Privacy and Cookie policy of nordsign.com webpage

GENERAL PROVISIONS
This privacy policy of the webpage available at http://nordsign.com (hereinafter as: “Webpage” or “Website”) is for information purposes only, which means that it is not a source of obligations for the Webpage users. The privacy policy contains, first and foremost, the rules of personal data processing by the controller, including grounds, purposes and scope of personal data processing and rights of data subjects as well as information concerning the use of cookies and analytical tools.

The controller of personal data collected through the Webpage is Nordsign Print Republic Sp. z o.o. with its registered office in Poznan, address: Kowanowo 21, 64-600 Oborniki, NIP [Tax Identification Number] 6060031645, REGON [National Business Registry Number] 300320267, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in Poznan – Nowe Miasto i Wilda in Poznan,  8th Economic Division of KRS, under KRS no. 0000265543, e-mail address: hello@nordsign.com, contact phone number: +48533737888 (fee according to the operator’s tariff) (hereinafter as: “Company”, “Owner”, “Controller”).

Personal data are processed by the Controller through the Webpage in line with applicable law provisions, in particular in line with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “GDPR” or “GDPR Regulation”.

The official text of the GDPR Regulation

The use of the Webpage is voluntary. The use of the Webpage does not require its users to provide their personal data, except for the intent to use a contact form available on the Webpage – in such a case the user must provide their contact data (contractual requirement) within the scope specified in the Webpage terms of use (first name, surname, e-mail address) or else they will not be able to send a contact form.

The Controller exercises due diligence to protect interests of data subjects, and in particular they are responsible for and shall ensure that the data collected by them are: (1) processed lawfully; (2) collected for specified, legal purposes and not subject to further processing, which does not comply with such purposes; (3) essentially correct and adequate in relation to the purposes for which they are processed; (4) stored no longer than is necessary to achieve the purpose of the processing and (5) processed in a form which guarantees the safety of personal data, including protection against unauthorized or illegal processing or accidental loss, destruction or damage, by appropriate technical or organizational means.

Considering the nature, scope, context and purposes of processing as well as the risk of infringing upon rights or freedoms of natural persons with different probability and scale of the threat, the Controller implements appropriate technical and organizational means to make the processing compliant with said regulation and to be able to demonstrate it. When required, such means are subject to reviews and updates. The Controller applies technical means preventing unauthorized access to and modification of personal data sent electronically.

CONTROLLER’S CONTACT DETAILS:
NORDSIGN PRINT REPUBLIC SP. Z O.O.
Kowanowo 21, 64-600 Oborniki
e-mail: hello@nordsign.com
phone no: +48 533737888

GROUNDS FOR DATA PROCESSING
The Controller is authorized to process personal data in cases when – and to the extent in which – at least one of the following requirements is met: (1) data subject gave their consent to the processing of their personal data for one or more purposes; (2) processing is necessary for the performance of the contract to which the data subject is a party or actions at the request of the data subject before the contract’s conclusion; (3) processing is necessary for the fulfillment of a legal obligation of the Controller; or (4) processing is necessary for the purposes arising from the legitimate interests pursued by the Controller or a third party, except where they are overridden by the interests or basic rights and freedoms of the data subject, requiring protection of their personal data, in particular if the data subject is a minor.

The processing of personal data by the Controller requires the occurrence of at least one of the above grounds. Specific grounds for the processing of the Webpage users’ personal data by the Controller are indicated hereinbelow – in reference to a given purpose of the data processing by the Controller.

PURPOSE, GROUNDS, PERIOD AND SCOPE OF DATA PROCESSING THROUGH THE WEBPAGE
Each time the purpose, grounds, period and scope and recipients of personal data processed by the Controller result from the activities performed by a given user on the Webpage. The Controller may process personal data on the Webpage for the following purposes, on the following grounds, in the following periods and scope:

 

Purpose of the processingLegal grounds for the processing and period of data storageScope of the processing
Use of data for handling the inquiries of the Webpage user addressed to the ControllerArticle 6, clause 1, letter a) of the GDPR Regulation (consent to data processing). Data are stored for a period not longer than necessary to achieve the purposes for which they were collected or, if necessary, to comply with the applicable law, in particular for the term of the contract and the limitation period.The maximum scope:
full name, e-mail address

 

RECIPIENT OF DATA ON THE WEBSITE
For the proper functioning of the Webpage, the Controller must use the services of external entities (such as, e.g., hosting company). The Controller uses the services of only such processing entities which provide enough guarantee of implementation of such technical and organizational means so that the processing complies with GDPR Regulation requirements and protects the rights of data subjects.  

