This privacy policy (the “Policy”) sets out how we process personally identifiable information (your “personal data”) collected when you visit our website at innpro-2.dkonto.pl (the “Website”) and social media profiles (Facebook, Instagram) owned or operated by us, or when you contact us using the tools available to you, and in connection with ordering, purchasing or using products offered by us or engaging with us. In particular, the Policy also indicates how we use personal data collected in connection with the operation of the Website. Personal data may also be processed for the purpose of communicating with you (e.g. in the event of complaints, queries, etc.).

This Policy reflects the requirements under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the “General Data Protection Regulation”) (“GDPR”).

Personal Data Controller

The administrator of your personal data is Robert Błędowski, conducting business activity under the name Robert Błędowski Limited Liability Company based in Rybnik, registered in the Central Registration and Information on Business Activity at the address 44-200 Rybnik, ul. Rudzka 65c and identifying himself with the NIP number 6423040197, REGON 243139422, having an e-mail address: [email protected], tel. 533 234 303 (“Administrator”).

Processing of personal data

Purpose and basis of data processing

The personal data you provide to us, i.e. your name, email address, your data posted on your blog, social media profile or web portal that you make available to us, data provided in your message sent to us, if any, data obtained from you as a result of your use of our Website, i.e. server event logs (data obtained on the basis of the network protocol used, e.g. date and time of your visit, addresses visited, type and version of the Internet browser used, type and operating system of the terminal equipment used and your IP address) are processed, depending on the situation, for the following purposes:

• To establish, shape the content, change, terminate and correctly execute the cooperation for the sale or marketing of products (Article 6(1)(b) of the RODO);
• making a product available to you for the purpose of you conducting a product test as part of your blog, social media activity, or web portal (Article 6(1)(b) of the DPA);
• part of your blog, social media activity, or web portal (Article 6(1)(b) of the DPA);
• collecting product reviews (Art. 6(1)(f) RODO);
• handling requests or queries you may send to us (Article 6(1)(b) of the DPA);
• tracking your activity on social media, as part of information made publicly available (Article 6(1)(f) of the RODO);
• direct marketing, sending newsletters containing commercial information about products and brands and news on the Website, including promotional offers, provided you have given your consent (Article 6(1)(a) of the DPA); 
• remarketing by using information about your online behaviour (so-called tracking) and subjecting this information to automated analysis in order to display advertisements tailored to your likely needs and preferences, provided that you have consented to this (Article 6(1)(a) of the RODO) – for more information on this topic, please see the section on marketing cookies later in this Policy;

• offering social networking services, based on our legitimate interest (Article 6(1)(f) RODO) or your consent (Article 6(1)(a) RODO);
• to comply with obligations imposed on us by law, e.g. by the Accounting Act or tax legislation (Article 6(1)(c) of the RODO);
• the fulfilment of our legitimate interests (e.g. the assertion and defence of claims, prevention of fraud or abuse, response to inquiries, complaints, suggestions) (Article 6(1)(f) RODO).

Where our processing of your data is based on your consent (newsletter, direct marketing, remarketing), you have the right to withdraw consent at any time; withdrawal of consent does not affect the lawfulness of the processing we have carried out on the basis of consent before its withdrawal.

Provision of data

You provide us with your personal data voluntarily; however, failure to provide certain personal data (identity or address data) may prevent us from fulfilling the purposes indicated above (e.g., cooperating with you or responding to a message sent by you).

Processing period

We will only process your data for as long as we have a legal basis to do so, which is – whichever is applicable in your case and the latest – until:

• we cease to be under a legal obligation requiring us to process your data or
• we are no longer able to assert claims in connection with a contract entered into between you and us, or
• you withdraw your consent to the processing of your personal data – in the event that the processing of your data is based on the consent you have given us (newsletter, direct marketing, remarketing) or
• your objection to the processing of your personal data is accepted – in the case where the basis of the processing of your data was the legitimate interest of the Administrator.

Recipients of your personal data

We will transfer your data:

• to entities that act on our behalf, i.e. providers of IT services and solutions, marketing agencies, couriers, entities providing accounting, financial, insurance and administrative services, entities conducting customer satisfaction surveys on our behalf;
• Your social media account providers;
• to public authorities, including courts, upon their reasonable request;
• public authorities, including courts, and attorneys, insurers, and advisors, where necessary for our defense against claims or for us to pursue claims;
• to social media, advertising and analytics partners; these partners may combine this information with other data they receive from you or obtain when you use their services.

We will not transfer your personal information to countries outside the European Economic Area.

Your rights

In connection with our processing of your personal data, you have the following rights:

• obtain confirmation from the Administrator as to whether your personal data is being processed;
• request access to your personal data, rectification, erasure or restriction of processing;
• request a transfer of your personal data to another controller;
• object at any moment to the processing of your data, for reasons related to your particular situation – to the processing of your personal data based on Article 6(1)(f) of the RODO (i.e. on the legitimate interests pursued by the Administrator), and also – if your personal data are processed for the purposes of direct marketing – to the extent that the processing is related to such direct marketing

• lodge a complaint to the supervisory authority, i.e. the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw, [email protected] (if you think that by processing your personal data we are acting unlawfully).

Data security

When processing your personal data we use organisational and technical measures in line with the relevant provisions of the law, including encrypting the connection with the use of an SSL certificate. Your personal data is stored in a database in which technical and organizational measures have been applied to ensure the protection of the processed data in accordance with the requirements set out by generally applicable laws on the protection of personal data. Access to the database have only people who have the authorization granted by the Administrator.

Final provisions

We may amend this Policy from time to time, among other things, to keep pace with new technologies, industry practices, and legal requirements. We will provide you with reasonable notice of any changes by posting the new content of this document on our website at https://innpro.eu/privacy-policy/.

In matters not regulated, the provisions of the RODO and the Personal Data Protection Act of 10 May 2018 (Journal of Laws 2019.1781), the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2020.344 i.e.) and executive acts issued on their basis shall apply.