WEBSITE PRIVACY POLICY

Introduction

Oknoplast Sp. z o.o. with its registered office in Ochmanów attaches great importance to protecting the privacy of all persons whose data we process in connection with our business activities.

In this document (“Privacy Policy”) we would like to provide you with the most important information related to the processing of personal data of:

  • those who contact us and visit our website or our social media;
  • persons who conclude contracts with our business partners or are interested in our products;
  • representatives and employees of our business partners or contractors,

We are committed to ensuring that the information provided to you complies with the transparency requirements set out in the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). The above-mentioned legal act will be hereinafter referred to using the abbreviation “GDPR”. If you have any objections regarding the form or readability of the Privacy Policy, we encourage you to contact us and submit comments.

Personal Data Controller

The Controller of your personal data is Oknoplast Sp. z o.o. with its registered office in Ochmanów, Ochmanów 117, 32-003 Podłęże (hereinafter: “we”, “Controller”, or “Oknoplast”).

Contact

Contact with us is possible:

  • electronically via e-mail at: biuro@oknoplast.com.pl
  • in the form of traditional correspondence sent to the following address: Oknoplast Sp. z o.o., Ochmanów 117, 32-003 Podłęże

In matters relating to the processing of personal data, please contact us at the following e-mail address: privacy@oknoplast.com

What personal data do we process?

Website and Social Media Profiles

In connection with your use of the Website, we collect data to the extent necessary to provide particular services offered, as well as information about your activity on the Website.

Examples:

  • If you use the contact form, we collect information about your name, surname, contact details and the content of your request.
  • If you navigate on our Website, we collect information stored in cookies or system logs, as well as about the time spent on the Website and about interactions with the posted content.

As part of the operation of our Social Media Profiles, we collect information about your activity on a specific website in connection with our Website or company Profile (e.g. clicks on “Like”, published posts, comments, messages sent via internal messengers).

Functioning of the Distribution Network

In connection with the functioning of our distribution network, we collect and process data of persons who have concluded an agreement with our trading partners in relation with Oknoplast products or are interested in our products and have contacted a chosen trading partner for this purpose.

As part of our distribution network, we collect information in the form of: contact details, information about the subject matter of the agreement and the deadline for its execution, information about delivery or installation details, information related to performance of the agreement or service of a potential customer in connection with a request for an offer related to our products.

Moreover, as part of our efforts to monitor the quality of service provided to our customers, we collect and process information provided in surveys regarding the level of satisfaction with the performance of the agreement by our business partner.

Business Cooperation

As part of our business cooperation, we collect and process personal data of entrepreneurs who are our business partners, as well as personal data of the representatives or employees of those business partners who operate in the form of companies (including trading partners operating within our distribution network) or entities interested in such cooperation. The scope of data collected depends on the type of cooperation. Typically, we collect basic information such as: contact details, information about the business, information about the place of employment/represented entity, information related to exchanged correspondence, as well as regarding the conclusion and performance of the agreement.

Cookies and Similar Technology

Our websites use cookies. You can read more about cookies and the rules of using them in the Cookies Policy

Sources of Origin of Personal Data

In cases where we do not collect personal data directly from you we obtain it:

  • from our trading partners with whom you conclude agreements related to the Oknoplast brand products;
  • in the cases of B2B cooperation – from publicly available sources such as: pages of the Polish Central Registration and Information on Business, websites, other publicly available registers;
  • from your representatives or agents, if they contact us on your behalf.

Purposes and Basis for the Processing of Personal Data

We process your personal data for various purposes and on different legal bases, which we describe below:

