PRIVACY POLICY
HARDWAREDIRECT
publication date 06.03.2024
1. ADMINISTRATOR OF PERSONAL DATA
The administrator of your personal data is MS Development Marcin Świć, 2 Salsy St., 02-822 Warsaw, entered in the register of the Central Business Activity Register, NIP: 5252338008, REGON: 142362411.
Contact details of the Administrator:
1.1. Address for correspondence: 2 Salsy St., 02-822 Warsaw
1.2. Email address: gdpr@hardwaredirect.pl
1.3. Telephone number: +48 22 33 22 333
2. GENERAL INFORMATION
2.1. The Administrator shall ensure that, for his/her part, special care is taken to protect the rights and interests of persons whose personal data are processed in connection with the use of the Administrator's website.
2.2. The Administrator ensures that the data collected is:
a) processed in accordance with current legislation,
b) processed solely for the purpose of fulfilling specific purposes based on the applicable legal provisions, including in particular the provisions of the General Data Protection Regulation and the Personal Data Protection Act,
c) adequate in relation to the purposes for which they are processed,
d) kept for no longer than is necessary to achieve the specified purpose of the processing.
3. DEFINITIONS
Whenever a capitalized term is used in the body of this Privacy Policy, it shall be understood as follows:
3.1. ADMINISTRATOR - MS Development Marcin Świć, 2 Salsy St., 02-822 Warsaw, entered in the register of the Central Business Activity Register, NIP: 5252338008, REGON: 142362411.
3.2. COOKIES - means IT data, in particular small text files, recorded and stored on the user's terminal equipment, in particular such as computer, phone, tablet. In cookies, specific information is recorded and stored, which can then be accessed by ICT systems for specific purposes. They are most often used to optimise the use of the website as well as to collect statistical data to identify how the website is used.
3.3. PERSONAL DATA - means information about an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a PESEL identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
3.4. ANONYMOUS INFORMATION - information about the User relating to the User's use of the website, provided to the Administrator through specific tools used by the Administrator, such as Google Analytics, among others. However, due to the nature of the information collected, it is not possible for the Administrator to attribute it to a specific user.
3.5. DATA PROCESSING - means an operation or set of operations which is performed upon personal data or sets of personal data, whether by automated means, such as collection, recording, organisation, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3.6. OTHER TRACKING TECHNOLOGIES - tracking technologies other than cookies that are based, particularly, on the analysis of users' web traffic (e.g. SharedID, ID5, Unified ID 2.0, Liveramp ATS).
3.7. RODO (GDPR) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation [hereinafter the Regulation or RODO]).
3.8. SERVICE - means the website or service under which the Administrator operates the website, operating on the domain https://hardwaredirect.pl/.
3.9. USER - means an individual using the Website.
4. PURPOSE OF PROCESSING YOUR PERSONAL DATA
4.1. User’s Personal Data may be processed by the Administrator for the following purposes:
a) registration of an account on the Service and its maintenance - on the basis of acceptance of the Terms of Use of the Terms of Use - on the basis of Article 6(1)(b) of the RODO,
b) to fulfil the Administrator's legal obligations relating to accounting, bookkeeping and taxation - on the basis of Article 6(1)(c) of the RODO,
c) to send the User marketing information, i.e. the Newsletter - on the basis of the User's voluntarily given consent - pursuant to Art. 6(1)(a) RODO and Art .6(1)(f) RODO,
d) to carry out direct marketing of the Administrator's own products and services using profiling methods, including on the basis of an assessment of Users' preferences, which constitutes the Administrator's legitimate interest - on the basis of Article 6(1)(f) of the RODO,
e) communication with the Service User - which constitutes the Administrator's legitimate interest - on the basis of Article 6(1)(f) of the RODO,
f) to assert or defend against claims, which constitutes a legitimate interest of the Administrator - on the basis of Article 6(1)(f) RODO,
g) informing about job offers and collecting application documents as part of ongoing recruitment processes - on the basis of Article 6(1)(b) RODO, i.e. taking actions leading to the conclusion of a contract, and on the basis of the User's consent - on the basis of Article 6(1)(a) RODO,
h) adjustment and development of the Service’s functionality, including its structure and content, to the individual needs of Users and maintenance of the safety and quality of services provided by the Service with the use of technology collecting and processing data recorded in cookies, e.g. through the use of mechanisms monitoring activity during website use - on the basis of the Administrator's justified interest and the User's consent - on the basis of Article 6(1)(a) and (f) of the RODO,
i) the creation of an archive in the event of a need on the part of the Administrator to defend, establish or assert certain claims by the User or third parties - on the basis of Article 6(1)(f) RODO,
j) to carry out analytical and statistical activities when using Anonymous Information for this purpose - on the basis of Article 6(1)(f) RODO.
