Privacy and cookie policy of the https://usbsystem.eu/ website

  1. WHAT KIND OF DOCUMENT ARE YOU DEALING WITH?

    This Website privacy policy (hereinafter referred to as: “Policy”) is intended for information purposes, meaning that it is not a source of responsibility for Website Users (it is neither a contract nor regulations).

    The information included in this Policy is of a general nature. Detailed information regarding the processing of specific personal data is provided every time such data is obtained in the content of the information clause and is placed in a visible and easily accessible location. This mainly regards information on the purpose of and legal grounds for processing of personal data, the period of storage of such data, and the recipients to whom it is provided.

    Any words, expressions or abbreviations on this website starting with a capital letter (e.g. Website, Sales Contract, Service Provision Contract, User) must be understood according to their definition, which is included in the Website Regulations available on www.usbsystem.eu.

    In case of any doubts or discrepancies between the Policy and consent granted by a given person; the grounds for the Administrator acting and specifying the scope of the actions are the provisions of the law or consent given voluntarily, irrespective of Policy provisions. In the event of such a discrepancy between the Policy and the content of information clauses provided by the Administrator while collecting personal data (they are usually located in forms on the Website), the information that the User should use for directions is provided within the framework of the aforementioned information clauses.

  2. WHO IS THE ADMINISTRATOR OF YOUR DATA?

    The Administrator of personal data collected through the Website (including the use of cookies or similar technology) or other channels of communication with the User is: USB System Spółka z ograniczoną odpowiedzialnością spółka komandytowa [limited partnership], ul. J. Słowackiego 25, 05-820 Piastów, Poland, NIP (VAT No.): 5342254108; REGON (National Business Registry Number): 015685408 (hereinafter referred to as “USB SYSTEM”); e-mail address: biuro@usbsystem.pl, contact telephone number: +48 22 753 41 62, hereinafter referred to as the “Administrator”.

  3. HOW DO WE TAKE CARE OF YOUR DATA?

    The User’s personal data is processed under the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27th of April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (OJ EU L No. 119, page 1) and other provisions of the law regarding personal data protection that are currently binding, i.e. binding through the entire period of processing of specific data. Personal data means any information about identified or identifiable ‘natural’ persons (hereinafter referred to as: “Personal Data”). An identifiable ‘natural’ person is a person who can be directly or indirectly identified, particularly on the basis of an identifier such as a first and last name or an identification number.

    The Administrator applies particular diligence in order to protect the interests of the data subjects and, in particular, they ensure that the data they collect is:

    • processed in accordance with the law, reliably and in a manner that is transparent to the data subject;

    • collected for specific, clear and legally grounded purposes and not processed further in a manner that is inconsistent with these purposes;

    • adequate, appropriate and limited to what is required for the purposes for which it is processed;

    • correct and updated, if necessary;

    • stored in a form enabling identification of person regarded by the data, for a period no longer than necessary for the purposes for which the data is processed;

    • processed in a manner ensuring adequate security of Personal Data, including protection against unauthorised or illegal processing or accidental loss, destruction or damage, by means of appropriate technical or organisational measures.

  1. WHAT IS THE INFORMATION ABOUT YOU USED FOR?

    Each time the purpose and scope of the data processed by the Administrator results from the User’s consent or provisions of the law. They are specified as a result of actions undertaken by the User at the Website or within the framework of other channels of communication with the User.

    The possible purposes of processing the Personal Data of Users by Administrator include in particular:

    1. concluding and implementing the Service Provision Contract (Account) or taking actions at the request of the future User prior to the conclusion of such a Contract (we process your data for the purposes of maintaining your Account so that you can enjoy the benefits it offers, e.g. placement of orders, access to order history and making it possible for you to take advantage of other services available on our website);

    2. conclusion and implementation of the Sales Contract and taking actions at the request of the future User prior to conclusion thereof (we need your personal data in order to implement your order and the contract concluded – in particular to confirm its placement and to reserve the product you selected or send it to you, as well as in the event of needing to contact you with regard to this matter);

    3. receiving and considering complaints;

    4. presenting advertisements, offers or promotions (discounts) regarding products or services intended for all recipients;

    5. asserting claims and defending against claims, including those of third parties – in the event of using the majority of the functions of the Website;

    6. meeting the legal obligations resulting from regulations, e.g. tax and accounting regulations, in particular in the case of paid contracts;

    7. corresponding with Users, including providing answers to messages from Users.

