I. About Us
As a responsible organization that is aware that information has a certain
value and constitutes a resource in need of proper protection, we are concerned with the proper
Informing you about matters related to the processing of personal data,
especially in view of the content of the new data protection legislation, including the Regulation of the European Parliament and the Council (EU)
2016/679 dated April 27, 2016. On the protection of individuals in connection with
processing of personal data and on the free movement of such data and
repeal of Directive 95/46/EC (“RODO”). Therefore, in this document
provide key information on the legal basis for processing personal data, how it is collected and used, and the rights of data subjects.

We would like to inform you that the Administrator of your personal data is AQUACELL S.C. GRAŻYNA
PAJĄK, BOGDAN PAJĄK, ul. Szkolna 37, 43-230 Goczałkowice-Zdrój, NIP: 6381619945,
REGON: 072872184 .
Personal data shall be obtained and processed in the manner and on the terms specified in the
This Policy.

I. General Provisions
We attach particular importance to protecting the privacy of our customers, contractors,
partners and subcontractors. One of its key aspects is the protection of individuals’ rights and freedoms in connection with the processing of their personal data.
We make sure that the processing of your data is carried out in accordance with regulations
Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016.
on the protection of individuals with regard to the processing of personal data and on the free movement of such data
data and repealing Directive 95/46/EC (hereinafter: “RODO”), the Law of 10
May 2018. On the protection of personal data, as well as special provisions (contained in the
among others. in the Accounting Law). AQUACELL S.C. GRAŻYNA PAJĄK, BOGDAN PAJĄK is the administrator of personal data within the meaning of art. 4(7) of the RODO, we also use the services of processors referred to in Art. 4 pts. 8 RODO – they process personal data on behalf of the controller.
We implement appropriate technical and organizational measures to ensure the degree of
Security corresponding to the possible risk of violation of the rights or freedoms of persons
physical with different probability of occurrence and severity of danger. Our activities
regarding the protection of personal data are based on established policies and procedures.

III. For what purposes we process your personal data
Your data will be processed for the following purposes:
(a) registration and maintenance of a user account – Art. 6 paragraph. 1(b) RODO,
(b) order handling – art. 6 paragraph. 1(b) RODO,
(c) handling of complaints or withdrawal from the contract – Art. 6 paragraph. 1(f) RODO,
(d) mail handling – art. 6 paragraph. 1(f) RODO,
(e) performance of tax and accounting obligations – Art. 6 paragraph. 1(c) RODO.

IV. On what terms and on what basis we process your data
We exercise diligence to protect the interests of data subjects, and in
In particular, we ensure that the data is:

-processedin accordance with the law, fairly and transparently to the person to whom the
data pertains to,
– collected for specific, explicit and legitimate purposes and
not processed further
In a manner inconsistent with these goals,
– Adequate, appropriate, and limited to what is necessary to achieve the objectives, in
Which are processed,
– correct and updated as necessary. We are taking steps to ensure that the data
Personal information that is incorrect in light of the purposes of its processing has been
promptly removed or corrected,
– stored in a form that allows identification of the data subject,
for a period no longer than necessary for the purposes of processing,
– processed in a manner that ensures adequate data security
personal, including protection against unauthorized or unlawful
processing and accidental loss or destruction.

We normally process your data on the basis of consent, which can be withdrawn in
any time. Another case is when the processing of your data
is necessary for the performance of a contract to which you are a party or to take action on your
request, even before the conclusion of the contract.
In some situations, processing is necessary to fulfill a legal obligation
incumbent on us as an administrator. Such obligations arise, for example, from the Law on
accounting.
Processing may also be necessary for purposes arising from our legal
legitimate interests, an example of which is the assertion of claims from an ongoing
By our business activities.

V. What rights you have
We take appropriate measures to make the following in a concise, clear, understandable and easily accessible
form to provide you with all relevant information and to conduct with you any
Communication on the processing of personal data in connection with the implementation of the
your right to:
– information provided when obtaining personal data,
– information provided upon request – about whether data is being processed, and other
The issues specified in Art. 15 RODO, including the right to a copy of the data,
– rectification of data,
– being forgotten,
– processing restrictions,
– data portability,
– Objections,
– Not be subject to a decision based solely on automated processing
(including profiling),
– information about data protection violations.

In addition, if your personal data is processed on the basis of consent, you are entitled to
The right to withdraw it. Consent can be withdrawn at any time, which does not affect
The legality of the processing carried out before its withdrawal.
To contact us regarding the exercise of a particular right, please contact us via email:
biuro@aquacell.pl or hello@drgrazynapajak.pl

The security of your data is our top priority, however, if you feel that
by processing your personal data we violate the provisions of the RODO, you have the right to lodge a complaint
complaints to the President of the Office for Personal Data Protection.

VI. How we will contact you
Information shall be provided in writing or by other means, including, as appropriate.
electronically. If you request it, we can provide the information orally, as long as others
ways we will confirm your identity. If you submit your request electronically, in the
If possible, the information will also be provided electronically, unless you indicate
us another preferred form of communication.

VII. Within what timeframe we will fulfill your request
We strive to provide information promptly – as a rule, within a month of receiving a request.
If necessary, the deadline may be extended for another two months due to
The complex nature of the request. However, in any case, within one month of
receipt of the request we will inform you of the action taken and (if applicable
cases) about the extension of the deadline, stating the reason for such delay.

