+48 58 667 37 10
biuro@beditom.pl
FOR PARTNERS

Beditom

PRIVACY POLICY

PRIVACY POLICY OF BEDITOM.PL

TABLE OF CONTENTS:

  1. GENERAL PROVISIONS
  2. THE BASIS OF DATA PROCESSING
  3. PURPOSE, BASIS AND DURATION OF DATA PROCESSING ON THE WEBSITE
  4. RECIPIENTS OF DATA ON THE WEBSITE
  5. PROFILING ON THE WEBSITE
  6. RIGHTS OF THE DATA SUBJECT
  7. COOKIES ON THE WEBSITE AND ANALYTICS
  8. FINAL PROVISIONS

§ 1     GENERAL PROVISIONS

  1. This Website privacy policy is for information purposes only, which means that it does not create obligations for Website Users. The Privacy Policy primarily contains rules concerning the processing of personal data by the Controller on the Website, including the grounds, purposes and duration of the processing of personal data and the rights of data subjects, as well as information on the use of Cookies and analytical tools on the Website.
  2. The Controller of the personal data collected via the Website is BEDITOM SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ company with its registered office in Gdynia (registered office and correspondence address: ul. Północna 1d, 81-029 Gdynia), entered in the Register of Entrepreneurs of the National Court Register under KRS no.: 0000948691; register court where the company's documentation is kept: District Court Gdańsk - Północ in Gdańsk, VIII Economic Division of the National Court Register; share capital of: PLN 772 800.00; NIP: 5861030703, REGON: 190832322, e-mail address: sekretariat@beditom.pl,contact telephone number: +48 58 667 37 10 - hereinafter referred to as theControllerand being at the same time the Service Provider of the Website.
  3. Personal data in the Website is processed by the Controller in accordance with applicable law, in particular in accordance with the Regulation of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data as well as repealing of Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to inGDPRorGDPR Regulation. Official text of the GDPR Regulation: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX32016R0679.
  4. The use of the Website is voluntary. Likewise, the related provision of personal data by the User using the Website is voluntary, with the proviso that failure to provide, in the cases and to the extent indicated on the Website, in the Terms of Service and in this Privacy Policy, the personal data necessary for the use of a particular Electronic Service shall result in the User's inability to use that Electronic Service. The provision of personal data in such a case may be a contractual requirement (e.g. the creation of an Account) or it may result from the legitimate interests of the Controller (e.g. the handling of a complaint or review of a User's query) and if the data subject wishes to use a specific Electronic Service, he or she is obliged to provide the required data. In each case, the scope of data required to use the Electronic Services is indicated in advance on the Website, in the Terms and Conditions of the Website and in this Privacy Policy.
  5. The Controller exercises due diligence to protect the interests of persons whose personal data is being processed. In particular, the Controller ensures that collected data is: (1) processed in accordance with the law; (2) collected for specified, lawful purposes, and not further processed in a manner incompatible with those purposes; (3) factually correct and adequate to the purposes for which it is processed; (4) stored in a form that allows identification of the data subjects, no longer than necessary to achieve the purpose of processing, and (5) processed in a manner ensuring appropriate security of the data, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage, using appropriate technical or organizational measures.
  6. Having regard to the nature, scope, context, and purposes of the processing and the risk of violation of the rights or freedoms of natural persons of varying probability and seriousness, the Controller shall implement appropriate technical and organisational measures to ensure that the processing is carried out in accordance with the GDPR and to be able to demonstrate this. Those measures shall be reviewed and updated when necessary. The Data Controller shall use technical measures that prevent unauthorised persons from acquiring and modifying data transferred by electronic means.
  7. Any words, expressions, and acronyms used in this privacy policy and starting with a capital letter (e.g. Service Provider, Website, Electronic Service) shall be understood as defined in the Terms and Conditions of the Website available on the Website.

