The data Controller is MINE BEST SP. Z O.O., incorporated under the laws of Poland with its registered office in Warsaw, Poland, Jerzego Ficowskiego 15, 01-747 Warsaw entered in the register of entrepreneurs of the National Court Register kept by the 14th Commercial Department of District Court for the city of Warsaw under no. KRS 0000711283, tax identification no. NIP 8381858527, statistical no. REGON 36908496200000, (hereinafter referred to as the ‘Company’ or the ‘Controller’) may collect and process data (including personal data) concerning the users (hereinafter the ‘User’) of this website and/or any services (i.e. technical assistance/support, means of communication, customer services, complaints) (hereinafter the ‘Services’).
The purpose of this Policy is primarily to inform the users, visitors and interested parties about their rights in relation to the processing of their data by the Controller.
In the event of any questions or concerns regarding data protection, please contact the Controller directly at email@example.com.
PROTECTION OF PERSONAL DATA
Any personal data are processed by the Controller in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (further: ‘GDPR’).
The Controller does not intentionally collect personal data of children aged below 16, without the consent of the child’s parent or legal guardian. In the case of doubt, parents and legal guardians are asked to contact the Company at firstname.lastname@example.org.
PURPOSE AND LEGAL BASIS OF PERSONAL DATA PROCESSING
Your personal data may be processed for the purpose of:
- performing a contract or taking an action at your request prior to the conclusion of a contract, and for the purpose of pursuing claims under the contract – Article 6(1)(b) and/or (f) GDPR;
- answering the questions, asked through the contact form and/or address e-mail, which is in the exercise of the Company’s legitimate interest – Article 6(1)(f) GDPR;
- fulfilling the Company’s legal obligations, including tax and accounting legislation -Article 6(1)(c) GDPR;
- direct marketing activities through the information channel of your choice as well as adapting our websites, offers and advertising to your interests, which are based on your voluntary and explicit consent – Article 6(1)(a) GDPR;
- providing you marketing information about Company’s products and services as well as relevant third-party products and services by other means, such as advertising on websites which is based on Company’s legitimate interest – Article 6(1)(f) GDPR;
The provision of personal data by the User is voluntary, however it is required in order to be able to use the Controller’s services provided through www.minebest.com.
CATEGORIES OF DATA PROCESSED
Depending on the type of the Services and the scope of consents granted by the User, the Company processes one or more information of the data stored: name/surname, e-mail address, company’s name, IP address; and other technical information (e.g. regarding type of devices and other tools, web browser), information necessary to provide technical assistance or support (e.g. parameters, logs, other descriptions), pages opened, duration of the visit, number of the various page views, number of visits, referral source, data of the ISP and the subscriber’s data – however, these shall only be used for statistical purposes or to ensure the correct operation of the website.
Under the applicable law, the following rights are vested in the User, in particular:
- the right to access to the personal data;
- the right to request to rectify, correct or delete the personal data;
- the right to object (forbid) to the processing of the personal data;
- the right to request a restriction of the personal data processing;
- the right to request a transfer of the personal data to another entity;
The User has the right to request the erasure of personal data (the right to be forgotten) without undue delay if:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the consent given earlier has been effectively revoked, unless the Company has the right to process the data on another legal ground;
- the User objects to the processing of the personal data for marketing purposes;
- the deletion of the personal data would be necessary to fulfil the Company’s legal obligation;
- the processing of the personal data was not in accordance with the applicable law;
- the User objects to the processing (also by profiling) of the personal data, based on the legally legitimate interest pursued by the Company or by the third party, unless there are valid, legally justified grounds for processing of the User’s personal data that override the interests, rights and freedoms of the User or there are grounds for establishing, exercising or defending legal claims.
The User has the right to withdraw a consent to the processing of the personal data at any time, but the withdrawal does not affect the lawfulness of processing based on the consent before its withdrawal.
The User has the right to submit a complaint to a data protection authority – President of the personal data Protection Authority (PUODO) in Poland. You can exercise this right when you believe that we are processing your data without justification or in a manner inconsistent with the applicable law.
In order to exercise the aforesaid right or in the case of any questions or doubts about the personal data protection, please contact the Company at email@example.com.
TRANSFER OF THE PERSONAL DATA
The Company may be obliged to provide personal data to the following category of recipients, in particular:
- business partners or Company’s affiliates – if necessary, in connection with The Company’s business activity, especially for the purpose of performing contracts with such third parties, providing services and ensuring the appropriate standards of performance and compliance with the provisions of the law and safety requirements, communicating with the User and with third parties, meeting financial obligations and responding to User’s requests and legal demands;
- third parties providing day-to-day services for the Company (e.g. legal advisors, tax advisors, IT service providers, auditors, accounting companies, outsourced workforce providers, customer service, software providers, e-mail operators, server hosting providers);
- entities entitled upon binding regulations (e.g. administrative bodies, supervisory bodies, regulators, law enforcement bodies);
- other parties as notified to the User at the time of personal data collection;
The Company may enter into written data processing contracts with another entity (further: the ‘Processor’). The right to enter into such contracts arises from the provisions of the law. The Company transfers the personal data solely in the scope necessary for realization of aim agreed with Processor and only to the extent necessary for the purposes of such aim, applies all required legal and technical measures for protection of the personal data in order to ensure the highest quality of the Services.