Personal data may be transferred to a third country or an international organization.

Transfer of data by the Controller does take place in each case and to all recipients or recipient categories indicated in the privacy policy – the Controller transfers data only if they have such data in their possession and if it is necessary for the achievement of a given purpose of personal data processing and only to the extent necessary for its achievement.

Personal data of Webpage users may be transferred to the following recipients or recipient categories: service providers supplying the Controller in technical, IT and organizational solutions, allowing the Controller to conduct business, including the Webpage and services provided through such Webpage (providers of computer software necessary to run the Webpage, electronic mail and hosting providers). The Controller shares the collected personal data of a user with a selected service provider commissioned by the Controller only in a case and to the extent necessary for the achievement of a given purpose of personal data processing compliant with this privacy policy.

RIGHTS OF DATA SUBJECT
Right to access, correct, limit, delete or transfer – a data subject has the right to request the Controller to access their personal data, correct, delete (“right to be forgotten”) or limit their processing and has the right to object the processing and transfer their data. The detailed terms and conditions of exercising the above rights are indicated in articles 15-21 of the GDPR Regulation.

  1. Right to withdraw the consent at any time – a person whose data are processed by the Controller based on their consent (pursuant to art. 6, clause 1, letter a) of the GDPR Regulation) has the right to withdraw their consent at any time without any influence on lawfulness of the processing, which took place based on the consent before its withdrawal.
  2. Right to lodge a complaint with the supervisory authority – a person whose data are processed by the Controller has the right to lodge a complaint with the supervisory authority in a way and mode specified by GDPR Regulation and the Polish law, in particular by the Act on the Protection of Personal Data. The supervisory authority in Poland is the President of the Office for Personal Data Protection.
  3. Right to object – a data subject has the right to object, at any time – for reasons relating to their situation – the processing of their personal data pursuant to article 6, clause 1, letter e) (public interest or tasks) or f) (legitimate interest of the Controller), including the profiling based on such provisions. In such a case, the Controller is no longer entitled to process such personal data unless they demonstrate that there are significant, legitimate grounds for the processing, overriding the interests, rights and freedoms of a data subject or grounds for establishing, pursuing or defending claims.
  4. Right to object direct marketing – if personal data are processed for the needs of direct marketing, a data subject has the right to object, at any time, the processing of their personal data for the needs of such marketing, including profiling, insofar as the processing is related to such direct marketing.

For the purpose of exercising the rights mentioned hereinabove you may contact the Controller by sending a relevant message by standard mail or by e-mail to the address of the Controller indicated at the beginning of the privacy policy or using a contact form available on the Webpage.

COOKIE FILES ON THE WEBPAGE
Cookie files (cookies) are small bits of information in the form of text files, sent by a server and stored on the computer of the Webpage visitor (e.g., on a hard drive of a computer, laptop or a smart phone’s memory card – depending on the device used to visit the Webpage). Detailed information concerning Cookies, including their history can be found here.

The Controller may process data contained in Cookie files during the use of the Webpage by the visitors for the following purposes: (1) implementation of basic functionalities of the Website such as maintaining the user’s session, storing dynamic data, e.g., statistics, summaries and (2) adjust the content of the Website to the individual preferences of the Service Recipient (e.g. language).

As a standard, most of web browsers available on the market accept storage of Cookies by default. Each user has the possibility to specify the terms and conditions of using Cookie files in settings of their web browser. This means that it is possible to, e.g., restrict (e.g. in time) or disable Cookies – the latter may influence some functionalities of the Webpage.

The Cookie settings of a web browser are important in view of the consent to the use of Cookie files by the Webpage and the Controller – pursuant to the provisions, such consent may be also expressed through browser settings. Should the user decide not to give such consent, they should change the Cookie settings of their web browser.

Detailed information on changing Cookie settings and their removal in the most popular web browsers are available in the Help section of each browser and on the following pages (just enter a given link):

FINAL PROVISIONS
The Webpage may contain links to other webpages. The Controller recommends that you learn about their respective privacy policies when visiting other webpages. This privacy policy relates only to the Controller’s Webpage.