Terms of use and privacy policy of the zpc-sniezka.pl website

Terms of use of the zpc-sniezka.pl website

ABOUT US

The sole owner of this website available at www.zpc-sniezka.pl (hereinafter referred to as: „the Site”) is the company ZAKŁADY PRZEMYSŁU CUKIERNICZEGO ŚNIEŻKA SPÓŁKA AKCYJNA based in Świebodzice (office address and correspondence address: ul. H. Sienkiewicza 36, 58-160 Świebodzice); registered in Register of Entrepreneurs of National Court Registry under the number: 0000674730, Register Court which holds the company’s documentation: District Court for Wrocław – Fabryczna in Wrocław, IX Commercial Department of National Court Registry; share capital in amount of 4.332.600,00 zł; Tax ID no. NIP: 8862447772, REGON: 890678862, e-mail address: sekretariat@zpc-sniezka.pl, telephone number: (+48) 74 665 06 20 (hereinafter referred to as: „ZPC-SNIEZKA”, „Owner” or „Administrator”).

LEGAL DISCLAIMER

This Site is not an online store, therefore it is not possible to conclude a sale agreement through the Site (meaning that adverts, price lists and other information on products available on the Site are not to be treated as an offer, but as an invitation to conclude an agreement). An agreement can be concluded by sending a request to ZPC-SNIEZKA after agreeing on specific terms of the agreement by both parties – conclusion of such agreement and its specific terms are regulated by separate ZPC-SNIEZKA general terms of sale.

The Owner is the Controller of personal data processed in connection with the execution of the Terms and Conditions. Personal data is processed for the purposes, in the scope and on the basis of rules indicated in the privacy policy published on the website. The privacy policy contains primarily rules for the processing of personal data by the Processor in the Website, including the basics, purposes and scope of the processing of personal data and the rights of persons to whom the personal data refers, as well as information on the use of cookie files and analytical tools in the website. Using the website is voluntary. Similarly, the provision of personal data by the Service User is voluntary, subject to the exceptions indicated in the privacy policy.

USE OF OUR WEBSITE

The Site is available for all Internet users. As a part of ZPC-SNIEZKA website, the company provides information on its business activity and its products.

For proper use of the Site, following requirements shall be met:

A computer, a laptop or other media device with an Internet access.
The access to electronic mail.
Web browser: Mozilla Firefox version 17.0 or higher, Internet Explorer version 10.0 or higher, Opera version 12.0 or higher, Google Chrome version 23.0.0 or higher, Safari version 5.0 or higher, Microsoft Edge version 25.10586.0.0 or higher.
Recommended screen resolution: 1024×768.
Cookies and Javascript enabled.

Use of the Site is free of charge. Use of the Site should be in conformity with the law, good manners, respect for personal goods, protection of personal data, the rights of the Administrator and other people using the Site as well as third parties, including copyrights and intellectual property rights. Any illegal activities resulting in impeding the functioning of the Site are forbidden. Providing illegal contents is forbidden.

You can stop using the Site at any time by closing the Site or the browser.

In case of any problems or questions related to the Site or any other questions, please contact the Site’s owner:

via contact form available on the Site;
via e-mail at: sekretariat@zpc-sniezka.pl;
via telephone: (+48) 74 665 06 20;
in writing: ul. H. Sienkiewicza 36, 58-160 Świebodzice.

Please give us the information (1) on the matter of your inquiry and your contact details (2). We will respond to your inquiry within 14 days.

ELECTRONIC SERVICES

The Site provides access to the following electronic services: contact form and newsletter.

Use of the contact form is possible after providing on a tab “Contact Form” visible on the Site the required data and a content of a message and clicking the “Send” field.

The contact form electronic service is provided free of charge, is single-use in nature and is concluded upon sending a message via the form or upon earlier discontinuation of sending a message by the service user.

Use of the newsletter is possible after providing on a tab “Newsletter” which is visible on the Site an e-mail address to which the subsequent editions of a Newsletter are supposed to be sent and clicking the action field.

The newsletter electronic service is provided free of charge for an indefinite time. The service user has the option, at any time and without stating the cause, to unsubscribe from the newsletter (resign from the newsletter) by sending a corresponding request to the Administrator, particularly via e-mail at the address: sekretariat@zpc-sniezka.pl or in writing at the address: ul. H. Sienkiewicza 36, 58-160 Świebodzice.

