PRIVACY POLICY

OF THE WEBSITE (WWW.OPTIMAPARTNER.PL)

For the Owner of this website, the protection of Users’ personal data is a matter of the highest importance. Every effort is made to ensure that Users feel safe when providing their personal data while using the website.
A User is a natural person, a legal person, or an organizational unit without legal personality, to which the law grants legal capacity, that uses electronic services available within the website.
This Privacy Policy explains the principles and scope of processing Users’ personal data, their rights, as well as the obligations of the data administrator, and informs about the use of cookies.
The Administrator applies modern technical and organizational measures that ensure a high level of protection of processed personal data and protect them against access by unauthorized persons.

I. PERSONAL DATA ADMINISTRATOR

The administrator of personal data is NWP COMPANY SP. Z O.O., with its registered office at JANA HENRYKA DĄBROWSKIEGO 77A, 60-529 POZNAŃ, entered in the register of entrepreneurs kept by the District Court in Poznań, Commercial Division, under KRS number: 0001042624, NIP: 7812052628 (hereinafter referred to as the “Owner”).

II. PURPOSES OF PERSONAL DATA PROCESSING

1. The Administrator processes Users’ personal data for the following purposes: the collected data will be used to improve the quality of the service, which is of an informational nature.
The User may also give consent to receive information about news and promotions, as a result of which the Administrator will process personal data for the purpose of sending the User commercial information 2/5, including in particular information about new products or services, promotions, or sales.
Personal data are also processed in order to fulfill legal obligations imposed on the data administrator, as well as to perform tasks carried out in the public interest, including tasks related to security and defense or the storage of tax documentation.
Personal data may also be processed for the purpose of direct marketing of products, pursuing or defending against claims of the User or third parties, as well as marketing services and products of third parties or the Owner’s own marketing that does not constitute direct marketing.

III. TYPES OF DATA

The Administrator processes the following personal data, the provision of which is necessary for:
1. Data provided voluntarily by the User: — date of birth;

IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA

Personal data are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the EU L 119, 4.5.2016, pp. 1–88, hereinafter referred to as the “GDPR Regulation”.
The Administrator processes personal data solely after obtaining the User’s prior consent.
Granting consent to the processing of personal data is entirely voluntary.

V. USER RIGHTS

The User may at any time request information from the Administrator regarding the scope of processing of their personal data.
The User may at any time request correction or completion of their personal data.
The User may at any time withdraw their consent to the processing of personal data without providing a reason. A request to stop data processing may concern a specific purpose of processing indicated by the User, such as withdrawal of consent to receive commercial information, or all purposes of data processing. Withdrawal of consent for all processing purposes will result in deletion of the User’s account from the website together with all previously processed personal data. Withdrawal of consent does not affect actions already taken.
The User may at any time request deletion of their data without providing a reason. A request for deletion does not affect actions already taken. Deletion of data means simultaneous deletion of the User’s account together with all personal data stored and processed up to that moment.
The User may at any time object to the processing of personal data, either in full or in part, for example with regard to processing for a specifically defined purpose. The objection does not affect actions already taken. Submission of an objection will result in deletion of the User’s account together with all previously processed personal data.
The User may request restriction of the processing of personal data for a specified period or without a time limit, but within a defined scope, which the Administrator is obliged to comply with. Such a request does not affect actions already taken.
The User may request the transfer of their personal data to another entity. For this purpose, the User should submit a request to the Administrator indicating the entity (name and address) to which the data are to be transferred and specifying the exact data to be transferred. After confirmation of the request by the User, the Administrator will transfer the data electronically to the indicated entity. Confirmation of the request is required for reasons of personal data security and to ensure that the request originates from an authorized person.
The Administrator informs the User about the actions taken no later than one month from the date of receipt of one of the requests specified in the preceding points.

VI. PERIOD OF STORAGE OF PERSONAL DATA

As a rule, personal data are stored only for the period necessary to fulfill contractual or statutory obligations for which they were collected. Data are deleted immediately when their storage is no longer necessary, except for cases of storage for evidentiary purposes in accordance with civil law or due to a statutory obligation to retain data.
Information relating to contracts is stored for evidentiary purposes for three years, starting from the end of the year in which the commercial relationship with the User ended. Data deletion occurs after the expiry of the statutory limitation period for contractual claims.
In addition, the Administrator may retain archival information relating to concluded transactions, as its retention is connected with the rights vested in the User, for example those arising from warranty or statutory guarantee.
If no contract has been concluded between the User and the Owner, the User’s personal data are stored until the User’s account on the website is deleted. Deletion of the account may occur at the User’s request, as a result of withdrawal of consent to the processing of personal data, or submission of an objection to such processing.

VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES

The Administrator may entrust the processing of personal data to entities cooperating with the Administrator to the extent necessary to carry out transactions, for example for the preparation of ordered goods and delivery of shipments, or the transmission of commercial information from the Administrator (the latter applies to Users who have consented to receive commercial information).
Outside the purposes indicated in this Privacy Policy, Users’ personal data will not be transferred in any way to third parties or other entities for the purpose of sending their marketing materials.
Personal data of website Users are not transferred outside the territory of the European Union.
This Privacy Policy complies with the requirements of Article 13(1) and (2) of the GDPR Regulation.

I. PERSONAL DATA ADMINISTRATOR

II. PURPOSES OF PERSONAL DATA PROCESSING

1. The Administrator processes Users’ personal data for the following purposes: the collected data will be used to improve the quality of the service, which is of an informational nature.

The User may also give consent to receive information about news and promotions, as a result of which the Administrator will process personal data for the purpose of sending the User commercial information 2/5, including in particular information about new products or services, promotions, or sales.

Personal data are also processed in order to fulfill legal obligations imposed on the data administrator, as well as to perform tasks carried out in the public interest, including tasks related to security and defense or the storage of tax documentation.

Personal data may also be processed for the purpose of direct marketing of products, pursuing or defending against claims of the User or third parties, as well as marketing services and products of third parties or the Owner’s own marketing that does not constitute direct marketing.

IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA

Personal data are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the EU L 119, 4.5.2016, pp. 1–88, hereinafter referred to as the “GDPR Regulation”.

The Administrator processes personal data solely after obtaining the User’s prior consent.

Granting consent to the processing of personal data is entirely voluntary.

V. USER RIGHTS

The User may at any time request information from the Administrator regarding the scope of processing of their personal data.

The User may at any time request correction or completion of their personal data.

The User may at any time withdraw their consent to the processing of personal data without providing a reason. A request to stop data processing may concern a specific purpose of processing indicated by the User, such as withdrawal of consent to receive commercial information, or all purposes of data processing. Withdrawal of consent for all processing purposes will result in deletion of the User’s account from the website together with all previously processed personal data. Withdrawal of consent does not affect actions already taken.

The User may at any time request deletion of their data without providing a reason. A request for deletion does not affect actions already taken. Deletion of data means simultaneous deletion of the User’s account together with all personal data stored and processed up to that moment.

The User may at any time object to the processing of personal data, either in full or in part, for example with regard to processing for a specifically defined purpose. The objection does not affect actions already taken. Submission of an objection will result in deletion of the User’s account together with all previously processed personal data.

The User may request restriction of the processing of personal data for a specified period or without a time limit, but within a defined scope, which the Administrator is obliged to comply with. Such a request does not affect actions already taken.

The User may request the transfer of their personal data to another entity. For this purpose, the User should submit a request to the Administrator indicating the entity (name and address) to which the data are to be transferred and specifying the exact data to be transferred. After confirmation of the request by the User, the Administrator will transfer the data electronically to the indicated entity. Confirmation of the request is required for reasons of personal data security and to ensure that the request originates from an authorized person.

The Administrator informs the User about the actions taken no later than one month from the date of receipt of one of the requests specified in the preceding points.

VI. PERIOD OF STORAGE OF PERSONAL DATA

As a rule, personal data are stored only for the period necessary to fulfill contractual or statutory obligations for which they were collected. Data are deleted immediately when their storage is no longer necessary, except for cases of storage for evidentiary purposes in accordance with civil law or due to a statutory obligation to retain data.

Information relating to contracts is stored for evidentiary purposes for three years, starting from the end of the year in which the commercial relationship with the User ended. Data deletion occurs after the expiry of the statutory limitation period for contractual claims.

In addition, the Administrator may retain archival information relating to concluded transactions, as its retention is connected with the rights vested in the User, for example those arising from warranty or statutory guarantee.

If no contract has been concluded between the User and the Owner, the User’s personal data are stored until the User’s account on the website is deleted. Deletion of the account may occur at the User’s request, as a result of withdrawal of consent to the processing of personal data, or submission of an objection to such processing.

VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES

The Administrator may entrust the processing of personal data to entities cooperating with the Administrator to the extent necessary to carry out transactions, for example for the preparation of ordered goods and delivery of shipments, or the transmission of commercial information from the Administrator (the latter applies to Users who have consented to receive commercial information).

Outside the purposes indicated in this Privacy Policy, Users’ personal data will not be transferred in any way to third parties or other entities for the purpose of sending their marketing materials.

Personal data of website Users are not transferred outside the territory of the European Union.

This Privacy Policy complies with the requirements of Article 13(1) and (2) of the GDPR Regulation.