UE
en

Privacy Policy





Privacy Policy – kolaszewski.com

Privacy Policy of the website at https://kolaszewski.com

I. Introduction

We care about the privacy of our users and, as the Controller of your personal data, we make every effort to ensure that you feel safe when using our website, including when providing us with personal data.

We process the personal data of every natural person in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).

Below you will find detailed information on how we process your personal data.

II. Data Controller – owner of the FK Machinery® brand

“Kołaszewski” sp. z o.o.

  • Registered office: ul. Lęborska 22, 77-100 Bytów
  • Phone number: +48 662 018 824
  • E-mail: rodo@kolaszewski.com

III. Purpose and legal basis for processing personal data, voluntary provision of data

Your personal data will be processed for the following purposes:

  1. to pursue our legitimate interest (Article 6(1)(f) of the GDPR), consisting of:
    1. ensuring the proper functioning of the website, including its basic functionalities, stability, and performance,
    2. enabling us to contact you using your chosen communication channel, such as phone number or e-mail address, including responding to correspondence or incidental inquiries from website users to the contact details provided on our website,
    3. establishing, pursuing, or defending against claims – for the time necessary to carry out the given action, but no longer than until the claims are time-barred in accordance with the applicable laws,
    4. creating summaries, statistics, analyses – for our internal needs – until we take into account a justified objection raised by you, or until an objection is lodged,
    5. conducting market research/customer satisfaction surveys for our internal needs, including using traditional channels (e.g. by post) due to our business relationship – until we take into account a justified objection raised by you, or until an objection is lodged,
    6. direct marketing of our products and/or services carried out via traditional communication channels, e.g. by post – until an objection is lodged;
  2. to provide services (including via the online contact form in accordance with the Terms and Conditions) or to take action at the request of the data subject before concluding a contract (Article 6(1)(b) of the GDPR) – until the matter you raised in the contact form is addressed, the service is provided, or for the duration of the service,
  3. to conduct marketing activities:
    1. sending the FK Machinery® Newsletter to your e-mail – based on your prior marketing consent (e.g. by signing up to the FK Machinery® Newsletter) (Article 6(1)(a) GDPR in connection with Article 398 of the Electronic Communications Law) – until it is withdrawn,
    2. including direct marketing of our products and/or services (including conducting market research/customer satisfaction surveys for our internal needs) via electronic means using a given communication channel, e.g. e-mail (including when we receive your request to send information by e-mail about selected products/services – we will treat such a request as consent to send commercial/marketing information about the selected products/services; you can withdraw it at any time), SMS, telephone contact, for which we have received your prior marketing consent in accordance with Article 398 of the Electronic Communications Law (Article 6(1)(a) GDPR in connection with Article 398 of the Electronic Communications Law), where prior marketing consent is required – until such consent is withdrawn.

Marketing consent given for a specific communication channel can be withdrawn at any time, without affecting the lawfulness of processing carried out before its withdrawal.

After withdrawing marketing consent for a specific communication channel, the Controller is no longer authorised to process personal data for the purpose of electronic marketing using that communication channel on any legal basis.

IV. Categories and source of personal data (data collected indirectly/directly from the data subject)

  1. If we obtain your personal data directly from you – we inform you that providing this data is voluntary, however, refusal to provide it may prevent the performance of a given activity, such as responding to an inquiry.
  2. If we have not obtained your personal data directly from you (e.g. when it was provided to us in an online contact form or e-mail message as the contact details of a representative – in order to handle the inquiry by us as the relevant entity), we inform you that we obtained your data from the contact who contacted us directly. We will process your ordinary data, including contact details provided e.g. in the completed contact form.

V. Recipients of personal data

Your personal data may be disclosed to:

  1. authorised members of the Controller’s team (employees/co-workers),
  2. our cooperating suppliers, including providers of IT services, CRM systems, hosting services, e-mail systems, marketing support services, customer communication services, analytical services, and our advisors, including legal advisors,
  3. public (e.g. courts, tax offices) or non-public authorities, if required by applicable law or necessary for the pursuit/defence against claims.

VI. Your rights

We have implemented processes to protect your personal data. These rights include:

  1. the right to access personal data, including the right to obtain a copy of it;
  2. the right to rectify personal data that is inaccurate, including the right to complete incomplete data;
  3. the right to erase personal data (“the right to be forgotten”) to the extent that processing is not necessary for the establishment, exercise, or defence of claims,
  4. the right to restrict the processing of personal data;
  5. the right to data portability to another controller (where applicable).

To exercise any of these rights, please contact us at rodo@kolaszewski.com

VII. Right to object

In addition to the rights listed above, you have the right to object at any time to the processing of your personal data based on Article 6(1)(f) of the GDPR (our legitimate interest), including profiling, for reasons related to your particular situation (unless we demonstrate compelling legitimate grounds for further processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims). The objection is effective from the moment it is lodged.

You also have the right to object if we process your personal data for direct marketing purposes, including profiling (Article 6(1)(f) GDPR).

In such a case, the objection is binding for us from that moment – we will no longer have a legal basis to process your personal data for this purpose.

To exercise this right, please contact us at rodo@kolaszewski.com

VIII. Automated decision-making, including profiling

If you are a user of our website – your personal data will be processed in an automated manner, including profiling, for the purpose of direct marketing of our products or services. This allows us to personalise the content made available to you.

No automated decisions will be made in relation to you, including based on the results of profiling.

IX. Transfer of data outside the EEA

As a rule, we do not transfer your personal data outside the EEA (European Economic Area) to third countries. However, in the event of a justified need for us, as the Controller, to transfer your personal data outside the EEA – including due to the use of tools provided by entities based outside the EEA or which may store data outside the EEA – this will always be done in compliance with the principles and mechanisms under Articles 44–49 of the GDPR. Such a transfer may take place to countries which, by a decision of the European Commission, have been deemed to provide an adequate level of data protection, or in the absence of such a decision, will be secured by standard contractual clauses approved by the European Commission, or through another mechanism legalising the transfer and ensuring data protection, in accordance with applicable law. Detailed information on the transfer of data outside the EEA and the safeguards applied in such cases can be obtained by contacting us.

X. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data by us violates the law. You may lodge a complaint, for example, with the supervisory authority of your place of residence, place of work, or place of the alleged infringement. In Poland, the supervisory authority is the President of the Personal Data Protection Office.