Privacy policy of the website www.peakpackaging.eu
For the Owner of this website, the protection of Users’ personal data is of utmost importance. They make great efforts to ensure that Users feel secure entrusting their personal data while using the website.
A User is a natural person, a legal person, or an organizational unit without legal personality, granted legal capacity by law, who uses electronic services available on the website.
This privacy policy explains the principles and scope of processing the User’s personal data, the rights they are entitled to, as well as the obligations of the administrator of these data, and also informs about the use of cookies.
The Administrator employs the most modern technical measures and organizational solutions, ensuring a high level of protection of processed personal data and security against unauthorized access.
I. PERSONAL DATA ADMINISTRATOR
The administrator of personal data is Peak Packaging Poland Sp. z o.o. with its registered office at: ul. Inwestycyjna 5, entered into the register of entrepreneurs maintained by the District Court in Olsztyn, VIII Commercial Division, under KRS number: 0000274449, NIP: 743-195-83-26 (hereinafter referred to as: „Owner”).
II. PURPOSE OF PERSONAL DATA PROCESSING
1. The Administrator processes the User’s personal data for the purpose of: the correct execution of sales agreements via the website www.peakpackaging.pl
2. The User may also consent to receiving information about news and promotions, which will result in the administrator also processing personal data for the purpose of sending the User commercial information concerning, among others, new products or services, promotions, or sales.
3. Personal data is also processed as part of fulfilling legal obligations incumbent on the data administrator and carrying out tasks in the public interest, including performing tasks related to security and defense or storing tax documentation.
4. Personal data may also be processed for the purposes of direct marketing of products, securing and asserting claims or protection against claims by the User or a third party, as well as marketing of third-party services and products or own marketing that is not direct marketing.
III. TYPE OF DATA
1. The Administrator processes the following personal data, the provision of which is necessary for:
a. Data provided optionally by the User:
– date of birth;
IV. LEGAL BASIS FOR PERSONAL DATA PROCESSING
1. Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1–88, hereinafter referred to as: „GDPR regulation.”
2. The Administrator processes personal data only after obtaining the User’s prior consent.
3. Expressing consent to the processing of personal data is entirely voluntary.
V. RIGHTS OF THE USER
1. The User may at any time request information from the administrator regarding the scope of personal data processing.
2. The User may at any time request the correction or rectification of their personal data.
3. The User may at any time withdraw their consent to the processing of their personal data, without giving a reason. The request not to process data may concern a specific processing purpose indicated by the User, e.g., withdrawal of consent to receive commercial information, or it may concern all data processing purposes. Withdrawal of consent for all processing purposes will result in the User’s account being deleted from the website, along with all the User’s personal data previously processed by the administrator. Withdrawal of consent will not affect actions already taken.
4. The User may at any time request, without giving a reason, that the administrator delete Their data. The request for data deletion will not affect actions already taken. Deletion of data means the simultaneous deletion of the User’s account, along with all personal data saved and processed by the administrator up to that point.
5. The User may at any time object to the processing of personal data, both in respect of all the User’s personal data processed by the administrator, or only to a limited extent, e.g., regarding data processing for a specifically indicated purpose. The objection will not affect actions already taken. Filing an objection will result in the deletion of the User’s account, along with all personal data saved and processed by the administrator up to that point.
6. The User may request the restriction of the processing of personal data, either for a specified period or without time limitation, but to a specified extent, which the administrator will be obliged to fulfill. This request will not affect actions already taken.
7. The User may request that the administrator transfer the User’s processed personal data to another entity. For this purpose, they should write a request to the administrator, indicating to which entity (name, address) should be transferred the User’s personal data and specifically which data the User wishes the administrator to transfer. After the User confirms their wish, the administrator will transfer the User’s personal data, in electronic form, to the indicated entity. Confirmation of the request by the User is necessary due to the security of the User’s personal data and to ensure that the request comes from an authorized person.
8. The Administrator informs the User about the actions taken before the lapse of one month from receiving one of the requests mentioned in the previous points.
VI. PERSONAL DATA STORAGE PERIOD
1. Generally, personal data is stored only for as long as it is necessary to fulfill contractual or statutory obligations for which it was collected. This data will be deleted immediately when its storage is no longer necessary, for evidentiary purposes, in accordance with civil law or due to a statutory data storage obligation.
2. Contract information is stored for evidentiary purposes for a period of three years, beginning at the end of the year in which the business relationship with the User ended. Data deletion will occur after the statutory limitation period for claiming contractual claims expires.
3. Furthermore, the administrator may retain archived information concerning concluded transactions, as its storage is related to claims available to the User, e.g., under warranty (rękojmia).
4. If no agreement has been concluded between the User and the Owner, the User’s personal data is stored until the User’s account on the website is deleted. Account deletion may occur as a result of a request submitted by the User, the withdrawal of consent to the processing of personal data, or the submission of an objection to the processing of this data.
VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES
1. The Administrator may entrust the processing of personal data to entities cooperating with the administrator, to the extent necessary for the execution of transactions, e.g., for the purpose of preparing ordered goods and delivering shipments or transferring commercial information originating from the administrator (the latter applies to Users who have consented to receive commercial information).
2. Apart from the purposes indicated in this Privacy Policy, Users’ personal data will in no way be disclosed to third parties or transferred to other entities for the purpose of sending marketing materials of those third parties.
3. Personal data of website Users is not transferred outside the European Union.
4. This Privacy Policy complies with the provisions resulting from Article 13 sec. 1 and sec. 2 of the GDPR regulation.