5. THE CATEGORIES OF PERSONAL DATA PROCESSED AND A DESCRIPTION OF THE WAY IN WHICH THEY ARE PROCESSED
5.1. The Administrator processes the User's Personal Data related to the performance of the service provided electronically by enabling registration and use of the Service. In this regard, the Administrator processes in particular such Personal Data as: name(s) and surname(s), e-mail address, telephone number, correspondence address. Provision of the above-mentioned Personal Data is necessary for the fulfilment of obligations arising from the concluded agreement. If they are missing, the Administrator will not be able to create a User account.
5.2. For the purposes related to the performance of the sales contract with the User, the Administrator processes in particular such Personal Data as: name and surname, telephone number, address , e-mail address. In addition, other Personal Data provided by the User in the content of the conducted correspondence is also processed. Providing this Personal Data is voluntary in this respect, although it is necessary for the conclusion of the sales contract and establishing contact with the Administrator, as well as for the possibility of further service by the Administrator.
5.3. For the purposes of sending marketing information, including commercial offers via the Newsletter, the Administrator shall process the following Personal Data of the User: name and e-mail address. Providing the above Personal Data is voluntary, although necessary for the Newsletter subscription. The User may unsubscribe from the Newsletter at any time. In order to do so, it is necessary to click on the relevant link visible in emails received from the Administrator or send the relevant information about the unsubscription to the Administrator's email address, i.e. gdpr@hardwaredirect.pl
5.4. For the purposes of direct marketing activities, the Administrator processes the following Personal Data of the User: name and e-mail address, information about the User's order history.
5.5. For the purposes of the recruitment process, the Administrator processes in particular the following Personal Data of the candidates: name and surname, date of birth, contact details, information on education, professional competences and previous experience, and other data provided directly by the candidate in the application documents.
5.6. In connection with the contract for sale or provision of electronic services concluded between the User and the Administrator, the Administrator shall be obliged to fulfil the User's accounting and tax obligations, including in particular issuing invoices, inclusion of invoices in the Administrator's accounting records and their storage. In order to issue an invoice, the Administrator processes such Personal Data of the User as: name and surname, company, registered office address, NIP (Tax identification number), REGON.
6. RETENTION PERIOD
6.1. The User's personal data will be processed for the period during which the User has an active account on the Administrator's Service, as well as after the termination of the contract for the sale of services concluded with the Administrator for the period necessary to comply with the law, investigate or defend against possible claims, but no longer than 6 years calculated from the date of termination of the contract for the provision of electronic services.
6.2. Personal Data of Users processed for the purpose of sending marketing information will be processed until the withdrawal of the consent given by the User, provided that the withdrawal of this consent does not affect the compatibility of the processing carried out prior to this withdrawal.
6.3. User’s Personal Data processed for direct marketing purposes will be processed for the duration of the purpose for which it was collected, but no longer than until User objects to such processing.
6.4. The User's Personal Data processed for the purposes of the recruitment process will be processed until the candidate is selected for the position advertised. In the case of consent to leave application documents for the needs of future recruitment processes, the data will be stored for 12 months counted from the date of the given candidate's consent to its further processing for the purposes of future recruitment.
6.5. The User's Personal Data processed for the purpose of sending marketing information through the Newsletter shall be processed until the moment of unsubscribing from the Newsletter or resignation by the Administrator from its further processing. At the same time, the Administrator indicates that the User's Personal Data may also be processed after resignation from the Newsletter subscription, if it proves necessary for the purpose of eventual defence of claims related to the sending of the Newsletter to the User, in particular for the purpose of proving specific facts by the Administrator in the future.
6.6. Personal Data processed by the Administrator in connection with the fulfilment of tax and accounting obligations will be processed for the period provided for in the tax law provisions, i.e. the Accounting Act, the Tax Ordinance, among others.
