We publish this document in order to explain the reasons why we collect and process personal data in the course of our business activities.
1. What is personal data?
It is all information that enables to distinguish one person from another without much effort. It may refer to the person either directly (such as its name, identification number and sometimes even e-mail address or on-line account) or indirectly. For example, such information concerns the person’s characteristics, health condition, views, domicile, addictions, race or religion.
2. What personal data are we talking about in our case?
This data is provided to us by our Customers, Contracting Parties, Associates and Employees in connection with the use of our services, cooperation with us or employment. We process this data.
3. What does data processing mean?
Processing means all actions that we can carry out on personal data, whether it is for its active use, such as collecting, retrieving, recording, combining, altering, or making available, or passive, such as storing, restricting, erasing, or destroying.
4. Who is the Data Controller (i.e. who has an impact on data processing and security)?
The controller of your data is SIMEX Sp. z o.o. with its registered office in Gdańsk (80-556), ul. Wielopole 11, represented by Mr. Daniel SMOLNICKI.
5. On what legal grounds and for what purpose do we process your data?
Any processing of your personal data must be based on a relevant, compliant with the rules of law, legal basis. Such a basis may be your consent to the processing of data or other legal provisions allowing it, contained in the Act of May 10, 2018 on the protection of personal data and the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (referred to as the "GDPR").
We may process your data for several different reasons, for example:
- If you are our Customer or a person interested in using our services or products, we process your data in connection with the contract concluded with you or in preparation for the conclusion of such a contract. This is always done with your knowledge and will. When you express your intention to conclude a contract, you know what personal data will be needed to sign it, and when you sign it, you know what data you have provided or will provide for this purpose at a later date.
- If you are a User of our services, e.g. a recipient of the newsletter or a customer of the electronic Customer Service Office / customer of the on-line shop, we process your data based on your consent. You express it by ticking the appropriate boxes in the on-line form prepared by us. Your consent is voluntary – remember that you can revoke it at any time. In such a case, we will cease to render our services to you and we will immediately delete all data provided to us by you.
- We may also process your data in connection with the need to ensure security of people and facilities or security of networks and information. This is our legitimate interest. If CCTV is used for this purpose, you will be informed thereof by means of appropriate information plates or pictographs.
- If you are interested in working for us, your data is processed in the form of a job application or resume sent by you. This is done with your knowledge and written consent, which you can revoke at any time. In such a case, we will not consider your job application and we will immediately delete all data provided to us by you. Whereas, as soon as you are employed by us, further rules of data processing and the obligatory scope of their transfer and further processing by us are determined by the provisions of the labor law.
6. To whom do we transfer your data?
In accordance with the applicable law, we may transfer your data to entities processing it on our behalf, such as postal operators, courier companies and subcontractors of our services. We are also obliged to make it available upon request to entities authorized to do so under other provisions of law, e.g. courts or law enforcement agencies. Disclosure, however, will only take place upon a request of such authorized entities, indicating the law that allows them to do so.
In special cases, we provide for the possibility of transferring the data of our customers outside the economic area of the European Union (e.g. to the United States). As part of our trading activities, we use the Google reCAPTCHA mechanism to occasionally check whether the behavior of the users of our trading platform does not resemble the behavior of on-line robots. This mechanism is intended to prevent such actions. In this case, we may provide your IP address to Google LLC. However, such a provision will be subject to appropriate legal securities in the form of a Privacy Shield certificate approved on July 12, 2016 by the European Commission as the rules for the transfer of personal data from the EU to the USA „” zatwierdzonego w dniu 12 lipca 2016 r. przez Komisję Europejską jako zasady przekazywania danych osobowych z UE do USA.
Moreover, your personal data may be transferred to third countries in connection with:
- actions taken on social networking sites and the use of plug-ins and other tools coming from these sites (including Facebook, Twitter, Google+),
- the use of analytical tools and tools to anonymously track the behavior of users, in particular such as: Google Analytics, Gemius Traffic, Chartbeat,
- the use of advertising platforms to raise funds for the maintenance of websites (in particular Google adsense). In the European Union, thanks to the GDPR, whose contents are available at the following address: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=OJ:L:2016:119:TOC you have the same level of data protection in all EU Member States.
7. How long will we process your personal data?
We pay great attention to minimize the scope of data collected by us, as well as the time of its processing. To this end, we perform regular reviews of the paper and electronic documents we have, and delete those which are unnecessary due to their expiry. Please note that the time of processing of your data, depending on the basis on which we obtained it, may be determined by separate laws, independent of us, which may require us to store your data, regardless of your will or willingness. Examples include the labor law, social security law and accounting regulations.
