Privacy Policy www.atsdisplay.com
The Personal Data Controller of the Website available at: ww.atsdisplay.com, hereinafter referred to as the Website, is ATS DISPLAY Sp. z o.o. with its registered office at ul. Boryszewska 22 C, Wiązowna 05-462, entered in the Register of Entrepreneurs maintained by the District Court in Warsaw for the Capital City Warsaw, XIV Commercial Division of the National Court Register, under KRS number: 0000075752, Taxpayer Identification Number (NIP): 5321790563, National Business Registry Number (REGON): 01744535800000, hereinafter referred to as the Personal Data Controller.
The Controller has appointed a Data Protection Officer, who is Konrad Cioczek. All enquiries, requests, complaints regarding the processing of personal data by the Personal Data Controller, hereinafter referred to as Submissions, should be addressed to the following e-mail address IOD: info@masurialiving.com or in writing to the following address : ul. Boryszewska 22 C, Wiązowna 05-462. In the content of the submission, it is necessary to clearly indicate:
the data of the person or persons concerned by the Submission;
the event that gives rise to the Submission;
your request and the legal basis for these requests;
the way in which the case is expected to be handled.
Our Website collects the following personal data:
imię i nazwisko – may be processed when, as users of our Website, you provide them to us via e-mail, by telephone, or via the contact form available on our Website,
telephone number – may be processed in the event of telephone contact from your side and also when you provide it to us via email or the contact form available on our Website,
residential/correspondence address – is essential for the proper dispatch of ordered products or other items,
email address – may be processed when, as users of our Website, you provide it to us in the event of contact via email, the contact form available on our Website, or during telephone contact,
IP address of the device and potential personal data contained in Cookies – information derived from general Internet connection principles, such as IP address (and other information contained in system logs), is used for technical and statistical purposes, including in particular the collection of general demographic information (e.g. region from which the connection is made) This type of data is also used for marketing and analytical purposes if consent is given under Art. 173(1) of the Telecommunications Law,
TIN and company name – the data necessary for issuing any invoices and other documents relating to the use of our Website,
possibly other data may be collected in the framework of the handling of specific cases or may be provided by you as users of our Website via email, the contact form available on the Website, traditional mail, or during a phone call.
Every person using our Website has the option to choose whether and to what extent they want to use our services and share information and data about themselves, within the scope defined by this Privacy Policy.
We process your personal data for the following purposes:
to conclude and perform agreements in connection with the services we offer (Article 6(1)(b) of the GDPR) – in this respect, data will cease to be processed once the respective agreement has been fulfilled,
to maintain an individual user account (Article 6(1)(b) of the GDPR) – in this respect, personal data will cease to be processed when the user deletes the account,
to fulfil legal obligations incumbent on the Personal Data Controller, in particular record-keeping, issuing invoices, etc. (Article 6(1)(c) of the GDPR) – in this respect, the personal data will be deleted once certain legal obligations have been fulfilled,
to direct marketing content related to the Controller in connection with the use of Cookies (Art. 6(1)(f) of the GDPR in connection with Art. 173(1) of the Telecommunications Law) – in this scope, personal data will cease to be processed in the event of the expiration of the Cookie, deletion of Cookies, or respectively at the end of a given session,
to operate the website (Art. 6(1)(f) of the GDPR in conjunction with Art. 173(1) of the Telecommunications Law) – in this scope, personal data will cease to be processed in the event of the expiration of the Cookie, deletion of Cookies, or respectively at the end of a given session.
ongoing communication related to the operation of the Website (Article 6(1)(f) of the GDPR, i.e. the legitimate interest of the Personal Data Controller) – in this regard, your personal data will cease to be processed when a given question or questions are answered,
to establish, assert or defend against claims (Article 6(1)(f) of the GDPR, i.e. the legitimate interest of the Personal Data Controller) – in this respect, personal data will be deleted when the claims concerned expire, however, as a general rule after the expiry of the 3-year limitation period for claims.
The source of the Personal Data processed by the Controller is you, i.e. the data subjects.
