, please follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=en
Further information can be found here: https://support.google.com/analytics/answer/7532985?hl=en
As an extension of Google Analytics, the “UserIDs” function may also be used on this website. By assigning individual UserIDs, we may have Google create reports across different devices, so-called “cross-device tracking”. This means that your usage behaviour may be analysed across different devices if you have given the relevant consent to the use of Google Analytics pursuant to Article 6(1)(a) GDPR, if you have created a personal account by registering on this website and are logged into your personal account on different end devices using the relevant login details. The data collected in this way shows, among other things, on which end device you first clicked on an advertisement and on which end device the corresponding conversion took place.
As part of the use of Google Analytics 4, we have concluded a so-called data processing agreement with Google, under which Google is obliged to protect the data of users of our website and not to transfer this data to third parties.
In the case of data transfers to the USA, the provider has signed the EU-US Data Privacy Framework agreement, which ensures compliance with the European level of data protection on the basis of the European Commission’s adequacy decision.
Further legal information concerning Google Analytics 4 can be found at the following links:
https://policies.google.com/privacy
https://business.safety.google/privacy/
Detailed information on which specific processing mechanisms are used and how Google Analytics 4 uses data from websites can be found here: https://policies.google.com/technologies/partner-sites?hl=en
10.2 Google Tag Manager
This website uses “Google Tag Manager”, a service belonging to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”. Google Tag Manager provides the technical framework needed to integrate various web applications, including tracking and analytics services, and to calibrate, control and appropriately condition them from a single user interface.
The Google Tag Manager tool itself does not store any information on users’ end devices or read any information from them. Furthermore, the service does not independently analyse data.
However, when the website is opened, Google Tag Manager transmits the user’s IP address to Google, where this address is then stored. It may also be transferred to servers belonging to Google LLC in the United States.
However, we may carry out such data processing operations only if we receive the user’s express consent within the meaning of Article 6(1)(a) GDPR. Without such consent, the Google Tag Manager tool will not be used during the user’s visit to the website.
The user may withdraw their consent at any time with effect for the future. To exercise the right to withdraw consent, this service should be deactivated from the cookie management panel “Cookie Consent Tool” located on the website. We have concluded a data processing agreement with Google, in which we have obliged Google to protect the data of persons visiting our website and not to transfer this data to third parties.
In the case of data transfers to the USA, the provider has signed the EU-US Data Privacy Framework agreement, which ensures compliance with the European level of data protection on the basis of the European Commission’s adequacy decision.
More information on data protection in connection with Google Tag Manager can be found here: https://support.google.com/tagmanager/answer/9323295?hl=en
Specific information concerning the services and applications integrated in Google Tag Manager that are relevant from the point of view of data protection can be found in the relevant sections of this Privacy Policy.
11. PROTECTION AND DELETION OF PERSONAL DATA.
Most credit card operators and PayU electronic transfer operators, provided that certain requirements are met, protect against any losses that may arise from the unlawful use of a credit card or PayU account. If you have questions regarding personal data protection standards, are looking for information or wish to delete data, please send them in writing to MARTOM sp. z o.o. by e-mail to: [email protected] or by post to the address provided for contacting the Shop.
12. RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA.
The Customer has the following rights in connection with the processing of personal data by the Controller:
12.1. to request access to personal data from the Controller,
12.2. to request rectification of personal data from the Controller,
12.3. to request the deletion of personal data from the Controller (the right to be forgotten), if permitted by law,
12.4. to request the restriction of personal data processing from the Controller,
12.5. to object to the processing of personal data, in particular with regard to the processing of data for direct marketing purposes and profiling, if permitted by law,
12.6. to data portability, if technically possible, i.e. to receive personal data from the personal data Controller in a structured, commonly used and machine-readable format. The Customer may transmit this data to another data controller under the terms provided for by law and internal regulations,
12.7. due to automated decision-making in the field of insurance by insurance companies and financial institutions, the Customer has the right to challenge such a decision, the right to express their own position and the right to request that their case be reconsidered and a decision be made by an employee of the insurance company cooperating with the Company under a data processing agreement, within the limits and in accordance with the applicable legal provisions concerning authorised profiling by the insurance company,
12.8. to lodge a complaint with the supervisory authority (from 25.05.2018 – with the President of the Personal Data Protection Office).
12.9. If the Customer’s data is processed on the basis of consent, the Customer may additionally exercise the following rights: the right to withdraw consent to the extent to which the data is processed on this basis. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
12.10. In order to exercise the above rights, the Customer should contact the Controller.
You may exercise the rights indicated in point 9 by contacting us by e-mail at: [email protected] or in writing, by traditional post to the following address: ul. Objazdowa 35, 65-001 Zielona Góra, in accordance with personal data protection laws.
13. FINAL PROVISIONS
The personal data Controller reserves the right to make changes to the Security Policy. Changes will be published on the Martom sp. z o.o. website for informational purposes.