6.7. Personal Data processed in connection with the establishment, assertion and defence of claims will be processed by the Administrator until the statute of limitations for specific claims, whereby the period of limitations for claims may vary in light of the applicable legislation.
7. RECIPIENTS OF PERSONAL DATA
7.1. Your personal data may be disclosed to:
a) the hosting provider on whose server the User's Personal Data is stored,
b) Internet payment operators,
c) entities providing legal services related to the Administrator's activities,
d) entities providing IT services related to the Administrator's activities,
e) entities other than those indicated above who, on the basis of legal provisions, are entitled to obtain from the Administrator information related to the Administrator's activities, which may also include Personal Data,
f) to subcontractors, in particular to entities providing and operating selected IT systems and solutions, in particular to enable the profiling of the User,
g) entities providing accounting and bookkeeping services to the Administrator. To the extent that it is necessary for the fulfilment of tax and accounting obligations, User Personal Data may also be provided to tax authorities. In addition, User Personal Data may be made available to authorities or institutions authorised to access the data by law, in particular such as courts, prosecutors' offices, police services and security services.
7.2. The User's Personal Data may be transferred outside the European Economic Area. In connection with the Administrator's use of tools provided by entities storing Personal Data on servers located in the territory of third countries, including in particular the USA. The transfer of your Personal Data will then be carried out on the basis of standard data protection clauses adopted by the European Commission, providing adequate safeguards for the protection of the privacy and rights and freedoms of the data subjects. Entities cooperating with the Administrator whose servers are located in the USA are subject to additional verification of their certification in accordance with the adequacy decision established in the European Commission adopted implementing decision of 10 July 2023 issued under Regulation (EU) 2016/679 of the European Parliament and of the Council.
8. INFORMATION ON YOUR RIGHTS
8.1. In relation to the Administrator's processing of the User's Personal Data, the User has the following rights:
a) Right of access to Personal Data - You are entitled to obtain confirmation from the Administrator as to whether your Personal Data is being processed and, if it is being processed, you are entitled to access information regarding the details of its processing, including in particular the purpose of the processing and the categories of processing. The User is also entitled to request a copy of the Personal Data being processed.
b) Right to rectification of the Personal Data processed - You have the right to rectify inaccurate Personal Data. In addition, you also have the right to request the replacement, completion or deletion of incorrect or misleading information regarding your Personal Data.
c) Right to erasure of the User's Personal Data (right to be forgotten) - the User is only entitled to exercise the right to erasure of Personal Data and only in situations where the Administrator has no other legal basis for further processing.
d) Right to restrict the processing of Personal Data to a specific purpose - where, in your opinion, Personal Data held by the Administrator is being processed in an inaccurate or unwarranted manner, you have the right to request that the processing of your Personal Data be restricted only to the storage of your Personal Data or the performance of activities agreed with you.
e) Right to portability of Personal Data - You have the right to receive in a structured, commonly used format the Personal Data provided to the Administrator. In addition, User has the right to send the received data to another Administrator. The User also has the right to request that his or her Personal Data be sent by the Administrator directly to another administrator, where technically possible.
f) Right to object - The User has the right to object to Personal Data processed by the Administrator based on the Administrator's legitimate interest.
g) Withdrawal of Consent to Process Personal Data – User has the right at any time to withdraw previously given consent to process Personal Data. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of that consent prior to its withdrawal.
h) Right to file a complaint to the competent supervisory authority - if the Administrator is found to be processing Personal Data in a manner incompatible with the applicable laws, the User may file a complaint to the President of the Office for Personal Data Protection (address: Prezes Urzędu Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warszawa). If the User wishes to exercise the above-described rights, he/she is obliged to contact the Administrator in writing at the Administrator's registered office address or via e-mail address: __________
9. SECURITY OF PERSONAL DATA
The Administrator shall apply appropriately selected organisational and technical measures aimed at ensuring certain security standards with respect to the Personal Data it processes. The protection of Personal Data is ensured by the application of specific systems and procedures aimed at securing the processed Personal Data from disclosure to undesired persons. In addition, the Personal Data acquired by the Administrator is stored in computer systems to which access is strictly limited.
