+48 32 284-00-22 sprzedaz@cobra-europe.eu

COBRA company would like to inform that it uses cookies on its websites which are used only for statistical purposes and for the purpose of adapting the website to individual needs of users. Settings for storing cookies can be freely modified in your web browser.

Privacy Policy

 

Privacy policy

This privacy policy contains information on the processing and use of personal data of persons using our services, including those provided using online technologies. The policy sets out how and to what extent user data is processed, what purposes the data is used for, who it is shared with and how it is protected. At the same time, the privacy policy fulfils the information purpose referred to in Articles 13 and 14 of Regulation EU 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”).

Information on the Data Controller

The Controller of your data is Cobra Europe Sp. z o. o. ul. Graniczna 15, 41-940 Piekary Śląskie, telefon +48 32 284 00 22, mail sekretariat@cobra-europe.eu.

The Controller has appointed a Data Protection Officer who can be contacted on data protection matters at the following email address: iod@cobra-europe.eu or in writing to the Controller’s registered office address.

The privacy policy is based on the following provisions:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)– otherwise called “GDPR”
  • the Act of 10 May 2018 on the protection of personal data
  • the Act of 16 July 2004 Telecommunications Law
  • the Act of 18 July 2002 on the provision of electronic services

Data processing

Processing of personal data is understood as an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, organisation, storage, adaptation, modification, retrieval, consultation, use, disclosure by transmission, dissemination, otherwise making available, alignment, combination, restriction, erasure, and destruction.

Key principles implemented:

  • Data minimisation principle – we only collect personal data to the minimum extent necessary to fulfil the purposes for which they are collected.
  • We clearly define the purposes of collecting personal data that are based on the law – we do not process data in a way that is incompatible with these purposes.
  • We implement your right to access and correct your personal data.
  • We implement the principle of limiting the storage of personal data under the provisions of the law, only to the period necessary for the purposes they are collected for.
  • We ensure that your personal data is kept up-to-date and correct and respond promptly to any requests to rectify or update your data.
  • We protect your personal data against loss, unauthorised access, accidental loss or alteration and other unlawful forms of processing.
  • We share data with other parties in accordance with applicable legislation.
  • We exercise Users’ rights to the personal data erasure, withdrawal of consent, restriction of processing, data portability, the right to object to data processing, the right not to be subject to decisions based solely on automated data processing, including profiling.

Purposes of the processing

The data is processed in accordance with the provisions of the GDPR for a clearly defined purpose and to the extent necessary to fulfil that purpose.

The data is processed under Article 6(1)(A), (B), (F) GDPR:

  • provision of information about the Company’s content and services,
  • implementation of responses to customer enquiries,
  • service quality survey,
  • performance of a contract or efforts to conclude a contract,
  • managing the sales and customer service process,
  • defence against possible claims, where the Controller’s legitimate interest is the assertion or defence of claims.
  • marketing of our own and third-party products,

Personal data recipients

The data may be processed by employees and associates of Cobra Europe Sp. z o.o. as “persons in charge of processing” who act under direct authorisation from the Controller.  The data may also be processed by trusted entities providing technical and organisational services to the Company based on concluded entrustment agreements or other legal instruments allowed by the EU law. The Controller may furthermore only share data with other recipients at the request of entities authorised to do so by law or when this is necessary to fulfil the Controller’s or a third party’s demonstrated and legitimate purposes.

Consent to data processing

In cases where the processing of your data does not result from a legal obligation, is not related to a contract or service being provided to you or does not result from a legitimate interest pursued by Cobra Europe Sp. z o. o, we request your consent to process your personal data for the purpose indicated. Whenever you have given your consent to the processing of data for the purposes shown, such consent may be revoked at any time.

Transfer of personal data to third countries

The data collected and processed may be transferred outside the European Economic Area to independent IT service providers or data storage services, including cloud storage. Data shall only be transferred in accordance with data protection legislation and provided that appropriate data security and means of transfer are provided, for example, on the basis of a data transfer agreement based on contractual clauses adopted by the European Commission for the transfer of personal data from data controllers in the EEA to data controllers and processors in jurisdictions without adequate data protection legislation or on the basis of privacy agreements for the transfer of personal data from entities in the EU to entities in the United States or an equivalent agreement in other jurisdictions, or the transfer of data to a country where the European Commission has determined that the legally prescribed level of data protection in that country is adequate, or where it is necessary to enter into or perform a contract with a third party and for the purposes of such contract the transfer is in the interest of the data subject. In other cases, it is furthermore permissible to transfer data when the data subject has given his/her consent.