VIII. Subcontractors/processors
We may share your personal information with companies or other trusted partners
Businesses who provide services on our behalf. If we are working with
entities that process personal data on our behalf, we only use the services of such processors that provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing of data meets the requirements of the RODO and protects the rights of data subjects. We check in detail the entities to which we entrust the processing of your data. We enter into detailed contracts with them, and periodically inspect the compliance of processing operations with the contents of such contracts and the law.

Your personal data may receive:

(a) entities and bodies authorized to process personal data on the basis of the
legislation,
(b) banks when settlements are required,
(c) entities providing software delivery,
(d) IT service providers,
(e) Internet service providers (hosting, mail),
(f) entities providing online payment services (PayPal, TPAY),
(g) courier companies,
(h) cloud service providers,
(i) a document destruction company,
(j) an accounting services firm,
(k) the owner of the social networking site Facebook on unalterable
Facebook’s data rules available under
at https://www.facebook.com/about/privacy.

IX. How we take care of the processing of your data
We regularly review and update our documentation to demonstrate compliance with the
requirements of the law in accordance with the principle of accountability formulated in the RODO, but also for the sake of
about the interests of data subjects we strive to incorporate best practices into it
marketable.

X. Data retention
We store personal data in a form that allows us to identify the person whose data it is
pertain to, for no longer than is necessary for the purposes for which the data are
processed. After such a period, we anonymize the data (de-identify it)
making it possible to identify a person) or remove. In the retention procedure
we ensure that the retention period of personal data is limited to a strict minimum.
We determine the period of data processing in the first instance on the basis of regulations
Laws (e.g., retention time for employee records, accounting documents),
As well as the legitimate interest of the administrator (e.g., marketing activities). Policy
retention covers both data processed in paper and electronic form.
The period of storage of personal data, depends primarily on the purpose for which the
whose data is collected, according to the following criteria:

– the period of execution of the cooperation contract/order – in the case of data processing in the
For the purpose of concluding and implementing the cooperation agreement,

– the period necessary to process the complaint filed – in the case of processing
data in order to handle the complaint process,
– Until the settlement of the dispute / settlement of the parties, taking into account the relevant
Limitation periods for claims – in the case of data processing for the purpose of
Investigating claims and taking actions of a debt collection nature,
– until you object – in the case of data processing for the purpose of
satisfaction surveys among the administrator’s customers and marketing
Direct (sending commercial information).

XI. Mandates
We ensure that any person acting under our authority and having access to the
Your personal data processed only on our instruction, unless other
requirements arise under Union or member state law

XII. Cookies
(1) Cookies (so-called “cookies”) are computer data, in particular files
text files, which are stored in the Service User’s terminal equipment and
are intended for the use of the Website. Cookies usually
include the name of the originating website, the length of time they were stored on the
terminal device and a unique number.
2. the entity placing files on the final device of the Service User
cookies and accessing them is the owner of the site
3. the cookie mechanism is not used to obtain any
information about users of the site or to track their navigation. Cookies used in
service does not store any personal data or other information
collected from users and are used for statistical purposes.
4. by default, web browsing software
(browser) allow cookies on your device for
which it is launched.
In most cases, you can configure the software yourself in this regard, including, among other things, forcing the automatic blocking of cookies.
For issues related to configuring how cookies are handled, please refer to your settings
software (web browsers). Keep in mind that the settings
restrictions on the handling of cookies may affect the operation of the
certain functionalities of the service.
5 Cookies are used for:
– adapting the content of the Website’s pages to the User’s preferences
and optimize the use of the websites; in particular, these files
allow to recognize the device of the Service User and to display accordingly
website, customized to his individual needs,
– creation of statistics that help to understand how Users
Service use the websites, which allows to improve their structure and
Contents,
– Maintain the session of the Service User (after logging in), thanks to which the User
does not have to re-enter the login and password on each sub-page of the Website,

(6) The Service uses two main types of cookies: “session”
(session cookies) and “permanent” (persistent cookies). “Session” cookies are files
temporary, which are stored on the User’s terminal device for
the time you log out, leave the website or shut down the software
(web browser). “Permanent” cookies are stored on your device
User’s endpoint for the time specified in the parameters of cookies or until they are deleted by the User.
7 The following types of cookies are used within the Service:

– “essential” cookies that enable you to use the services available on the
Within the Service, e.g. authentication cookies used for services
requiring authentication within the Service,
– security cookies, such as those used for
Detecting authentication abuses within the Service;
◦ “performance” cookies, which allow you to collect information about how you
use of the websites of the Service,
– “functional” cookies that allow you to “remember” the cookies you have chosen by
User’s settings and personalization of the User’s interface, e.g. in terms of
the selected language or region of origin of the User, the font size,
website design, etc.

8 The owner of the website informs that the website contains links to other websites.
The owner of the site recommends reading the privacy policies there
applicable, as it is not responsible for them.
9. description of technical and organizational security measures is included
Security (data protection) policy of the service owner. W
In particular, the following safeguards are used:
10. the data collected from users during the registration process is secured
SSL protocol and through the mechanism of authentication of access to the service