I. General information and definitions
1) Fink - Website administrator providing the service of sharing resources and information for people visiting the Website's website or profile in Social Media: Fink Group sp. z o. o. with its seat in Psary Małe (Poland), at ul. Folwarczna 8, postal code: 62-300 Psary Małe, registered with a share capital of PLN 30,000 at the District Court Poznań-Nowe Miasto and Wilda in Poznań, IX Commercial Division of the National Court Register under the KRS number: 0000848497, NIP: 7891791218, REGON: 386425335, e-mail email@example.com,
2) Personal data - all information (e.g. name, surname, telephone number, e-mail address or home address) regarding an identified or identifiable natural person who is a Website / Media Guest Social, Fink Customer or Supplier.
3) Supplier - a natural or legal person or an entity without legal personality, but able to acquire rights and incur liabilities on its own behalf, which provides certain services to Fink or delivers goods to Fink; the term Supplier should also be understood as natural persons who are employees and / or representatives of the Supplier, acting on his behalf and on his behalf under contracts concluded and already concluded between Fink and the Supplier,
4) Guest - a natural person who visits and browses the content of the Website and / or Fink Social Media,
5) Customer - a natural person, legal person or an entity without legal personality, but able to acquire rights and incur obligations on its own behalf, concluding a contract for the sale of Goods with Fink,
6) Instant messaging - used by Fink to contact with clients, remote communication applications functioning as part of or in connection with the maintenance of social media accounts by Fink: Messenger (profile address: https://www.facebook.com/finkstoreofficial/) and Instagram (profile address: https: // www.instagram.com / finkstoreofficial /)
7) Social Media - a common name for online social platforms (websites) on which Fink runs profiles and through which it provides the Services to Customers listed in § 3 of the Regulations. This applies to websites such as Facebook (profile address: https://www.facebook.com/finkstoreofficial/), Instagram (profile address: https://www.instagram.com/finkstoreofficial/) and Pinterest (profile address: https: //pl.pinterest.com/finkstore/)
8) Offer - description and photos of the services provided and goods sold by Fink as part of its business activities, used to promote them; all announcements, advertisements, price lists posted on the Website or Social Media should be treated not as an offer within the meaning of the Civil Code, but as an invitation to submit offers (Orders) by the Customer,
9) Person - a natural person to whom personal data processed by Fink, in particular Guest, Supplier or Customer or their employee or representative,
10) Website - an online platform at www.fink.store, through which Fink provides Services to Guests under the contract for the provision of electronic services,
11) Goods - Fink products presented on the Website and in Social Media,
12) Service - a service provided electronically by Fink for Guests, consisting in sending data via public ICT systems on individual request, without the simultaneous physical presence of the parties in order to perform the tasks resulting from the contract for the provision of services electronically, including, inter alia: providing Of ert via the Website and Social Media, correspondence via e-mail addresses. The reference to the term "process" or "processing" in this document means all activities and operations performed on personal data (eg storing or analyzing it for the purpose of providing services), unless otherwise stated.
2. The overriding goal of Fink as the administrator of personal data of Guests, Customers and Suppliers is to ensure privacy protection at a level at least corresponding to the standards specified in applicable legal provisions, in particular regarding:
1) personal data protection - Regulation of the European Parliament and of the Council (EU) 2016 / 679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation) (hereinafter: "GDPR"),
2) providing services by electronic means - the Act of 18 July 2002 on the provision of electronic services,
1) the processing of personal data, including their collection and storage by Fink,
2) the manner of using personal data and other data collected in connection with the use of the Website, visiting Social Media, communication via IM or e-mail electronic, as well as concluding with Fink and performing contracts for the provision of electronic services, contracts for the sale of Goods or other contracts concluded by Fink with Customers or Suppliers,
3) sharing personal data with other entities,
4) accessing personal data and modifying and deleting them
5) security of personal data and information processing,
6) period of personal data storage.
