§ 1. Privacy protection standard
- As the personal data administrator, Labo Print S.A. based in Poznań, Szczawnicka 1 (hereinafter “Administrator”), which can be contacted through the e-mail address: firstname.lastname@example.org, pays considerable attention to the protection of privacy and confidentiality of the personal data entered in the electronic forms of the internet service available under the domain www.labelexpress.eu (hereinafter “LE”) by Clients.
- Administrator diligently selects and applies appropriate technical and organisational measures to ensure protection of the processed personal data. Only individuals appropriately authorised by the Administrator have full access to the databases.
§ 2. Grounds for personal data processing
- The personal data is processed by the Administrator in accordance with provisions of the law, specifically in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - GDPR) for the following purposes:
Conclusion of the agreement is conditioned by provision of data for purposes of performing the agreement for provision of the services specified in the LE Terms and Conditions. The Client undertakes to provide said data. If the Client fails to do so, conclusion of the agreement and performance of the services will not be possible. Provision of personal data in order to take advantage of the newsletter service is strictly voluntary.
The Administrator may process the data of individuals provided by the Clients for purposes of taking advantage of the Administrator’s services. By submitting consent of the third-party individuals in every instance, the Client declares appropriate consent of said individuals to provide their data to the Administrator.
- a) performing the agreement for provision of the services specified in the LE Terms and Conditions (in accordance with GDPR art. 6 section 1 letter b);
- b) fulfilling the legal responsibility of the Administrator;
- c) marketing own products or services, including personalised ones (in accordance with GDPR art. 6 section 1 letter f);
- d) pursuing or securing claims (in accordance with GDPR art. 6 section 1 letter f);
- e) taking advantage of the newsletter service in accordance with the provided consent (GDPR art. 6 section 1 letter a).
§ 3. Personal data collection
- In order to register a LE account, the Client must provide the data specified in art. 2 section 2 of the LE Terms and Conditions.
- In order to shop at LE, the Client must provide the data specified in art. 3 section 16 of the LE Terms and Conditions.
§ 4. Personal data processing range
- The data provided by the Client is used to provide Clients information about the Administrator and the Administrator’s services, performance of the services provided by the Administrator, and for statistical purposes.
- The personal data of individuals submitted by Clients who declined the received invitation to take part in LE is processed by the Administrator for purposes associated with handling the process about the services offered by the Administrator, including verification of individuals who declined the received invitation.
- If the Administrator receives personal data through means other than provided by the holder of said data, the Administrator shall attempt to fulfil the secondary information responsibility in accordance with GDPR art. 14.
- Whenever the Clients take part in contests organised by the Administrator, the contact information of said Clients is used for purposes of effective performance of said contest, e.g. to notify of victory.
- The Administrator uses the IP addresses collected from online connections for technical purposes associated with server administration. Furthermore, the IP addresses are used to collect general statistical demographic information (e.g. about the region from which the connection is made).
§ 5. Personal data processing control
- All Clients whose personal data is processed by the Administrator are authorised to access, correct, remove, and transfer it, restrict its processing, object towards data processing based on a legitimate interest of the Administrator or towards processing for purposes of direct marketing, revoke consent at any time with no effect on conformity with the processing right (if the processing is consent-based) executed based on consent. The Client undertakes to provide complete, valid, and true data.
- Taking advantage of the rights specified above in section 1 is subject to sending an appropriate request to the e-mail address email@example.com Saud request must include the Client’s full name and e-mail address.
- The Client may request removal of the Client’s personal data at any time. In such instances, the Administrator shall cease processing of the personal data in question and remove it as long as further processing is not required in accordance with provisions of the law.
- If the individuals whose personal data is processed by the Administrator believe that said processing stands in violation of the provisions of GDPR, they are entitled to file a complaint to the supervisory authority.
§ 6. Personal data disclosure
The data of Clients may be disclosed to entities authorised to receive them under the power of effective provisions of the law, including appropriate judiciary authorities. The personal data may be disclosed to entities commissioned to process it, i.e. carriers, postal services, accounting entity, partners providing technical services (developing and maintaining IT systems and websites). The personal data will not be disclosed to third-party countries/international organisations.
§ 7. Other information concerning personal data processing
- The personal data processed for purposes of performing the agreement for provision of the services specified in the LE Terms and Conditions and fulfilling the legal responsibility of the Administrator shall be archived throughout the effectiveness of the agreement and following its expiration for the time required for the following:
The personal data processed for purposes of marketing own products or services based on a legitimate legal interest shall be processed until an objection is presented by the individual associated with said data.
The personal data processed under separate consent shall be archived until said consent is revoked.
The Administrator shall not process the personal data automatically.
- a) post-sale support (e.g. handling complaints);
- b) pursuing or securing claims;
- c) fulfilling the legal responsibility of the Administrator (e.g. responsibility resulting from tax and accounting provisions).
§ 8. Cookies information
- The information collected with cookies allows for customisation of the services and content to meet the individual needs and preferences of the Clients and is used for purposes of general statistics concerning use of LE by Clients.
- The personal data collected with cookies is collected only for performance of specific functions for the benefit of the Clients and is encrypted in a way preventing unauthorised access.
- In general, the Administrator uses two types of cookies – “session cookies” and “persistent cookies”:
The software used for browsing websites (web browser) is usually set by default to permit storage of cookies on the Client’s end device. LE Clients can change these settings. The web browser provides the option of deleting cookies. It is also possible to block cookies automatically. For detailed information, see the help file or documentation of the web browser.
Cookies restrictions may affect certain functions available on the web pages of LE.
The cookies used by partners of the website operator, specifically the Clients of the website, are subject to their own privacy policies.
- a) session cookies are temporary files, which remain on the Client’s device until the Client logs out, leaves the website, or turns off the software (internet browser);
- b) persistent cookies are files, which remain on the Client’s device for the time specified in cookie settings or until they are deleted manually by the Client.