The protection of users' privacy is of paramount importance to ENTERPRISE TOM-FOL SERVIS TOMASZ STYŚKO particularly important. For this reason, Service Users www.tomfol.com are guaranteed high standards of privacy protection. ENTERPRISE TOM-FOL SERVIS TOMASZ STYŚKO as Data Controller, cares about the security of the data provided by users.

It is also the Administrator's aim to duly inform Users of their rights and obligations in relation to the processing of personal data, especially in view of the content of the data protection provisions set out in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter "RODO"). Therefore, in order to protect the privacy of the Users of the Website, in this document the Administrator informs about the legal basis for the processing of the personal data provided by the Users in connection with their use of the Website www.tomfol.com (hereinafter the "Service"), the ways in which personal data is collected, processed and protected, and the rights of Users.

The user is any natural person to whom the data relates using the website www.tomfol.com or electronic services available through the Website.

The controller of personal data provided by the User on the Website www.tomfol.com is PRZEDSIĘBIORSTWO-PRODUKCYJNO-HANDLOWO-USŁUGOWE TOM-FOL SERVIS TOMASZ STYŚKO, Grabowiec 10F, 98-200 Sieradz, NIP 8271454757, (hereinafter referred to as "Administrator").

1. USER CONSENT
   

   Use of the Service www.tomfol.com by the User means that the User accepts that the Administrator collects and uses personal data in accordance with this Privacy Policy.

   The Service User's personal data is processed by the Administrator based on the User's consent and, in certain cases described herein, within the Administrator's legitimate interest. The User has the right to withdraw his/her previously given consent at any time. The withdrawal of consent does not affect the lawfulness of processing that was carried out on the basis of consent before its withdrawal.

   In the event that there is a change to this Privacy Policy and the User continues to use the Service, the User shall be deemed to have agreed to the current terms of the Privacy Policy.

2. PERSONAL DATA PROCESSED BY THE CONTROLLER
   1. Method of collecting personal data

      The Administrator obtains personal data directly from the User through the Website, by means of the functionalities and communication tools available on the Website and sending messages to the Administrator through them.

      The provision of personal data by the User is voluntary.

   2. Types of personal data processed

      The Administrator collects the following personal data concerning the User through the Service:

      1. Name;
      2. Email address;
      3. Phone number;
      4. Message content;
      5. Message subject.
3. PURPOSES OF PROCESSING PERSONAL DATA

   The way in which the Administrator processes the User's data depends on the User's use of the Website and the functionalities available therein. The Administrator processes the User's personal data for the following purposes:

   1. Communication with the User.

      The Administrator uses the User's personal data to communicate with the User in a personalised manner. The information communicated to the User concerns the products or services offered, personal data security, network updates, reminders, but also suggested offers from the Administrator or its partners. The communication with the User also concerns the User's service. Personal data is used to assist the User, solve technical problems and respond to the User's complaints or claims.

   2. Provide the User with commercial offers by electronic means.

      The purpose of the use of the User's personal data provided by him/her through the functionalities and communication tools available on the Website is for marketing communication carried out by the Administrator in the course of its business, in particular the presentation of commercial offers to the User electronically.

   3. Make commercial offers to the user by telephone.

      The purpose of the use of the User's personal data provided by him/her through the functionalities and communication tools available on the Website is for marketing communication carried out by the Administrator in the course of its business, in particular by presenting commercial offers to the User in a telephone contact.

   4. Sending information to the User electronically as part of subscribing to the Administrator's newsletter.

      The purpose of the Administrator's use of the User's personal data provided as part of the Administrator's newsletter sign-up form provided on the Website is to inform the User electronically (by e-mail) about new products, services, promotions or events of the Administrator or its partners.

   5. Enable the User to send comments or feedback.

      The Administrator uses the User's personal data in order to allow the User to comment/opine on the Administrator's or its affiliates' activities, services or products.

   The Administrator may also process the User's personal data obtained through the Website for the following purposes:

   1. in order to conclude and perform a possible contract between the User and the Administrator and to serve the User as a customer of the Administrator in accordance with Article 6(1)(b) of the RODO;
   2. in order to carry out financial settlements with the User who is a client of the Administrator for the purpose of performing a possible contract concluded between the parties, as well as a possible claim from the User who is a client within the framework of the Administrator's legitimate interest pursuant to Article 6(1)(f) RODO and to fulfil the Administrator's legal obligations towards tax authorities on the basis of separate regulations pursuant to Article 6(1)(c) RODO;
   3. for the purpose of carrying out the Administrator's marketing activities as part of the Administrator's legitimate interest within the meaning of Article 6(1)(f) of the DPA, and in accordance with the declarations of intent regarding marketing communications made to the Administrator. Consents granted in respect of marketing communications (e.g. for the sending of commercial information by e-mail or telephone contact for direct marketing purposes) may be withdrawn at any time, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal;
   4. in order to comply with the Administrator's legal obligations towards the User set out in the RODO, within the meaning of Article 6(1)(c) of the RODO.
4. SHARING OF PERSONAL DATA

   The User's personal data is not passed on by the Administrator to third parties.

5. USER RIGHTS
   1. User rights

      The user, at each stage of the processing of his/her data, is provided with a series of rights that allow him/her to access his/her data, verify the correctness of the data processing, correct the data, as well as the right to object to the data processing, can request the deletion of the data, limit the processing or data portability.

      Should the User wish to exercise his/her rights as a personal data subject, he/she may contact the Controller using the following contact details: PRZEDSIĘBIORSTWO-PRODUKCYJNO-HANDLOWO-USŁUGOWE TOM-FOL SERVIS TOMASZ STYŚKO, Grabowiec 10F, 98-200 Sieradz, tomekstysko@o2.pl.

   2. Right to lodge a complaint with a supervisory authority

      The user whose personal data is processed by the Administrator has the right to lodge a complaint with the supervisory authority competent in matters of personal data protection (the President of the Office for Personal Data Protection).

6. OTHER IMPORTANT INFORMATION
   1. Protection of personal data security

      The Administrator implements appropriate measures to ensure the security of the User's personal data. The secure use of the Website is ensured by the systems and procedures in place to protect against access and disclosure of data to unauthorised persons. In addition, the systems and processes used by the Administrator are regularly monitored in order to detect possible threats. Personal data obtained by the Administrator is stored in computer systems to which access is strictly limited.

   2. Storage of personal data

      The duration of storage of Users' personal data depends on the purposes of processing by the Data Controller.
      The controller shall retain personal data for such period as is necessary to achieve the specified purposes, viz:

      • for the duration of the Administrator's business.

      In each of the above cases, after the necessary processing period has elapsed, the data may only be processed for the purpose of asserting claims against the background of the relationship between the parties until such claims have been finally resolved by legal means.

   3. Changes to the Privacy Policy

      In order to update the information contained in this Privacy Policy and to make it compliant with applicable law, this Privacy Policy may be amended. If the content of the Privacy Policy is changed, the update date indicated at the end of the text will be changed. In order to obtain information on how to protect personal data, the Administrator recommends that Users regularly read the provisions of the Privacy Policy.

   4. Contact information

      For any information regarding this Privacy Policy, the User may contact the Data Controller: PRZEDSIĘBIORSTWO-PRODUKCYJNO-HANDLOWO-USŁUGOWE TOM-FOL SERVIS TOMASZ STYŚKO, Grabowiec 10F, 98-200 Sieradz, using the following contact details: tomekstysko@o2.pl.

      In addition, it is also possible to contact by post at: Grabowiec 10F, 98-200 Sieradz.

This document was last updated on 09.02.2023.