Privacy Policy

§ 1 Definitions

1.1. Controller – the controller of personal data is Gunter Grossmann Polska spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered office in Lidzbark (ul. Jeleńska 54, 13-230 Lidzbark), entered into the National Court Register (KRS) under number 0000717976, NIP 571-171-69-42.

1.2. Personal Data – any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, on the basis of one or more factors specific to that person’s physical, physiological, genetic, mental, economic, cultural or social identity, including the IP address of a device, an online identifier and information collected via cookies or other similar technologies.

1.3. Policy – this Privacy Policy.

1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.

1.5. Portal – the website operated by the Controller at https://www.gunter.pl.

1.6. User – any natural person visiting the Portal or using one or more of the services or functionalities described in this Policy.

§ 2 General provisions

The Controller exercises due diligence to ensure an appropriate level of protection of the personal data of persons visiting the Portal.

The Controller processes personal data in accordance with the applicable provisions of law, in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and the Polish Act of 10 May 2018 on the Protection of Personal Data.

§ 3 Collection of information about visitors

The Controller collects information about Users of the Portal and their activity in the following manner:
by means of data voluntarily entered by Users in the “Contact” and “Service Request” forms,
by automatically collecting personal data while the User is using the online store,
by saving “cookies” files on Users’ end devices,
by collecting www server logs by the hosting provider of the Portal.
Information recorded in log files is used solely for administrative and technical purposes related to the proper functioning of the Portal. The Controller does not attempt to identify Users on the basis of server logs.
The collected logs may be stored for an indefinite period of time […]
The Controller protects the privacy of Users and ensures the security of data processing, among others by using a secure SSL protocol.

§ 4 Personal data

The Controller processes personal data of Users who:
have visited the Portal and used one of the contact forms “Contact” or “Service Request” – in such case the data provided in the relevant form are processed,
have subscribed to the “Newsletter” service.

§ 5 Purposes and legal bases for the processing of personal data on the Portal

1. Contact forms

The Controller provides the possibility to contact it by means of electronic contact forms […]. The data entered in the form are processed for the purpose of handling the enquiry, providing a reply and conducting further correspondence.

2. Marketing

The User’s personal data may also be used […]

for the purpose of sending requested commercial information – legal basis: Article 6(1)(f) GDPR,
for analytical and statistical purposes related to the functioning of the Portal – legal basis: Article 6(1)(f) GDPR.

3. Newsletter

The Controller enables the use of the newsletter service […]. The data provided when subscribing to the newsletter are used in particular for the purpose of sending information under this service.

§ 6 Period of processing of personal data

1. The period of processing of personal data depends on the type of service provided and the purpose for which the data were collected.

2. This period may be extended where necessary for the establishment, exercise or defence of legal claims.

§ 7 User’s rights

The User has the right to: access his or her personal data, rectify them, erase them, restrict their processing, data portability, as well as the right to lodge a complaint with the competent supervisory authority.
Consent to the processing of personal data may be withdrawn at any time, without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
The User may object to the processing of personal data in cases provided for by law.
Withdrawal of consent may in particular take place by e-mail, by post or by telephone.

§ 8 Recipients of personal data

Personal data of Users may be disclosed to entities providing IT services to the Controller and maintaining IT infrastructure on its behalf.
Where the User has given separate consent, the data may be made available to other entities cooperating with the Controller.
The Controller may also transfer personal data to authorities or institutions authorised to receive them on the basis of generally applicable provisions of law.

§ 9 Contact details