§ 2     THE BASIS OF DATA PROCESSING

  1. The Controller is entitled to process personal data in cases where – and to the extent to which – at least one of the following conditions is met: (1) the data subject has consented to the processing of their personal data for one or more specific purposes ; (2) processing is necessary to perform a contract in which the data subject is a contracting party or to take action at the request of the data subject before the contract conclusion; (3) processing is necessary to fulfil the legal obligation which is incumbent on the Controller; or (4) processing is necessary for purposes arising from legitimate interests pursued by the Controller or by a third party, except for situations where these interests are overridden by interests or fundamental rights and freedoms of the data subject, requiring personal data protection, in particular if the data subject is a child.
  2. Processing of personal data by the Controller always requires the existence of at least one of the bases specified in point 2.1 of the privacy policy. The specific grounds for the Controller's processing of the personal data of Website Users are indicated in the next section of the Privacy Policy – with reference to the specific purpose of the Controller's processing of personal data.

§ 3     PURPOSE, BASIS AND DURATION OF DATA PROCESSING ON THE WEBSITE

  1. In each case, the purpose, basis and period and recipients of the personal data processed by the Controller result from the activities undertaken by the User concerned on the Website.
  2. The Controller may process personal data on the Website for the following purposes, on the following grounds and for the following duration:
    Purpose of data processing Legal basis for processing Data storage period
    The performance of a contract for the provision of an Electronic Service (e.g. an Account) or to take action at the request of the data subject prior to entering into a contract Article 6 sec. 1(b) of the GDPR Regulation (contract) - the processing is necessary for the conclusion and performance of the contract for the provision of an Electronic Service (e.g. an Account) to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract The data shall be stored for the period necessary for the performance, termination or otherwise expiry of the contract concluded with the Controller.
    Direct marketing Article 6 sec. 1(f) of the GDPR Regulation (legitimate interest of the Controller) - the processing is necessary for the purposes of the Controller's legitimate interests - consisting of looking after the interests and good image of the Controller, its Website and seeking to sell BEDITOM Products and provide Electronic Services

    The data is stored for the duration of the legitimate interest pursued by the Data Controller but no longer than for the period of limitation of claims against the data subject, in virtue of the Data Controller's business activity. The limitation period is determined by provisions of the law, in particular of the Civil Code (the basic limitation period is three years for claims connected with the conduct of business activities).

    The Controller may not process data for direct marketing purposes if the data subject has successfully objected to it.
    Marketing

    Article 6 sec. 1(a) of the GDPR Regulation (consent) - the data subject has consented to the processing of their personal data for the purpose of receiving marketing information from the Controller.

     

    		 Data is stored until the data subject withdraws their consent to further processing for this purpose.
    Establishing, asserting or defending claims which the Controller may raise or which may be raised against the Controller (e.g. in connection with a complaint lodged via the RMA Panel or an enquiry sent via the Contact Form)

    Article 6 sec. 1(f) of the GDPR Regulation (legitimate interest of the Controller) - processing is necessary for the purposes of the legitimate interests of the Data Controller - consisting in establishing, pursuing or defending claims that may be raised by the Data Controller or which may be raised against the Data Controller

     

    		 Data is stored for the duration of the Controller's legitimate interest, but no longer than the limitation period for claims that may be asserted against the Controller (the standard limitation period for claims against the Controller is six years).
    Use of the Website and ensuring its proper operation Article 6 sec. 1(f) of the GDPR Regulation (legitimate interest of the Controller) - the processing is necessary for the purposes of the Controller's legitimate interests - consisting of operation and maintenance of the Website

    The data shall be stored for the duration of the legitimate interest pursued by the Controller, but no longer than the period of limitation of the Controller’s claims against the data subject.

    due to the business activity conducted by the Controller. The limitation period is determined by provisions of the law, in particular of the Civil Code (the basic limitation period is three years for claims related to the conduct of business activities).
    Keeping statistics and analysing traffic on the Website Article 6 sec. 1(f) of the GDPR Regulation (legitimate interest of the Controller) - the processing is necessary for the purposes deriving from the Controller's legitimate interests - consisting of statistics and analysis of traffic on the Website in order to improve the functioning of the Website and increase sales of BEDITOM Products and the range of Electronic Services provided The data is stored for the duration of the legitimate interest pursued by the Data Controller but no longer than for the period of limitation of claims against the data subject, in virtue of the Data Controller's business activity. The limitation period is determined by provisions of the law, in particular of the Civil Code (the basic limitation period is three years for claims connected with the conduct of business activities).

