Table of contents

PRIVACY POLICY

The purpose of this Privacy Policy is to provide you with information on how PASSAN processes (e.g., collects, enters into the system, stores, uses, shares) your personal data, the purposes for which we do so, and what rights you have in this regard, which we guarantee you can exercise – regardless of the channel or means (online or in person) you use to interact with us. In this Privacy Policy, we make all information permanently available to you, which you can review at any time. We process your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ L 119, p. 1) (hereinafter referred to as the GDPR) and other currently applicable data protection laws.

To systematize this information, let us first inform you who decides how your personal data will be used and who is responsible for processing your personal data.

This is the Controller of your personal data, i.e., we - Przedsiębiorstwo Produkcyjno-Handlowe "PASSAN" Spółka Jawna Andrzej Wojciechowski, with its registered office at: 09-540 Sanniki, ul. Wschodnia 3, Poland, Tax Identification Number (NIP): 7740015864, National Business Registry Number (REGON): 610039889, entered into the Register of Entrepreneurs of the National Court Register by the District Court for the Capital City of Warsaw in Warsaw, XIVth Commercial Division of the National Court Register, under number 0000026203. You can contact us by post at the address provided above, by email at: handlowy@passan.com.pl, or by phone at: 0048 24 2776200. If you provide additional consent, our partners (listed in the Cookie Policy - below) may also be the controllers of data obtained based on your online activity using technologies such as cookies. If you have any questions or requests regarding the protection of your personal data, it is best to contact the Data Protection Supervisor appointed by us to ensure the fullest possible protection of your personal data. Our Data Protection Officer is attorney-at-law Rafał Wojciechowski, whom you can contact by post at the address provided above, by email at iod@passan.com.pl, or by phone at 0048 724 117 530. Here we explain how we obtained your personal data. We obtain your personal data from you. You provide your data to us: - when registering on the Website at www.passan.com.pl (hereinafter referred to as the Website), - when placing an order on the Website, - when placing an order in another form (e.g., in person, by phone, by email), - when submitting an inquiry through the Website, - when submitting an inquiry in another form (e.g., in person, by phone, by email), - when subscribing to the Newsletter on the Website.

Here we explain the purposes and basis for processing your personal data.

Possible purposes of personal data processing include, in particular:

  1. CREATING AND MAINTAINING AN ACCOUNT ON THE SERVICE If you have registered an account on the Service, or if you have placed an order, we process your personal data due to the need to perform the sales contract or to take steps at your request before entering into it (Article 6, paragraph 1, letter b) of the GDPR) and to comply with a legal obligation incumbent on the Controller (e.g., when PASSAN settles concluded sales contracts based on tax or accounting regulations (Article 6, paragraph 1, letter c) of the GDPR). If you have submitted an inquiry using a registered account, we process your personal data due to the need to perform the sales contract or to take steps at your request before entering into it (Article 6, paragraph 1, letter b) of the GDPR). You can delete your account on the Website at any time, but remember that using your Account offers many benefits: you can place orders without having to fill out forms each time, you have access to your purchase history, and you can manage your consents on the Website.
  2.  CONCLUSION AND IMPLEMENTATION OF A SALES CONTRACT (INCLUDING COMPLAINTS AND WITHDRAWAL HANDLING) We process the data you provide for the following purposes: concluding a contract, confirming the order, performing the contract, in particular: sending/delivering goods, fulfilling tax and accounting obligations, contacting you regarding order fulfillment, receiving, processing, and exercising complaints or the right of withdrawal, and pursuing possible claims or defending against claims. We process your data due to the necessity to perform the sales contract or to take steps at your request before entering into it (Article 6, paragraph 1, letter b) of the GDPR), the necessity to comply with a legal obligation to which the Controller is subject (e.g., when PASSAN settles concluded contracts based on tax or accounting regulations (art. 6 ust. 1 lit. c) RODO), and also for the purpose of collecting receivables or defending against claims – due to the legitimate interest pursued by the Controller.
  3. SENDING THE NEWSLETTER We process data based on your consent (Article 6, Section 1, Letter a) of the GDPR. You may withdraw your consent at any time. We process data to present offers or promotions regarding the products we offer.
  4. PROVIDING ANSWERS TO QUESTIONS (INCLUDING INFORMATION ON PRODUCT AVAILABILITY) We process data due to the necessity to perform the sales contract or to take steps at your request before entering into it (Article 6, Section 1, Letter b) of the GDPR).
  5. ARCHIVAL PURPOSES The processing of personal data for this purpose is necessary to comply with the legal obligation to which the Controller is subject (Article 6, Section 1, Letter c) of the GDPR).
  6. STATISTICAL PURPOSES This is consistent with Article 6(1)(f) of the GDPR – our legitimate purpose is to have statistical information about our activities, which allows us to improve our business operations. 