  2. WHAT IS THE INFORMATION ABOUT YOU USED FOR?

    The Administrator may process, in particular, the following Personal Data of Users taking advantage of the Website:

    • The Personal Data provided in the form during Account registration or making Orders at the online store (in particular: first and last name; e-mail address; company name, contact telephone number; address [street, building number, premises number, postal code, locality, country], address of residence/business activity/seat [if different from the residence address], bank account number and, in the case of Users who are not consumers, additionally the company name and tax identification number [NIP]) and other data collected while the Website is being used;

    • Personal Data provided while using the contract form or submitting a complaint;

    • other data, particularly the data obtained on the basis of the User’s online activity, including the data obtained through the Website or other channels of communication with the User, with the use of cookies or similar technology.

  1. ARE YOU REQUIRED TO PROVIDE US WITH YOUR DATA AND WHAT ARE THE PRESUMPTIVE CONSEQUENCES OF NOT PROVIDING THEM?

    The provision of Personal Data by the User on the Website is voluntary. However, it is necessary in order to take advantage of specific functions of our store, e.g. for the User to place an Order, to settle the Order (conclusion and implementation of the Sales Contract), to register an Account and to use our forms.

    Each time, the range of data required to conclude the appropriate contract is indicated on the Website (we marked the data the provision of which is required to conclude the contract/use a specific function), within the framework of other channels of communication with the User or in the Regulations. A lack of provision of Personal Data may result in it being impossible to perform the above-mentioned actions.

  2. ON WHAT LEGAL GROUNDS DO WE USE THE INFORMATION ABOUT YOU?

    The grounds for processing the User’s Personal Data is mainly the necessity to perform the contract to which the User is a party or the necessity to undertake actions at the request of the User prior to conclusion of such a contract (Article 6 Paragraph 1 Letter b) of GDPR). This mainly applies to Personal Data provided in a form during Account registration, Order placement and Sales Contract conclusion. In the case of Personal Data that we are provided with in relation to the User’s complaint, the legal grounds for processing such data is also the need to do it for the purposes of performing / handling the sales contract for the products advertised.

    In the case of data processing operations carried out for the aforementioned marketing purposes, the grounds for such processing is meeting the objectives resulting from legally grounded interests pursued by the Administrator or Administrator’s partners (Article 6 Paragraph 1 Letter f) of GDPR).

    In the case of other purposes, the User’s Personal Data can be processed under:

    1. voluntarily granted consents – e.g. of persons using the contact forms (Article 6 Paragraph 1 Letter a) of GDPR);

    2. binding provisions of the law – when the processing is indispensable for meeting a legal obligation resting with the Administrator, e.g. when the Administrator settles the sales contracts concluded under tax or accounting regulations (Article 6 Paragraph 1 Letter c) of GDPR);

    3. indispensability for purposes other than listed above, resulting from legally grounded interests pursued by the Administrator or a third party, in particular in order to establish, assert or defend claims, and to perform market and statistical analyses (Article 6 Paragraph 1 Letter f) of GDPR).

  3. WHO CAN WE PROVIDE YOUR DATA TO?

    The catalogue of recipients of Personal Data processed by the Administrator mainly results from the range of services used by the User and of the facts ascertained by the Administrator within the scope of joint administration of Personal Data, the main portion of which is indicated in item 2 above.

    The catalogue of data recipients also results from the consent of the User and provisions of the law and is made more specific as a result of the actions taken by the User on the Website.

    In the processing of Personal Data, the Administrator’s partners may participate to a limited extent, particularly those who provide technical support for efficient running of the Website, including communication with our Users (e.g. they support us in sending e-mail messages, and in the event of advertising activities – also in marketing campaigns), hosting or IT service providers, carriers or intermediaries handling Order shipments, companies that service the software, companies supporting the Administrator in marketing campaigns, and providers of legal and counselling services.