4. Fink obtains personal data from Guests, Customers and Suppliers:
1) when browsing and using by these persons and entities the content of the Website or Social Media as information:
a) provided to Fink directly by these persons / entities, including information provided when submitting Orders on the Website, visiting and using Social Media (including, inter alia, marking content posted by Fink as likes or commenting on them), exchanging correspondence via e-mail and Instant Messaging,
b) obtained and collected by Fink when using Services made available via the Website or Social Media, in particular regarding: the method of using the Services, the internet protocol used, IP address, data on the operation of the device that is used to use the Services, as well as about breakdowns, activity of IT systems, equipment settings, type and browser language, dates and times sent requests and referring URLs, "cookies",
2) when communicating with Fink via e-mail or via Instant Messaging,
3) during negotiating and concluding contracts with Customers and Suppliers
II. The method, scope and purposes of the processing of personal data
1. Fink processes, i.e. collects, stores and analyzes personal data for the following purposes:
1) concluding and performing concluded contracts (Article 6 (1) (b) of the GDPR), including contracts for the provision of electronic services, contracts for the sale of Goods and contracts with Suppliers. This applies in particular to contacting Guests, Customers and Suppliers in connection with negotiating, concluding and performing Agreements, including providing information and handling inquiries, complaints, as well as pursuing claims and defending against claims arising from the Agreements,
2) compliance with Fink obligations arising from legal provisions, in particular regarding data processing for tax and accounting purposes (Article 6 (1) (c) of the GDPR) and ensuring accountability of personal data protection, i.e. the possibility of proving that:
a) personal data are processed in accordance with the data subject is legally, reliably and transparently,
b) the purpose of data processing is clearly defined,
c) the processed data is adequate, relevant, limited only for the purposes related to their processing,
d) personal data is correct and, if necessary, updated,
e) personal data is processed in a manner ensuring their security,
f) data storage is limited to the strict minimum necessary to achieve the purposes for which they are processed,
3) consent (art. 6 sec. 1 lit. a GDPR) to the extent to which obtaining consent is required by applicable law when processing data based on "cookies", as well as in the field of direct marketing of services provided by Fink,
4) the implementation of legitimate interests of Fink (Article 6 (1) 1 letter f) GDPR), such as:
a) conducting direct marketing of services provided by Fink, including contacting Guests, Customers and Suppliers for purposes related to permitted marketing activities by e-mail or telephone,
b) monitoring activity Visitors on the Website pages and in Social Media, resulting from the "cookies" policy applied by Fink in order to:
- ensure the security of the Services that are provided by Fink under the concluded contracts for the provision of electronic services, including enforcement of the internal rules of the Website and Social Media and counteracting all abuses and ensuring safety traffic flow on the Website,
- optimizing the content and operation of the Website, performing statistical analyzes, obtaining information on the range and interaction factors on the website
c) conducting satisfaction surveys of Guests, Customers and Suppliers, in terms of e.g. satisfaction with the results of services provided or Goods sold based on the concluded contract,
2. When it is necessary for the provision of services by Fink or constitutes a legitimate interest of Fink - the company is entitled to automatically obtain and record data provided by Guests, Customers and Suppliers, in particular data transferred to the server by browsers Internet or devices through which Guests gain access to the Website or Social Media. These data include: parameters and identification numbers of the software and hardware used, pages viewed, information on the use of the Website or other resources, as well as other data on devices and system use. The collection of the above-mentioned information will take place in particular when the Guest uses the Website or Social Media. How Fink uses this type of technology is described in more detail in the "Cookies" Policy available on the Website.
3. Fink may perform profiling, i.e. automated processing of personal data of Guests, Customers and Suppliers in order to infer about their characteristics. Profiling is used when it is necessary to perform certain services, as well as to improve the quality of services offered and for marketing purposes. However, Fink does not take any automated decisions based on profiling that could cause any legal effects or similarly significantly affect the scope of rights and obligations of data subjects.
III. Sharing and transferring data to third parties and to third countries
1. Fink may:
1) entrust the data of Persons to third parties that participate in the provision of services or support the implementation of Fink's obligations resulting from contracts concluded with these Persons (or entities represented by these Persons) or on their behalf,
2) make the data available to third parties:
- when allowed by generally applicable law - for the purposes and on the terms resulting from these provisions, or
- with the consent of the Persons.
This applies in particular to:
1) banks, payment institutions, accounting companies that support the settlement of receivables for the services provided and resulting from concluded contracts (data entrustment),
2) Internet service providers, server rooms, IT companies, telecommunications companies, in the scope of which these entities participate in the provision of services to Persons (entrusting personal data),
3) third parties, e.g. specialized providers of data storage services, analytical services, in order to provide services by these entities to Fink, marketing, consulting or auditing companies supporting Fink in running a business and in the provision of electronic services, as well as in the provision of website and application development services, as well as branding and marketing (entrusting personal data).
3. If personal data is entrusted to entities such as a bank, which are involved in the process related to the implementation of payments under the concluded contracts or resulting from the obligations of the Persons towards Fink (if provided), at the time of the transaction, these entities - under the applicable provisions - they become the controllers of the personal data of Persons, processing their data on their own behalf and for their own needs. Personal data administrators of Persons processing this data on their own behalf and for their own needs may also become other entities to which Fink entrusts personal data, if it results directly from the applicable regulations.
4. In the event of providing personal data (only on the basis of the consent of the Person or entity that is represented by him or where it is allowed by generally applicable law), entities to whom the data are made available become personal data administrators separate from Fink. Fink reserves that in such a case it has no influence on the data protection policy pursued by the entities and is not responsible for it.
