preloader

Privacy Policy

Privacy Policy of the sharkstrade.pl service (effective from May 25, 2018)

  1. GENERAL PROVISIONS
    1. The administrator of personal data collected through the sharkstrade.pl service (hereinafter “Service”) or other communication channels with the customer is SHARKS TRADE Sp. z o.o., located in Warsaw, Przasnyska 6B, 01-756 Warsaw, Poland, registered by the District Court for the capital city of Warsaw in Warsaw, XIII Economic Department of the National Court Register, under the number KRS 0000481124, NIP 5213660898, with a share capital of: 10,000 PLN (hereinafter: “Administrator”).
    2. The personal data of Clients are processed in accordance with the principles set out in the GDPR, i.e., Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), as well as provided for in the Polish Act on Personal Data Protection, implementing acts to this Act, and the Act on Providing Services by Electronic Means of July 18, 2002 (Journal of Laws of 2002, No. 144, item 1204, as amended).
    3. To meet statutory requirements, the Administrator selects and applies appropriate technical and organizational measures ensuring the protection of processed data and secures data against being made available to unauthorized persons, as well as against processing in violation of applicable legal regulations.
  2. LEGAL BASIS FOR DATA PROCESSING
    1. All personal data are collected in the Service on a voluntary basis.
    2. The basis for processing by the Administrator of personal data collected during Registration is Art. 6 (1) (a) of the GDPR, i.e., the Client’s consent to the processing of these data, which is given for the purpose of sending a repair notification/withdrawal form. This consent is confirmed by accepting the content of the Terms and Conditions and the Privacy Policy.
    3. The basis for processing by the Administrator of personal data collected during the client’s notification is Art. 6 (1) (b) of the GDPR, i.e., taking actions necessary to conclude a contract (e.g., repair execution) and the necessity for the Administrator to perform the contract on behalf of the given Client. Additionally, the possibility of such processing of personal data is confirmed by accepting the content of the Terms and Conditions and the Privacy Policy.
    4. Data processed for registration purposes will be processed until the possible deletion of the user’s account in the Service.
    5. Data processed in connection with concluding contracts will be stored for the period of limitation of claims under sales contracts. Due to the necessity to fulfill tax and accounting obligations, part of this personal data will be stored for a period of 6 years from the day of executing individual contracts.
    6. Information necessary for handling complaints will be processed until the expiration of rights from this title.
    7. Personal data for the purpose of contact with the Administrator will be processed during the period of maintaining this contact, and later will be archived for a period of 3 years from the end of the contact, which is justified by the necessity to reconstruct the content of such contact in connection with pursuing possible claims.
  3. PURPOSE AND SCOPE OF DATA COLLECTION AND RECIPIENTS OF DATA
    1. Each time, the purpose, scope, and recipients of data processed by the Administrator result from the Client’s consent or legal provisions and are confirmed by conscious actions taken by the Client in the Service or within other communication channels with the Client.
    2. The Administrator takes special care to protect the interests of the data subjects, and in particular ensures that the data collected by him are processed:
      – fairly, in accordance with the law, and in a manner that is transparent to the data subject,
      – for specific, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes,
      – adequately, to the extent necessary, and limited to what is necessary for the purposes for which they are processed,
      – accurately, and where necessary, updated,
      – in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed,
      – in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
    3. The Client provides the following personal data:
      – in the process of filling in a repair notification in the Service: company name or first and last name, address with postal code and city (it may be the same or different from the shipping address), phone number, and email address,
      – in the process of filling in a withdrawal notification: company name or first and last name, address with postal code and city, phone number, email address, and bank account number.
      The Client’s personal data will be processed by the Administrator for the purpose of contract execution, mutual settlements, and taking necessary actions before, during, and after the conclusion of the contract at the Client’s request.
    4. The Client may also not provide the aforementioned data, however, in such a case, Sharks Trade sp. z o.o. may not be able to duly perform the contract.
    5. Possible purposes of collecting Clients’ personal data by the Administrator:
      – conclusion and execution of the contract,
      – contact related to concluded contracts.
    6. Possible recipients of Clients’ personal data:
      – employees and associates of the Administrator,
      – entities authorized to receive them under applicable law,
      – in the case of a Client who uses postal or courier delivery in the Service, the Administrator provides the necessary personal data of the Client to the selected carrier or intermediary executing shipments on behalf of the Administrator, directly executing the contract concluded with the Client, therefore only for the purpose of proper execution of such a contract,