If the data we have is to be used for a purpose other than that for which it was collected, we will always notify you about it and give you the opportunity to object.
8. What rights do you have with regard to your data?
When we process your personal data, you always have the right to:
- request access to the data,
- rectify the data,
- request data erasure,
- or to restrict the processing,
- object to data processing,
- transfer data, including obtaining a copy of it.
All these rights are discussed in detail in Articles 15 to 21 of the GDPR, whose contents are available at the following address:
You may also withdraw your consent to the processing of personal data, in which case we will immediately delete your personal data unless we have a legal obligation to process your personal data further. For example, if you request that your data be deleted from the HR records, we will immediately delete your data from the database. However, if you have purchased goods or services from us in accordance with the accounting rules, we will keep it in our financial and accounting records and process it for a period of 5 consecutive calendar years from the date of purchase.
If you feel that in any way – which we obviously do not want – we have violated your rights or we have failed to ensure security of your personal data, you have the right to lodge a complaint with the supervisory authority, which is currently the Inspector General for Personal Data Protection, and as of May 25, 2018, the President of the Office for Personal Data Protection.
9. Cookies policy
Cookies are tiny text files stored in the web browser of the website user. These files enable to identify the device of the user and display a relevant website corresponding to the user’s individual preferences. Usually cookie files contain the name of the website they come from, the time of their storage on the terminal device and their unique number. On our part, we also share this information with our affiliates and trusted partners, who use it to personalize the content and advertisements.
- website administration,
- improvement of the quality of services provided, including adjusting the content of the website to the user's preferences,
- maintaining the user's session and for statistical purposes and behavioral targeting of ads (adapting the content of the ads to your individual needs).
Please be informed that it is possible for the site user to determine the conditions of storage or access to the information contained in cookie files by means of your browser settings or service configuration.
Further information on the issue are available at your browser manufacturer, your Internet service provider and in the Cookies Policy.
We do not store your address or other personal information in the cookies.
The cookies we use are divided into:
- Performance cookies – for example, for checking statistics
- Functional cookies – used by our service providers, e.g. for external chatting. Disabling them will disable these additional functions.
- Targeting cookies – used for better adjustment or personalization of ads. Disabling them will not block your ads, but it will make them not matched to your preferences.
Full control over cookies is ensured through the browser:
- If you use Google Chrome, you can change the cookie settings here
- If you use Microsoft Internet Explorer, you can change the cookie settings here
- If you use Mozilla Firefox, you can change the cookie settings here
- If you use Opera, you can change the cookie settings here
- If you use Safari, you can change the cookie settings here
10. Automated decision-making and profiling information.
We would like to inform you that your personal data will be processed in an automated manner (including in the form of profiling), however, it will not have any legal effect on you or in a similar way significantly affect your situation.
The profiling of personal data by SIMEX Sp. z o.o. involves the processing of your data (also in an automated manner), by using it to evaluate certain information about you, in particular to analyze or forecast your personal preferences and interests.
When creating an account in our on-line store, you were informed about our profiling operations, you are aware of it and you agreed to it voluntarily. You have been informed about the principles of automated decision-making as well as about the importance of such processing and the anticipated consequences for you. You are also aware of the possibility to object to profiling and of your right to access the data being processed.
11. How do we protect your data?
In order to ensure the security of your data, we apply the organizational and technical measures required by law. We have installed the necessary physical security measures at our premises to prevent unauthorized access to your data. Our employees have the required authorizations and may only process data in a limited manner, i.e. only to the extent necessary for the proper performance of their official duties. Our associates have relevant personal data processing entrustment agreements and may only process data in a limited manner, i.e. only to the extent necessary for the proper performance of their official duties.
We ensure the security of your electronically transmitted data by means of a 128-bit SSL security protocol. Its graphic symbol is a green padlock displayed in the web browser at the address of our website. Thanks to website encryption before its sending you can be sure that you access our site which has not been altered in any way while it was traveling to you on-line.
12. Contact details of the data protection officer
In all matters concerning personal data protection, we are represented by the Information Security Manager, Edward Dybowski, M.Sc.Eng., with whom we have concluded an agreement on this matter.
You can contact him by e-mail at: firstname.lastname@example.org or email@example.com