PRIVACY POLICY MABION S.A.
1. Privacy Policy
This Privacy Policy defines the rules for the processing of Personal Data obtained by the Controller through the Website, as well as in connection with communications with Users or other entities.
2. Controller of Personal Data and owner of the Website
The Controller of the Personal Data is Mabion S.A. with its registered office in Konstantynów Łódzki, ul. Gen. Mariana Langiewicza 60, 95-050 Konstantynów Łódzki, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for Łódź-Śródmieście in Łódź, 20th Commercial Division of the National Court Register, with KRS number: 0000340462, NIP: 7752561383, REGON: 100343056, share capital of PLN 1,616,232.60, paid up in full (hereinafter referred to as “Controller” or “Data Controller” or “Owner”).
The Controller can be contacted by e-mail: info@mabion.eu or by post to the registered office address: ul. Gen. Mariana Langiewicza 60, 95-050 Konstantynów Łódzki
3. Basis for processing
The basis for the processing of Personal Data is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (OJ L 119/1, 4.5.2016), (“GDPR”). In the case of Personal Data processed in connection with communications with the Controller, the basis for processing is Article 6(1)(a) or (b) or (c) or (f) of the GDPR. The legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consists of the need to ensure security regarding the use of the Website and communication with the Controller, as well as to improve the performance of the functionalities featured on the Website. Legitimate interest is also represented by the establishment, assertion and defence of claims arising from or in connection with the use of the Website before courts and other state authorities.
4. Processing
The processing of Personal Data shall mean processing within the meaning of the GDPR, i.e. any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal Data will not be processed by automated means, including by means of profiling.
5. Voluntary nature of processing
The processing of Personal Data of Users and other entities communicating with the Controller is voluntary, but necessary for the purpose of such communication. Refusal to the processing of data may hinder or prevent cooperation or contact with the Controller.
6. Data recipients
Data Recipients are all participants of the communication (including by email), as well as possibly other authorised employees or associates of the Controller. The Recipients may also include entities authorised to handle servicing and authorised entities with whom the Controller has entered into an agreement for the provision of IT system maintenance services, as well as other authorised entities which the Controller uses in the course of its business and to whom it has entrusted the processing of personal data on the basis of personal data entrustment agreements or other equivalent agreements. The Data Recipients may also include authorised institutions as defined under applicable legislation, as well as other entities indicated by the User in a separate declaration of consent (if such a declaration has been made).
7. Duration of processing
The data shall be stored for the period necessary to provide the service requested by the User or for the period necessary to achieve the purpose for which they were collected (including the settlement of the matter associated with the communication), or for the period determined by the purposes described herein, but for no longer than until the period of limitation of claims has expired.
8. Rights relating to Data processing
Users and other persons communicating with the Controller shall have the right of access to their Personal Data, to have them rectified, erased, have their processing restricted, to data portability, to lodge an objection, to withdraw consent (if the processing is based solely on consent) – but this shall not affect the lawfulness of the previous processing. Such individuals shall also have the right to lodge a complaint with the President of the Personal Data Protection Office if they consider that the processing of their Personal Data breaches the provisions of the GDPR.
9. Types of data collected
The types of Personal Data that the Website collects, either by itself or through third parties, include: Cookies, Usage Data, E-mail, First Name, Last Name.
The Personal Data processed by the Controller shall also include any other data that the User or any other party communicating with the Controller transmits, in particular through a contact form or e-mail.
Other collected Personal Data may be described in other sections of this Privacy Policy or in a context, using dedicated text displayed when collecting the Data. Personal Data may either be freely provided by the User or automatically collected when using the Website.
Any use of Cookies – or other monitoring tools – by the Website or by the owners of third party services used by the Website, unless otherwise indicated, is for the purpose of identifying Users and saving their preferences, for the exclusive purpose of providing the services requested by the User. Not providing certain Personal Data may make it impossible or difficult to use the Website.
The User shall be liable for the Personal Data of third parties posted or made available through the Website and declares his/her right to communicate with or transmit to such parties, releasing the Data Controller from any liability in this scope.
10. Place
As a rule, the data are processed at the registered office or other offices of the Data Controller, as well as at other places where processing parties are located, within the European Economic Area (“EEA”). The Personal Data may be transferred outside the EEA.
The Data Recipient is Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). To obtain additional information on the purposes, scope of Google’s collection and processing of Data, please refer to the websites listed below: Google Analytics Terms of Service – https://www.google.com/analytics/terms/gb.html, General overview of Google Analytics security and privacy principles – https://support.google.com/analytics/answer/6004245?hl=en, Google privacy policy – https://policies.google.com/privacy?hl=en.
