PRIVACY POLICY
I. General Provisions
II. Purpose and scope of data collection
III. Basis for data processing
IV. The right to control, access and correct the content of your data
V. “Cookies”
VI. Final provisions
(1) The Administrator of the personal data collected through https://blanca-spain.com is Blanca-Spain, electronic mail (e-mail) address: [email protected], hereinafter referred to as the “Administrator” and which is also the Service Provider.
(2) Any words or expressions capitalized in the body of this Privacy Policy shall be construed as defined in the Terms of Service of https://blanca-spain.com.
II. PURPOSE AND SCOPE OF DATA COLLECTION
(1) Personal data will be processed for the purpose of contacting the Service Recipient, for information, accounting and other activities related to the activity of the Service Recipient on https://blanca-spain.com, as well as direct marketing of its own services, carried out in the traditional form (paper), being the so-called. The legitimate interests of the entrepreneur. Data for these purposes will be processed on the basis of Art. 6 paragraph. 1 lit. b), (c) and (f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (RODO).
(2) Upon separate consent, pursuant to Art. 6 paragraph. 1(a) of the RODO, the data may also be processed for the purpose of sending commercial information by e-mail or making telephone calls for direct marketing purposes – respectively, in connection with Art. 10 paragraph. 2 of the Act of July 18, 2002 on the provision of electronic services or Art. 172 para. 1 of the Telecommunications Law of July 16, 2004, including those directed as a result of profiling, provided that the user has given the appropriate consent.
(3) Personal data processed for purposes related to the performance of services will be processed for the period necessary for the performance of services, after which data subject to archiving will be kept for the period appropriate to the statute of limitations for claims, i.e. 10 years. Personal data processed for marketing purposes covered by the statement of consent will be processed until the consent is revoked.
(4) If it is determined that the processing of personal data violates the provisions of the RODO, the data subject has the right to lodge a complaint with the Inspector General for Personal Data Protection (from May 25, 2018 – the President of the Office for Personal Data Protection).
(5) Provision of personal data is voluntary, but the provision of marked personal data is a condition for contact, while the consequence of their absence will be the impossibility to answer questions of the potential Customer.
(6) Personal data will also be processed by automated means in the form of profiling, provided that the user consents to it pursuant to Art. 6 paragraph. 1(a) RODO. The consequence of profiling will be the assignment of a profile to a person for the purpose of making decisions concerning him or her or analyzing or predicting his or her preferences, behaviors and attitudes.
(7) The controller shall exercise special care to protect the interests of data subjects, and in particular shall ensure that the data it collects are:
(a) processed in accordance with the law,
(b) collected for designated legitimate purposes and not subjected to further processing incompatible with those purposes,
(c) Substantially correct and adequate in relation to the purposes for which they are processed, and stored in a form that allows the identification of the persons to whom they relate for no longer than is necessary to achieve the purpose of processing.
III. THE RIGHT TO CONTROL, ACCESS AND CORRECT THE CONTENT OF YOUR DATA
(1) The data subject shall have the right of access to the content of his/her personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.
(2) In order to exercise the rights referred to in paragraph 1, you can send the relevant email to: [email protected]
IV. COOKIES
1 The Service Provider’s website uses “cookies”. Failure to change the browser settings on the part of the Customer is tantamount to consent to their use.
(2) Installation of “cookies” is necessary for the proper provision of services on the Website. The “cookies” contain information necessary for the proper functioning of the Service, especially those requiring authorization.
(3) The Service uses three types of “cookies”: “session”, “permanent” and analytical.
(a) “Session” “cookies” are temporary files that are stored on the Service Recipient’s terminal equipment until the Service Recipient logs off (leaves the Site).
b) “Permanent” cookies are stored in the final device of the Customer for the time specified in the parameters of the cookies or until they are deleted by the User.
(c) “Analytical” “cookies” allow to better understand how the Service Recipient interacts with the content of the Site, to better organize its layout. “Analytical” “cookies” collect information about how Service Recipients use the Site, the type of site from which the Service Recipient was redirected, and the number of visits and the time of the Service Recipient’s visit to the Site. This information does not record specific personal data of the Service Recipient, but is used to develop statistics on the use of the Site.
(4) You have the right to decide on the access of “cookies” to your computer by selecting them in advance in your browser window. Detailed information about the possibility and methods of handling “cookies” is available in the settings of your software (web browser).
V. FINAL PROVISIONS
(1) The controller shall apply technical and organizational measures to ensure the protection of the processed personal data appropriate to the risks and categories of data protected, and in particular shall protect the data from being disclosed to unauthorized persons, from being taken by an unauthorized person, from being processed in violation of applicable regulations, and from being altered, lost, damaged or destroyed.
(2) The Service Provider shall provide appropriate technical measures to prevent unauthorized persons from obtaining and modifying, personal data sent electronically.
(3) In matters not covered by this Privacy Policy, the provisions of the Regulations of the https://blanca-spain.com website, the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (RODO) and other relevant provisions of Polish law shall apply accordingly.
(4) The provisions of this Privacy Policy shall take effect on May 25, 2018.