Controller – STEMOR Sp. z o.o., ul. Kolonistów 42, 71-806 Szczecin, Tax ID: 9552305363, KRS: 0001076852 phone no.: +48 91 8101 258, firstname.lastname@example.org
Personal data – any information about an identified or identifiable natural person („data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person;
Policy – the following document available at: https://www.stemor.eu/privacy-policy/ containing information indicating to the User of the Website the scope and manner of processing of his/her personal data in connection with the activity of the Website, the manner of storing, securing and using the data, the possibility and scope of the User’s use of the data, information and materials presented on the Website.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
Website – the website operated by the Controller at https://stemor.eu/
PROCESSING OF DATA IN CONNECTION WITH THE USE OF THE WEBSITE
In connection with the User’s use of the Website https://stemor.eu/, the Controller collects data to the extent necessary to provide the services offered, as well as information about the User’s activity on the Website. Your personal data is only collected and used with your consent. Exceptions to this rule are situations where prior consent is not possible and the processing is permitted by law.
PURPOSES AND LEGAL GROUNDS FOR PROCESSING DATA ON THE WEBSITE
We collect, process and use your personal data for the following purposes:
Conclusion and execution of contracts
Delivery of consignments
Your personal data will be processed on the basis of the principles under the law:
Article 6 (1)(a) the data subject has given his or her consent to the processing of his or her personal data for one or more specified purposes;
Article 6 (1)(b) the processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract;
Article 6 (1)(c) processing is necessary for the fulfilment of a legal obligation incumbent on the controller;
Article 6 (1)(d) the processing is necessary to protect the vital interests of the data subject or of another natural person;
Article 6 (1)(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
PROCESSING OF CUSTOMERS’ PERSONAL DATA
The information you provide to us when you contact us by telephone, e-mail will be stored by us on the basis of Article 6 (1)(b) or Article 6 (1)(f) of the GDPR, in order to answer your questions and for after-sales service. If we have obtained your consent to receive commercial content when filling in the contact form, your data will be processed on the basis of Article 6 (1)(a) of the GDPR.
Each contact will be recorded in a register so that we can prove that the contact took place as required by law.
On the basis of Article 6 (1)(c) and (f) of the GDPR, we use and store your personal data and, where necessary, technical information, in order to prevent or investigate misuse of data or other unlawful behaviour on our website, e.g. to ensure data safety in the event of attacks on our IT systems. This may be carried out on the basis of orders from public authorities or common courts, insofar as we are required to do so by law, as well as to protect our rights and interests and to enable us to defend ourselves in court.
The Controller processes Users’ personal data in order to carry out marketing activities, which may consist of:
displaying marketing content to the User that is not tailored to their preferences (contextual advertising);
displaying marketing content relevant to the User’s interests (behavioural advertising);
e-mail and SMS/MMS notifications, which in some cases contain commercial information;
carrying out other activities related to direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities);
LEGAL GROUNDS FOR PROCESSING PERSONAL DATA:
for analytical and statistical purposes – the legal basis for the processing is the user’s consent, (Article 6(1)(a) GDPR) – consisting of conducting analyses of Users’ activity on the Website in order to improve the functionalities used;
for the purposes of possible establishment, investigation or defence of claims – the legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR).
COOKIES AND SIMILAR TECHNOLOGY
The Controller has prepared a separate policy for cookies, which can be found at: https://www.stemor.eu/cookie-policy/
PERIOD OF PROCESSING OF PERSONAL DATA
The duration of the Controller’s data processing depends on the type of service provided and the purpose of the processing. As a general rule, the data is processed for the duration of the service or order processing, until:
in the case of the conclusion of a contract until a period of 5 years has elapsed since its conclusion, or
- 3 years in accordance with Article 118 of the Civil Code in the case of claims or
withdrawal of consent, where the legal basis of the processing is the User’s consent, or
raising an effective objection to the processing of data in cases where the legal basis of the processing is the legitimate interest of the Controller.
The data processing period may be extended in each case where the processing is necessary for the establishment, investigation or defence of possible claims, and thereafter only if and to the extent required by law. At the end of the processing period, the data are irreversibly deleted or anonymised.
The User has the following rights under the GDPR:
• Right of access to the content of personal data – pursuant to Article 15 of the GDPR
• Right to request the rectification of personal data – pursuant to Article 16 of the GDPR
• Right to erasure – pursuant to Article 17 of the GDPR
• Right to restrict processing – pursuant to Article 18 of the GDPR
• Right to data portability – pursuant to Article 20 of the GDPR
• Right to object to the processing of data – pursuant to Article 21 of the GDPR
• Right to lodge a complaint with the supervisory authority in charge of personal data protection, i.e. the President of the DPA email: email@example.com
To the extent that the User’s data is processed on the basis of their consent, The User can withdraw it at any time.
In order to exercise their rights, the User may contact the Controller at the email address firstname.lastname@example.org.
RECIPIENTS OF THE DATA
In connection with the provision of services, personal data will be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems, entities such as banks and payment operators, accounting service providers, couriers. The Controller reserves the right to disclose selected information concerning the User to the competent authorities or to third parties who make a request for such information on the basis of an appropriate legal basis and in accordance with the provisions of the applicable law.
TRANSFER OF DATA OUTSIDE THE EEA
The Controller does not transfer personal data outside the EEA.
SECURITY OF PERSONAL DATA
The Controller shall ensure the security of personal data by means of appropriate technical and organisational measures aimed at preventing unlawful data processing and accidental loss, destruction and damage. In addition, the Controller takes special care to ensure that personal information is:
correct and processed in a lawful manner,
obtained only for specific purposes and not further processed in a way incompatible with those purposes,
adequate, relevant and not excessive in relation to the purposes of their processing,
accurate and up-to-date,
not kept longer than necessary,
Contact with the Controller is possible via email address: email@example.com or correspondence address:
STEMOR Sp. z o.o., ul. Kolonistów 42, 71-806 Szczecin phone no.: +48 91 8101 258,