We may also process personal data for purposes other than those listed above, arising from legitimate interests pursued by the Controller or a third party, in particular for correspondence with you or market analysis (Article 6(1)(f) of the GDPR).

What personal data do we process?

  1. PERSONAL DATA PROVIDED IN THE ACCOUNT REGISTRATION FORM When registering an account on the Website, you provide: first name, last name, postal address, email address, telephone number, login, password (we do not know it, we do not have access to it, it allows you to log in to the Website), and if you are an entrepreneur, also your company name and tax identification number. Providing this data is voluntary, but necessary to register an account on the Website. When registering on the Website, you can provide an additional delivery address. Providing this data is voluntary, but necessary to ship the ordered goods to the dedicated address.  
  2. PERSONAL DATA PROVIDED WHEN PLACING AN ORDER When placing an order, you provide us with: first name, last name, postal address, email address, telephone number, and, if you are a business owner, also your company name and tax identification number. Providing this data is voluntary, but necessary for the conclusion and performance of the contract. When placing an order, you can provide an additional delivery address. Providing this data is voluntary, but necessary to ship the ordered goods to the dedicated address.
  3. PERSONAL DATA PROVIDED FOR THE PURPOSE OF USING THE NEWSLETTER When registering for the Newsletter, you provide us with an email address or telephone number. Providing this data is voluntary, but necessary to subscribe to the Newsletter.
  4. PERSONAL DATA PROVIDED WHEN SUBMITTING AN INQUIRY – as detailed above. You should provide us with at least your email address, phone number, or postal address (depending on your preferred response method). When submitting an inquiry via the Website, you must provide your email address. Providing this data is voluntary, but necessary to respond to your inquiry.
  5. PERSONAL DATA PROVIDED WHEN SUBMITTING A COMPLAINT – the scope of data is the same as when placing an order;
  6. OTHER DATA COLLECTED BASED ON YOUR ONLINE ACTIVITY, including that obtained via the Website using cookies.
  7. OTHER DATA COLLECTED BASED ON YOUR ACTIVITY AT THE PASSAN SALES OFFICE.

How do we protect your personal data?

We take special care to protect your personal data and ensure that: - we process your personal data lawfully, fairly, and transparently;

  • we collect your personal data for legitimate purposes and do not process it in a manner incompatible with those purposes;
  • we store your personal data in a form that permits identification of the data subject for no longer than is necessary for the purposes for which we process it;
  • we process your personal data in a manner that ensures appropriate security.

Do we profile your personal data?

Your personal data may be processed by automated means (including profiling). However, this will not have any legal effects on you or significantly affect your situation in a similar way. Personal data profiling by PASSAN involves processing your data (also by automated means) by using it to evaluate certain information, in particular to analyze or predict personal preferences and interests. Please note that we do not display advertisements on the Website. Similar products, recommended products, new products, and bestsellers are displayed solely based on product characteristics.

How long can we process your personal data?

We may process most of the personal data you provide to us until the end of the limitation period for potential contractual claims, but no less than 5 years, but no longer than  but no longer than 10 years.

We will process your personal data obtained for marketing purposes (Newsletter) for this purpose until you withdraw your consent to their processing (unsubscribe from the Newsletter).

We will process your personal data obtained for marketing purposes other than the Newsletter:

  • in the case of data processing based on your consent
  • ​​until its withdrawal,
  • in the case of data processing based on the legitimate purpose of PASSAN – until you object.

Who can we transfer your personal data to?

We only transfer your data when it is necessary for our performance of the contract, is justified by our legitimate interest, or results from your request. We do not share your data commercially with third parties. We may transfer your personal data to:

  1. The company whose system we use to operate the Website,
  2. Couriers, shipping companies, and shipping intermediaries – to send you the ordered goods or process returns,
  3. Our authorized employees and associates,
  4. Companies whose services we must use to conduct our business, such as a hosting company, law firm, debt collection agency, accounting firm, ICT service provider, entities processing electronic or card payments on the Website, and consulting service providers. These are the recipients of your personal data. Please note that we do not transfer all of your data to these entities, only the data necessary to fulfill their tasks. Please be advised that your personal data may be transferred outside the European Economic Area due to the Recipient's use of servers outside the European Economic Area. This will be done based on appropriate safeguards or a decision of the European Commission confirming an adequate level of security.

What rights do you have in connection with our processing of your personal data as an individual?

