SERVICE PRIVACY POLICY FOR GALACTICA GENERAL PARTNERSHIP COMPANY
§ 1
-
The administrator of the personal data supplied by you is GALACTICA General Partnership Company with the principal place of business in the city of Bydgoszcz , on 189 Fordońska street, registered in the National Court Commercial Registry Department, entered into the Business Activity Register in Bydgoszcz Regional Court under National Court Register Number (KRS) 0000235648, Taxpayer Identification Number (NIP) 5542637995, hereinafter referred to as the “Administrator”. The Administrator processes your personal data.
-
The Administrator may be reached:
- Over the phone: by dialing the number +48 525208800
- In writing by regular mail to the address of correspondence : 189 Fordońska street, zip code 85-739, Bydgoszcz, Poland
- By e-mail to the address : kontakt@galactica.pl
-
The legal basis for processing your personal data is:
- Your personal consent for processing the personal data as well as receiving marketing materials, indicated in the on-line form published on the Administrator’s website used by the Administrator for commercial purposes.
- Necessity resulting from the legitimate business interests pursued by the Administrator , such as providing and forwarding information regarding the Administrator's legal and commercial activity as well as products’ offered, reliable execution of the obligations incurred by the Administrator, in particular implementation of the agreements, provisioning of products/services at the highest standards, as well as providing information concerning the Administrator. Processing the aforementioned data scope falls within the business activity of the Administrator and is necessary to provide customers with information concerning products and services,
- In case of a contract being concluded - the need for reliable performance of its obligations.
-
Your personal data may be processed in order to:
- present an offer regarding services or products offered by the Administrator, as well as information concerning new solutions being introduced,
- provide information and messages concerning marketing communications,
- supply information regarding meetings, deals and other activities related to the Administrator's activity.
-
In case an agreement is concluded with the Administrator covering the provisions of the aforementioned services, your data will be used for purposes related to the reliable implementation of such an agreement, including accounting records and processing of any complaints.
-
Your personal data may be made available to recipients who directly perform activities as part of the services performed or recipients through which the Administrator carries out marketing or information activities.
-
Your personal data will not be forwarded to recipients based in a third countries, i.e. outside the European Economic Area.
-
You have the right to:
- Request access to your personal data, rectification, deletion or limitation of personal data processed by the Administrator,
- Object to data processing,
- Transfer the personal data,
- Lodge a complaint to supervisory authority.
- In order to exercise the privileges you need to submit the application through data provided stipulated in the paragraph 3 herein.
-
Your personal data will not be subject to automated decision making, including profiling.
-
Your personal data will be processed:
- based on the consent given - until it is withdrawn or the purpose for which the data was collected ceases. The consent given may be withdrawn at any time without affecting the lawfulness of the processing based on the consent before its withdrawal,
- Concerning the implementation of the contract concluded with the Administrator - until the expiry of the period during which the Administrator or the State may assert claims related to the concluded contract, or until the expiry of the period within which proceedings may be initiated by public administration bodies regarding the performance of the contract,
- Regarding the information and marketing activities - until the Administrator is done conducting activities consisting of offering products and services and conducting marketing campaigns.
§ 2
-
The website you use, available at: galactica.pl (Website), does not automatically collect any information, except for the data contained in cookies.
-
Cookie files (so-called "cookies") are computer data, mainly text files, that is stored in end-devices of the Website User and is intended for use with the pages of the Web Service. Typically, cookies contain the name of a website from which they come, their storage time on end-devices and a unique number.
-
The Website Administrator places cookies in Website Users' end-devices and has direct access to them.
-
Cookies are used for the following purposes:
- adjust the content of the Website pages to the user's preferences and optimizing the use of websites. These files allow to recognize the Service user's device and properly display the website, tailored to one’s individual needs,
- creating statistics that help to understand how Website Users use web pages, which may lead to improvement of the structure and its content,
- maintain Website Users' session (after logging in) due to which each user does not have to retype the name and password after browsing the pages.
-
The Website and Services use the following types of cookies:
- "Necessary" cookies, enabling the use of services available on the Website, e.g. authentication cookies used for services that require authentication on the Website,
- cookies used to ensure security, e.g. used to detect fraud in the field of authentication on the Website,
- "Performance" cookies, enabling the collection of information on how to use the Service's websites,
- "Functional" cookies, enabling "remembering" the settings selected by the user and personalizing the user interface, e.g. in terms of the language or region of the user's origin, font size, website appearance, etc.,
- "Advertising" cookies, enabling users to provide advertising content more tailored to their interests.
-
In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies on the user's end device. Website Users can change cookie settings at any time. These settings can be changed in particular in such a way, as to block the automatic handling of cookies in the web browser’s settings or to inform about them every time they are placed on the Website user's device. Detailed information regarding the possibilities and ways of handling cookies is available in the software (web browser’s) settings.
-
The administrator states that restrictions on the use of cookies may affect some of the features available on the Website.
-
Advertisers and partners cooperating with the Website Operator can also use cookies placed on Website Users’ end-devices.
-
More information concerning cookies can be found in the "Help" section of the internet browser’s menu.
§ 3
-
The administrator has formulated individual goals in the area of personal data security and has taken actions necessary for their occurrence in the enterprise such as:
- ensuring the processing of personal data in accordance with the law, fairly and transparently for the data subject ("legal compliance, reliability and transparency"),
- ensuring the collection of personal data for specific, explicit and legitimate purposes and not further processing in a manner incompatible with those purposes ("purpose limitation"),
- ensuring the collection of personal data adequate, relevant and limited to what is necessary for the purposes for which it is processed ("data minimization"),
- The Administrator takes steps to ensure that personal data is correct and updated if necessary, as well as all reasonable actions so that personal data that is incorrect in the light of the purposes of their processing is immediately deleted or corrected ("correctness"),
- The Administrator undertakes that personal data is stored in a form that allows identification of the person to whom it is relate, for no longer than is necessary for the purposes for which the data is processed ("storage restriction"
- The Administrator undertakes that the personal data is processed in a manner that ensures its appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organizational measures ("integrity and confidentiality").
-
The objectives stipulated in the paragraph 1 are implemented by taking appropriate actions and applying effective safeguards in particular such as:
- providing adequate security of IT systems in which personal data is being processed,
- bringing the awareness and knowledge of employees / colleagues in the field of personal data security,
- informing employees / co-workers concerning the consequences, including disciplinary ones, in the event of a breach in regards to personal data security,
- granting access to documents, materials or systems containing personal data only to authorized persons,
- securing documents, materials or systems against loss or destruction of personal data stored therein
- implementation of detailed rules determining the manner of managing user rights and authentication rules in all systems operated by the Administrator,
- conducting thorough tests when introducing and preparing new software,
- reporting incidents related to information security,
- regular risk analysis in the area of information security and setting actions in order to minimize potential risks,
- entrusting personal data only to such third parties that provide sufficient guarantees for the implementation of appropriate technical and organizational measures so that the processing meets the requirements of generally applicable law, of this aforementioned document and protects the rights of data users.
-
Taking into account the state of technical knowledge, the cost of implementation, the nature, the scope, the context and purposes of processing, as well as the risk of violation of the rights or freedoms of individuals with different probability of occurrence and severity of the threat resulting from processing, the Administrator has implemented - both in determining the methods of processing and during the processing itself - appropriate technical and organizational measures designed to effectively implement the principles of data protection so, as to meet the requirements coming from generally applicable laws in order to protect the rights of data users.