  4. IS YOUR DATA ALSO PROVIDED TO THIRD COUNTRIES (FROM BEYOND THE EUROPEAN ECONOMIC AREA)?

    Within the framework of the Administrator use of instruments supporting their current activity, provided by Google for example, the User’s Personal Data can be transferred to countries from beyond the European Economic Area and, in particular, to the United States of America (USA) or another country where a collaborating entity keeps the instruments used for processing Personal Data in collaboration with the Administrator.

    Appropriate security measures for the Personal Data provided have been ensured by the Administrator through the application of standard data protection clauses adopted under the decision of the European Commission and contracts for entrusting data for processing, meeting the requirements of GDPR. In the event of transferring data from Europe to the USA, certain entities located there (the USA) may additionally provide the appropriate data protection degree within the framework of the so-called Privacy Shield program (you can find more information on this issue at https://www.privacyshield.gov/).

    The User is entitled to receive a copy of these security measures by contacting us.

  5. WHAT ARE YOU ENTITLED DO?

    Every User is entitled, at any time, to:

    • file a complaint to the supervisory body handling personal data protection issues;

    • transfer the Personal Data that they provided the Administrator and that is processed in an automated manner under the consent or under the contract to e.g. another administrator;

    • access Personal Data (including e.g. obtain information on which elements of Personal Data are processed);

    • demand rectification and limitation of processing (e.g. if Personal Data is incorrect) or removal of Personal Data (e.g. in the case of it being processed illegally);

    • withdraw any consent given to the Administrator at any moment, whereas withdrawal of consent has no impact on processing carried out lawfully by the Administrator prior to such a withdrawal.

    • file an objection against the processing of Personal Data regarding the User that is performed for the purposes of pursuing legally grounded interests of the Administrator or a third party, including, in particular, against processing for the purposes of marketing (if any other legally significant grounds do not exist for processing that are superior with regard to the User’s interests).

  1. HOW LONG WILL WE STORE YOUR DATA?

    Personal Data may be stored for the duration of your use of the Website. In the case of marketing activities, your data will be stored until the moment of the User filing an objection or withdrawing their consent (provided that such consent was granted to the Administrator). And if the Personal Data is related to the cookie technology and similar technologies, then, depending on technical issues, your data will be stored until the time of removal of such files using browser / device settings (whereas the removal of files is not always equivalent to the removal of Personal Data obtained through these files, hence why there is an option to file an objection).

    If the processing of Personal Data depends on the User’s consent, Personal Data can be processed until such consent is withdrawn.

    In any case:

    1. Personal Data will also be stored in situations where the provisions of the law (e.g. accounting or tax regulations) force the Administrator to process them;

    2. we will store Personal Data for a longer period in case of the User having any claims towards the Administrator, for the purposes of the Administrator asserting their claims, or for the purposes of asserting claims or defending against claims of third parties, during the prescription period of such claims stipulated in provisions of the law, particularly in the Civil Code.

    Thus, depending on the scope of Personal Data and purposes of processing it, it can be stored for different periods.

  2. WILL WE SEND YOU ANY COMMERCIAL INFORMATION (E.G. TO YOUR E-MAIL ADDRESS)?

    The Administrator is in possession of the technical capability to communicate with the User remotely (e.g. via e-mail message). Commercial information related to the business conducted by the Administrator can only be sent under approval granted by the User.

  3. COOKIES

    1. Who are cookies about?

      In relation to the fact that the technology of cookies applied by the Administrator (or one functioning similarly to cookies) collects information on every person visiting the Website, the below provisions of the Policy apply to persons who use the Website, irrespective of whether they remain Users (placed Orders, reserve Products or have an Account) (hereinafter also referred to as “Visitors”).

    2. What technology are we using?

      On the Website, a technology that stores and obtains access to information on a computer or another online device (in particular with the use of cookies or related solutions) is used in order to ensure maximum comfort when using the Website, including for statistical purposes. During visits to the Website, data regarding the online activity of the Visitor may be collected automatically.

      In relation to the fact that the Administrator may take advantage of solutions functioning similarly to cookies, please also apply the below provision of the Policy to such technologies accordingly.

    3. What are cookies?

      Cookies are small pieces of text information sent by a server and saved on part of the Visitor’s device (usually on a computer’s hard drive or in a mobile device). It stores information that the Website may need to adjust to the ways in which the Visitor uses it and also to collect statistical data regarding the Website (e.g. regarding which web pages were visited and which elements are downloaded) and data on the online service provider’s domain name or country of origin of the Visitor.