     

§ 4     DATA RECIPIENTS OF THE WEBSITE

  1. For the proper functioning of the Website, including the proper provision of Electronic Services by the Controller, it is necessary for the Controller to use the services of external entities (such as a software provider, etc.). The Controller only engages processing service providers who ensure adequate technical and organizational measures to process personal data in compliance with the GDPR and to protect the rights of the data subjects.
  2. Personal data may be transferred by the Controller to a third country, whereby the Controller ensures that in such a case it will be in relation to the country ensuring an adequate level of protection, and in the absence of an appropriate decision confirming an adequate level of protection of that country, at least on the basis of standard data protection clauses – in accordance with the GDPR, and the data subject has the opportunity to obtain a copy of their data. The Data Controller shall provide the collected personal data only if and to the extent necessary to fulfil the respective purpose of the processing in accordance with this privacy policy.
  3. Data is not transferred by the Controller in every case to all recipients or categories of recipients indicated in this privacy policy. The Controller transfers data only when it is necessary to achieve the intended purpose of personal data processing and only to the extent necessary to achieve this goal.
  4. Personal data of Website Users may be communicated to the following recipients or categories of recipients:
    1. carriers / freight forwarders / courier brokers / warehouse and/or shipping process operators – in the case of a User who has made a warranty claim using the RMA Panel, the Controller may make the collected personal data of the User available to the selected carrier, freight forwarder or broker carrying out shipments on behalf of the Controller, and if the shipment is made from an external warehouse - to the warehouse and/or shipping process operator - to the extent necessary to carry out the transport of the claimed Product and to send the Product back to the User after the claim has been performed.
    2. service providers supplying the Controller with technical, IT and organisational solutions enabling the Controller to conduct his/her business activity, including the Website and the Electronic Services provided by means of it (in particular computer software providers for running the Website, e-mail and hosting providers and providers of business management and technical support software to the Controller) - the Controller shall make the collected personal data of the User available to the chosen provider acting on their behalf only in the case and to the extent necessary for the performance of the given purpose of the data processing in compliance with this Privacy Policy.
    3. legal and advisory service providers providing legal or advisory support to the Controller (in particular, law firms) - the Controller may make the collected personal data of the User available to the chosen provider acting on their behalf only in the case and to the extent necessary to achieve the given purpose of the data processing in accordance with this privacy policy, in particular for the purpose of establishing, asserting or defending claims.
    4. the Controller's partner outlets – in the case of a User who uses the Contact Form on the Website to send a message to one of the partner outlets operated by a third party to the Controller, the Controller may make the collected personal data of the User available to the chosen partner only in the case of and to the extent necessary for replying to the User's message.
    5. providers of social plug-ins, scripts and other similar tools placed on the Website that enable the visitor's browser to retrieve content from the providers of said plug-ins (e.g. logging in with social network login details) and to transmit the visitor's personal data to these providers for this purpose, including.
      1. Meta Platforms Ireland Ltd. - the Controller uses Facebook and Instagram social plug-ins on the Website and therefore collects and shares the personal data of the Service Recipient using the Website with Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) to the extent and in accordance with the privacy policy available - in the case of Facebook - here: https://www.facebook.com/about/privacy/ and - for Instagram - here: https://help.instagram.com/519522125107875/?helpref=hc_fnav(these data include information about the activities on the Website - including information about the device, the sites visited, the ads seen and how the services are used - regardless of whether the Service Recipient has a Facebook or Instagram account and is logged into Facebook or Instagram).
      2. LinkedIn Ireland Unlimited Company - the Controller uses social plugins from Linkedin.com on the Website and therefore collects and shares the personal data of the Service Recipient using the Website to LinkedIn Ireland Unlimited Company (Gardner House, 2 Wilton Pl, Saint Peter's, Dublin 2, Ireland) to the extent and in accordance with the privacy policy available here: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footerprivacy-policy (this data includes information about the activities on the Website - including information about the device, the sites visited, purchases made, advertisements displayed and how the Service Recipient use the services - whether or not she/he has an account on Linkedin.com and is logged into it).