  1. The right to access your personal data - when you request access, we will provide you with information about what data we hold about you and how it is processed;
  2. The right to rectification of personal data - if you notice that your personal data is inaccurate, we will rectify it at your request;
  3. The right to erasure of your personal data - you can request that we erase your data if you believe it is no longer necessary for the purposes for which we collected it, or if the need to erase your data arises from legal provisions. We will also erase your data if we collected it based on your consent, in the event of its withdrawal or your objection to further processing;
  4. The right to restriction of personal data processing - in the event of your request for rectification or erasure of your data, or your objection to the processing of your personal data, you may request that we limit its processing for the duration of the processing of your request and objection. You can also request that we restrict the processing of your personal data if we no longer need it, but you do not want it deleted because you may need it to defend yourself or pursue claims.
  5. The right to data portability - if we process your data automatically, you have the right to request the transfer of your personal data to another controller.

We also inform you that you have the right to object to the processing of your personal data. You can exercise this right if you no longer want us to process your personal data for a specific purpose. In such a case, we will continue to process your data for other purposes, but not for the purpose for which you objected. Please also remember that if we required your consent to process your data, you can withdraw it. We will then no longer process the data, which may, however, cause some inconvenience for you (e.g., if you delete your account on the Website, you will be required to complete forms when placing another order).

How can you exercise your rights?

You can exercise the rights described above by contacting the Controller or the Data Protection Officer in any way (by letter, telephone, or email – in accordance with the information provided at the beginning of the Policy). However, we recommend that you send an email to: iod@passan.com.pl. Please note that before fulfilling your requests and demands, or in the event of your withdrawal of consent to data processing, we will need to confirm your identity. We will respond to your request without undue delay, no later than one month (unless this is not possible due to exceptional circumstances, in which case we will inform you). Please also remember that we may deem it appropriate to continue processing your personal data. You also have the right to lodge a complaint with the supervisory authority, i.e., the President of the Personal Data Protection Office. If you have any doubts or questions regarding the processing of your personal data, please contact us. 

COOKIE POLICY

This Policy defines the rules for storing and accessing information on User devices using cookies, which are used to provide electronic services requested by the User, provided by Przedsiębiorstwo Produkcyjno-Handlowe PASSAN Spółka jawna Andrzej Wojciechowski, with its registered office in Sanniki (09-540), ul. Wschodnia 3,

I. Definitions

  • Controller - means Przedsiębiorstwo Produkcyjno Handlowe PASSAN Spółka jawna Andrzej Wojciechowski with its registered office in Sanniki (09-540), ul. Wschodnia 3, entered into the register of entrepreneurs of the National Court Register maintained by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division, under the KRS number: 0000026203, Tax Identification Number (NIP): 7740015864, National Business Registry Number (REGON): 610039889, which provides services electronically and stores and accesses information on User devices.
  • Cookies - means IT data, in particular small text files, saved and stored on devices through which the User uses the Website.
  • Own Cookies - means Cookies placed by the Administrator, related to the provision of electronic services by the Administrator via the Website.
  • Third-Party Cookies - means Cookies placed by the Administrator's partners via the Website.
  • Website - means the website or application under which the Administrator operates the website, operating in the domain(s) www.passan.com.pl.
  • Device - means the electronic device through which the User accesses the Website.
  • User - means the entity to which, in accordance with the Terms and Conditions and legal regulations, services may be provided electronically or with whom an Agreement for the provision of electronic services may be concluded.

II. Types of Cookies Used

The Cookies used by the Administrator are safe for the User's Device. In particular, it is not possible for viruses or other unwanted software or malware to enter User Devices this way. These files allow us to identify the software used by the User and customize the Website for each User. Cookies typically contain the name of the domain they originate from, the duration of their storage on the Device, and an assigned value. The Administrator uses two types of cookies:

  • Session cookies: these are stored on the User's Device and remain there until the browser session ends. The stored information is then permanently deleted from the Device's memory. The session cookie mechanism does not allow for the collection of any personal data or any confidential information from the User's Device.
  • Persistent cookies: these are stored on the User's Device and remain there until they are deleted. Ending the browser session or turning off the Device does not delete them from the User's Device. The persistent cookie mechanism does not allow for the collection of any personal data or any confidential information from the User's Device. The User has the option to limit or disable access of cookies to their Device. If this option is used, the Website will still be available, except for functions that, by their nature, require cookies.

III. Purposes for which First-Party Cookies are used

 The Administrator uses First-Party Cookies for the following purposes:

Website configuration:

  • adapting the content of the Website's web pages to the User's preferences and optimizing the use of the Website's web pages;
  • recognizing the Website User's device and its location and displaying the website accordingly, tailored to their individual needs;
  • remembering the settings selected by the User and personalizing the User interface, e.g., in terms of the selected language or region of the User's origin;
  • remembering the history of pages visited on the Website in order to recommend content; v) font size, website appearance, etc.