Additionally, please be informed that your Personal Data may be transferred outside the European Economic Area to an entity such as, in particular, Google LLC. The USA does not ensure an adequate level of protection of your data (mainly due to the loss of legal force of the Privacy Shield) due to the lack of a decision by the European Commission regarding the determination of an adequate level of personal data protection and we do not provide appropriate safeguards specified in Article 46 GDPR, including we have not concluded standard contractual clauses with the data recipient, and we do not have binding corporate rules. Therefore, we would like to inform you that there is a risk of insufficient protection of your data. In this case, the basis for the transfer of personal data is your voluntary consent in accordance with the Article 6(1)(a) GDPR.
DATA RETENTION PERIOD
Personal data will be processed over time specified as:
- fulfilling the legal obligations arising from the provisions of the GDPR in connection with the exercise of User’s rights and archiving the requests made to us or informing about privacy risks, as well as fulfilling the obligations arising from the tax law and other applicable legal regulations – until the expiry of the limitation periods;
- necessary in the context of contact through a form or other application and necessary for the preparation and presentation of a response or offer of cooperation – until the objection is raised or consent to such contact is revoked;
- to conduct marketing activities regarding the services and products we offer – until such processing is objected or until withdrawn of the consent to receive information with such content;
- if the processing of personal data is based on the consent – until it is withdrawn;
Cookies are small information in the form of a text file, sent by the website and then saved on the end device (computer, tablet, smartphone), which are used to browse the web.
This website uses its own cookies (their purpose is to ensure the proper functioning of the website’s functionality), while third party cookies (required in order to use the functions provided by third parties) are used by third party systems (Google Analytics, social media plugins etc.).
The website uses three types of cookies:
- Session cookies – temporary files, saved on the User’s device until the user signs out, leaves the website or closes the browser;
- Permanent cookies – saved on the User’s device for the time specified in its parameters or until its deletion by the User;
- Local storage – stored on the User’s device for a definite or indefinite period or until its deletion by the User;
The purpose of using cookies is not to collect any personal data about the User visiting the website, however it is not excluded that the information collected through cookies will be recognized as the personal data.
Cookies are used for the purposes of:
- maintenance of the started session;
- configuration of the website and adjusting it to the preferences of the User;
- analysis of the clicks, displays and visits to the website, maps of moving around the website, time spent on the website;
- marketing analysis and statistics;
In some circumstances, the Controller may work with third parties to provide services on the website. For example, third-party analytics providers may use their own cookies to collect information about User’s activities and/or the marketing statistics. This information may be used for statistical purposes and analysing of the traffic recorded on the website and also for optimizing the functionality of it (to be more accessible, intuitive). The Controller does not control these cookies. In order to disable or reject third-party cookies, please refer to the relevant third party’s website.
External cookies of social networking sites (e.g. Facebook, LinkedIn, Twitter, Instagram, Google) are attached by the Company to use their interactive features.
The following third-parties can use their own cookies on Company’s website:
During the first visit to the website, information regarding cookies used is displayed. By activating the “Accept” button, you agree to save cookies on the terminal device you use. You can change the settings for cookies or delete them from the currently used browser.
The links to guides how to disable the option of accepting cookies in the popular browsers are presented below:
We point out that disabling, limiting or not accepting cookies may result in malfunctioning of the website or other unforeseeable difficulties.
Collected server logs, containing, in particular User’s IP address, time of arrival of the request, the first line of the http request, the http response code, number of bytes sent by the server, information about the User’s browser, information about errors that occurred during the HTTP transaction, information about the type of devices is stored indefinitely.
Access to the above information is available to authorized persons who administer the Company’s website. The above data does not identify specific users browsing the website and is used only for server administration purposes. Files with logs can be analysed for statistical purposes (website traffic, errors).
The Controller uses technical and organizational measures to protect the processed personal data adapted to the risks and categories of data covered by protection. The data is protected technically and organizationally against unauthorized access, processing in violation and change, loss, damage or destruction.
We apply the principle of data minimization in accordance with the GDPR regulations, processing only those that are solely necessary to provide our services and maintain satisfactory quality for users.
The Controller shall take the appropriate measures to ensure:
- protection of the personal data against loss, unauthorized access and/or use, destruction, modification or disclosure;
- appropriate technical and organizational safeguards (e.g. SSL certificate);
- protection of the personal data according to the level of risk and specific categories of personal data;
We would like to emphasize that the use of the Internet and related services may cause the risk of cyber attacking, including unauthorized access by third parties to any data. Avoidance or minimization of possible threats is possible thanks to the application of appropriate technical security measures, e.g. through the use of antivirus programs and their current update, or other measures protecting the User’s identification on the Internet. Detailed information on maintaining security on the website can be found at firstname.lastname@example.org.
Any content including, but not limited to, information, blog posts, news, photos on www.minebest.com constitute ‘works’ as defined by the Law on Copyright and Related Rights of 4 February 1994 and are subject to the protection specified by the applicable laws. Any copying, modification and use in a manner inconsistent with the intended use or without the consent of the Company may be concerned as a breach of law.
The content of the website may only be downloaded for a private use, however modification or reproduction of this content is prohibited under the applicable law. All copyrights, trademarks, and other proprietary rights reserved, should remain unaffected and the Company should be in such case indicated as the source of downloaded, copied, reproduced content. Except as provided by the law, the content of the website may not be copied or used in any other way without the prior written consent of the Company.
The Controller is not liable for usage by other users or third parties of any personal data made publicly available by the users themselves through the www.minebest.com.
We recommend that you read through the contents regularly.