In connection with the implementation of the requirements of Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation “GDPR”), we inform you about the principles of processing your personal data collected when using the website https://www.smp.agro.pl/
We make every effort to provide all possible means of physical, technical and organisational protection of personal data against its accidental or deliberate destruction, accidental loss, change, unauthorized disclosure, use or access, in accordance with all applicable laws.
Administrator – SMP Agro sp. z o.o. Komorniki 44, 63-004 Tulce, KRS: 0000924737, NIP: 7792415216, REGON: 302497780.
Cookies – means information data, in particular small text files, recorded and stored on devices through which the User uses the webpages of the Website.
Administrator Cookies – means Cookies placed by the Administrator, related to the provision of electronically supplied services by the Administrator through the Website.
External Cookies – means Cookies placed by the partners of the Administrator through the webpage of the Website.
Website – means a webpage or an application under which the Administrator runs a website operating under the domain https://www.smp.agro.pl/
Device – means an electronic device through which the User gains access to the Website.
User – means an entity for whom, pursuant to the Regulations and legal provisions, services by electronic means may be provided or with whom the Agreement for the provision of services by electronic means may be concluded.
- When using the webpage we may process the users’ personal data, such as:
- name and surname – in order to use the services of our Website you will be asked to provide your name and surname so that we can provide the services and that we have the opportunity to contact you,
- e-mail address – via e-mail address we send you confirmation of the services that you will use within the Website and we contact you if there is such a need related to the services provided,
- phone number – to discuss the details of the cooperation,
- IP address of the device – information resulting from the general principles of connections realized in the Internet such as IP address (and other information contained in system logs) are used by the administrator of the Website for technical purposes. IP addresses may be used for statistical purposes, including in particular for collecting general demographic information (e.g. about the region from where the connection is made).
- Personal data are processed in order to:
- create compilations, statistics and analysis for internal purposes of the Administrator;
- send marketing content – until raising an objection;
- present an offer, leading to the conclusion of a contract;
- reply to the messages of the website users;
- The legal basis for the processing of personal data by the Administrator is:
- Article 6 paragraph 1 letter a of GDPR that is obtained consent to the processing of personal data;
- Article 6 paragraph 1 letter b of GDPR that is the performance of a contract or the taking of the steps at the requests prior to the entering into a contract;
- Article 6 paragraph 1 letter c of GDPR that is the fulfilment of a legal obligation imposed on the Administrator;
- Article 6 paragraph 1 letter f of GDPR that is the legitimate interest of the Administrator.
With whom do we share the data?
- Personal data are processed by employees and co-workers of the Administrator on the basis of authorisation granted. Each person who was authorised for the processing of personal data was acquainted with the principles of personal data protection and undertook to maintain confidentiality of the information provided.
- Personal data may be entrusted to an external entity who supports the Administrator in the achievement of the purposes of processing, inter alia marketing service, handling e-mail, hosting, IT, administrative support, legal and advisory service.
- The Administrator uses the services of only professional entities who guarantee the performance of the services at the highest level and ensure the security of entrusted information.
- The Administrator entrusts personal data to the Processor on the basis of an agreement of entrusting personal data, in accordance with Article 28 of GDPR. The Processor processes personal data only to the extent and for the purpose indicated in the agreement.
The principles and duration of personal data processing
- The User’s personal data will be processed until withdrawal of consent or in connection with the business activity conducted by the Administrator until the time specified in the law or the achievement of the purposes of processing.