Processing of data as part of running a Website

  1. Provision of on-line services. We process your data in order to provide you with electronic services within the scope of individual functionalities and content on the Website. In this case, the basis for data processing is its necessity for performance of the agreement and the provision of electronic services (Article 6(1)(b) of GDPR).
  2. Marketing. Your personal data is used for marketing purposes. Based on cookies, if you have given your consent thereto, we may adapt the content to your preferences and expectations. Using such technology, we do profiling of our users – we analyse and assess what content you may be interested in and display relevant advertisements on our Website. If you have given us a separate consent for marketing communication, we will also send you specific commercial content about Oknoplast products and services (e.g. newsletter, information about new products, interesting promotions), including content tailored to your preferences. The legal basis for activities undertaken for marketing purposes is the legitimate interest of Oknoplast (Article 6(1)(f) of the GDPR).
  3. Conducting analyses, keeping statistics, and testing the quality of service. Your personal data is used for analytical and statistical purposes, which consist in carrying out analyses of the activity of visitors to the website and their preferences regarding the functionalities and content offered. In order to test the quality of services offered by Oknoplast, we may use your contact details to obtain information about the level of satisfaction with the quality of our services (e.g. by displaying or sending you satisfaction surveys). When processing personal data for these purposes, we are able to continuously improve the quality of our services and pursue our legitimate interest (Article 6(1)(f) of the GDPR).
  4. Defense against claims. In justified cases, we process your personal data in order to establish, assert or defend against claims (e.g. claims resulting from improper provision of services available as part of the Website). The legal basis for the processing of personal data for these purposes is our legitimate interest (Article 6(1)(f) of the GDPR).
  5. Security and smooth operation of the Website. The users’ activity on the Website shall be recorded in system logs (special software used to store chronological record containing information about events and activities related to the IT system used to provide services by Oknoplast). The information collected within the logs is processed for technical and administrative purposes related to the need to ensure security of the Website and IT systems processing your personal data, as well as for analytical and statistical purposes, in order to ensure smooth operation of the Website. The legal basis for the processing of your personal data is our legitimate interest in providing you with a secure and efficient website (Article 6(1)(f) of the GDPR).

Processing of personal data as part of social media portals

Running social media portals. We also process personal data of users who visit our profiles on social media (e.g. Facebook, YouTube, Instagram, Twitter). Your personal data (e.g. name or social media nickname) is collected and used exclusively in connection with the operation of Oknoplast company website or profile. We use the data to keep users informed about our activities, to respond to your comments, or to use the communication features offered by the social media portal in order to respond to your activity, and to promote various events, services or products on a given social platform. The legal basis for the processing of your personal data is our legitimate interest in promoting our brand and communicate on social media, as appropriate and relevant (Article 6(1)(f) of the GDPR).

Data processing in connection with the operation of the distribution network

  1. Execution of an agreement with a business partner. If you have entered into an agreement in connection with our products with an Oknoplast trading partner, we receive your personal data in order to ensure that our partner can smoothly proceed to perform the agreement. Among other things, we need your data in order to deliver the ordered products to the trading partner and to ensure that your agreement is implemented on time. The legal basis for the processing of your personal data is our legitimate interest in ensuring proper performance of the agreements concluded within our distribution network (Article 6(1)(f) of the GDPR).
  2. Warranty. Your personal data is processed in connection with the exercise of your rights under the warranty we provide for our products. In this case, the legal basis for processing your personal data is the prerequisite of necessity for the performance of the agreement (Article 6(1)(b) of the GDPR).
  3. Conducting service quality surveys. Your personal data related to the conclusion and performance of the agreement with our trading partners is used to conduct our Customer service quality surveys within the distribution network. For this purpose, we process, among others, information about the details of the implementation of the agreement and information you have chosen to provide as part of satisfaction surveys we sent you. The legal basis for the processing of your personal data is our legitimate interest consisting in monitoring the quality of Customer service within our distribution network (Article 6(1)(f) of the GDPR).
  4. Analytical and statistical purposes. We process your personal data provided as a result of conclusion of the agreements concerning Oknoplast products, for analytical and statistical purposes. Data processing for this purpose helps us develop our distribution network and improve our products. The legal basis for the processing of your personal data for this purpose is our legitimate interest in conducting internal business analyses (Article 6(1)(f) of the GDPR).
  5. Marketing activities. Your personal data is used by Oknoplast for the purpose of conducting marketing activities. If you have given your separate consent to marketing communication, we will use your data to send you relevant commercial messages or newsletters. The legal basis for the processing of your personal data is our legitimate interest in marketing and promoting our brand (Article 6(1)(f) of the GDPR).
  6. Fulfilment of legal obligations – we also process your data if this is necessary for the fulfilment of obligations arising from generally applicable laws, e.g. in connection with the protection of consumer rights or tax law.
  7. Establishment, assertion or defense of legal claims. In justified cases, your personal data is processed by us in order to establish, assert or defend against claims (e.g. claims arising from non-performance or improper performance of an agreement which concerns Oknoplast products). The legal basis for the processing of personal data for these purposes is our legitimate interest (Article 6(1)(f) of the GDPR).