Should the Data be transferred to a country outside the EEA which, according to the European Commission, does not guarantee an adequate level of data protection, it will take place on the basis of an agreement incorporating the requirements of the European Union for the transfer of data outside the EEA and using clauses ensuring the security of data processing, which can be found at the following website: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
For more information, feel free to contact the Data Controller as well.
11. Methods of processing
The Data Controller processes the Data of the Users correctly and takes appropriate security measures to protect the Data from unauthorised access, disclosure, alteration, or unauthorised destruction.
The Data are processed by means of computers and/or IT tools, in line with organisational procedures and means strictly related to the purposes indicated. In certain cases, the Data may be accessed by specified types of persons responsible for IT system operations (administration, sales, marketing, legal system, system administration) or by external entities (such as technical service providers, postmen, hosting providers, IT companies, communication agencies) designated, if necessary, as Data Processors by the Controller. Additional information in this respect is included above in the “Data Recipients” section.
USE OF COLLECTED DATA
Data relating to the User are collected to enable the Website to provide its services, as well as for the following purposes: Analytics, Contact with the User.
The Personal Data used for each purpose, including communication with the Controller, are described in the different sections of this document.
INFORMATION ON THE PROCESSING OF PERSONAL DATA
Personal Data may be collected for the following purposes and for the following services:
Analytics
The services included in this section enable the Owner to monitor and analyse network traffic. They may also be used to track the User’s behaviour.
Google Analytics
Google Analytics is a web analytics service provided by Google Ireland Limited. (“Google”). Google uses the data collected to track and research the use of the Website, to prepare reports on Website activities and to share them with other Google services. Google may use the Data collected to contextualise and personalise ads from its own advertising network.
Provider: Google
Purpose: Analytics
Personal data: Cookies, Usage Data
Place of data processing: Ireland Privacy Policy Page
Piwik
Piwik is analytics software used by this Website to analyse data directly, without the intervention of any third persons.
Provider: The Website
Purpose: Analytics
Personal data: Cookies, Usage Data
User communication
Communication of the Controller with the User or any other entity.
Communication with the User in any form, in particular by e-mail.
Provider: The Website or another service provider enabling electronic communication
Purpose: communication
Personal data: Cookies, Email address, First name, Last name, other Data provided by the User or another entity communicating with the Controller
ADDITIONAL DATA ON DATA COLLECTION AND PROCESSING
Legal actions
Personal Data of the User or any other party communicating with the Controller may be used for legal purposes by the Controller, in court or in activities leading to possible legal actions resulting from the misuse of the Website or its associated services.
The User should be aware that the Controller may be obliged to disclose Personal Data upon request of authorities.
Additional information on the User’s Personal Data
Apart from the information contained in this Privacy Policy, the Website may provide the User with additional and contextual information regarding specific services or the collection and processing of Personal Data upon request.
System logs and maintenance
For the purposes of operation and maintenance, the Website and any services provided by third parties may collect files recording interactions with the Website (system logs) or use other Personal Data (such as IP address) for this purpose.
Information not included in this Privacy Policy
Further details of the collection or processing of Personal Data can be obtained from the Data Controller at any time. Contact details can be found at the beginning of this document.
Users’ rights
At any time, the Users shall have the right to know whether their Personal Data has been stored and to consult the Controller to learn about the data content and origin in order to verify their accuracy or to request their completion, cancellation, update or rectification, or to convert them to anonymous form or to block any data stored in violation of law regulations, as well as to object to their use for any legitimate reason. Such requests should be sent to the Data Controller using the contact details provided above.
The Website does not support “Do Not Track” requests.
To determine whether any of the third party services support “Do Not Track” requests, please read their privacy policies.
Changes to this Privacy Policy
The Data Controller reserves the right to change this Privacy Policy at any time by notifying its Users through the Website. It is recommended to check the Website frequently, paying attention to the date of the last modification listed at the bottom. Should the User object to any change in the Policy, they must stop using the Website and may request the Data Controller to erase the Personal Data. Unless otherwise indicated, the Privacy Policy in force at that time shall apply to all Users’ Personal Data held by the Data Controller.