    4. Do cookies collect your personal data?

      When the Visitor uses the Website, cookies that enable identifying their browser or device are used – cookies collect various kinds of information which, in principle, do not constitute personal data (they do not enable identification of the Visitor). Certain information, depending on their content and mode of use may, however, be related to a specific person – by ascribing a certain behaviour to a specific Visitor, e.g., by relating them to data provided during Account registration on the Website and may therefore be considered as personal data.

      In relation to the information collected by cookies that can be related to a specific person, the provisions of the Policy that refer to Personal Data are applied, particularly those regarding the rights of the data subject. The information regarding what is collected by cookies is also provided, among others, in the content of informative clause placed in a visible and easily accessible location during the first visit to the Website.

    5. What are the legal grounds for us using cookies?

      Obtaining and storing information with the use of cookies is possible on the basis of the consent granted by the Visitor. Normally, browsers or other software installed on a computer or a different device of the user connected to the Internet allow placement of cookies on such a device by default, and thus allow the collection of information on Visitors. The consent given to using cookies technology may be modified or withdrawn at any time in the web browser settings. Withdrawal of consent has no impact on compliance with the law with regard to processing that was carried out under the consent prior to its withdrawal (the detailed information regarding the method of withdrawing consent are presented in subsequent items of this Policy). The basis for processing the data obtained in such a manner is the justified interest of the Administrator in the form of the need to ensure the highest quality of content presented by the Administrator by adjusting it to the preferences of Visitors, as well as marketing – including direct marketing – of the Administrator’s products and services.

    6. What do we use cookies for?

      The cookies applied are intended mainly to make using the Website easier for the Visitor, for example: by ‘remembering’ the information that has already been provided previously so that the Visitor does not have to provide it each time. They are also used for adjusting the Website content to the preferences of the Visitor.

    7. Can you object to using information coming from cookies?

      The Visitor may object to the actions of the Administrator undertaken for the purpose described above.

    8. What kind of cookies do we use and are they malicious?

      Cookies used on the Website are not malicious to either the Visitor or the computer/end devices used by the Visitor and therefore we recommended not turning off support for them in web browsers. On the Website, two types of cookies are used: ‘session’ cookies that remain saved on the computer or mobile device of the Visitor until the moment of signing out from the website or shutting down the software (web browser), and ‘persistent’ cookies that remain on the Visitor’s device for the duration specified in parameters of cookies or until the moment of manual removal of cookies in the web browser.

    9. How long are we going to store the information collected by cookies?

      Depending mainly on the purposes and legal basis for the processing of Personal Data collected by cookies, they may be stored for the duration indicated in item 12 of the Policy.

      Personal Data collected by cookies and regarding a Visitor who is not a User will be stored until the moment of an objection being filed. The Administrator may delete Personal Data once it has not been used for marketing purposes for 3 years, unless the provisions of the law require the Administrator to process the Personal Data for a longer time.

      Some elements of Personal Data can be stored for a longer time in the case of the Visitor having any claims towards the Administrator, or for the purposes of the Administrator asserting their claims or defending against claims (also those of third parties), during the prescription period of such claims stipulated in provisions of the law, particularly in the Civil Code.

      What is decisive in each case is the longer period of storage of Personal Data.

    10. Cookies used at the Website

       

      Type

      Description

      Expiration time

      PHPSESSID

      Sustaining of the current session

      At the end of session

      ADUCOMMERCE[usbstock][first_session_id]

      Maintaining the status of being logged in in the configuration tool

      1 day

      MKSGRBI[mlog]

      Maintaining the status of being logged in at the usbsystem website

      1 day

      cookie_state

      Storage of information on consent to application of cookie, granted by the website visitor (consent to policy regarding cookies)

      1 year

    11. Third party cookies

      The cookies applied by the Administrator are mainly used for optimising the service provided to Visitors while they use the Website. The Administrator collaborates, however, with other companies within the scope of their marketing (advertising) activity. For the purposes of that collaboration, a browser or other software installed on the Visitor’s device also saves the cookies coming from other entities that conduct this kind of marketing activity.