Data processing in the field of business cooperation

  1. Conclusion or performance of an agreement. We process your personal data in order to conclude an appropriate cooperation agreement with Oknoplast or for proper performance thereof. If you are a sole trader, your data is processed on the basis of the prerequisite of necessity for the conclusion or performance of an agreement (Article 6(1)(b) GDPR). If you act as representatives, proxies or employees of the entities being a party to the agreement, the legal basis for the processing of your personal data is our legitimate interest consisting in the possibility to conclude or perform an agreement properly (Article 6(1)(f) of the GDPR).
  2. Analytical and statistical purposes. Your personal data related to the established or ongoing business cooperation is used for analytical and statistical purposes related, among others, with the profitability of the cooperation, its extension possibilities and optimization of business processes. The legal basis for the processing of personal data for this purpose is our legitimate interest in conducting business analyses (Article 6(1)(f) of the GDPR).
  3. Building a network of business contacts. We process your personal data in order to build our network of business contacts. In this respect, we process data collected during industry events or by exchanging business cards. In this case, the legal basis for processing is our legitimate interest in building a network of business contacts (Article 6(1)(f) of the GDPR).
  4. Loyalty and incentive programmes. If you are an employee or associate of our business partners, we use your data to offer various loyalty and incentive programmes. For this purpose, we process your contact details and other information which is necessary for the proper provision of services as part of a loyalty or incentive programme (for more details, please always refer to the terms and conditions of the specific programme). The legal basis for the processing of your personal data is our legitimate interest in providing you with a possibility to participate in the loyalty or incentive programme (Article 6(1)(f) of the GDPR). As soon as you accept the terms and conditions of a specific loyalty or incentive programme, your personal data will be processed on the basis of the necessity to perform the agreement, in accordance with the terms and conditions of the programme (Article 6(1)(b) of the GDPR).
  5. Marketing activities. We use your personal data for various marketing activities. For example: we collect and use contact details of people responsible for sales processes and establishing business relationships in order to reach potential business partners; we also contact our business partners in order to present new business opportunities or to send relevant sales materials. The legal basis for the processing of your personal data for this purpose is our legitimate interest in marketing (Article 6(1)(f) of the GDPR).
  6. Organisation of training courses or events. As part of cooperation with Oknoplast, you can enroll yourself or your employees to participate in training courses or other types of events that we organize. In this respect, the legal basis for the processing of data of our business partners is the necessity to perform the agreement, in accordance with the General Terms and Conditions of Cooperation with Oknoplast or the agreement concluded for the purpose of cooperation with Oknoplast (Article 6(1)(b) of the GDPR). If you are an employee or colleague of our business partners who have registered you for a training course, we process your personal data on the basis of our legitimate interest, which is the necessity of the processing for the performance of the agreement between us to your employer or the necessity of the processing to provide your employer with access to the services offered by Oknoplast as part of our business cooperation (Article 6(1)(f) of the GDPR). In the event that you sign up for training courses or events individually (i.e. you sign up directly on our websites or by email), we process your personal data on the basis of your consent (Article 6(1)(a) of the GDPR) or the contract for training course (Article 6(1)(b) of the GDPR). You may withdraw your consent at any time, in accordance with the applicable legislation.
  7. Fulfilment of statutory obligations. Your personal data is processed in connection with the fulfilment of obligations arising from the provisions of the applicable law, in particular the obligations arising from the tax law and the accounting regulations. The legal basis for data processing is the necessity to fulfil the obligations imposed on the Controller (Article 6(1)(c) of the GDPR).
  8. Establishment, assertion or defense of legal claims. In justified cases, your personal data is processed by us in order to establish, assert or defend against claims (e.g. claims arising concerning cooperation with Oknoplast). The legal basis for processing personal data for the aforementioned purposes remains our legitimate interest (Article 6(1)(f) of the GDPR).

Data processing in connection with correspondence and telephone contacts

Correspondence and telephone conversations. Your personal data contained in the contact form available on the Website, sent in connection with e-mail or traditional correspondence, as well as provided in telephone conversations, is processed for the purpose of carrying out the relevant communication, placing orders, concluding agreements, replying or sending the information you have requested (e.g. the information indicated in the contact form). The legal basis for the processing of personal data is our legitimate interest consisting in ensuring you the ability to efficiently communicate with Oknoplast in all matters that are of your interest (Article 6(1)(f) of the GDPR), or the necessity of personal data processing for the conclusion or performance of an agreement with Oknoplast (Article 6(1)(b) of the GDPR).

Necessity to Provide Data

Website forms

In the case of contact forms made available through the Website, providing your personal data is voluntary, but necessary to handle your enquiry.

We also make every effort to provide you with relevant information about which personal data is mandatory and which may be provided additionally. We provide the aforementioned information in the form of appropriate markings within the Website (e.g. asterisks next to specific fields of the contact form).

