In connection to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, in force since 25 May 2018, we encourage you to read the information on the storage of personal data by Refsystem Sp. z o.o. with its registered office in Grudziądz.

This privacy policy is for information purposes only. The Privacy Policy contains principles concerning the processing of personal data by the Controller, including legal grounds, purposes and scope of personal data processing and the rights of data subjects.

Your personal data controller (hereinafter referred to as the “Controller”) is Refsystem Sp. z o.o., 86-300 Grudziądz, ul. Metalowców 5, NIP: 8762325897. You can contact the Controller by means of traditional mail to: 86-300 Grudziądz, ul. Metalowców 5 or via email to:biuro@refsystem.pl.

Your personal data is processed on the basis of the necessity of processing for the purposes of legitimate interests pursued by the Controller or by a third party.

The Controller shall take particular care to protect the interests of the data subjects, and in particular shall be responsible for ensuring that the data collected by it are processed in accordance with the law; collected for specified, legitimate purposes and not further processed in a way incompatible with those purposes; substantially correct and adequate in relation to the purposes for which they are processed; stored in a form allowing identification of the data subjects no longer than it is necessary to achieve the purpose of processing and processed in a manner ensuring adequate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical and organisational measures.

If you use websites belonging to the Company, your personal data collected through cookies may be processed in accordance with the Cookie Policy.

The Company processes personal data of natural persons who:

(a) are users of our website and communicate via the website by means of the application form;

(b) are companies whose data are derived from publicly available sources, including public registers;

(c) are potential customers, contractors or suppliers of the Company;

(d) are customers, contractors or suppliers of the Company;

(e) act as persons authorised to represent legal persons or other organisational entities;

(f) are parties to requests, complaints or other letters addressed to the Company;

(g) may be the addressees of marketing communications in accordance with the relevant legal provisions.

The Company may process personal data for the following purposes:

7.1 Preparation of commercial offers – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number.

7.2 Informational objectives related to the dissemination of information on running a business – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number; bank account number.

7.3 Handling of general inquiries, preparation of offers – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number; CEiDG entry.

7.4 Direct marketing of products and services (sending commercial and marketing information by e-mail, telephone and orally) – name and surname; e-mail address; contact telephone number.

7.5 Implementation of the sales contract, including the preparation of commercial offers, determining and clarifying the details of orders, execution of orders, registration and financial settlement of services, products and materials supplied to and by the Company – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number; bank account number.

7.6 Claims enforcement (including monitoring of claims) and defence against claims – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number; bank account number.

7.7 Performing obligations under the law, including in particular tax and accounting obligation and verification of the customer's payment reliability based on information from business information offices – name and surname; e-mail address; contact phone number; address of residence / business activity/ seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number; bank account number.

7.8 Execution of the sales contract (including authorisations necessary to complete orders and issue/receive products and materials) – name and surname; PESEL number; number and series of ID card (date of issue, issuer); contact phone number; address of residence/business activity/seat; company name; tax identification number (NIP) of the entrepreneur, REGON number; KRS number.

7.9 Handling of requests, complaints and other letters addressed to the Company – name and surname; e-mail address; contact telephone number; address of residence/business activity/seat; company name and tax identification number (NIP) of the entrepreneur; REGON number; KRS number.

The data may be made available only to the Controller's service providers or their subcontractors.

You are entitled to certain rights in connection with the processing of your personal data, including:

(a) the right of access to your personal data, i.e. the right to obtain confirmation of whether the Controller processes the data and information concerning such processing;

(b) the right to rectify the data if the data processed by the Controller are incorrect or incomplete;

(c) the right to require the Controller to delete the data ('the right to be forgotten');

(d) the right to demand that the Controller limit the processing of your data;

(e) the right to data portability;

(f) the right to object to the processing of your data on the basis of the legitimate interest of the Controller or to the processing for the purposes of direct marketing;

(g) the right to lodge a complaint with the Polish supervisory authority or the supervisory authority of another Member State of the European Union competent for the place of habitual residence or work of the data subject or for the place of alleged breach;

(h) the right to withdraw consent at any time;

(i) the right to obtain human intervention from the Controller, to express your point of view and to challenge a decision based on automated data processing.

The Controller shall make every effort to ensure all physical, technical and organizational measures to protect personal data against accidental or intentional destruction, accidental loss, alteration, unauthorised disclosure, use or access, in accordance with all applicable laws.