This document describes how “Weber & Weber” Sp. z o.o., with its registered office in Puńców at ul. Cieszyńska 229, uses the information and data provided to it in order to ensure optimal use of our services provided via our website.
“Weber & Weber” Sp. z o.o. processes personal data provided to it (via the website, registration form or in any other manner) or otherwise held by it, in the manner and for the purposes specified in this Privacy Policy. The collection and processing of personal data is carried out in accordance with applicable data protection laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Who is the controller of personal data?
The controller of your personal data is “Weber & Weber” Sp. z o.o., with its registered office in Puńców (43-400 Cieszyn), ul. Cieszyńska 229, entered in the register of entrepreneurs kept by the District Court in Bielsko-Biała, 8th Commercial Division of the National Court Register, under number 0000050250, REGON 072363548, NIP 5482288774.
If you have any questions or requests related to the processing of personal data or wish to exercise your rights specified in clause 4 below, please contact us by phone at +48 33 852 91 00 or send an e-mail to info.pl@webermed.com.
What personal data do we collect? For what purpose and how long do we store it?
We process personal data only to the extent required by individual services that we provide or for other processing purposes, namely:
For customer registration purposes, we process personal data including first name, last name, residential address, e-mail address, password provided during registration, phone number, bank account number and tax identification number (NIP). Customers may purchase products offered via our website; however, prior registration is required. In such cases, the legal basis for processing is the performance of a contract (i.e. sale of the products offered). Personal data is processed for the duration of the contract.
In order to comply with specific legal obligations to which we are subject, in particular those arising from accounting regulations or tax law, we process personal data including first name, last name, residential address and bank account number. The legal basis for processing is the necessity to comply with legal obligations. Personal data is processed for the duration of the contract and after its termination for the period specified by applicable regulations, but no longer than 6 (six) years.
Pursuant to Article 10(2) of the Act of 18 July 2002 on the provision of electronic services and Article 172(1) of the Act of 16 July 2004 – Telecommunications Law, we may contact you by e-mail or telephone for the purpose of promoting our products and services. You may object to receiving such marketing information at any time (i.e. resign from our database). Your contact details used for this communication will be processed for the duration of the contract unless you opt out of such communication.
For the purpose of disseminating commercial information about our services, we may process personal data including e-mail address and phone number. This processing is based on consent granted during the registration process. Personal data will be processed for the duration of the consent.
Additionally, we may need to process and store personal data including first name, last name, phone number, residential address, e-mail address, bank account number and tax identification number (NIP) in order to pursue or defend against potential future claims. This processing is based on our legitimate interest or that of a third party. Personal data will be processed for the period necessary to achieve this purpose, but no longer than 10 (ten) years from the start of the statutory limitation period in each individual case.
To whom do we disclose personal data?
Personal data may be disclosed to reliable external entities providing us with administrative, technical or marketing support, i.e. data processors, provided they are subject to a confidentiality obligation. We may also disclose personal data to payment institutions if necessary to provide our services related to the sale of products, and to external advisors, also subject to confidentiality obligations. In addition, where required by law, e.g. as indicated in point 2.2 above, we disclose personal data to authorized authorities.
Access to personal data is granted only to a limited number of our employees, who are obliged to maintain confidentiality and comply with security measures to protect such data. These employees are authorized to process personal data solely on the basis of explicit instructions.
What rights do data subjects have in connection with the processing of their data?
Consent to the processing of personal data is entirely voluntary and may be withdrawn or limited at any time. A person whose personal data is processed for direct marketing purposes or on the basis of legitimate interest also has the right to object to such processing at any time.
Under certain circumstances and conditions, customers are entitled to additional rights, including the right of access to personal data, the right to rectify or erase personal data, the right to restriction of processing, the right to data portability, and the right to lodge a complaint against “Weber & Weber” as the controller with the relevant data protection authority.
How long do we store customers’ personal data?
We store personal data no longer than necessary to fulfill the purpose of the given processing, i.e. typically for the duration of the contract or for the period explicitly required by applicable law. If personal data is processed on the basis of consent, such data will be processed only for the duration of the consent, which may be withdrawn or limited at any time. In such a case, we will cease processing personal data for the purposes covered by the withdrawn or limited consent.
What happens if there are changes to the processing?
Any changes we may introduce to this Privacy Policy in the future will be communicated via agreed communication channels. We recommend periodically reviewing this Privacy Policy in case any changes are introduced.