COPYRIGHTS

Copyrights and intellectual property rights to the Site as a whole as well as its contents, graphics, works, designs and trademarks available on the Site belong to the Owner or to authorized third parties and are therefore protected by copyrights and other provisions of applicable law. Personal use of the contents of the Site is permitted without restrictions. Use of the contents of the Site for other reasons requires Administrator’s or authorized third parties’ consent.

CONTACT US

In case of any issues or questions regarding the use of our Site or any other questions, please contact the Owner of the Site:

via contact form available on the Site;
via e-mail at: sekretariat@zpc-sniezka.pl;
via telephone: (+48) 74 665 06 20;
in writing: ul. H. Sienkiewicza 36, 58-160 Świebodzice.

Privacy policy of the zpc-sniezka.pl website

GENERAL PROVISIONS

This Privacy Policy of a Website is of informative nature, which means that it shall be no source of obligations for Service Users of the Website. The Privacy Policy contains, above all, the principles concerning the processing of data by the Controller in the Website, including the basis, purpose and period of personal data processing and the rights of data subjects as well as information regarding the use of cookies and analytical tools in the Website.

The Controller of the personal data collected via the Website shall be the company ZAKŁADY PRZEMYSŁU CUKIERNICZEGO ŚNIEŻKA SPÓŁKA AKCYJNA based in Świebodzice (office address and correspondence address: ul. H. Sienkiewicza 36, 58-160 Świebodzice); registered in register of entrepreneurs of National Court Registry under the number: 0000674730, register court which holds the company’s documentation: District Court for Wrocław – Fabryczna in Wrocław, IX Commercial Department of National Court Registry; share capital in amount of 4.332.600,00 zł; Tax ID no. NIP: 8862447772, REGON: 890678862, e-mail address: sekretariat@zpc-sniezka.pl, telephone number: (+48) 74 665 06 20 – hereinafter referred to as “Controller” and being simultaneously the Service Provider of the Website.

Personal data in the Website shall be processed by the Controller in accordance with the binding legal regulations, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter referred to as “GDPR” or “GDPR Regulation”. The official text of the GDPR Regulation: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679.

Using the Website, including shopping, is voluntary. Similarly, providing personal data by the Service User using the Website is voluntary, subject to two exceptions: (1) entering into contracts with the Controller – failure to provide the personal data necessary for the conclusion and performance of a contract for the provision of an E-Service with the Controller in the cases and within the scope indicated on the website of the Website and the Terms and Conditions of the Website and this Privacy Policy shall result in no possibility to enter into the contract. Providing personal data is a contractual requirement in such a case and if the data subject is willing to enter into the contract with the Controller, they shall be obligated to provide the required data. The scope of the data required to enter into the contract is each time specified in advance on the website of the Website and in the Terms and Conditions of the Website; (2) statutory obligations of the Controller – specifying the personal data is a statutory requirement resulting from the commonly binding legal regulations obligating the Controller to process the personal data (e.g. processing data to fiscal books and ledgers) and failure to specify the data will render it impossible for the Controller to perform the obligations.

The Controller assures due diligence to protect the interest of persons being data subjects, in particular being responsible and liable for and assuring that the data collected are: (1) processed in accordance with the Act; (2) collected for specific, legal purposes and not subject to further processing inconsistent with the purposes; (3) correct as regards the subject matter and adequate as regards the purpose of the processing; (4) stored in a form making it possible to identify the people they apply to, no longer than it proves necessary to attain the purpose of processing and (5) processed in a manner ensuring security of the personal data, including the protection against illicit or illegal processing or accidental loss, damage or destruction, with the use of appropriate technical and organisational measures.

Taking into account the nature, scope, context and purpose of processing as well as the risk of breaching the rights or freedoms of natural persons with varied likelihood and degree of threat, the Controller is implementing appropriate technical and organisational measures so that the processing takes place pursuant to the Regulation and it is possible to show it. The measures are reviewed and updated, as necessary. The Controller applies technical measures preventing the acquisition and modification of personal data sent electronically by unauthorised persons.

