Privacy Policy

1. General information

This policy applies to the website, functioning at the url: https://www.zpcbaltyk.pl.
The Operator of the service and the Administrator of personal data is: Zakłady Przemysłu Cukierniczego Sp. z o. o. Leona Droszyńskiego 8/11, 80-381 Gdańsk
Operator’s e-mail contact address: admin@zpcbaltyk.pl.
The Operator is the Administrator of your personal data in relation to the data provided voluntarily in the Service.
The Service uses personal data for the following purposes:
Preparation, packaging, goods shipment
Presentation of the offer or informationThe service performs the functions of obtaining information about users and their behaviour in the following way:
By means of data voluntarily entered in the forms, which are entered into the Operator’s systems.
By storing cookies (so-called “cookies”) in the terminal equipment.

2. Selected data protection methods used by the Operator

The places for logging in and entering personal data are protected in the transmission layer (SSL certificate). This ensures that the personal and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
Personal data stored in the database is encrypted in such a way that only the operator who has the key can read it. Thanks to this, the data is protected in case the database is stolen from the server.
The Operator periodically changes his administrative password.
In order to protect the data, the Operator regularly makes security copies.
An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3 Hosting

The service is hosted (technically maintained) on the operator’s server: linuxpl.com
Registration data of the hosting company: nazwa.pl sp. z o.o. Mieczysława Medweckiego 1731-870 Kraków, NIP: 6751402920REGON: 120805512

At https://nazwa.pl you can learn more about hosting and check the privacy policy of the hosting company.
Hosting company:
applies data loss protection measures (e.g. disk arrays, regular security copies),
applies adequate measures to protect processing sites in case of fire (e.g. special extinguishing systems),
applies adequate measures to protect processing systems in the event of a sudden power failure (e.g. dual power lines, generators, UPS backup systems),
applies measures to physically protect access to data processing sites (e.g. access control, monitoring),
applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g. environmental conditions control, specialized air conditioning systems),
applies organisational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.),
has appointed a Data Protection Officer.
In order to ensure technical reliability, the hosting company maintains logs at the server level. The logs may be subject to registration:
resources defined by a URL identifier (addresses of requested resources – pages, files),
time of the inquiry,
time of sending the answer,
client station name – identification implemented by the HTTP protocol,
information about errors that occurred during the execution of HTTP transactions,
the URL of the page previously visited by the user (referer link) – in the case when the access to the Service was made via a link,
information about your browser,
information about the IP address,
Diagnostic information related to the process of self-ordering of services through recorders on the website,
information related to the handling of electronic mail addressed to and sent by the Operator.

4. your rights and additional information about the use of the data

In some situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the Administrator’s obligations. This applies to such groups of recipients:
authorized employees and associates who use the data in order to achieve the purpose of the website
Your personal data is processed by the Administrator no longer than it is necessary to perform the related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
You have the right to request from the Administrator:
access to personal data concerning you,
their corrigenda,
deletions,
processing restrictions,
and data transfer.
You have the right to object to the processing indicated in point 3.3 c) to the processing of personal data in order to exercise legitimate interests pursued by the Administrator, including profiling, but the right of objection will not be exercised if there are valid legitimate grounds for processing, interests, rights and freedoms overriding your interests, in particular to establish, pursue or defend claims.
The Administrator’s actions may be complained about to the President of the Office for Personal Data Protection, Stawki 2, 00-193 Warsaw.
Providing personal data is voluntary, but necessary to operate the Service.
In relation to you, activities consisting in automated decision making, including profiling, may be undertaken in order to provide services under the concluded agreement and in order for the Administrator to conduct direct marketing.
Personal data is not transferred from third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.

5. information in the forms

The Service collects information voluntarily provided by the user, including personal data, if any.
The service may save information about connection parameters (time stamp, IP address).
The service, in some cases, may save information to facilitate linking the data in the form with the e-mail address of the user filling in the form. In this case, the user’s e-mail address appears inside the url of the page containing the form.
The data provided in the form are processed for the purpose resulting from the function of a particular form, e.g. to handle the service request or business contact, register services, etc. Each time, the context and description of the form clearly indicate what it is used for.

6 Administrator’s logs

Information about user behavior on the site may be subject to login. This data is used to administer the service.

7 Important marketing technics

The operator uses statistical analysis of website traffic through Google Analytics (Google Inc., USA). The operator does not pass on personal data to the operator of this service, but only anonymized information. The service is based on the use of cookies on your terminal equipment. In terms of information on user preferences collected by the Google advertising network, the user can view and edit the information resulting from the cookies using the tool: https://www.google.com/ads/preferences/.

8 Information about cookies

The website uses cookies.Cookie files (so-called “cookies”) are IT data, in particular text files, which are stored in the final device of the Website User and are designed to use the Website’s websites. Cookies usually contain the name of the website from which they come from, the time of their storage on the terminal equipment and a unique number.
The entity that places cookies on the User’s terminal equipment and access to them is the Operator of the Service.
Cookies are used for the following purposes:
maintaining the Service User’s session (after logging in), thanks to which the user does not have to re-enter his login and password on each subpage of the Service;
to achieve the objectives specified above in the section “Important marketing techniques”;
The Service uses two basic types of cookies: “session” cookies (session cookies) and “permanent” (persistent cookies). Session” cookies are temporary files that are stored in the User’s terminal device until the User logs out, leaves the website or turns off the software (web browser). “Persistent” cookies are stored in the User’s terminal equipment for the time specified in the parameters of the cookies or until the User removes them.
Software for web browsing (web browser) usually by default allows the storage of cookies in the User’s terminal equipment. Users of the Service can change the settings in this area. The Internet browser allows to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser.
Restrictions on the use of cookies may affect some functionalities available on the Website.
Cookie files placed in the final device of the Website User may also be used by entities cooperating with the Website operator, in particular companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. management of cookies – how to give and withdraw consent in practice?

If you do not want to receive cookies, you can change your browser settings. We reserve that disabling the handling of cookies necessary for authentication processes, security, maintenance of user preferences may make it difficult, and in extreme cases may prevent the use of websites
To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:

• Edge
• Internet Explorer
• Chrome
• Safari
• Firefox
• Opera

Mobile device:

• • Android
  • Safari (iOS)
  • Windows Phone