Privacy Policy

§1 General provisions

The administrator of the personal data of the users of the website located under the domain of www.stalflex.pl is Stalflex Sp. z o.o. with its registered office in Tomaszów Mazowiecki (registered office and delivery address: ul. Piaskowa 134A, 97-200 Tomaszów Mazowiecki), entered in the Register of Entrepreneurs of the National Court Register under the KRS number 0000537685; District Court in Łódź, XX Economic Division of the National Court Register; share capital in the amount of: PLN 1,270,000.00; NIP: 7732475752; REGON: 360667640 (hereinafter: "Administrator").

Contact with the Administrator is possible at the e-mail address: bok@stalflex.pl and telephone number: +48 575 777 254.

This Privacy Policy sets out the rules for the processing of personal data collected by the Administrator through the website and in connection with the performance of contracts entered into outside the website. This policy is intended to guarantee the security of personal data and protect the privacy of users.

The Administrator reserves the right to amend the Privacy Policy in the event of changes in the law, development of Internet technologies, or changes in the ways in which the Administrator provides services. The amended Policy will be published on the website, and in case of significant changes, users will be informed by e-mail.

§2 Scope and purposes of personal data processing

Users' personal data shall be processed in accordance with the General Data Protection Regulation (RODO), the Personal Data Protection Act and other applicable laws. The Administrator shall ensure that data processing is carried out in accordance with the principles of legality, reliability, transparency and confidentiality.

Scope of processed personal data:

  • Identification data: name, surname, residential address, telephone number, e-mail address.

  • Contact data: telephone number, e-mail address.

  • Transaction data: order information, delivery address, bank account number.

  • Business data: company name, TIN, REGON (for entrepreneurs).

Purposes of personal data processing:

  1. Implementation of the sales contract: Personal data is processed for the purpose of entering into and executing the sales contract, including order processing, delivery of goods and handling complaints.

  2. Handling inquiries and customer contact: Data is processed to respond to inquiries sent via contact forms and to provide ongoing customer service.

  3. Fulfilling legal obligations: The administrator processes personal data to fulfill legal obligations under the law, including accounting and tax obligations.

  4. Direct marketing: With the user's consent, personal data may be processed to send commercial information, promotions and offers tailored to the user's preferences.

  5. Statistical analysis: Data may be processed for the purpose of conducting analysis and statistics that help improve the functioning of the website and the services provided.

  6. Determination, investigation or defense of claims: Data may be processed to establish, assert or defend against claims arising from the performance of a contract.

Data retention period:

Personal data are stored for the period necessary to fulfill the purposes for which they were collected, or for the period specified by law. Data processed on the basis of consent are kept until the consent is withdrawn.

§3 Users' rights

Users whose data is processed by the Administrator have the following rights:

  1. Right of access to personal data: The user has the right to obtain information about what data is processed, for what purpose and by whom.

  2. Right to rectification of data: The user has the right to correct his/her data if it is incorrect or outdated.

  3. Right to erasure of data: The user may request the deletion of his or her data if it is no longer necessary for the purposes for which it was collected, or if he or she has withdrawn consent to its processing.

  4. Right to limit processing: The user may request restriction of the processing of his/her data in certain cases, such as when he/she questions the accuracy of the data.

  5. Right to data portability: You have the right to receive your data in a format that allows you to transfer it to another controller.

  6. Right to object: The user has the right to object to the processing of data for direct marketing or other legitimate interests of the Administrator.

  7. Right to withdraw consent: The User has the right to withdraw consent to data processing at any time, without affecting the lawfulness of processing carried out before its withdrawal.

  8. Right to lodge a complaint: The user has the right to lodge a complaint to the supervisory authority, which in Poland is the President of the Office for Personal Data Protection, if he/she considers that the processing of his/her personal data violates the law.

In order to exercise the above rights, the user may contact the Administrator via e-mail: bok@stalflex.pl or by phone: +48 575 777 254.

§4 Sharing personal data

The Administrator ensures that all collected personal data of the users are processed in accordance with applicable laws and are not shared with third parties without the user's consent, unless:

  1. This is required by the implementation of the contract: Data may be shared with business partners, such as courier companies, payment operators, IT service providers, in order to process orders, payments and deliveries.

  2. This is required bya legal obligation: Data may be shared with public authorities if such an obligation is required by law.

  3. This is necessary to protect the rights of the Administrator: Data may be shared with law firms, debt collection companies, in the event of the assertion of claims or defense against claims.

Personal data may also be transferred to entities that process data on behalf of the Administrator, in particular IT service providers with whom the Administrator has entered into contracts for entrustment of personal data processing. The transfer of personal data to third parties always respects the principle of data minimization.

§5 Data security

The Administrator shall apply appropriate technical and organizational measures to ensure the security of processed personal data, in particular to protect it against unauthorized access, loss, destruction or damage.

Only authorized persons, who are obliged to keep the data confidential, have access to personal data. The Administrator regularly monitors its security systems in order to protect users' personal data from the dangers of online data processing.

§6 Final Provisions

This Privacy Policy enters into force on 27.08.2024.The Administrator reserves the right to make changes to the Privacy Policy, of which users will be informed via the website. Use of the website after the introduction of changes implies the user's acceptance of them.

In matters not covered by this Privacy Policy, the provisions of Polish law, including RODO and the Personal Data Protection Act shall apply.

If users have any questions about this Privacy Policy or the processing of personal data, they may contact the Administrator at: bok@stalflex.pl or telephone number: +48 575 777 254.