- In accordance with the provisions of GDPR every person whose personal data are processed by the Administrator has the right to:
- be informed about the processing of personal data referred to in Article 12 of GDPR
– the Administrator is obliged to provide you, as persons whose data will be processed, the information specified in GDPR (inter alia about its data, the contact details of the DPO, the purposes and legal basis for the processing of personal data, the recipients or categories of recipients of the personal data, if any or about the period for which the personal data will be processed or criteria used to determine that period); this obligation should be fulfilled at the time when the data are collected (that is e.g. when a customer places an order in an online store), and where data are not obtained from the data subject, but from another source – within a reasonable period, depending on circumstances; the Administrator may refrain from providing this information if the data subject already has it,
- access to your personal data referred to in Article 15 of GDPR – by providing us with personal data you have the right to obtain insight and access to them; this does not mean, however, that you have the right of access to all documents on which your data appear, as they may contain confidential information; however, you have the right to information about what data about you and for what purpose do we process and the right to obtain a copy of your personal data, whereby the first copy we issue for free, and for every further one, according to the provisions of GDPR, we charge an appropriate administrative fee corresponding to the costs of making a copy,
- correct, supplement, update and rectify personal data referred to in Article 16 of GDPR – if your personal data changed please inform us as the Personal Data Administrator about this fact so that the data we have are consistent with the actual state and current; also in a situation where there was no change of personal data, but for any reason the date is incorrect or were recorded incorrectly (e.g. as a result of writing mistake) please inform us in order to correct or rectify such data,
- erasure (right to be forgotten) referred to in Article 17 of GDPR – in other words you have the right to request “deletion” of data that we have as the Personal Data Administrator and the right to ask us as the Personal Data Administrator to inform the other administrators to whom we transferred your data about the necessity to delete them. You may request the erasure of your personal data especially when:
- the purposes for which the personal data were collected were achieved, e.g. we completed the sales contract concluded with you in its entirety,
- the basis for the processing of your personal data was only consent which was then withdrawn and there are no other legal grounds for further processing of your personal data,
- you raised an objection on the basis of Article 21 of GDPR and you believe that there are no other overriding legal grounds for the further processing of your personal data,
- your personal data were unlawfully processed i.e. for unlawful purposes or without any basis for the processing of personal data – please remember that in such a case you must have a basis for your request,
- the need to erase your personal data results from the provisions of law,
- the personal data relates to a minor and were collected in relation to the provision of information society services,
- restriction of processing referred to in Article 18 of GDPR – you can contact our company with a request to limit the processing of your personal data (what would be that until the matter is resolved our company would primarily only store it), if:
- you contest the accuracy of your personal data, or
- you believe that we process your data without a legal basis but at the same time you do not want us to delete this personal data (i.e. you do not use the right referred to in the preceding letter),
- you filed an objection referred to in letter g of this point, or
- your personal data are required for the establishment, exercise or defence of legal claims e.g. in court,
- data portability referred to in Article 20 of GDPR – you have the right to obtain your data in a format which enables reading this data on a computer and the right to transmit those data in such a format to another administrator; you are entitled to this right only if the basis for the processing of your data was consent,
- object to processing of the personal data, as referred to in Article 21 of GDPR – you have the right to raise an objection if you do not consent to our processing of the personal data that we processed so far for legitimate purposes compliant with the law; in particular the right to object is granted for the processing of your personal data for direct marketing purposes (e.g. a newsletter subscription),
- not to be subject to profiling referred to in Article 22 in connection with Article 4 point 4 of GDPR – on our Website you will not be subject to automated decision-making or profiling within the meaning of GDPR, unless you consent to it; additionally, we will always inform you about profiling, if it were to take place,
- lodge a complaint with a supervisory authority (that is to the President of the Personal Data Protection Office) referred to in Article 77 of GDPR – if you consider that we process your personal data unlawfully or in any way we violate the rights resulting from the generally applicable provisions of law concerning personal data protection.
- With regard to the right to erasure (right to be forgotten) we would like to point out that in accordance with the provisions of GDPR you do not have right to exercise this right if:
- the processing of your personal data is necessary for exercising the right of freedom of expression and information e.g. if you posted your data on the blog, in the comment etc.,
- the processing of the personal data is necessary for compliance with legal obligations resulting from the provisions by our company – we cannot delete your data for the period necessary to comply with obligations (e.g. tax), which impose on us the provisions of law,
- the processing of your personal data is carried out to the needs of the exercise, establishment or defence of legal claims.
The transfer of personal data outside the UE
The Administrator may use tools of entities who have their registered offices outside the European Economic Area (hereinafter: EEA) or who may store data outside the EEA. Personal data will not be transferred to international organisations. The Administrator will use all legally available protection measures to secure the transfer of this data. The transfer of data outside the EEA may take place on the basis of the exemptions provided for in Article 49 of GDPR, where the conditions set out in that Article are applicable. Information on the security measures applied and the scope of data transferred outside the EEA can be obtained by contacting the Administrator or the DPO.
The User’s personal data will not be processed in an automated manner, including in the form of profiling, i.e. no decisions having legal effects on the person or similarly significantly affecting him or her will not be based solely on automatic processing of personal data and will not be associated with such an automatically made decision.