Information provided in correspondence, required to sign or perform the agreement, participate in a training course/event

In the case of correspondence, signing of agreements, or participation in training courses/events, the provision of your personal data is voluntary but necessary for correspondence, conclusion of the relevant agreements or participation in the training course/event.

Consequences of failure to provide personal data

If providing personal data is necessary for the provision of services, conclusion or performance of an agreement, as well as for conducting appropriate correspondence or for participation in training course/event, failure to provide the required personal data may prevent the provision of such service, conclusion or performance of such agreement, such correspondence or participation in such training course/event.

Data Retention Periods

The period during which we store your personal data depends on the type of service provided and the purpose of processing.

As a rule, we process your personal data for the duration of the provision of the services, the duration of the agreement, or fulfilment of the order, until you withdraw your consent or make an effective objection to the processing of your personal data when the processing takes place in connection with the pursuit of our legitimate interests.

We keep your correspondence for between 3 months and a year, unless we have entered into a contractual relationship with you.

You can check how long cookies are stored in the Cookies Policy

The period of processing may be extended by the period of limitation of claims if the processing of personal data is necessary for Oknoplast to assert or defend against possible claims.

In Oknoplast, we have prepared and implemented appropriate policies for the processing of personal data, which take into account the need to store your personal data for a certain period of time. Our data retention policy takes into account the time limits for data processing that arise from applicable tax and accounting regulations, the limitation periods for claims, or our legitimate interests resulting from the need to archive our correspondence.

For detailed information on the periods during which we process certain categories of personal data, please contact us in the manner described in the Contact section.

Data Recipients

Your personal data may be disclosed and transferred to a company acting on our behalf in your area – in order to serve you as our customer. In addition, your data may be transferred to entities such as providers of IT services, legal, marketing, accounting, training, postal, analytical or advisory services.

If you use the contact form, your personal data such as your  name, phone number, e-mail address, city and content of the enquiry will be forwarded to the trading partner who belongs to the Oknoplast distribution network. As a rule, we will transfer your personal data to the trading partner you selected in the contact form. In some cases related to changes within the distribution network, the need to ensure the highest quality of services and timely handling of your requests, we will transfer your personal data to another trading partner than indicated in the Oknoplast contact form. The selected partner will contact you promptly and provide the necessary information.

Please be informed that if our trading partner acts for his/her own purposes, e.g. for the sale of his/her own products and services, s/he is the sole controller of your personal data or of the information collected from you.

A list of the available partners from the Oknoplast distribution network is to be found on the Oknoplast Website.

Your Rights

In connection with our processing of your personal data, you have the right to access your data and to request rectification, erasure, restriction of processing, as well as the right to data portability.

In the case that we process your personal data in connection with the pursuit of our legitimate interests and for marketing purposes, you also have the right to object to such processing.

If you have given separate consent to the processing of personal data for a particular purpose, you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out on the basis of your consent before its withdrawal.

In cases related to possible suspicion of irregularities with regard to the processing of personal data, you have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data.

Transfer of Data outside the EEA

The level of protection of personal data outside the European Economic Area (EEA) is different from that provided by the law of the European Union. In principle, Oknoplast does not transfer data outside the EEA. For this reason, the Oknoplast shall transfer personal data outside the EEA only if necessary due to the nature of the cooperation and ensuring adequate level of protection, in particular through:

  • cooperation with processors of personal data in countries for which a relevant decision of the European Commission has been issued;
  • application of standard contractual clauses issued by the European Commission;
  • other legally justified ways permitted by law, including the GDPR.

 

At any time, you have the opportunity to obtain information and a copy of the relevant protection measures in place for transfers of personal data outside the EEA. To do so, please contact us in the manner indicated in the contakt tab.

Security of Personal Data

Oknoplast attaches great importance to the security of your personal data. To this end, we conduct an ongoing risk analysis to ensure that personal data is processed in such a way that only authorised persons have access to the data and only to the extent that it is necessary for their tasks. We also make sure that all operations involving personal data are recorded and performed only by authorised employees and associates of Oknoplast, and that the IT systems used for data processing ensure its availability, integrity and confidentiality.

We also take all necessary steps to ensure that all of our subcontractors and cooperating entities guarantee appropriate security measures whenever they process personal data on behalf of Oknoplast.

Changes to the Privacy Policy

The Policy Policy is reviewed on an ongoing basis and updated as necessary. We will inform you of any changes in the content of Oknoplast website.