Andrychów, 10th June 2019
Dear Sir/Madam,
With consideration to the entry into force of the provisions of Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter “GDPR”), and in particular Article 13 GDPR, we kindly inform you of the following.
PRIVACY POLICY
1. The controller of personal data collected via the Website www.donedeliveries.com (hereinafter referred to as "the Website"), the entity deciding how your personal data will be used, is DONE Deliveries Spółka z ograniczoną odpowiedzialnością sp.k., ul. Batorego 35, 34-120 Andrychów (hereinafter referred to as: "the Controller" or "the Moderator").
The data controller is responsible for the security of transferred personal data and its processing in accordance with the law.
Contact with the Controller is possible via the e-mail address: IOD@donedeliveris.com.
In matters related to the protection of personal data, please contact our Data Protection Officer: IOD@donedeliveris.com
2. Personal data is processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: “GDPR”) and other currently applicable (i.e. throughout the entire period of processing of certain data) provisions of the Personal Data Protection Act.
3. In each event the purpose and scope of data processed by the Controller shall result from a concluded agreement, the consent of the Website’s user or provisions of law, and are further specified as a result of actions taken by the user.
CONTACT FORM
4. The Controller processes personal data in order to contact the user and answer questions asked via the contact form available on the website www.donedeliveries.com/eng/contact, including the preparation of an offer (legal basis - Article 6(1)(f) GDPR “legitimate interest”).
5. The transfer of the data indicated in the contact form is voluntary, but necessary to contact the user in order to respond to queries. The consequence of not providing the required personal data is the impossibility of contact with the user.
6. The Controller has the right to process personal data for the period necessary to achieve the purpose indicated in Section 4 above, i.e. until the moment a response is sent to the user’s query.
7. Employing all guarantees of data security, the Controller may transfer the user’s personal data – in addition to persons authorized by the Controller – to other entities, including:
8. The Controller will not transfer the user’s personal data to states outside the European Economic Area (to countries other than European Union Member States, Iceland, Norway and Liechtenstein).
9. In connection with the processing of personal data by the Controller, the User is entitled to:
10. To exercise these rights, it is necessary to contact the Controller via the e-mail address IOD@donedeliveris.com
NEWSLETTER
11. The Controller processes personal data in order to provide marketing information to persons interested in the offer via the newsletter (legal basis - Article 6(1)(f) GDPR).
12. The transfer of personal data is voluntary but necessary to receive marketing information. The consequence of not providing the required personal data is the inability to send newsletters to the user.
13. The user using the newsletter may at any time and without providing a reason refuse to receive it, in particular by clicking on the deactivation link in every e-mail sent to the user or by writing to the following address: IOD@donedeliveris.com
14. The Controller has the right to process personal data until the user withdraws his consent.
15. The Controller may transfer the user’s personal data - in addition to persons authorized by the Controller - to other entities, including:
16. The Controller will not transfer personal data of the user to countries outside the European Economic Area (to countries other than European Union Member States, Iceland, Norway and Liechtenstein).
17. In connection with the processing of personal data by the Controller, the User is entitled to:
18. To exercise these rights, it is necessary to contact the Controller via the e-mail address IOD@donedeliveris.com
BLOG
19. The Controller processes personal data in order to enable the user to exchange information, including adding comments on the Controller's blog, as well as to answer the user's questions (legal basis - Article 6(1)(a) GDPR) - "consent".
20. The transfer of personal data is voluntary but necessary to use the blog. The consequence of not providing the required personal data is the inability to add comments to the Controller’s blog.
21. The user may at any time and without giving a reason withdraw consent to processing of personal data, which will be understood as ceasing to use the blog.
22. The Controller has the right to process personal data until the user withdraws his consent.
23. The Controller may transfer the user’s personal data - in addition to persons authorized by the Controller - to other entities, including:
24. The Controller will not transfer personal data of the user to countries outside the European Economic Area (to countries other than European Union Member States, Iceland, Norway and Liechtenstein).
25. In connection with the processing of personal data by the Controller, the User is entitled to:
26. To exercise these rights, it is necessary to contact the Controller via the e-mail address IOD@donedeliveris.com
ELECTRONIC SERVICES (E-LEARNING)
27. The Controller processes personal data for the following purposes:
28. The provision of personal data is voluntary, but is necessary for the conclusion of an agreement, including for registration on the e-learning platform.
29. The Controller may process personal data for the purpose of sending commercial information (to an e-mail address) and for direct marketing purposes (using a telephone number) on the basis of separate consents, pursuant to the Telecommunications Act and the provisions of the Provision of Electronic Services Act.