LEGAL DEFINITIONS AND REFERENCES
Personal Data (or Data)
Personal Data within the meaning of the GDPR, i.e. any information relating to an identified or natural person who is or can be identified, even indirectly, by information including a personal identification number or any other identifier such as a name, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
Usage Data
The information collected automatically from the Website (or from third parties’ services used on the Website), which may include: the IP addresses or domain names of the computers used by Users who access the Website, URI (Uniform Resource Identifier) addresses, request times, methods used to send requests to the server, size of files received in response, numerical code indicating the state of the server’s response (success, error, etc.), country of origin, characteristics of the browser and operating system used by the User, various data relating to the visit (e.g. time spent on each page of the Website) and details of the path followed by the User on the Website, with particular reference to the sequence of pages visited, and other parameters relating to the operating system and/or IT environment of the User’s device.
User
A person using the Website who must coincide with or have the permission of a Data Subject of the Personal Data.
Data Subject
The natural person to whom the Personal Data relate.
Data Processor (or Data Supervisor)
A natural person, legal entity, public administration or any other body, association or organisation authorised by the Controller to process Personal Data in compliance with this Privacy Policy.
Data Controller (or Owner)
A natural person, legal entity, public administration or any other body, association or organisation having the right, also jointly with another Controller, to decide on the purposes and methods of the processing of Personal Data and the measures applied, including security measures concerning the operation and use of the Website. Unless otherwise indicated, the Data Controller is the owner of the Website.
Website or Webpage
Website at: www.mabion.eu
Cookies
A small piece of data stored on the User’s device. For further details on Cookies, please refer to our Cookies Policy.
Legal information
Information for Users in Europe: This Privacy Policy has been drawn up in order to comply with the obligations arising from Article 10 of Directive 95/46/EC, and in compliance with the provisions of Directive 2002/58/EC, as amended by Directive 2009/136/EC, on cookies.
COOKIE POLICY
Cookie policy
The Cookie Policy is intended to explain what cookies are and how we use them, to describe the types of cookies we use, i.e. the information we collect through cookies and how this information is used, and how to control cookie preferences.
For further information on how we use, store and protect Personal Data, please refer to our Privacy Policy.
You can change your cookie preferences on our Website at any time. For more details on how you can contact us and how we process personal data, please refer to our Privacy Policy.
What are Cookies?
Cookies are small text files used to store small amounts of information. They are stored on your device when the Website is viewed in your browser. The Cookies help us to make the Website run properly, make it more secure, provide a better User experience and help us to analyse how the Website is performing and also where improvements are required.
How do we use Cookies?
As with most online services, our Website uses its own Cookies and those of other services for several purposes. The Website’s own Cookies are mostly necessary for the proper operation of the Website and do not collect any personally identifiable information on the User. However, third party Cookies used on our Website are mainly used to understand how the Website works, how you interact with our Website, to ensure the security of our services, and altogether to provide a better experience for our Users and to help us plan changes relating to our Website.
What types of Cookies do we use?
Functionality: some Cookies are necessary to enable you to use our Website’s full functionality. They enable us to preserve User sessions and prevent any security risks. They neither collect nor store any Personal Data.
Preferences: These Cookies help us store your settings and browsing preferences, such as language preferences, to ensure you have a better and more efficient experience during future visits to the Website.
Statistics: these Cookies store information such as the number of Website visitors, the number of unique Users, pages of the Website that have been visited, visit sources, etc. These data help us understand and analyse how the Site is performing and where it needs improvement.
Marketing: Our Website may display ads. In such a case, these Cookies will be used to personalise the advertisements we show so that they are meaningful to you. These Cookies will also help us to monitor the effectiveness of these advertising campaigns. The information stored in these Cookies may also be used by third-party advertising providers to display advertisements on other sites in your browser.
The list below summarises the Cookies used by our Website.
Cookie type | Cookie | Function |
Functionality | _grecaptcha | Provides spam protection through a captcha mechanism. |
Marketing | rc::c | Filtering of machine requests. |
Statistics | _ga | Counting and tracking views of our Website. Used to differentiate between Users. |
Statistics | _gcl_au | Used by Google AdSense to experiment with the performance of ads on websites using Google services. It is the first Cookie for the “Conversion Linker” function – it collects information in the form of advertising clicks and stores it in the first page’s Cookie so that conversions can be attributed beyond the landing page. |
Statistics | _gat_gtag_UA_* | Storage of a unique User ID. |
Preferences | pll_language | A record of language preferences. |
How can I control my Cookie preferences?
Different browsers provide different methods of blocking and deleting Cookies used by websites. You can change your browser settings to block/delete Cookies. For further details on managing and deleting Cookies, please visit wikipedia.org, www.allaboutcookies.org.