Privacy PolicyPrivacy Policy
1. General information
1.1. Who we are?
We are Bratex Dachy Mrzygłód Spółka Komandytowa with its registered office in Dębica at ul. Przemysłowa 22, 39-200 Dębica, entered into the Register of Entrepreneurs - National Court Register under KRS number 0000320498 by the District Court in Rzeszów, 8722225215th Commercial Division of the National Court Register, NIP: XNUMX, email: dekerpunkt@bratex.pl, hereinafter referred to as the "Administrator" either "We" or derivative forms. We are the operator of the mobile application called Decker Point.
1.2. Personal data administrator.
Within the meaning of the GDPR, we are responsible for the processing and protection of your personal data in relation to the above-mentioned Application. In matters relating to the protection of personal data, please contact the Administrator via the e-mail address: dekerpunkt@bratex.pl.
1.3. Legal basis for the processing of personal data.
The basic legal regulation regarding the protection of personal data is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ EC (hereinafter referred to as "GDPR").
Please be advised that the protection of Users' privacy is very important to us, which is why the Administrator limits the use and collection of information about the User to the minimum necessary.
The Administrator processes personal data only after obtaining the User's consent.
Consent to the processing of personal data is voluntary.
1.4. Some terms used in this Privacy Policy:
- Personal data– within the meaning of the definition contained in art. 4 points 1) GDPR, personal data is information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including name and surname, telephone number, e-mail address address, location data and information collected via cookies and other similar technology.
- Application – the Deker Punkt mobile application used by the User, enabling participation in the Deker Punkt loyalty program.
- User– any person/entity using the mobile application to participate in the Deker Punkt loyalty program.
- Services– all services indicated in the Regulations of the Application available on the website www.bratex.pl or dekerpunkt.bratex.pl and in the mobile application entitled Deker Punkt, in particular participation in the loyalty program.
2. Types and purposes of personal data processing
2.1. Types of personal data processed:
- Data collected during registration
In order for the User to be able to use the Application, he will have to download it and install it on a mobile device. Subsequently, registration will take place, where you will be required to provide your personal data necessary to carry out the registration process, in particular such as: name and surname, telephone number, as well as an indication of the e-mail address. - Data collected when using the Services
This will be the data indicated above, e.g. name, surname, address, telephone number, demographic data; - Data collected automatically
During the User's visit to the Application, data regarding this visit are collected, e.g. location, User's account data, mobile operator's network, the Application may also ask for access to the photo gallery, etc.) - Contact with the Personal Data Administrator
When the User contacts the Administrator, he will be asked to provide his personal data in order to identify him. This is usually the data shown above.
2.2.
The Administrator undertakes to process personal data in a lawful manner, depending on how the User uses the Application, in particular for the following purposes:
- User registration support;
- Participation in a loyalty program;
- Consideration of complaints;
For this purpose, the data is processed mainly to recommend the services and functions of the Application to the User, as well as to inform the User about promotions and changes related to the Administrator's activities via electronic messages (e-mail), SMS messages or PUSH notifications.
3. What rights do you have under the provisions of the GDPR
3.1. Right of access to data
At any time, the User has the right to check which of your personal data we store. For this purpose, you can write to us at the following e-mail address: dekerpunkt@bratex.pl.
3.2. Right to data portability
You may request a file with an exported set of your personal data in our possession. He may also request that the Administrator transfer the User's processed personal data to another entity. For this purpose, he should write a request to the Administrator, indicating to which entity (name and address) the User's personal data should be transferred and what specific User data he wishes the Administrator to provide. The Administrator will provide the User's personal data in electronic form to the indicated entity.
3.3. The right to delete data
You have the right to request us to delete all of your personal data in our possession, in the situations and under the conditions set out in art. 17 GDPR.
This does not apply to any data we are obliged to keep for administrative, legal or security reasons.
The user also has the right to:
- correct or supplement your personal data;
- submitting a complaint to the supervisory authority.
3.4.
The user always has the right to withdraw the consent given to the processing of his personal data. However, this does not affect the lawfulness of processing based on consent before its withdrawal.
3.5.
The request not to process data may relate to a specific purpose of processing indicated by the User (restriction of data processing), or apply to all purposes of data processing. Withdrawal of consent for all purposes of processing will make it impossible to use the Application.
3.6.
The user may object to the processing of personal data at any time. The objection will not affect the actions already taken.
4. Period of storing personal data
4.1.
The Administrator processes the User's personal data only for the period necessary to meet the purpose of their storage or as long as it is required from him in accordance with the law, in particular until the limitation of any claims or the expiry of the archiving obligation resulting from the law, including the obligation to store accounting documents.
4.2.
In the event of processing personal data based on the consent expressed by the User, his data will be stored until the consent is withdrawn. It is possible to withdraw the consents expressed in the Application at any time.
5. Sharing personal data with third parties
5.1.
The Administrator reserves that there may be circumstances in which he decides to sell or transfer all or part of his business or assets. In such a case, Users' personal data may be transferred or made available by the Administrator to third parties as part of and in connection with the planned transaction. In such situations, the Administrator will ensure the obligation of third parties to ensure adequate protection for personal data collected via the Application. In addition, the Administrator will inform Users about the above. circumstances, and Users will have the right to request the deletion of their data in accordance with point 3 of this document.
5.2.
Personal data may be transferred to entities processing them at the request of the Administrator on the basis of contracts concluded with the Administrator, but only for the purpose and scope necessary for the implementation of the above. purposes, including entities providing the Administrator with IT services or other services ensuring the proper functioning of the Application, where such entities process data only in accordance with the Administrator's instructions.
5.3.
The Administrator may entrust the processing of personal data to entities cooperating with the Administrator, to the extent necessary to perform the Services, e.g. in order to order goods, prepare the ordered goods, deliver parcels or provide commercial information from the Administrator.
5.4.
Apart from the purposes indicated in this Privacy Policy, Users' personal data will not be made available to third parties in any way or transferred to other entities for the purpose of sending marketing materials of these third parties.
5.5.
The administrator transfers data only to entities that are bound by an appropriate security standard.
5.6.
The Administrator does not transfer Users' personal data outside the European Economic Area.
5.7.
The User's personal data will not be subject to processes that could lead to automated decision-making, including profiling.
6. Cookies
Cookies are small text files that are saved on the User's device when he uses the Application. These files are sent by the Application. Each cookie has an anonymous identifier and allows you to identify the device in whose memory it has been saved for a certain period of time (the time after which the cookie will be deleted). Cookies are used, among others, to: help in logging in the User (e.g. remembering the User's name if the User registers or logs in); remembering some User preferences; Administrator's support in improving the Application.
In this case, cookies are used that are appropriate for the smooth operation of the Application.
7. Changes to the Privacy Policy.
7.1.
In order for the Administrator to ensure that the Privacy Policy meets the current requirements imposed by law, we reserve the right to make changes to it at any time. The above also applies in cases where the Privacy Policy requires changes to cover new or changed services of the Application.
7.2.
In any case, we recommend that you read this Privacy Policy regularly, in case there are minor changes or any interactive improvements to it, taking advantage of the fact that it is a permanent source of information available in the mobile application.