§ 5     PROFILING ON THE WEBSITE

  1. The GDPR requires the Controller to inform about automated decision-making, including profiling, referred to in article 22 sec. (1) and (4) of the GDPR, and - at least in such cases - to explain the principles of such decisions as well as their significance and anticipated consequences for the data subject. With this in mind, the Controller provides information on possible profiling in this section of the privacy policy.
  2. The Controller may use profiling for direct marketing purposes on the Website, but the decisions made by the Controller on the basis of this profiling do not concern the conclusion or refusal of a contract with the Controller or the possibility of using Electronic Services on the Website. The effect of using profiling on the Website may be, for example, to remind the User of unfinished activities on the Website, to send a Product proposal that may match their interests or preferences, or to offer better terms and conditions compared to the Controller's standard offer. Despite the profiling, it is the individual who freely decides whether he or she wishes to make use of, for example, an offer from the Controller received in this way.
  3. Profiling on the Website involves the automatic analysis or prediction of a person's behaviour on the Website, e.g. by analysing the previous history of activities on the Website. The condition for such profiling is that the Controller has the personal data of the person in question in order to be able to subsequently send him or her, for example, an offer.
  4. The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects them.
    w podobny sposób istotnie na nią wpływa.

§ 6     RIGHTS OF THE DATA SUBJECT

  1. Right of access, rectification, restriction, erasure or portability – the data subject has the right to request from the Controller access to their personal data, rectification, erasure ("right to be forgotten") or restriction of processing, object to the processing and the right to data portability. Detailed conditions for exercising the aforementioned rights are specified in articles 15–21 of the GDPR.
  2. The right to withdraw consent at any time – the person whose data is processed by the Controller on the basis of consent (pursuant to Art. 6 sec. 1(a) or Art. 9 sec. 2(a) of the GDPR), has the right to withdraw their consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal.
  3. Right to lodge a complaint with a supervisory authority – the person whose data is processed by the Controller has the right to lodge a complaint with a supervisory authority in the manner and mode specified in the provisions of the GDPR Regulation and Polish law, in particular the Polish Personal Data Protection Act. The supervisory authority in Poland is the President of the Personal Data Protection Office.
  4. Right to object – the data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them based on Art. 6 sec. 1(e) (public tasks or interest) or Article 6 sec. 1(f) (legitimate interests of the Controller), including profiling based on these provisions. The Data Controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
  5. Right to object to direct marketing – where personal data is processed for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data concerning them for the purpose of such marketing, including profiling, to the extent that the processing is related to such direct marketing.
  6. In order to exercise the rights referred to in this point of the privacy policy, you can contact the Controller by sending an appropriate message in writing or by e-mail to the Controller's address indicated at the beginning of the privacy policy.

§ 7     COOKIES ON THE WEBSITE AND ANALYTICS

  1. Cookies are small text files sent by a server and stored on the computer of the website visitor's (e.g. on the hard drive of a computer, laptop or smartphone memory card – depending on the device used by the website visitor). Detailed information on Cookies and the history of their creation can be found, among other things, here: https://en.wikipedia.org/wiki/HTTP_cookie.
  2. The Cookies that may be sent by the Website can be divided into different types, according to the following criteria:

    According to their supplier:

    1) their own (created by the Website Controller's site) and

    2) belonging to persons / third parties (other than the Controller)

    According to their period of storage on the device of the Website visitor:

    1) session-based (stored until you log out of the Website or close your web browser) and

    2) permanent (stored for a specified period of time, defined by the parameters of each file or until they are manually deleted)

    According to the purpose of their use::

    1) necessary (to enable the Website to function properly),

    2) functional/preferential (enabling the Website page to be tailored to the visitor's preferences),

    3) analytics and performance (gathering information about the use of the Website),

    4) marketing, advertising and social media (collecting information about a visitor to a Website page in order to display advertisements to that person, personalise them and carry out other marketing activities, including on websites separate from the Website, such as social networking sites or other sites belonging to the same advertising network as the Website)

