From May 25, 2018, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/ 46/EC (GDPR). The most important goal of the GDPR is to strengthen the protection of personal data of natural persons that are collected and processed by companies and institutions operating in the European Union.
Our company attaches great importance to meeting the requirements of the GDPR. Below we present the necessary information regarding our application of new regulations in the field of personal data protection.
The administrator of your personal data is Piotr Pundzis, running a business under the name “Zakład Produkcyjne ALEXANDER Piotr Pundzis”, ul. Telewizjana 19, 80-209 Chwaszczyno, NIP: 5891439727, REGON: 191477745 (hereinafter: “ALEXANDER”).
ALEXANDER processes your personal data, i.e. collects, records, stores, deletes or destroys them. Providing personal data is voluntary, although without it we will not be able to properly perform the concluded contract, e.g. deliver the ordered game, or issue an invoice in accordance with the law.
ALEXANDER may process your personal data for the following purposes:
- concluding and performing contracts for the sale of goods or other contracts related to the company’s activities – for the duration of the contract and the limitation period for claims arising therefrom (Article 6(1)(b) of the GDPR);
- fulfillment of legal obligations incumbent on the administrator, e.g. resulting from tax acts or the Accounting Act – for the period during which specific provisions require storing such data (Article 6(1)(c) of the GDPR);
- creating summaries, analyzes and statistics for our internal needs: this includes in particular reporting, marketing research, sales development planning, development work in IT systems – for the duration of the contract, and then no longer than for the period after which claims arising from contracts (Article 6(1)(f) of the GDPR);
- if the customer consents to the use of his or her data, the content of this consent will determine the purpose for which the administrator will process this data (Article 6(1)(a) of the GDPR).
The recipients of personal data obtained by the administrator may be banks, courier companies or administrators of electronic payment systems.
The purpose of the GDPR is to provide every person with the opportunity to protect their rights and freedoms and to control the processing of their data. For this purpose, you can exercise your rights:
- rights of access to data – the data subject has the right to receive information, among others: what data ALEXANDER processes, for what purposes they are processed, and to obtain a copy of them;
- the right to delete data (right to be forgotten) – the data subject may indicate the scope and circumstances justifying the requested deletion of data, e.g. the data is no longer necessary to achieve the purposes for which it was collected and there are no legal grounds for further data processing , the data is processed unlawfully;
- the right to transfer data – the data subject has the right to receive personal data concerning him or her that he or she provided to ALEXANDER in a structured, commonly used and machine-readable format;
- the right to limit data processing – the data subject indicates that the conditions specified in Art. 18 GDPR to limit the processing of his/her data, e.g. ALEXANDER does not need certain data, there are no grounds for further processing and the data subject requests the suspension of data operations or non-deletion of data;
- the right to rectify data – at any time when necessary, the data subject informs ALEXANDER about changes to his or her personal data;
- the right to object – at any time you can object to automated data processing, including profiling, as well as to object to the processing of data for marketing purposes;
If processing is based on consent – the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
ALEXANDER shall, without undue delay – and in any case within one month from the date of receipt of the request – provide the data subject with information about the actions taken in connection with the implementation of the above-mentioned. rights.
Both during the validity of the existing provisions of generally applicable law regarding the protection of personal data (the Personal Data Protection Act and the implementing regulation to the Act) and in the light of new European regulations, ALEXANDER processes your data using appropriate technical and organizational measures necessary to ensure the security of these data.
Your personal data is the most valuable resource for our company. Therefore, ALEXANDER has implemented and is implementing appropriate technical and organizational measures to ensure protection of the processing of personal data, in particular protection of data against disclosure to unauthorized persons, removal by an unauthorized person, loss and change, damage or destruction. Moreover, all information regarding the relationship between the Client and ALEXANDER constitutes a legally protected business secret.
On the date of entry into force of the GDPR, ALEXANDER appoints a Data Protection Inspector, who can be contacted by post to the following address: ALEXANDER with the note “Data Protection Inspector”, or to the e-mail address: iod@alexander.com.pl.
We would like to inform you that ALEXANDER does not transfer your data to third countries and does not use tools based on customer profiling.