      Within the framework of marketing activity, the Administrator takes advantage of Google reCAPTCHA and Google Maps services. More information on cookies of Google reCAPTCHA and Google Maps can be found in the Privacy Policy located in this link.

    12. How to delete / block cookies?

      The Visitor may change the way of using cookies via the browser, including blocking or deleting those that come from the Website (and other websites). In order to do this, it is necessary to change the browser settings. The method of deletion differs depending on the web browser used. Information on how to delete cookies should be included in the “Help” tap of the web browser chosen. The deletion of cookies is not equivalent to deletion of Personal Data obtained through cookies by the Personal Data Administrator.

      It is also possible to block the cookies of third parties with simultaneous acceptance of cookies used directly by the Administrator (“block cookies of websites of external entities” option).

    13. What will the consequences of deleting or blocking cookies be?

      Any limitation in the application of cookies in a given device makes it impossible or significantly difficult to use the Website normally and, for example, may be related to the inability to maintain a login session.

  4. HOW TO CONTACT US?

    You can contact the Administrator at any time by sending a message via mail or e-mailing the address of the Administrator stated at the beginning of this Policy, or by telephone by calling the telephone number stated at the beginning of this Policy.

    The Administrator stores correspondence for statistical purposes and in order to react in the best and the fastest possible manner to any hazards which may appear, as well as within the span of complaint settlements and decisions on administrative intervention with regard to the Account indicated made on the basis of reports. The addresses and data collected in such a manner will not be used for communication for purposes other than reacting to a report.

    In the case of contacting the Administrator in order to perform specific actions (e.g. in case of the User submitting a complaint by means of the contact form), the Administrator may turn to such a person again in order for data to be provided, including personal data, e.g. in the form of first and last name, e-mail address, etc. in order to confirm that person’s identity and enable return contact regarding a given matter and performance of the action demanded. Provision of such data is not obligatory but may be necessary in order to perform the action or obtain the information of interest to such a person.

  5. HOW DO WE SECURE YOUR DATA?

    Taking into account the state of technical knowledge, cost of implementation, and character, scope, context and purposes of processing, as well as the risk of violating the rights and freedoms of natural persons with various probability of occurrence and weight of hazard, the Administrator apply appropriate technical and organisational measures. These ensure protection of the Personal Data processed, adequate to hazards and category of data encompassed by protection and, in particular, secure the data from being supplied to unauthorised persons, it being taken by an unauthorised person, it being processed with violation of the binding regulations, or it being changed, lost, damaged or destroyed. Providing information on the technical and organisational measures applied that ensure that the protection of processing to outside entities may reduce the efficiency of such measures and thus is a threat to the appropriate protection of Personal Data.

    The Administrator provide accordingly, e.g., the following technical measures which help prevent Personal Data from being obtained, modified and then sent electronically by unauthorised persons:

    1. securing the data set against unauthorised access,

    2. implementing SSL encryption on the website,

    3. enabling access to the Account only after providing an individual login and password, consisting of about a dozen character-long hash encrypted using one-way encryption and with the use of additional random characters,

    4. making it impossible to decrypt the password and generating a new password in the case of the old one having been forgotten,

    5. providing the possibility to change the password after the first login with the use of a temporary password.

  6. LINKS TO OTHER WEBSITES

    The Website may contain links to other websites. The Administrator encourage becoming acquainted with the regulations and privacy policies applied on other websites. This Policy only applies to the indicated actions performed at the Administrator’s discretion.

  7. CAN THIS POLICY BE CHANGED AND HOW ARE YOU GOING TO LEARN ABOUT THAT?

    The Administrator may amend the Policy in the future due to the following important reasons:

    1. changes in binding regulations, particularly within the scope of protection of Personal Data, telecommunications law, and services provided electronically, as well as regulations on the right of consumers, having impact on the right and obligations of the Administrator or the rights and obligations of the subject of the data;

    2. development in functions or Electronic services resulting from progress in online technology, including application/implementation of new technological or technical solutions having impact on the scope of the Policy.

    Whenever any changes to the Policy are made, the Administrator will always publish information on such changes within the framework of the Website. Together with every change, a new version of the Policy will appear with a new date.

  8. SINCE WHEN HAS THIS VERSION OF THE POLICY BEEN VALID?

    This version of the Policy has been valid since the 12th of June 2017.