     
  3. The Controller may process the data contained in Cookies when visitors use the Website for the following specific purposes:
    Purposes for using cookies on the Controller's Website identifying Users as logged in to the Website and show that they are logged in (essential cookies)
    storing data from completed forms, surveys or login data for the Website (essential and/or functional/preference cookies)
    adapting the content of the Website to the individual preferences of the User (e.g. as regards colours, font size, page layout) and optimising the use of the Website's pages (functional/preference cookies)
    keeping anonymous statistics on how the Website is used (analytical and performance cookies)
    displaying and rendering advertisements, to limit the number of times advertisements are displayed and ignoring advertisements which the User does not wish to see, measuring the effectiveness of advertisements, personalising advertisements, i.e. studying the behavioural characteristics of visitors to the Website by analysing their actions in an anonymous form (e.g. repeated visits to specific pages, keywords, etc.) in order to create their profile and to provide them with advertisements tailored to their anticipated interests, also when they visit other websites within the advertising network of Google Ireland Ltd. and Facebook, i.e. Meta Platforms Ireland Ltd. (marketing, advertising and social media cookies)
  4. It is possible to check in the most popular web browsers which Cookies (including the duration of the Cookies and their provider) are being sent at any given time by the Website, as follows:

    In the Chrome browser:

    (1) in the address bar, click on the padlock icon on the left, (2) go to the "Cookies" tab.

    In the Firefox browser:

    (1) in the address bar, click on the shield icon on the left, (2) go to the "Allowed" or "Blocked" tab, (3) click on the box "Inter-site tracking cookies", "Social media tracking elements" or "Content with tracking elements"

    In Internet Explorer:

    (1) click the "Tools" menu, (2) go to the "Internet Options" tab, (3) go to the "General" tab, (4) go to the "Settings" tab, (5) click the "View Files" box

    In Opera browser:

    (1) in the address bar, click on the padlock icon on the left, (2) go to the "Cookies" tab.

    In the Safari browser:

    (1) click on the "Preferences" menu, (2) go to the "Privacy" tab, (3) click on the "Manage site data" box

    		 Irrespective of the browser, using tools available on the website, for example: https://www.cookiemetrix.com/  or:  https://www.cookie-checker.com/
  5. By default, most web browsers available on the market accept the storage of Cookies. Everyone can define the terms of using Cookies via their web browser settings. This means that you can, for example, partially restrict (e.g. temporarily) or completely deactivate the storage of Cookies - in the latter case, however, this may affect certain functionalities of the Website.
  6. The browser settings regarding Cookies are relevant for the consent to the use of Cookies by our Website - in accordance with the regulations, such consent can also be given through the browser settings. Detailed information on changes of settings concerning Cookies and clearing them in the most popular web browsers is available in the help section of each web browser and on the following websites (you only need to click on the selected link):in the Chrome browser

    in the Firefox browser

    in the Internet Explorer browser

    in the Opera browser

    In the Safari browser

    in the Edge browser

  7. The Controller may use the services Google Analytics, Universal Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on the Website. These services help the Controller keep statistics and analyse traffic on the Website. The data collected is processed as part of the above services to generate statistics to help administer the Website and analyse traffic on the Website. The data collected is aggregated. When using the above services on the Website, the Controller collects data such as the sources and medium of acquisition of visitors to the Website and their behaviour on the Website, information on the devices and browsers from which they visit the Website, IP and domain, geographical data and demographic data (age, gender) and interests.
  8. It is possible for a person to easily block the release of information to Google Analytics about their activity on the Website – for this purpose, the user can, for example, install a browser add-on provided by Google Ireland Ltd. and available here: https://tools.google.com/dlpage/gaoptout?hl=en.
  9. In connection with the possibility of the Controller to use advertising and analytical services provided by Google Ireland Ltd. on the Website, the Controller indicates that full information on the principles of processing of data of visitors to the Website (including information stored in cookies) by Google Ireland Ltd. can be found in the privacy policy of Google services available at: https://policies.google.com/technologies/partner-sites.
  10. The Controller may use on the Website the Facebook Pixel service provided by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). This service helps the Controller measure the effectiveness of advertisements and find out what actions are taken by the Website visitors, and display tailored advertisements to those visitors. Detailed information on how the Facebook Pixel works can be found at the following web address: https://www.facebook.com/business/help/742478679120153?helpref=page_content.
  11. You can manage the operation of the Facebook Pixel via the ad settings in your Facebook.com account: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.

§ 8     FINAL PROVISIONS

The Website may contain links to other websites. The Controller encourages users to review the privacy policies established on those websites after navigating to them. This Privacy Policy applies only to the Controller's Website.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.