Types of Cookies used
Cookies used by the Administrator are safe for the User’s Device. In particular it is not possible for viruses or other unwanted software or malicious software to get into the User’s Devices this way. The files make it possible to identify the software used by the User and adjust the Website individually to each User. Cookies usually contain the name of the domain they come from, time of their storage on the Device and the assigned value.
The Administrator uses two types of cookie files:
- Session cookies: are stored on the User’s Device and remain there until the end of the browser session. Any information saved is then permanently deleted from the Device’s memory. The session cookies mechanism does not allow the collection of any personal data or any confidential information from the User’s Device.
- Persistent cookies: are stored on the User’s device and remain there until they are deleted. The end of the session of particular browser or turning off the Device does not cause their removal from the User’s Device. The persistent cookies mechanism does not allow the collection of any personal data or any confidential information from the User’s Device.
Within the Website the following types of cookie files are used:
- “essential” cookie files, enabling the use of the services available within the Website, e.g. authentication cookies files used for services which require authentication within the Website;
- cookie files to ensure security, e.g. used to detect abuse in the scope of authentication within the Website;
- “performance” cookie files allowing for collecting information about the way in which the webpages of the Website are used;
- “functional” cookie files allowing for “remembering” the settings chosen by the User and the personalization of the User’s interface, e.g. in terms of the chosen language or region the User comes from, the font size, website layout etc.;
In many cases a software used to browse the webpages (web browser) by default allows for storing cookie files on the User’s terminal device. The Website Users can make change the settings concerning cookie files at any time. These settings can be changed in particular in such a way to block the automatic handling of cookie files in the web browser settings or to inform about each placing them on the device of the Website User. Detailed information about the possibilities and ways of handling cookie files are available in the software settings (web browser).
Purposes for which Cookies are used
The Administrator uses Own Cookies for the following purposes:
- Configuration of the website customizing the content of the webpages of the Website to the User’s preferences and optimising the use of the webpages of the Website;
- recognizing the device of the Website User and its location and properly display of the webpage, tailored to his individual needs;
- remembering the settings chosen by the User and the personalization of the User’s interface, e.g. in terms of the chosen language or region the User comes from;
- saving history of visited pages in the website in order to recommend content; the font size, website layout etc.;
- the correct configuration of chosen functions of the Website, allowing in particular for the verification of the authentication of browser session.
- optimize and improve the performance of services provided for the Administrator.
- Execution of processes necessary for full functionality of the webpages customization of the content of the webpages of the Website to the User’s preferences and optimising the use of the webpages of the Website. In particular these files allow for recognizing the basic parameters of the User’s device and properly display of the webpage, tailored to his individual needs;
- the correct handling of the partner program, allowing in particular for verification of sources of redirecting Users to the webpages of the Website.
- Remembering the location of the User the correct configuration of chosen functions of the Website, allowing in particular for tailoring the provided information to the User, including his location.
- Analysis and research as well as audit audience creating anonymous statistics which help to understand in what way the Website Users use the webpages of the Website, which allows improving their structure and content;
- Ensuring the safety and reliability of the website.
Possibilities of determining the conditions for storage or gaining access by Cookies:
The User may independently and at any time change the settings concerning Cookie files, specifying the conditions for their storage and gaining access to the User’s Device by Cookie files. Changes to the settings referred to in the previous sentence can be made by the User using the web browser settings or by using the service configuration. These settings can be changed in particular in such a way to block the automatic handling of cookie files in the web browser settings or to inform about each placing of Cookies on the User’s device. Detailed information about the possibilities and ways of handling cookie files are available in the software settings (web browser).
Cookie files placed on the Website User’s terminal device may also be used by partners cooperating with the operator.
The User may at any time delete cookie files by using the functions available in the web browser he uses.
Restricting the use of cookie files may affect some of the functionalities available on the webpage of the Website.
See how to disable the cookies mechanism:
- The Administrator reserves the right to withdraw or change the content presented without prior notice. The Administrator is not responsible if, for any reasons beyond the control of the Administrator, the Webpage is unavailable at any time or for any period.
- The Administrator reserves the right to occasionally restrict access to certain parts of the Webpage in connection with a maintenance work or the update of the Webpage.
- the Act of 23 April 1964 – Civil Code,
- the Act of 18 July 2002 on the provision of electronic services (hereinafter: UŚUDE),
- the Act of 10 May 2018 on the protection of personal data,