PRIVACY POLICY WITH COOKIES

MALMO

https://malmo-hvac.com/

 

• 1. General information

1. This document sets out the privacy policy of https://malmo-hvac.com/ and is for information purposes only.
2. The personal data collected by the Administrator is processed on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter RODO), the Personal Data Protection Act of 10 May 2018 and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2002 no. 144 item 1204 as amended).
3. In accordance with art. 4 pt. 7 RODO the data administrator is MALMO OZE CO.LIMITED COMPANY, NIP 6452576687, REGON 522927922, ul. Gliwicka 35, 42-600
   Tarnowskie Góry
4. The administrator makes a special effort to protect the privacy and information provided to him/her regarding the customers of the website.
5. The Administrator shall exercise due care in selecting and applying appropriate technical measures, including those of a programming and organisational nature, ensuring the protection of the processed data, in particular protecting the data against unauthorised access, disclosure, loss and destruction, unauthorised modification, as well as against their processing in violation of the applicable legislation.
6. Personal data is processed in accordance with the principles in Article 5 of the RODO, i.e.

1. a) processed lawfully, fairly and in a manner transparent to the data subject (‘lawfulness, fairness and transparency’);
2. b) collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with those purposes (‘purpose limitation’);
3. c) adequate, relevant and limited to what is necessary for the purposes for which they are processed (‘data minimisation’);
4. d) correct and updated as necessary (‘correctness’);
5. e) kept in a form which permits the identification of the data subject for no longer than is necessary for the purposes for which the data are processed (‘retention restriction’);
6. f) processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by means of appropriate technical or organisational measures (integrity and confidentiality”);

1. As part of the Administrator’s use of tools to support its day-to-day operations provided, for example, by Google, Customer Personal Data may be transferred to a country outside the European Economic Area (EEA), in particular to the United States of America (USA) or another country in which an entity cooperating with it maintains tools for processing Personal Data in cooperation with the Administrator.
2. Whenever we transfer your personal data outside the EEA, we assign a similar level of protection to it (as it would receive in the EEA) by ensuring that one or more of the following safeguards are implemented:

1. We will only transfer your personal data to countries, territories or sectors within a country that has been recognised by the European Commission as providing an adequate level of protection for personal data.
2. The transfer is subject to legally binding and enforceable obligations on the recipient to protect personal data (e.g. through the use of standard contractual clauses approved by the European Commission.
3. The transfer is subject to binding corporate rules.
4. The transfer is based on a derogation from the restrictions on the transfer of personal data outside the EEA (e.g. if you have given your consent, the transfer is necessary for the performance of a contract with you or the transfer is necessary for the establishment, exercise or defence of legal claims).

• 2. Aims and legal bases of the processing

1. The provision of personal data is voluntary, but necessary to place an order. At https://malmo-hvac.com/, customer data such as name, surname, e-mail, contact telephone, company data are collected.
2. The basis for the processing of the Customer’s personal data is primarily the need to perform a contract to which the Customer is a party or the need to take steps at the Customer’s request prior to entering into a contract (Article 6(1)(b) RODO).
3. Upon separate consent, pursuant to Article 6(1)(a) RODO, data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for the purpose of direct marketing – respectively in connection with Article 10(2) of the Act of 18 July 2002 on the provision of services by electronic means or Article 172(1) of the Act of 16 July 2004 – Telecommunications Law.
4. The Administrator’s legitimate interest in being able to optimise, technically perform the Service, conduct statistics and market itself (Article 6 Paragraph 1 Point f) RODO):
   Development and improvement of the Services (‘optimisation’), delivery and presentation of advertisements and content, maintenance and technical support of the Services, performance measurement of content, Services or advertisements, (‘technical performance of the Services’), statistical measurement, getting to know the audience through statistics or a combination of data from different sources (“statistics”); marketing (including analysis and profiling of data for marketing purposes) of the Administrator’s products and services – ‘own marketing’.
5. For other purposes, the Customer’s personal data may be processed on the basis of:

1. applicable law – where processing is necessary to comply with a legal obligation incumbent on the Administrator, e.g. where, on the basis of tax or accounting
   regulations, the Administrator settles concluded sales contracts (Article 6(1)(c) RODO);
2. necessity for purposes other than those mentioned above arising from the legitimate interests pursued by the Administrator or by a third party, in particular for the establishment, investigation or defence of claims, correspondence with Customers, also via contact forms (including responding to Customer messages), market analyses and statistics (Art. 6(1)(f) RODO).

1. Personal data processed for order processing purposes will be processed for the period necessary for order processing, after which data subject to archiving will be stored for the period relevant to the statute of limitations for claims. Personal data processed for marketing purposes covered by the statement of consent will be processed until the consent is revoked.

• 3. Period of processing personal data

1. The personal data will be processed by the Administrator for the time necessary to answer questions, price services, solve problems, conduct negotiations or for the time necessary to settle the matter for which the personal data has been entrusted, and further for the time necessary to perform the contract or provide the service, as well as for the time during which the Administrator is obliged to keep the sales documents and assert claims.
2. If they have been collected for another purpose for which you have given your consent – then until you withdraw your consent to their processing for that purpose.

• 4. Recipients of personal data

1. The catalogue of recipients of personal data processed by the Controller is based on the law, on the client’s consent, and on the scope of the services used by the client.
2. Recipients of the data may be entities fulfilling an order on behalf of the Administrator and dealing with its service: employees, associates, accounting companies, IT solution providers, payment processing companies, banks, companies providing marketing services, telecommunication service providers, law firms, authorised state authorities.