Data profiling

The data Controller does not carry out data profiling.

Period of data processing

All personal data is collected in a lawful manner, for the purposes shown, respecting the principles of necessity. Personal data will be kept in accordance with the principle of proportionality in such a way that the data subject can be identified and until the purposes of the processing have been fulfilled.

In the case of the processing of personal data for the purpose of providing a newsletter service and enabling access to material related to our offers, your personal data will be processed for the period necessary for the provision of this service, until you opt out of it.

Rights of the data subject

Right of access to data

You have the right to obtain information regarding the personal data about you we store, including a copy of that data.

Right of data rectification

You have the right to request the rectification of your personal data that is incorrect. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by providing an additional statement.

Right of data erasure

You have the right to request the erasure of your personal data held by us in the following cases:

  • your personal data are no longer necessary for the purposes they have been collected for or otherwise processed,
  • you have withdrawn the consent on which the processing is based and there is no other legal basis for the processing,
  • you have lodged an objection to the processing and there are no overriding legitimate grounds for the processing, or the objection relates to the processing for direct marketing purposes,
  • personal data were processed unlawfully,
  • personal data must be erased in order to comply with a legal obligation laid down by the Union or national law,
  • personal data have been collected in connection with offering of information society services referred to in Article 8(1) of the GDPR.

Right to data transfer

You have the right to receive, in a structured, commonly used machine-readable format, personal data concerning you that you have provided to us, where the processing of such data is based on consent or contract and by automated means.

If you request that this data be sent to another data controller, this will be done if there is a technical possibility.

Right to restrict data processing

You have the right to request that the processing of your personal data be restricted in the following cases:

  • you question the accuracy of your personal data for a period allowing the controller to verify the data accuracy,
  • the processing is unlawful and you object to your personal data erasure, requesting that the use of the data be restricted instead,
  • we no longer need your personal data for the purposes of processing, but you need them to establish, assert or defend of your claims,
  • you have objected to processing under Article 21(1) to the processing – until it is determined whether the legitimate grounds on the part of the Controller override the grounds for the objection.

Right to object to the data processing

If your personal data is processed on the basis of a legitimate interest of the controller, you have the right to object at any time to the processing, in accordance with Article 21 of the GDPR.

Right of consent withdrawal

You have the right to withdraw your consent to processing of your personal data at any time. The withdrawal of consent for processing will not affect the lawfulness of the processing carried out before the withdrawal.

The security of your personal data is a priority for us, however, if you consider that we are in breach of the provisions of the RODO when processing your personal data, you have the right to lodge a complaint to the President of the Personal Data Protection Authority.

Social media plug-ins

Our websites may include plug-ins for certain social media platforms. Social media plug-ins are special tools that allow the functions of social media platforms to be built directly into the website. Such plug-ins are marked with the respective logo of each social media platform. When you visit our website and use the plug-in, the information is transmitted by your browser directly to the social media platform, which remembers and processes it. For more detailed information on the purposes, type and methods of collection, processing, and storage of personal data by social media and information on how to exercise your rights, please refer to the privacy policy of the relevant social media platform.

Cookies

Cookies are information packets sent by a web server (e.g. a website) to the user’s browser, which are automatically stored on the user’s computer and are then automatically sent back to the server each time the user opens the browser. The default settings of almost all web browsers automatically accept cookies. Our website does not use cookies to transfer personal data. The use of session cookies is limited solely to the transmission of session identification data necessary to ensure safe and effective use of the website. The session cookies used on this website avoid the need for other IT techniques that could pose a potential risk to your privacy when browsing the site, and do not allow the acquisition of your personal data. The website also uses persistent cookies, which are stored on the hard drive of the computer until they expire or are cancelled by the user/visitor. Through the use of persistent cookies, users of the site (or others using the same computer) are automatically recognised each time they access the site. The user can set the browser to accept/reject all cookies or to have a message appear on the screen each time a cookie is proposed, allowing the user to decide whether to accept or reject it. At any time, by selecting the highest level of protection, the user can change the default settings and disable all cookies or partially or completely block them.

Links to independent websites

There may be dedicated links on our websites through which you can connect directly to other independent sites. The administrator of this website is not responsible for the way in which independent parties manage the personal data and credentials provided by third parties.