      – companies or individuals based on appropriate agreements, i.e., data entrustment agreements, including for their storage on behalf of Sharks Trade Sp. z o.o.
    7. Entities entrusted with the processing of personal data under a separate agreement are obliged to observe the confidentiality and security of personal data, in particular not to disclose data to unauthorized persons, and to apply physical and technical security measures adequate to the method of processing these data. Sharks Trade Sp. z o.o. provides the Client, upon request, with detailed information about the entity to which it has entrusted the processing of data, the scope of entrusted data, and the date of their transfer.
    8. We never transfer personal data for marketing purposes, nor do we sell them to other external entities.
  4. RIGHTS OF CLIENTS AND USERS OF THE SERVICE
    1. Each person whose personal data are concerned has the following rights:
      – to request access to their personal data,
      – to request rectification of their personal data,
      – to request deletion of their personal data,
      – to request restriction of processing of personal data,
      – to object to the processing of personal data,
      – to lodge a complaint with a supervisory authority.
    2. Withdrawal or objection in the scope of processing personal data for the purpose of sending a notification in the Service occurs by sending an email to serwis@sharkstrade.pl, by telephone contact at the phone number 799 355 724.
    3. Upon revocation of consent or expression of objection, the personal data of the Client will no longer be used for these purposes. The Client may change / supplement their personal data by submitting a request from the e-mail address registered by the Client in the Service to serwis@sharkstrate.pl.
    4. The Client has the right to file a complaint related to the processing of personal data by the Company to the President of the Personal Data Protection Office.
    5. Contact with the person supervising the processing of personal data in the Service Provider’s organization is possible via electronic mail at iod@sharkstrade.pl or by postal address Data Protection Inspector SHARKS TRADE SP. z o.o. ul. Przasnyska 6B, 01-756 Warsaw
  5. CONTACT WITH THE ADMINISTRATOR AND DATA PROTECTION INSPECTOR
    1. The Client has the possibility of direct contact with the Administrator by sending an appropriate message in writing or by electronic mail to serwis@sharkstrade.pl, or by telephone at 799 355 724.
    2. The Client has the possibility of direct contact with the Data Protection Inspector by sending an appropriate message in writing, postal address ul. Przasnyska 6B, 01-756 Warsaw or e-mail: iod@sharkstrade.pl
    3. The Administrator stores correspondence with the Client for statistical purposes and to provide the best and fastest response to emerging inquiries, as well as in the scope of resolutions of complaint procedures and decisions taken based on reports of potential administrative interventions in the specified account. Addresses and data collected in this way will not be used for communication with the Client for purposes other than the realization of the report.
    4. If the Client contacts us to perform certain actions (e.g., filing a complaint) via a form, the Administrator may ask the Client to provide data, including personal data, such as first name, last name, email address, etc., to confirm the Client’s identity and enable a return contact on the matter. The above applies to the same data, including personal data, which were previously provided by the Client and for which the Client gave consent. Providing this data is not mandatory but may be necessary to perform the action or obtain information of interest to the Client.
  6. SECURITY
    1. The Administrator applies appropriate technical and organizational measures ensuring the security of processed Personal Data appropriate to the threats and category of data protected, in particular, protects the data from being disclosed to unauthorized persons, taken by an unauthorized person, processed in violation of applicable regulations, and from alteration, loss, damage, or destruction.
    2. Considering the state of technical knowledge, implementation costs, and the nature, scope, and purposes of processing as well as the risk of violating the rights or freedoms of natural persons with varying likelihood and severity, the administrator implements appropriate technical and organizational measures to ensure a level of security appropriate to this risk, including, where appropriate:
      – the ability to continuously ensure the confidentiality, integrity, availability, and resilience of processing systems and services
      – encryption of personal data,
      – the ability to quickly restore the availability and access to personal data in the event of a physical or technical incident,
      – regular testing, assessing, and evaluating the effectiveness of technical and organizational measures to ensure the security of processing.
  7. OTHER PROVISIONS
      • The Administrator reserves the right to send clients unsolicited messages not constituting commercial information. These include information directly related to the operation of the Service, or customary non-commercial messages, of informational and confirming nature. The aforementioned messages may be sent to the Client by entities acting on behalf of the Administrator based on appropriate agreements for the entrustment of personal data for processing.