5. Fink may provide third parties with anonymised data, i.e. data transformed in a way that prevents the identification or assignment of individual information to a specific or identifiable natural person to whom the data relates or by whom the data was provided, in the form of statistical data.
IV. Accessing and modifying personal data
1. Each person whose personal data is processed by Fink has the right - to the extent resulting from applicable regulations - to:
1) access the processed personal data, including receiving a copy thereof,
2) receive information on:
a) the purposes of personal data processing,
b) the categories of personal data processed,
c) information about the recipients or categories of recipients to whom personal data are disclosed,
d) the period of personal data processing,
e) the use of automated decision-making (including profiling),
3) rectification of the personal data if it is incorrect,
4) supplementing incomplete personal data (taking into account the purposes of processing),
5) deletion of personal data concerning her, if:
a) the data are no longer necessary for the purposes for which they are processed by Fink,
b) The data subject withdraws his consent to their processing, and the consent was the only basis legal basis for data processing or an effective objection to data processing has been made,
c) data processing is unlawful,
6) restriction of personal data processing if:
a) the correctness of the data is questioned - then the data subject may request restriction of data processing the period allowing Fink to check the correctness of the data,
b) the data is processed unlawfully, but the data subject will not want their data to be deleted,
c) the data is no longer needed by Fink, but is needed by the data subject to defense or pursuing claims,
d) an objection to data processing has been raised - until it is determined whether the legitimate interests of Fink override the interests of the Persons indicated as the grounds for objection
7) object to data processing in the event of data processing in order to:
a) perform the task carried out in the public interest or in the exercise of official authority entrusted to Fink,
b) resulting from the legitimate interests of Fink, except where these interests are overridden by the interests or fundamental rights and freedoms of the data subject,
c) the needs of direct marketing, including profiling,
8) receiving data in a structured format, including for the purpose of transfer to another data controller and requesting Fink to transfer this data to another controller, if technically possible; this applies to a situation where the processing takes place on the basis of consent or a concluded contract and in an automated manner,
10) lodge a complaint with the body supervising the compliance with personal data protection provisions, i.e. the President of the Personal Data Protection Office.
V. Data and information security
Fink makes every effort to ensure that all collected and processed data are protected using adequate technical measures and security procedures to protect them against unauthorized access, unauthorized modification, disclosure and destruction. In particular:
1) The website records attempts of unauthorized access and, in the event of a suspected intrusion, it is possible to quickly verify whether there has been a breach of security rules,
2) when providing Services by electronic means, Fink uses SSL encryption and firewalls,
3) data on the Website's servers are subject to cyclical archiving (so-called backup),
4) Fink uses and controls its own methods of collecting, storing and processing information, including physical security measures (including encryption of device drives, password protection for devices or applications participating in data processing ) to protect against unauthorized access to the processed data, including data processed in connection with the use of e-mail or instant messaging by Fink in order to communicate with Persons. Fink reserves, however, that each person using instant messaging or e-mail is obliged to read the data security rules and information used by entities providing the indicated communication tools, as well as to comply with the provisions resulting therefrom,
5) access to personal data provided is only for those employees and contractors of Fink for whom it is necessary to process them for the purposes of Fink or in connection with the provision of services. Fink affiliates, trusted partners and external service providers manage data in accordance with security and privacy requirements, and in the event of failure to comply with these obligations, they may face appropriate legal consequences.
VI. The period of storage of personal data
1. Personal data is stored by Fink for the period necessary to achieve the purposes of processing, in particular for the duration of contracts being the basis for data processing, as well as after their termination for the following purposes:
1) pursuing claims or protecting against claims in connection with the performance of the contract,
2) performance of obligations arising from legal provisions, including in particular tax and accounting regulations,
- until the claims or tax obligations are time-barred, the deadlines of which result from generally applicable provisions of law.
2. Fink stores personal data for marketing purposes until the data subject objects to such processing. In the case of the Newsletter service - Fink stores and processes data for the sending of mailings until the unsubscribe (resignation) by the person who made the subscription.
3. To ensure accountability, i.e. to prove compliance with the provisions relating to the processing of personal data, Fink will store the data of Persons for the period in which it is obliged to keep the data or documents containing them, to document the fulfillment of legal requirements and to enable control of their fulfillment by public authorities.
VIII. Data Protection Inspector
Due to the lack of a legal obligation, Fink has not appointed a Personal Data Protection Inspector. Therefore, in all matters related to the processing of personal data, you should contact Fink directly as the personal data controller. Contact details are provided in section IX of this document.
IX. Contact details
1. Fink's seat is at ul. Folwarczna 6, 62-300 Psary Małe, Poland.