• 5. Your rights in data protection

1. Due to the voluntary nature of providing your personal data, you have the right to
• a) access to your personal data (Article 15 RODO);
• b) to rectify your personal data (Article 16 of the RODO);
• c) the erasure of your personal data (‘right to be forgotten’ – Article 17 RODO);
• d) to restrict the processing of your personal data (Article 18 RODO);
• e) the portability of your personal data (Article 20 RODO);
• f) to object (Article 21 RODO).
2. If you consider that the processing of your personal data violates the provisions of the RODO, you have the right to lodge a complaint with the President of the Data Protection Authority. Its website is available at this address: https://uodo.gov.pl/.
3. Consent to the processing of personal data may be withdrawn at any time. The withdrawal of consent to data processing shall not affect the lawfulness of data
   processing carried out by the Administrator on the basis of consent before its withdrawal.
4. You can submit requests regarding the processing of your personal data by e-mail to the address of the personal data administrator: marketing@malmo-oze.pl

• 6. Data protection violations

1. In the case of a personal data breach, the Controller shall, without undue delay and no later than 72 hours after the breach has been identified, notify it to the supervisory authority (the President of the Office for Personal Data Protection), unless the breach is unlikely to result in a risk of infringement of the rights or freedoms of natural persons. The controller shall attach an explanation of the reasons for the delay to the notification submitted to the supervisory authority after 72 hours. If the personal data breach is likely to result in a high risk of infringement of the rights or freedoms of natural persons, the Controller shall notify the data subject of such breach without undue delay.

• 7. How do we use cookies ?

Details of how we use cookies can be found in our Cookies Policy

• 8. Changes to the privacy policy

1. We reserve the right to change or modify the Privacy Policy as appropriate. We will inform you of any changes or additions by posting the relevant information on the main page.

III. COOKIES POLICY

• 1. General provisions

1. The Cookies Policy complements the Privacy Policy with regard to the processing of personal data recorded and stored via cookies used on the Website.
2. The administrator of the personal data recorded and stored via cookies on the Services is:

1. MALMO OZE CO.LIMITED COMPANY, NIP 6452576687, REGON 522927922, ul. Gliwicka 35, 42-600 Tarnowskie Góry
2. in the case of third-party cookies (our partners), i.e. cookies originating from the internet domains of our partners other than our own.

• 2. What are cookies and for what purpose are they used in relation to customers.

1. MALMO uses cookies.
2. Cookies (so-called ‘cookies’) are IT data, in particular text files, which are stored in the Service User’s terminal equipment and are intended for use on the Website.
3. The cookies used by the Administrator are safe for the User’s devices. In particular, it is not possible for viruses or other unwanted software or malware to enter the User’s devices via this route. These files allow the software used by the User to be identified and the Services to be customised for each individual User. Cookies usually contain the name of the domain from which they originate, the time they are stored on the device and the assigned value.
4. Based on the purpose of collection, we distinguish the following Cookies :

1. necessary: necessary for the proper functioning of the service – files processed on the basis of the legitimate interest of the controller (art.6(1)(f) RODO);
2. statistical: these allow us to study website traffic, learn about our users’ preferences, analyse their behaviour on the website and enable interactions with external networks and platforms – files processed based on the user’s voluntary consent (Article 6(1)(a) RODO);
3. marketingowego: pozwalają na dostosowanie wyświetlanych reklam i treści do preferencji naszych użytkowników oraz prowadzić spersonalizowane kampanie
   marketingowego – pliki przetwarzane w oparciu o dobrowolną zgodę użytkownika (art. 6 ust. 1 lit. a RODO).

1. Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the User’s use of the Website. For this purpose, information on the User’s navigation path or the length of time he/she stayed on a particular page may be stored.
2. With regard to the information on the User’s preferences collected by the Google advertising network, the User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
3. The User may, independently and at any time, change the settings concerning cookies, specifying the conditions for storing and accessing cookies on the User’s device. The User may change the settings referred to in the previous sentence by means of the settings of his/her Internet browser or by means of the configuration of the service. These settings can be changed, in particular, in such a way as to block the automatic
   handling of ‘cookies’ in the web browser settings or inform on their placement on the User’s device each time. Detailed information on the possibility and methods of using cookies is available in the settings of your software (web browser).
4. To find out how to manage cookies, including how to disable cookies in your browser, you can refer to your browser’s help file. You can read this information by pressing F1 in your browser. In addition, you will find relevant tips on the following pages, depending on the browser you are using:

Firefox

Chrome

Safari

Internet Explorer / Microsoft Edge

1. Restricting the use of cookies, may affect some of the functionality available on the website.
2. The Website also collects external Cookies, so-called third-part cookies, which originate from external servers.
3. We use the services of:

1. Google Analytics, provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to analyse traffic on the Website. From it we obtain statistics showing how you and other users use the Website;
2. Google Ads provided by Google Ireland Ltd | Gordon House, Barrow Street, Dublin 4, Ireland for the purpose of optimising the display of advertisements, remarketing and publicising the Website;
3. Google LLC, headquartered in Mountain View, USA, in connection with the use of the email system and the tools included in the G-Suite, for statistical and administrative purposes and in connection with the use of the Google reCAPTCHA mechanism for security purposes;
4. Facebook (cookie controller: Facebook Ireland Ltd. with its registered office in Ireland).