Polcar PPH Privacy Policy

This Privacy Policy describes the principles of processing and protecting personal data in Polcar PPH with its seat in Warsaw (02-619) at ul. Wejnerta 19, NIP 521-044-50-18.

I. Personal data controller
1.1 The controller of personal data of persons cooperating with Polcar PPH, its clients, users of Polcar’s electronic catalogues and visitors of websites administered by Polcar PPH is Polcar PPH with its seat in Warsaw (02-619) at ul. Wejnerta 19, NIP 521-044-50-18, hereinafter “the Controller”.

1.2 The Controller processes personal data according to the requirements of the Regulation of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

II. Rules on personal data collection
2.1 Data source
a.    Providing personal data is voluntary, yet necessary to process and fulfil queries and orders. The consent to any of the processing purposes may be withdrawn at any time.
b.    The Controller may gather personal data from public sources such as KRS or CEIDG registers as well as from sources with limited access e.g. KRD or BIG registers. In such cases, the Controller verifies the lawfulness of the data processing.
c.    The user is not required to provide any personal data while browsing Polcar’s websites. However, using the Controller’s services may require providing personal data. Failure to do so may limit or even make it impossible to use Polcar’s services.
d.    If the user accesses the services through mobile devices, the Controller may collect data identifying the mobile device, internet service provider and subscriber. The data collected in such manner will be processed anonymously and used only for statistical purposes or to ensure optimal website functioning.

2.2 Scope of data retention
a.    The personal data collected may include: name, surname, company name, position, address, contact details such as phone number, e-mail address, fax number and addresses of internet communicators such as Skype, GaduGadu or any other communicator which enables contacting clients via their preferred method of contact.
b.    In justified cases the Collector may also retain such data as ID number if required by additional regulations concerning, e.g. contract documentation.
c.    The Controller collects information related to the website browsing such as: source and number of visits, their time and duration, browsed content, number and type of used subpages and links, IP address. The Controller does not connect such information with the user personal data and does not use it to identify the user, unless it is necessary to proper provision of the services.
d.    The Controller does not retain sensitive data.

III Data processing
3.1 Purposes of processing
Personal data are processed for the following purposes:
a.    Processing and fulfilling of queries and orders submitted directly in Polcar PPH, at its local distributors and via all available communication channels as well as exercising any legal claims or redress related to the queries or orders on the basis of Article 6 (1b) GDPR;
b.    Direct marketing connected with the Controller’s business on the basis of Article 6 (1a) GDPR via all sale channels, including but not limited to commercial communication by e-mail or phone and presentations of promotional offers in current campaigns.
c.    Satisfaction surveys on cooperation with the Controller and its local distributors on the basis of Article 6 (1f) GDPR. The surveys may be conducted by electronic means based on questionnaires, forms or questions by phone or e-mail.
3.2 Scope of the information used
a.    The Controller uses the information referred to in section 2.2 point c only for the purposes connected with the market investigation and website traffic, statistical purposes, and to assess the interest in the website content and to improve it.
b.    The Controller uses cookies or similar technologies. Such technologies enable the Controller to customise the website for user’s individual interests and preferences. More information on cookies to be found at www.polcar.com/en/cookies-policy.

3.3 Profiling
a.    The Controller does not use profiling based on personal data.
b.    The Controller does not use automated decision-making based on profiling.

3.4 Personal data storage period
a.    Personal data are processed until the consent is withdrawn.
b.    It is possible to extend the period of the processing until the fulfilment of legally justified interests of the Controller, including performance of contracts or securing possible claims. However, it does not mean a possibility to process personal data for any other purpose than the above-mentioned.

IV Data recipients
4.1 The Controller does not sell, disclose or make available the collected personal data to any third party unrelated to contract performance.

4.2 The Controller may entrust its local distributor with data processing in order to process and fulfil queries and orders.

4.3 Personal data maybe entrusted only based on a data processing agreement which protects personal data according to the applicable provisions and regulations.

4.4 Personal data may be disclosed to the Controller’s cooperating entities in order to perform and exercise contractual rights including but not limited to the entities providing the following services:
•    accounting;
•    debt collecting;
•    IT;
•    marketing;
•    mail and courier;
•    legal;
•    administrative and back office.

4.5 The Controller does not transfer the personal data outside the European Union except for situations when specifically requested by clients in relation to their order.

4.6 The Controller reserves the right to disclose information about a user to a competent authority or a third party if requested based on the appropriate legal basis and in accordance with the provisions of law in force.

V Rights in relation to personal data processing
5.1 Each person whose personal data are processed is entitled to:
•    the right to withdraw their consent to processing of their personal data;
•    the right to object to data processing for marketing purposes;
•    the right of access to their personal data;
•    the right to rectification of their personal data;
•    the right of erasure of their personal data;
•    the right to restrict the processing of their personal data;
•    the right to data portability.

5.2 A person whose data are processed is entitled to the right to lodge a complaint with a supervisory authority on personal data protection, i.e. to the President of the Office of the Protection of Personal Data.

5.3 The Controller may refuse to erase the personal data if there are reasonable basis to do so under the provisions of law in force.

5.4 Contact detail in relation to personal data protection in Polcar PPH:
•    phone + 48 22 4922491
•    email dane-osobowe@polcar.com
•    by post to the firm’s address with a note „Personal data”

VI Final provisions
6.1  The policy is available at the Controller’s office and its website: www.polcar.com.

6.2  The Controller reserves the right to change, modify or correct the Privacy Policy. Each time a user accesses the Controller’s services, the current version of the Privacy Policy applies.

6.3  In case of divergence, the Polish text of the Privacy Policy shall prevail over the other language texts.