In case there is the “Like!” button or other social media links to the Controller’s social media accounts or external websites, there is a joint controllership relationship between the Controller of this Website and the controller of the external website. Joint administration is limited to data only to the extent necessary for operations relating to the functioning of a given button. The Controller is not responsible for the policy on further processing of personal data of other entities and organisations or social network providers. Our Controller within this Website is Google Ireland Ltd. (Google Maps) with its registered office at: Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland.
The Data Controller utilizes tools of Google Ireland Ltd (Google Analytics, Google Maps, Google Ads, Google DoubleClick). As a general rule, the data processed when using these tools are processed on servers within the EEA. However, the entity providing these tools may be obliged to transfer data to third parties if such an obligation is imposed on it by law or due to the nature of the services provided (SaaS, hosting, etc.). The scope of personal data transferred in this regard relates exclusively to potential personal data contained in Cookies. The legal bases for processing personal data indicated in the preceding sentence are specified in clause 5 (d) and (e) of this Policy. The transfer of personal data to the United States takes place based on the European Commission’s Decision of 10.07.2023 on ensuring an adequate level of protection by the EU-US Data Protection Framework (Art. 45(1) of the GDPR). Our data importer, i.e., Google LLC meets the criteria of the decision and participates in the Data Protection Framework program, is listed at: https://www.dataprivacyframework.gov/s/participant-search. Google Ireland Ltd. may also transfer data to third countries – other than the USA, based on the Standard Contractual Clauses adopted by this entity.
We do not share any personal data with third parties without the express consent of the data subject. Without the consent of the data subject, personal data may only be disclosed to public law entities, i.e. authorities and administrations (e.g. tax authorities, law enforcement authorities and other entities authorised by generally applicable laws).
Personal data may be outsourced for processing to entities that process such data on our behalf as the Personal Data Controller. In such a situation, as the Personal Data Controller, we enter into an outsourcing agreement with the processor for the processing of personal data. The processor processes the outsourced personal data only for the needs, to the extent and for the purposes indicated in the outsourcing agreement referred to in the preceding sentence. Without outsourcing your personal data for processing, we would not be able to carry out our activities on the Website or deliver shipments of ordered Products to you. As the Personal Data Controller, we outsource the processing of personal data in particular to the following entities:
providing hosting services for the website on which our Website operates,
providing marketing tools for websites,
managing and providing CRM-type tools.
Personal data is not subject to profiling by us as the Personal Data Controller within the meaning of the GDPR.
In accordance with the provisions of the GDPR, every person whose personal data we process as a Personal Data Controller has the right to:
access personal data, as referred to in Article 15 of the GDPR,
be informed about the processing of personal data, as referred to in Article 12 of the GDPR,
correct, supplement, update, rectify personal data, as referred to in Article 16 of the GDPR,
withdraw consent at any time, as referred to in Article 7(3) of the GDPR,
erasure (be forgotten), as referred to in Article 17 of the GDPR,
restrict processing, as referred to in Article 18 of the GDPR,
data portability, as referred to in Article 20 of the GDPR,
object to processing of personal data, as referred to in Article 21 of the GDPR,
in the case of a legal basis in the form of consent, the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal,
not to be subject to profiling, as referred to in Article 22 in conjunction with Article 4(4) of the GDPR,
complain to the supervisory authority (i.e. the President of the Office for the Protection of Personal Data), as referred to in Article 77 of the GDPR.
If you wish to exercise your rights referred to in the preceding clause, please send a message by email to the email address or in writing to the postal address referred to in clause 2 above.
Each identified incident of security breach will be documented and, in the event of one of the situations set out in the provisions of the GDPR or the Act, the data subjects and, if applicable, the President of the Personal Data Protection Office will be informed of such breach of data protection legislation.
The Cookie Policy is a separate document available at: https://atsdisplay.com/en/cookie-policy-www-atsdisplay-com/
In matters not regulated by this Privacy Policy, the relevant provisions of common law apply accordingly. In the event of any inconsistency between the provisions of this Privacy Policy and the aforementioned regulations, the regulations take precedence.