Privacy Policy

DATA ADMINISTRATOR

PURPOSE OF DATA PROCESSING

1. in reply to an e-mail contact. By contacting the administrator via e-mail, through the contact placed on the website www.boxpro.pl, you naturally provide your e-mail address as the sender's address. In addition, you can also include other personal data in the text of the message. In this case, your data is processed in order to contact you, and the basis for processing is art. 6 sec. 1f of GDPR, i.e. the legitimate interest of the administrator to reply to your message. The legal basis for processing after the end of contact is the legitimate interest of the administrator consisting in archiving correspondence for internal needs (Article 6 (1) (f) of the GDPR). The content of the correspondence may be archived. You have the right to request a correspondence history (if it has been archived), as well as request its removal, unless its archiving is justified due to overriding interests of the administrator, e.g. defense against potential claims. The scope of collected data: e-mail address, other scope of data provided by the user in the message content.
   
   Providing data is always voluntary, but sometimes necessary for the proper implementation of the purpose for which you provide it.

PERSONAL DATA STORAGE PERIOD

YOUR RIGHTS

1. You have the right at any time to find out if your personal data has been stored and consult the Data Administrator to find out about their content and origin, in order to check their accuracy or to request supplementing, canceling, updating or correcting them, or making them anonymous or blocking any data stored in violation of the law, and objecting their use for any legitimate reason.
2. You have the right at any time to find out if your personal data has been stored and consult the Data Administrator to find out about their content and origin, in order to check their accuracy or to request supplementing, canceling, updating or correcting them, or making them anonymous or blocking any data stored in violation of the law, and objecting their use for any legitimate reason.
3. In order to follow the above-mentioned rights, contact the administrator by e-mail at office@boxpro.pl or in writing to the following address: BoxPro Polska Patryk Gapiński, Warsztatowa 8/207, 64-920 Piła

DATA RECIPIENTS

1. In special situations where the applicable law requires us to disclose the collected data to state authorities, we will be obliged to disclose such data. In addition, the Administrator will transfer your personal data to accounting service providers, postal service providers, courier service providers, legal service providers, service providers and IT software supporting store management, service providers in the field of e-mail and website hosting, banks and other financial institutions in the field of making payments to the owners of the social network (e.g. facebook). If you want to know the list of entities to which we share or entrust your personal data, please contact us.
2. Data transfer to third countries
1. As a rule, personal data will not be transferred outside the European Economic Area (hereinafter: "EEA"). However, bearing in mind the provision of services by our subcontractors in the implementation of support for ICT services and IT infrastructure, the Administrator may commission specific IT activities or tasks to recognised subcontractors operating outside the EEA, which may result in the transfer of your data outside the EEA. According to the decision of the European Commission, recipient countries outside the EEA ensure an adequate level of personal data protection in line with EEA standards.
2. In the case of recipients in the territory of countries not covered by the decision of the European Commission, in order to ensure an adequate level of this protection, the controller concludes contracts with recipients of personal data based on standard contractual clauses issued by the European Commission in accordance with Art. 46 sec. 2 c of GDPR.
3. A copy of the standard contractual clauses can be obtained from the administrator - his contact details are given above. The method of securing your data used by the administrator complies with the principles provided for in Chapter V of the GDPR. You can request further information on the security features applied in this regard, obtain a copy of these security features and find out where they are shared.

SECURITY

1. The website has implemented solutions ensuring a high level of protection of your data, including an SSL certificate - a tool that certifies the credibility of the domain and its owner. It confirms the security of encryption of data sent between the user and the server. It guarantees the confidentiality of data and all communication. This guarantee is provided by an independent entity, i.e. the issuer.
2. The administrator guarantees the confidentiality of all personal data provided to him. We ensure that all security and personal data protection measures required by the provisions on the protection of personal data are taken. Personal data is collected with due diligence and properly protected against access by unauthorised people.

PROFILING

1. As part of our business, we do not perform profiling referred to in art. 4 point 4 of the GDPR, i.e. we do not process your personal data in an automated manner by using your personal data to evaluate some of your personal factors (e.g. to evaluate your preferences, interests, location, etc.)