COOKIE POLICY
1. Types of cookies used
The cookies used by the Administrator are safe for the User Device. In particular, this means it is not possible for viruses or other unwanted software or malware to enter the Users' Devices. These cookies allow̨ to identify the software used by the User and to customize the Service individually for each User. Cookies usually contain the name of the domain from which they originate, the length of time they are stored on the Device and the assigned value.
1.1. Due to the necessity to provide the service, the Administrator uses 3 types of cookies:
Necessary - absolutely necessary for the proper functioning of the website or the functionality the Users wishes to use.
Analytical - called statistical - collects information about how often the website is visited and how it is used. This aggregated and anonymous information is used to improve the content and performance of the website - without consent this is not possible.
Advertising - also known as marketing - allows ads to be displayed that are tailored to the profile of the user visiting the website. Based on your browsing history, profiles are created which are shared with advertising partners so that personalised adverts are displayed on other sites.
1.2. Due to the length of time the cookie will be placed on the User's terminal device:
Session cookies - temporary, which remain in the memory of the User's browser until they leave the https://hardwaredirect.pl/ website - they are mandatory for the correct operation of the selected applications and the correct display of the website content. The mechanism of session cookies does not allow any personal data or any confidential information to be collected from the User's Device.
Permanent - used to make the site more attractive to the User, among other things to remember the User's preferences when using the site or to display personalised advertising, they are not deleted when closed and are stored on the User's Device between sessions. The mechanism of permanent cookies does not allow any personal data or any confidential information to be collected from the User's Device.
2. The purposes for which cookies are used:
2.1. The Administrator uses cookies for the following purposes:
a) Service configuration:
● adapting the content of the Service pages to the User's preferences and optimising the use of the Service pages,
● to recognise the Service User's device and its location and accordingly display the website, tailored to its individual needs,
● make it easier to browse the website on subsequent visits,
● remembering the settings selected by the User and personalising the User's interface, e.g. with regard to the User's chosen language or region of origin.
b) User authentication on the Service:
● to ensure the security of the provision of services by electronic means, including the maintenance of the Service User's session after logging in and the recognition of the user during the next session,
● the correct configuration of selected functions of the Service, enabling in particular the verification of the authenticity of the browser session,
● to optimise and increase the efficiency of the services provided by the Administrator.
c) To carry out the processes necessary for the full functionality of the websites, including the creation of aggregated statistics to improve the website's functionality, structure and content,
d) Analysis and research, and audience auditing - creating anonymous statistics that help understand how Service Users use the Service's websites, which enables to improve their structure and content,
e) The service administrator uses External cookies for the following purposes: collection of general and anonymous statistical data via analytical tools - Google Analytics.
3. Possibility of specifying the conditions for storing or accessing Cookies.
3.1. The User may independently and at any time change their cookie settings, specifying the conditions for storing and accessing cookies on the User's Device.
3.2. The User may change the settings referred to in the preceding paragraph by means of the settings of their Internet browser (commonly used: Mozilla Firefox, Microsoft Edge, Google Chrome, Opera, Safari) or by means of the configuration of the service. These settings can̨ be changed in particular so as to block the automatic handling of cookies in the settings of the web browser or inform about each time cookies are placed on the User's device.
3.3. The user can delete cookies at any time using the available functions in the web browser they are using.
4. Other tracking technologies
The administrator may use tracking technologies other than cookies. These technologies are anonymous and based on the analysis of network traffic as well as communication between multiple applications. These solutions operate in two standards:
a) FLoC (Federated Learning from Cohorts) is a solution for creating anonymous cohorts based on users' interests. Once categories of users with similar interests are created, they are processed for advertising purposes. The solution is based on anonymous, aggregated data (not about a specific user, but about the entire cohort to which the user belongs).
b) FLEDGE is a technology that aims to enable remarketing and targeted advertising to be used without sharing data with third parties to track user behaviour. FLEDGE works on the basis of a multi-stage process leading to the selection of the adverts that a user will see, and is based on calling the relevant JavaScript codes at each stage of the process.
The above solutions are not all tracking technologies that can be implemented by the Administrator. Anonymous tracking technologies are subject to continuous development and may be replaced by new solutions.
5. FINAL PROVISIONS
The Administrator reserves the right to introduce changes and update the content of this Privacy Policy if it is necessary due to changes in the applicable law or the introduction by the Administrator of new functionalities in the Service.