Any words, phrases and acronyms used in this privacy policy starting with a capital letter (e.g. Website, Electronic Service) shall be understood in accordance with the definition contained in the Terms and Conditions of the Website available on the websites of the Website.

BASIS FOR THE PROCESSING OF DATA

The Controller is authorised to process the personal data in cases, and to the extent, when at least one of the following conditions is met: (1) the data subject consented to the processing of their data to one or more specified ends; (2) processing is necessary for contract performance the data subject is a party to, or to take actions to the request of the data subject, prior to contract conclusion; (3) processing is necessary to meet the legal obligation of the Controller; or (4) processing is necessary for the needs resulting from the legally justified interests of the Controller or third party, except for situations when the interests or basic rights and freedoms of the data subject override such interests and they require personal data protection, especially when the data subject is a child.

The processing of personal data by the Controller each time requires having at least one basis indicated above. Specific bases for processing personal data of the Service Users of the Website by the Controller are specified in the following point of the privacy policy – as regards the specific goal of processing personal data by the Controller.

PURPOSE, BASIS AND PERIOD OF PROCESSING DATA IN THE WEBSITE

Each time, the purpose, basis, period and scope as well as the recipients of personal data being processed by the Controller result from actions undertaken by a given Service User in the Website.

The Controller may process the personal data in the Website for the purposes, on the bases and within the periods as follows:


Purpose of data processing	Legal basis for processing the data	Period of data storage
The performance of the contract for the provision of an Electronic Service, or taking actions to the request of the data subject, prior to entering into the above mentioned contract	Article 6, par. 1, point b) of the GDPR Regulation (contract performance)	The data shall be stored for the period necessary for the performance, termination or expiry of a contract entered into in a different manner.
Direct marketing	Article 6, par. 1, point f) of the GDPR Regulation (legitimate interest of the Controller)	The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims as regards the data subject under the business activity of the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims related to business activity amounts to three years, and for a contract of sale two years). The Controller may not process the data for the needs of direct marketing in the case of expressing clear objection in this field by the data subject.
Marketing	Article 6, par. 1, point a) of the GDPR Regulation (consent)	The data are stored until the data subject withdraws the consent to further process their data to that end.
Determining, pursuing or defence of claims on the side of the Controller, or ones that may arise as regards the Controller	Article 6, par. 1, point f) of the GDPR Regulation	The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims as regards the data subject under the business activity of the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims related to business activity amounts to three years, and for a contract of sale two years).

DATA RECIPIENTS IN THE WEBSITE

For the needs of proper Website functioning, it shall be necessary for the Controller to make use of external companies’ services (e.g. software provider). The Controller uses solely the services of such processing entities which ensure sufficient guarantee to implement appropriate technical and organisational measures so that the processing meets the requirements set out in the GDPR Regulation and protects the rights of data subjects.

Providing data by the Controller does not take place in every case and not to all the recipients or categories of recipients defined in the privacy policy – the Controller provides the data only in the case it proves necessary to attain a given purpose of personal data processing and solely within the necessary scope.

Personal data of the Website Service Users may be provided to the following recipients or categories of recipients:

service providers rendering for the Controller technical, IT or organisational solutions, making it possible for the Controller to conduct a business, inclusive of the Website and E-Services provided via it (in particular computer software providers for the Website, e-mail companies and hosting providers as well as software providers for company management and technical aid for the Controller) – the Controller makes the collected personal data of the Service User available to the selected provider operating to their order only in the case and to the extent necessary for attaining a given purpose of data processing in accordance herewith.
accounting, legal and counselling services providers rendering for the Controller accounting, legal or counselling services (in particular an accounting agency, law firm or debt collection company) – the Controller makes the collected personal data of the Service User available to the selected provider operating to their order only in the case and to the extent necessary for attaining a given purpose of data processing in accordance herewith.

THE RIGHTS OF THE DATA SUBJECT

The right to access, rectify, restrict, erase or transmit – the data subject shall have the right to demand the Controller to have access to their personal data, rectify, erase (“the right to be forgotten”) or restrict the processing and shall have the right to object to the processing and transmit their data. Detailed conditions of the above rights shall be indicated in Articles 1522 of the GDPR Regulation.