30. The Controller has the right to process personal data for a period necessary to implement the objectives set out in Section 27 above. Depending on the legal basis, this will be:
31. Employing all guarantees of data security, the Controller may transfer the user’s personal data – in addition to persons authorized by the Controller – to other entities, including:
32. The Controller will not transfer personal data of the user to countries outside the European Economic Area (to countries other than European Union Member States, Iceland, Norway and Liechtenstein).
34. To exercise these rights, it is necessary to contact the Controller via the e-mail address IOD@donedeliveris.com
SOCIAL MEDIA AND LINKS TO THIRD PARTY WEBSITES
35. Our website contains links (so-called plugins) to other websites. Thanks to this, you can visit our profile in social media such as Facebook, Twiter, Linkedin. In this regard, the social network is their co-controller. However, data is processed in connection with our profile, including for the purpose of promoting our company. Legal basis: Article 6(1)(f) of the RODO, i.e. "legitimate interest".
36. The scope of personal data processing, specific purposes and rights and obligations of persons visiting a social networking site (i.e. co-controller) result directly from the rules of the social networking site, so we encourage you to familiarize yourself with its content.
RECORDING OF PHONE CALLS
Please be informed that telephone calls made by our Company will be recorded. Therefore, we would like to inform you that:
37. The controller of your data is DONE Deliveries sp. z o.o. sp. k. with its seat in Andrychów at ul. Batorego 35. Our contact details: compliance@donedeliveries.com Data Protection Officer’s contact details: iod@donedeliveries.com.
38. Personal data collected using the telephone call recording system will be used in order to review the quality of the services we provide, on the basis of legitimate interest and pursuant to Article 6(1)(f) of the GDPR.
On the same legal basis, personal data may also be processed in order to establish or pursue claims or to defend against claims, namely with reference to their statute of limitations.
39. Provision of data in connection with telephone call recording is voluntary and thus failure to provide them does not produce adverse legal effects. However, depending on the service type that your call concerns, providing data may legally be obligatory, thus their provision may be necessary. Failure to provide data may make rendering such a service impossible.
40. Records from telephone call recording systems will be stored no longer than three months from the date of recording. If a recording serves as proof in court or administrative proceedings, this term will be prolonged until the final conclusion of the proceedings. After the ends of these terms, recordings containing personal data will be destroyed.
41. You may apply to us:
INFORMATION ON DATA PROCESSING IN THE RECRUITMENT PROCESS
CONCLUDING PROVISIONS
48. The Controller protects personal data processed by him in accordance with generally applicable provisions on the protection of personal data and information security.
49. This privacy policy is for information purposes and concerns only the Website www.donedeliveries.com. The Website may contain links to other websites. The Controller suggests that each user, after opening other websites, should read the privacy policy in effect there.
50. The Controller reserves the right to make changes to this privacy policy in conjunction with technological developments, changes to generally applicable provisions of law, including in the scope of personal data protection, and in conjunction with development of the Website.
COOKIES
51. The Administrator collects information obtained automatically - system logs (so-called event logs), containing in particular public IP addresses and MAC identifiers of users visiting the Website and using the services provided as part of the Website. System logs are used by the Administrator for statistical purposes. Collective summaries in the form of statistics do not contain any features that identify users visiting the Website.
52. The administrator, pursuant to the provisions of Art. 173-174 of the Telecommunications Act of 16 July 2004, informs about the use of cookies, which are used to collect information on the use of the Website by users www.donedeliveries.com (hereinafter: "the Website").
53. The Website uses cookies - text files stored in the user's end device and applied in the use of the Website’s pages. We use these types of cookies:
54. The purpose of using cookies by the Website is:
55. Only anonymous statistical data about users are collected using cookie technology. Information obtained through cookies is not assigned to a specific person and does not allow identification of individuals.
56. When visiting the Website, at least one cookie file is sent to the user's end device in order to uniquely identify the browser. Information sent by the user's browser is automatically registered by the Website.
57. The Administrator may share data related to cookies to external entities, including entities that process data on behalf of the Administrator, e.g. technical service providers and entities providing consultancy services.
58. Cookies may also be deployed and used by advertisers and partners cooperating with the Administrator.
59. The Website may contain buttons, tools or content that directs to other companies' services, among others: plug-ins of social networks (e.g. Facebook, Twitter, LinkedIn). Using these applications may result in sending information about users to the indicated external entities.
60. Cookies, information stored by them and access to this information do not change the configuration of the end device or software installed on this device.
61. The user may change the settings or disable cookies at any time in their browser, but this may result in improper functioning of the Website.
62. If the user does not change the default settings of the browser concerning cookies, these files will be placed on the end device and will be used in accordance with the rules set by the browser provider.
63. Information on the management of cookies in individual browsers - including in particular instructions on blocking the receipt of cookies - can be found on webpages dedicated to each browser:
• Chrome
• Firefox
• Internet Explorer
• Opera
• Safari
Remember that you also have: