Privacy Policy

PRIVACY POLICY

1. DEFINITIONS

1.1 Administrator - Decokoncept Sp. z o.o. based in Gliwice, 6 Lutycka St., 44-100 Gliwice, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the City of Gliwice, X Economic Department of the National Court Register under KRS:0000956927, NIP: 6312703128, REGON: 521326126, fully paid-up share capital: PLN 5,000

1.2 Personal data - information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, Internet identifier and information collected through cookies and other similar technology.

1.3 Policy - this Privacy Policy.

1.4 RODO - Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

1.5. Service - the Internet service operated by the Administrator at http://www.decokoncept.pl.

1.6 User - any natural person visiting the Site or using one or more of the services or functionalities described in the Privacy Policy

2. PROCESSING OF DATA IN CONNECTION WITH THE USE OF THE SITE

2.1 In connection with the User's use of the Website, the Administrator collects data to the extent necessary to provide the individual services offered, as well as information about the User's activity on the Website. The detailed rules and purposes of processing Personal Data collected during the User's use of the Website are described below.

3. 3. THE PURPOSES AND LEGAL BASIS FOR PROCESSING DATA ON THE SITE

USE OF THE SERVICE

3.1 Personal data of all persons using the Website (including IP address or other identifiers and information collected through tools used by the Administrator), are processed by the Administrator:

3.1.1. for the purpose of providing services electronically in terms of providing Users with access to content collected on the Website - in which case the legal basis for processing is the necessity of processing for the performance of the contract (Article 6.1.b of the RODO);

3.1.2. for analytical and statistical purposes, in which case the legal basis for the processing is the Administrator's legitimate interest (Article 6(1)(f) of the RODO), consisting in conducting analyses of Users' activities, as well as their preferences in order to improve the functionalities used and services provided;

3.1.3. for the purpose of possible establishment and investigation of claims or defense against claims - the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the RODO), consisting in the protection of its rights;

3.1.4. for marketing purposes of the Administrator and other entities, in particular related to the presentation of behavioral advertising - the principles of processing Personal Data for marketing purposes are described in the MARKETING section.

3.2 The User's activity on the Service, including his/her Personal Data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and activities that relate to the computer system used to provide services by the Administrator). The information collected in the logs is processed primarily for purposes related to the provision of services. The Administrator also processes them for technical, administrative purposes, for the purpose of ensuring the security of the IT system and the management of this system, as well as for analytical and statistical purposes - in this regard, the legal basis for processing is the Administrator's legitimate interest (Article 6(1)(f) RODO).

CONTACT FORM AND CHAT

3.3 The Administrator shall provide the possibility of contacting him using an electronic contact form and chat form. The use of the forms requires the provision of Personal Data necessary to make contact with the User and respond to the inquiry. Provision of data marked as mandatory is required in order to carry out the ordered contact or to address an inquiry, and their failure to do so will result in the impossibility of carrying out the ordered contact or handling the sent inquiry. Provision of other data is voluntary.

3.4 Personal data obtained through the above mentioned forms shall be processed by the Administrator:

3.4.1. for the purpose of identifying the sender and handling his/her inquiry sent via the form provided and for the purpose of responding to the inquiry - the legal basis for the processing of mandatory data is the legitimate interest of the Administrator (Article 6(1)(f) of the RODO), consisting of responding to inquiries addressed to him/her regarding his/her business activity; with regard to data provided optionally, the legal basis for processing is consent (Article 6(1)(a) of the RODO);

3.4.2. for analytical and statistical purposes - the legal basis of the processing is the Administrator's legitimate interest (Article 6(1)(f) of the RODO), consisting of conducting statistics on queries submitted by Users via the Service in order to improve its functionality;

3.4.3. for the purpose of asserting or defending against claims - the legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) RODO), consisting in the protection of its rights.

PROCESSING OF PERSONAL DATA IN CONNECTION WITH THE PROVISION OF SERVICES OR PERFORMANCE OF OTHER CONTRACTS

3.5 In connection with the conclusion of contracts in the course of its business, the Administrator obtains Personal Data of its contractors / customers. Provision by the contractor / customer of their personal data is required in order to conclude and perform a contract with the Administrator. Failure to provide the data results in the impossibility of concluding and performing this agreement.

3.6 Such Personal Data shall be processed for the purpose of entering into and performing contracts with the Administrator. The legal basis for the processing of Personal Data is the necessity of the processing for the performance of a contract to which the data subject is a party, or to take action at the request of the data subject prior to entering into a contract (Article 6(1)(b) of the DPA). Personal data may also be processed for the purpose of fulfilling a legal obligation incumbent on the Administrator, in connection with the obligation to keep accounts and tax settlements - the legal basis for processing is a legal obligation incumbent on the Administrator (Article 6(1)(c) RODO). Such data may be disclosed to third parties involved in the execution of the contract.

3.7 Data shall be processed for the period of time necessary for the realization of the above interests and the performance of regulatory obligations.

PROCESSING OF PERSONAL DATA OF STAFF MEMBERS OF CONTRACTORS OR CLIENTS COOPERATING WITH THE CONTROLLER

3.8 In connection with the conclusion of contracts in the course of its business, the Administrator obtains from contractors / clients data of persons involved in the execution of such contracts (e.g. persons authorized to contact, executing orders, etc.). The scope of the transferred data is in each case limited to the extent necessary for the performance of the contract and usually does not include information other than name and business contact details.

3.9 Such Personal Data shall be processed in order to realize the legitimate interests of the Administrator and its contractor (Article 6(1)(f) of the RODO) in enabling the proper and effective performance of the contract. Such data may be disclosed to third parties involved in the performance of the contract.

3.10. The personal data referred to in item. 3.21. above, may also be processed for the purpose of fulfilling a legal obligation incumbent on the Administrator, in connection with the obligation to keep books of account and tax settlements, in the case of persons whose data will be contained in documents whose obligation to keep and store results from the provisions of tax and accounting law - the legal basis for processing is a legal obligation incumbent on the Administrator (Article 6(1)(c) RODO).

3.11. The data shall be processed for the period necessary to realize the above interests and to fulfill regulatory obligations.

E-MAIL CORRESPONDENCE

3.12. If correspondence is addressed to the Administrator via e-mail that is not related to the services provided to the sender or any other agreement concluded with the sender, the Personal Data contained in such correspondence shall be processed solely for the purpose of communication and resolution of the matter to which the correspondence relates.

3.13 The legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) of the RODO), consisting of correspondence addressed to it in connection with its business activities.

3.14 The Administrator shall process only Personal Data relevant to the matter to which the correspondence relates. All correspondence is stored in a manner that ensures the security of the Personal Data (and other information) contained therein and is disclosed only to authorized persons.

4. MARKETING

4.1 The Administrator shall process Users' Personal Data in order to carry out marketing activities, which may consist of:

4.1.1. displaying marketing content to the User that is not tailored to the User's preferences (contextual advertising);

4.1.2. displaying to the User marketing content corresponding to the User's interests (behavioral advertising);

4.1.3. directing e-mail notifications of interesting offers or content, which in some cases contain commercial information (newsletter service).

4.2 In order to carry out marketing activities, the Administrator uses profiling in some cases. This means that through automatic data processing, the Administrator evaluates selected factors about Users in order to analyze their behavior or create a forecast for the future. This allows the content displayed to be better tailored to the individual preferences and interests of the User.

CONTEXTUAL ADVERTISING

4.3 The Administrator may process Users' Personal Data for marketing purposes in connection with directing contextual advertising (i.e. advertising that is not tailored to the User's preferences) to Users. The processing of Personal Data then takes place in connection with the realization of the Administrator's legitimate interest (Article 6.1.f of the RODO).

BEHAVIORAL ADVERTISING

4.4 The Administrator and its trusted partners process Users' Personal Data, including Personal Data collected through cookies and other similar technologies, for marketing purposes in connection with targeting Users with behavioral advertising (i.e., advertising that is tailored to the User's preferences). Processing of Personal Data then includes profiling of Users.

5. COOKIES AND SIMILAR TECHNOLOGY

5.1 The Administrator uses cookies mainly to provide the User with services provided electronically and to improve the quality of such services. In this regard, the Administrator and other entities providing analytical and statistical services to the Administrator use cookies, storing information or accessing information already stored in the User's telecommunications terminal device (computer, phone, tablet, etc.). The use of cookies on the Website is not intended to identify Users. The Policy regulates data processing related to the use of its own cookies.

5.2 Cookies are small text files installed on the User's device when browsing the Website. Cookies collect information to facilitate the use of the Website - e.g. by remembering the User's visits to the Website and actions performed by him/her.

STRICTLY NECESSARY COOKIES

5.3 The Administrator uses necessary cookies primarily to provide Users with the services and functionalities of the Service that the User wishes to use. Necessary cookies may only be installed by the Administrator through the Service.

5.4 The legal basis for the processing of data in connection with the use of necessary cookies is the necessity of the processing for the performance of the contract (Article 6(1)(b) of the DPA).

PERFORMANCE COOKIES

5.5 The Administrator uses performance cookies to count visits and traffic sources on the Website. Cookies may only be installed by the Administrator through the Website.

5.6 The legal basis for the processing of Personal Data in connection with the use of functional and analytical cookies by the Administrator, for this purpose, is consent (Article 6(1)(a) of the DPA).

5.7 The processing of Personal Data in connection with the use of performance cookies is subject to the User's consent to their use through the cookie consent management platform. This consent may be withdrawn at any time through this platform.

FUNCTIONAL AND ANALYTICAL COOKIES

5.8 Functional cookies are used to remember and customize the Service according to the User's choices in terms of, among other things, language preferences. Functional cookies may be installed by the Administrator and its partners through the Service.

5.9 Analytical cookies enable the acquisition of information such as the number of visits and sources of traffic to the Site. They are used to determine which pages are more and which are less popular, and to understand how Users navigate the Site by keeping statistics on traffic on the Site. The processing is done to improve the performance of the Website. The information collected by these cookies is aggregated, so they are not intended to determine your identity. Functional cookies may be installed by the Administrator and its partners through the Service.

5.10.The legal basis for the processing of Personal Data in connection with the use of functional and analytical cookies by the Administrator, for this purpose, is consent (Article 6(1)(a) RODO).

5.11.The processing of Personal Data in connection with the use of functional and analytical cookies is subject to the User's consent to the use (separately) of functional and analytical cookies through the cookie consent management platform. This consent may be withdrawn at any time through this platform.

ADVERTISING COOKIES

5.12.Advertising cookies allow matching the advertising content displayed to the interests of Users within the Service and outside the Service. Based on the information from these cookies and the User's activity on other services, a profile of the User's interests is built. Advertising cookies may be installed by the Administrator and its partners through our website.

5.13.The legal basis for the processing of Personal Data in connection with the use of advertising cookies by the Administrator, for this purpose, is consent (Article 6(1)(a) of the DPA).

5.14.The processing of Personal Data in connection with the use of advertising cookies is possible after obtaining the User's consent to the use of consent through the consent management platform. This consent may be withdrawn at any time through this platform.
correct settlement of transactions between the publisher and the advertiser.

6.6. MANAGING COOKIE SETTINGS

6.1 The use of cookies to collect data through them, including gaining access to the data stored on the User's device, requires the User's consent. On the Website, the Administrator receives consent from the User through the cookie consent management platform. This consent can be withdrawn at any time.

6.2 Consent is not required only in the case of cookies, the use of which is necessary for the provision of telecommunications service (data transmission to display content) - the User does not have the opportunity to opt out of these cookies if he wants to use the Service.

6.3 In order to receive advertising tailored to the User's preferences, in addition to agreeing to the installation of cookies through the cookie consent management platform, it is necessary to maintain appropriate browser settings that allow the storage of cookies from the Service on the User's final device.

6.4 Withdrawal of consent for the collection of cookies on the Website is possible through the platform for managing the consent of cookies.

6.5 Once the banner is displayed, the User may withdraw consent by changing the preferences for particular categories of cookies, i.e:

(a) performance cookies;

(b) functional cookies;

(c) cookies related to advertisements and their recipients

by moving the slider to the cookie category acceptance position and clicking the "Confirm my choices" command

6.6 You also have the option to withdraw your consent by changing your browser settings.

6.7 In order to exercise your rights to access, rectify, delete, restrict, transfer, object to the processing of your personal data, file a complaint or ask any other question regarding cookies, please send your request to the Administrator's contact information indicated in the Privacy Policy.

7. PERIOD OF PROCESSING OF PERSONAL DATA

7.1 The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a general rule, data are processed for the duration of the service, until the withdrawal of the consent given or the filing of an effective objection to data processing in cases where the legal basis for data processing is the legitimate interest of the Administrator.

7.2 The data processing period may be extended if the processing is necessary for the establishment and assertion of possible claims or defense against claims, and thereafter only if and to the extent required by law. After the expiration of the processing period, the data shall be irreversibly deleted or anonymized.

8. RIGHTS OF DATA SUBJECTS

8.1.Data subjects have the following rights:

8.1.1 Right to information about the processing of personal data - on this basis, the Administrator shall provide the individual making the request with information about the processing of data, including, in particular, the purposes and legal grounds for processing, the scope of the data held, the entities to which they are disclosed, and the planned date of deletion;

8.1.2. the right to obtain a copy of the data - on this basis, the Administrator provides a copy of the processed data concerning the individual making the request;

8.1.3. the right to rectification - the Administrator is obliged to remove any inconsistencies or errors in the processed Personal Data and complete them if they are incomplete;

8.1.4. right to erasure - on this basis, you can request the erasure of data, the processing of which is no longer necessary to carry out any of the purposes for which they were collected;

8.1.5. the right to restrict processing - if such a request is made, the Administrator shall cease performing operations on Personal Data - with the exception of operations consented to by the Data Subject - and their storage, in accordance with the adopted retention rules, or until the reasons for restricting processing cease to exist (e.g., a decision is issued by a supervisory authority authorizing further processing);

8.1.6. the right to data portability - on this basis - to the extent that the data are processed by automated means in connection with a contract concluded or consent given - the Administrator shall issue the data provided by the data subject in a computer-readable format. It is also possible to request that the data be sent to another entity, provided, however, that there are technical capabilities in this regard both on the part of the Administrator and the designated entity;

8.1.7. right to object to processing for marketing purposes - if applicable, the Data Subject may object at any time to the processing of Personal Data for marketing purposes, without having to justify such objection;

8.1.8. the right to object to other purposes of processing - the Data Subject may at any time object - on grounds related to his/her particular situation - to the processing of Personal Data that is carried out on the basis of the legitimate interests of the Controller (e.g., considerations related to the protection of property); the objection in this regard should contain a justification;

8.1.9. right to withdraw consent - if the data are processed on the basis of the consent given, the Data Subject has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing performed before the withdrawal;

8.1.10. right to complain - if the processing of Personal Data is deemed to violate the provisions of the RODO or other regulations on the protection of Personal Data, the Data Subject may file a complaint with the supervisory authority for the processing of Personal Data, which has jurisdiction over the Data Subject's habitual residence, place of work or place where the alleged violation was committed. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.

9. SUBMISSION OF REQUESTS RELATED TO THE EXERCISE OF RIGHTS

9.1.A request for the exercise of the rights of Data Subjects can be made:

9.1.1. in writing to the Administrator's address;

9.1.2. by e-mail to: rodo@decokoncept.com

9.2.The request should, as far as possible, indicate precisely what the request is about, i.e. in particular:

9.2.1. what right the requester wishes to exercise (e.g., the right to receive a copy of the data, the right to erasure, etc.);

9.2.2. what processing the request concerns (e.g., use of a specific service, activity on a specific website, etc.);

9.2.3. what purposes of processing the request relates to (e.g., purposes related to the provision of services, etc.).

9.3 If the Administrator is unable to identify an individual on the basis of the submitted request, it will ask the applicant for additional information. It is not mandatory to provide such data, but failure to do so will result in denial of the request.

9.4 The request may be made in person or through a proxy (e.g., a family member). For reasons of data security, the Administrator encourages the use of a power of attorney in a form certified by a notary public or authorized legal counsel or attorney, which will significantly speed up the verification of the authenticity of the request.

9.5 The application shall be answered within one month of receipt. If it is necessary to extend this period, the Administrator shall inform the applicant of the reasons for this action.

9.6 In the case where the request is addressed to the Administrator electronically, the response shall be provided in the same form, unless the requester has requested a response in another form. In other cases, the response shall be provided in writing.

If the timing of the request makes it impossible to respond in writing, and the scope of the applicant's data processed by the Administrator allows electronic contact, the response shall be provided electronically.

10. DATA RECIPIENTS

10.1 In connection with the performance of services, Personal Data will be disclosed to external entities, including, in particular, entities supporting the Administrator in the process of carrying out the repair of the device; couriers, payment operators, entities providing IT services to the Administrator, and entities related to the Administrator, including companies in its capital group.

10.2 The Administrator reserves the right to disclose selected information concerning the User to competent authorities or third parties who submit a request for such information, based on the relevant legal basis and in accordance with the provisions of the applicable law.

11. TRANSFERRING DATA OUTSIDE THE EOG

11.1 The level of protection of Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator transfers Personal Data outside the EEA only when necessary and with an adequate level of protection, primarily by:

11.1.1. cooperation with processors of Personal Data in countries for which a relevant decision of the European Commission has been issued regarding the determination of ensuring an adequate level of protection of Personal Data;

11.1.2. the use of standard contractual clauses issued by the European Commission; together with the required additional security measures, these provide Personal Data with the same protection as it enjoys in the European Union;

11.1.3. application of binding corporate rules approved by the relevant supervisory authority.

11.2 The Administrator shall always inform of its intention to transfer Personal Data outside the EEA at the stage of collection.

12. SECURITY OF PERSONAL DATA

12.1 The Administrator shall conduct a risk analysis on an ongoing basis to ensure that the Personal Data is processed by the Administrator in a secure manner - ensuring, first and foremost, that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. The Administrator ensures that all operations on Personal Data are recorded and performed only by authorized employees and associates.

12.2 The Administrator shall take all necessary measures to ensure that its subcontractors and other cooperating entities also provide guarantees to apply appropriate security measures whenever they process Personal Data on behalf of the Administrator.

13. CONTACT INFORMATION

13.1 Contact with the Administrator is possible via e-mail address rodo@decokoncept.com or mailing address:

Decokoncept Ltd.

Mechanikowki street 15

44-109 Gliwice

14. PRIVACY POLICY CHANGES

14.1 The policy shall be reviewed on an ongoing basis and updated as necessary.

14.2 The current version of the Policy was adopted and is effective as of February 21, 2023.


Decokoncept Ltd.
6 Lutycka St.
44-100 Gliwice
Contact
Decokoncept Ltd.
6 Lutycka St.
44-100 Gliwice

zapytanie@decokoncept.pl
+48 690 359 394
Products
Menu
close
Decokoncept
Menu
close
Store
Menu
close
© 2025 Decokoncept Sp. z o.o. | All rights reserved
chevron-down