COOKIE FILES

1. The Service Provider stores https queries directed to the server.
2. In order to improve the functionality, the Service Provider declares use of cookies. Own cookies will be used for the following purposes:
1. website configuration, i.e. adapting the content of the pages to the previous actions taken by the user;
2. implementation of the processes necessary for the full functionality of the website;
3. conducting analyzes and monitoring viewership;
4. ensuring safety and continuous operation.
3. External cookies will be used to collect statistical data via analytical tools for analytical purposes
4. On the basis of the collected information, the Service Provider may create statistics. Statistics are created in a way that does not allow the identification of individual Service Users.
5. Each Service Recipient, who does not consent to the use of cookies is obliged to modify the web browser settings. The configuration of the system enabling the use of cookies constitutes consent to the Service Provider storing the information referred to in paragraph 2, in accordance with art. 173 paragraph 2 of the Act of 16th July 2004 of Telecommunications Law (Journal of Laws of 2017, item 1907, as amended)

Types of cookies and tracking technologies on our website

1. Log files Each time you visit our website, the system automatically collects information and data from your computer. Your data in log files is stored in order to ensure the functionality of the services, optimise the website and ensure the security of IT systems. These are the following data: internet protocol; IP address; URL of the website from which the redirect was made and from which the file was requested; date and time of access; browser type and operating system; the page visited by the user; the amount of data transferred; access status (file transferred, file not found, etc.), duration and frequency of use. When accessing mobile applications, the following data and information is collected: internet protocol; IP address; date and time of access; device type and operating system; the amount of data transferred; access status (such as file transferred, file not found, etc.); duration and frequency of use. The temporary storage by the system of the IP address is necessary to enable the services to be provided on the user's computer. For this purpose, the user's IP address must be stored for the duration of the session. The legal basis for the processing of this data is the legitimate interest of the administrator (Article 6 (1) (f) of the GDPR). Your data is stored on the server until it is no longer needed to achieve the purpose for which it was collected. If the data is collected for the purpose of providing the service, it takes place at the end of the session. The data collected in the logs are necessary for the website to function, therefore the user cannot object to their processing.
2. Google analitics. To analyse the use of our website by users, we have installed a tool that allows us to create reports on website activity, measure the effectiveness of the content and provide other services regarding the use of the website and the Internet. Our website uses the "Google Analytics" service provided by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). The service uses cookies: text files stored on the user's device. The information collected by cookies is usually sent to a Google server and stored there. We use anonymisation consisting in shortening the IP addresses, which prevents the IP address from being associated with the user.
   The legal basis for the processing of this data is the legitimate interest of the administrator (Article 6 (1) (f) of the GDPR). his data will be retained by Google for a period of 26 months; due to the shortening of the IP address, no personal data will be stored. You have the option of blocking the storage of cookies on your device through the appropriate configuration of your browser. You can also use a browser plug-in to block information from being sent to Google. Plugin link: https://tools.google.com/dlpage/gaoptout.
3. Google Maps. Our website uses maps provided by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). When you visit our website, where the map is located while being logged in with your Google account, Google may associate your browsing behavior with other information. In this case, the data protection policy of Google applies: https://policies.google.com/privacy?hl=de&gl=de. The legal basis for the processing of this data is the legitimate interest of the administrator (Article 6 (1) (f) of the GDPR).
4. Server logs - Information about some activities undertaken by users is subject to logging in the server layer. This data is used only to administer the Website. The browsed resources are identified by URL addresses. In addition, the following may be saved:
1. time of receipt of the inquiry;
2. time of sending the response;
3. name of the user's station - identification performed by the HTTP protocol;
4. information about errors that occurred during the execution of the HTTP transaction;
5. URL address of the page previously visited by the user (referrer link) - if the Website was accessed via a link;
6. information about the user's browser;
7. information about the user's IP address;
The above data is not associated with specific people browsing the pages and is used only for the purpose of administering the Website.

DISCLAIMER

FINAL PROVISIONS