The right to withdraw the consent at any time – the person whose data are being processed by the Controller on the basis of the consent given (pursuant to Article 6, par. 1, point a) or Article 9, par. 2, point a) of the GDPR Regulation), they shall have the right to withdraw their consent at any time without any impact on the compatibility with the right to process made based on the consent prior to the withdrawal.

The right to lodge a complaint with a supervisory body – the person whose data are being processed by the Controller shall have the right to lodge a complaint with a supervisory body in a manner and mode specified in the provisions of the GDPR Regulation and the Polish law, in particular the Personal Data Protection Act. The supervisory body in Poland shall be the President of the Office for Personal Data Protection.

The right to object – the data subject shall have the right, at any time, to lodge a complaint – for reasons related to their particular situation – as regards the processing of their personal data based on Article 6, par. 1, point e) (public interest or official authority) or f) (legitimate interest of the controller) in the case of profiling based on the provisions. The Controller in such a case must stop processing the personal data, unless they show the existence of legally significant and justified bases for the processing, overriding the interests, rights and freedoms of the data subject, or the bases for determining, pursuing or defending the claims.

The right to object as regards direct marketing – in the case the personal data are being processed for the needs of direct marketing, the data subject shall have the right, at any time, to lodge a complaint as regards the processing of their personal data for the needs of such marketing, including profiling, to the extent to which the processing is related to direct marketing.

To perform the rights mentioned in this point of the privacy policy, one may contact the Controller by sending them an appropriate message in writing or via e-mail to the address of the Controller indicated at the beginning of the privacy policy or using the contact form available on the Website’s website.

COOKIES IN THE WEBSITE, OPERATIONAL DATA AND ANALYTICS

Cookies are small pieces of text files sent by the server and saved at the visitor’s of the Website (e.g. on the hard disk of a computer, laptop, or smartphone’s memory card – depending on the type of device used by the Website’s visitor). Detailed information on Cookies as well as the history of their origin can be found e.g. at: http://pl.wikipedia.org/wiki/Ciasteczko (https://en.wikipedia.org/wiki/HTTP_cookie).

The Controller may process the data contained in Cookies while the visitors of the Website use it for the following purposes:

saving data from the filled forms;
adjusting the content of the Website to individual preferences of the Service User (e.g. concerning the colours, font size, layout) and optimising the use of the Website’s websites;
preparing anonymous statistics presenting the manner of using the Website.

As a standard, most internet browsers on the market accept saving Cookies by default. Every person has the possibility to specify the conditions of using Cookies in the browser settings. It means that one may, e.g. partially restrict (e.g. temporarily) or fully disable saving Cookies – in the latter case it may have an impact on some functionalities of the Website.

The browser settings concerning Cookies are essential as regards the consent to use Cookies by our Website – in accordance with the law, such consent may also be expressed in the browser settings. In view of lack of such consent, change the browser setting accordingly as regards Cookies.

Detailed information concerning the change in Cookies settings and their individual removal in the most common browsers is available in the help section of the browser and the following websites (click the link):

The Controller may use Google Analytics, Universal Analytics services on the Website, which are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The services help the Controller to analyse the frequency of visits on the Website. The data collected are processed under the above services in an anonymous manner (the so-called operational data, which make it impossible to identify a person) to generate statistics helpful while administering the Website. The data are of collective and anonymous nature, i.e. they do not contain any identifying features (personal data) of the visitors of the Website. Using the above services on the Website, the Controller collects such data as the sources and medium of acquiring visitors of the Website and the manner of their conduct on the website of the Website, information concerning their devices and browsers used to visit the website, IP and domain, geographical data and demographic data (age, sex) and interests.

Given the fact that the rules of using Cookies by the third parties may be different from the rules indicated in this privacy policy, we highly recommend to read the specific information published on the websites of these third parties:

Google Universal Analytics: https://support.google.com/analytics/answer/2838718?hl=pl
Google Analytics: https://policies.google.com/technologies/cookies?hl=pl

It is possible to easily block sharing information with Google Analytics as regards the activity on the website of the Website – install to that end an opt-out add-on made available by Google Inc. available at: https://tools.google.com/dlpage/gaoptout?hl=pl.

FINAL PROVISIONS

The Website may contain links to other websites. The Controller encourages that at the time of being transferred to other websites, become familiar with the privacy policy. This privacy policy shall apply only to the Website of the Controller.