User authentication on the Website and ensuring the user's session on the Website: 

  • maintaining the Website User's session (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage of the Website;
  • correct configuration of selected Website functions, enabling, in particular, verification of the authenticity of the browser session; iii) optimizing and increasing the efficiency of the services provided by the Administrator.

Implementation of processes necessary for the full functionality of websites:

  • adapting the content of the Website's pages to the User's preferences and optimizing the use of the Website's pages. In particular, these files allow for the recognition of the basic parameters of the User's Device and the appropriate display of the website, tailored to their individual needs.
  • proper operation of the affiliate program, in particular enabling verification of the sources of User redirection to the Website's pages.

Remembering the user's location:  correct configuration of selected Website functions, in particular enabling customization of the information provided to the User, taking into account their location.

Analysis, research, and audience auditing: creating anonymous statistics that help understand how Website Users use the Website's pages, which allows for the improvement of their structure and content.

Provision of advertising services: customization of advertisements for third-party services and products presented via the Website;

Ensuring the security and reliability of the website.

IV. Purposes for which External Cookies are used: The Service Administrator uses External Cookies for the following purposes:

- Presenting multimedia content on the Service's web pages, which is downloaded from an external website: www.youtube.com [cookie administrator: Google Inc., based in the USA] 

- Collecting general and anonymous statistical data via analytical tools: 

  • IAI-Shop.com [cookie administrator: IAI S.A., based in Szczecin]
  • Google Analytics [cookie administrator: Google Inc., based in the USA]
  • Gemius Traffic [cookie administrator: Gemius S.A., based in Warsaw]
  • Stat24 [cookie administrator: Redefine Sp. with its registered office in Warsaw]
  • Presenting advertisements tailored to the User's preferences using an online advertising tool:
  • Google AdSense [cookie administrator: Google Inc., based in the USA]
  • Logging into the website using an account on another website:
  • Facebook Connect [cookie administrator: Facebook Inc., based in the USA or Facebook Ireland, based in Ireland]
  • Google [cookie administrator: Google Inc., based in the USA]

- Using interactive features to popularize the website using social networking sites: plus.google.com [cookie administrator: Google Inc., based in the USA]

 - Presenting opinions on the Website's pages that are downloaded from an external website:

  • opineo.pl [cookie administrator: Opineo Sp. z o.o., based in Wrocław]
  • ceneo.pl [cookie administrator: Grupa Allegro sp. z o.o., based in Poznań]

V. Possibilities of specifying the conditions for storing or accessing cookies

By default, web browsers allow cookies to be placed on end devices. The User may independently and at any time change the cookie settings, specifying the conditions for their storage and access by Cookies to the User's Device. The User may change the settings referred to in the preceding sentence using the web browser settings or by configuring the service. These settings can be changed, in particular, to block the automatic handling of cookies in the web browser settings or to notify the User each time Cookies are placed on the User's Device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings. The User may delete Cookies at any time using the available functions in the web browser they use. Restricting the use of Cookies may affect some of the functionalities available on the Website.

VI. Privacy Policy and Cookies

 When the User uses the Website, we use Cookies that enable the identification of the browser or Device. Cookies collect various information, but generally do not constitute personal data. However, certain information may be associated with a specific person. The entire website is encrypted with an SSL certificate, and the Website operator, IAI S.A., is linked to the Website. with its registered office in Szczecin, a data processing agreement has been concluded, under which the operator has committed to ensuring the security of the stored data.

VII. Profiling

 Based on cookies, it is possible to learn about User preferences – for example, by analyzing the Website's visits or viewed products. Analyzing User behavior allows us to understand Users' expectations and adapt to their needs. This technology allows us to present Users with advertisements tailored to their needs and display offers tailored to a specific User that are not available to others.

VIII. Retargeting

Using cookies, we may use technology that allows us to reach Users who have previously visited the Website with advertisements on other websites. We clarify that the platform on which the Website operates allows us to use the retargeting mechanism; however, in practice, we do not use this feature.

IX. Development

The Website software typically uses the following cookies: "client" and "_IAI_AC" – these are persistent cookies with session identifiers and a lifetime of 1 day and 7 days, respectively. "page_counter" – a counter for the number of subpages viewed, which can be used by the client for embedded and custom JavaScript scripts that perform specific actions (e.g., limiting the number of ads displayed at once) and a lifetime of 1 day. "affiliate" – the login of the client (store partner) who referred the user to the store as part of the affiliate program, set only in such cases and with a lifetime of 90 days.

 

 

pixel