Personal data protection is a priority for ZEBRA P.W.P. Sp. z o. o. Spółka komandytowa that owns the Monumental brand. We are open and transparent when processing our Clients’ personal data. This policy contains information on the type of data we collect, how they are processed and protected, and who our Clients can contact if they have any questions or concerns in this regard.
Providing personal data by the user is voluntary. However, failure to provide the contact data may make it impossible to resolve the presented case.
1. The Controller of personal data collected via the website www.monumentaldesign.eu is ZEBRA P.W.P. Sp. z o. o Spółka Komandytowa entered into the Register of Entrepreneurs under the number KRS 0000364501, place of business: ul. Lipowa 25, Złotkowo 62-002 Suchy Las, address for service: ul. Lipowa 25, Złotkowo 62- 002 Suchy Las, Tax Id. No. (NIP): 7773180203, Polish National Business Registry No. (REGON): 301536970, e-mail address (e-mail): email@example.com, hereinafter referred to as “the Controller”.
2. Personal data collected by the Controller via the website are processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the GDPR and the Personal Data Protection Act of May 10, 2018.
TYPE OF PROCESSED PERSONAL DATA, PURPOSE AND SCOPE OF DATA COLLECTION
1. The Controller processes personal data via the website www.monumentaldesign.eu in the case of:
a) using the contact form by the user. Personal data is processed pursuant to Art. 6 (1) (f) GDPR as the legitimate interest of the Controller;
b) the user subscribes to the Newsletter in order to send commercial information by electronic means. Personal data are processed after expressing a separate consent, on the basis of art. 6 (1) (a) GDPR;
c) placing an order by the user and finalizing the purchase of goods offered on the internet website www.monumentaldesign.eu;
d) establishing contact with the Seller by the user for the purpose of customer service, technical assistance or submitting a complaint.
2. The Controller takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are:
a) processed in accordance with the law,
b) collected for specified, lawful purposes and not subject to further processing inconsistent with these purposes,
c) factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of persons to whom they relate, no longer than is necessary to achieve the purpose of processing.
TYPE OF PROCESSED PERSONAL DATA
1. The Controller processes the following categories of user’s personal data:
– Name and surname
– Date of birth
– Address (of residence)
– Email address
– Phone number
2. When using the internet website www.monumentaldesign.eu, additional information may be downloaded, in particular: the IP address assigned to the user’s computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
3. Navigation data may also be collected from users, including information about links and references in which they decide to click or other activities undertaken on the website. The legal basis for this type of data collection is the Controller’s legitimate interest (Art. 6 (1) (f) of the GDPR), consisting in facilitating the use of services provided electronically and improving the functionality of these services.
4. Personal data will also be processed in an automated manner in the form of profiling, provided that the user agrees pursuant to Art. 6 (1) (a) GDPR. The consequence of profiling will be assigning a profile to a given person in order to make decisions about him/her or to analyze or predict his/her preferences, behaviors and attitudes.
PERIOD OF PERSONAL DATA ARCHIVING
Users’ personal data are stored by the Controller:
a) if the basis for data processing is the performance of the contract, as long as it is necessary for the performance of the contract, and after that time for a period corresponding with the limitation period for claims. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
b) if the basis for data processing is consent, as long as the consent is not revoked, and after the consent is revoked, for a period of time corresponding with the period of limitation of claims that may be raised by the Controller and which may be raised against it. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
SHARING YOUR PERSONAL DATA
1. Users’ personal data are transferred to service providers used by the Controller when running the website. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, either are subject to the Controller’s instructions as to the purposes and methods of data processing (processors) or independently define the purposes and methods of their processing (controllers).
2. Users’ personal data are stored only within the European Economic Area (EEA).
THE RIGHT TO CONTROL, ACCESS AND CORRECT YOUR OWN DATA
1. A person concerned by the data has the right of access the content of his/her data, the right to rectify them, the right to erasure, the right to restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of any processing performed on the basis of the consent prior to its withdrawal.
2. Legal basis of the user’s request:
Access to data – Art. 15 of the GDPR
Data rectification – Art. 16 of the GDPR.
Erasure of data (the so-called right to be forgotten) – Art. 17 of the GDPR.
Restriction of processing – Art. 18 of the GDPR.
Data portability – Art. 20 of the GDPR.
Objection – Art. 21 of the GDPR;
Withdrawal of consent – Art. 7.3 GDPR.
3. In order to exercise the rights referred to in section 2, the user may send an appropriate e-mail to the following address: firstname.lastname@example.org
4. In the event of a user having the right resulting from the above rights, the Controller fulfills the request or refuses to comply with it immediately, but no later than within one month after receiving it. However, if – due to the complexity of the request or the number of requests – the Controller is not able to meet the request within one month, it will meet them within the next two months, informing the user within one month of receiving the request – about the intended extension of the deadline and its reasons.
5. In the event that the processing of personal data violates the provisions of the GDPR, the data subject also has the right to lodge a complaint with the President of the Office for Personal Data Protection.
1. The Controller’s website uses “cookies”.
2. The installation of “cookies” is necessary for the proper provision of services on the website. The “cookies” files contain information necessary for the proper functioning of the website, and they also allow for the development of general statistics of website visits.
3. The website uses the following types of “cookies” within the website: session and permanent. “Session cookies” are temporary files that are stored on the user’s end device until logging out (leaving the page). “Persistent” cookies are stored on the user’s end device within time specified in the parameters of the cookies or until they are deleted by the User.
4. The Controller uses its own cookies in order to better understand how the user interacts with the content of the website. The files collect information about the way the website is used by the user, the type of website from which the user was redirected and the number of visits and the time of the user’s visit to the website. This information does not record specific personal data of the user, but is used to compile statistics on the use of the website.
5. The user has the right to decide within the access of the “cookie“ files have to his/her computer by selecting appropriate files in the browser window. Details on the possibilities and methods of managing “cookie” files are available in the software settings (of the web browser).
6. More details on the possibility of changing cookies settings can be found in the web browser menu in the “help” section. For details visit the following websites:
Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
1. The Controller takes technical and organizational measures to ensure protection of the processed personal data that is adequate against existing hazards and categories of data held under the protection, particularly preventing the data from being shared to unauthorized persons, taken by unprivileged individuals, processing with an infringement of existing laws as well as modification, loss, damage, or destruction.
The Controller provides relevant technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons.