Privacy Policy

Privacy Policy, Cookies , GDPR

We make every effort to ensure that the privacy of Users is protected when using our Website. Therefore, we have prepared this Privacy Policy describing how Users’ personal data will be processed and protected, as well as indicating the rules for the use of cookies.

I. Personal data

This Privacy Policy informs about the methods of protecting the privacy of data of users of the website available at: https://gicsa.eu/(hereinafter referred to as: ‘Website’) and sets out the principles for the processing of personal data.

    1. The controller of personal data collected via the Website is GICSA SP. Z OO with its registered office in Wrocław (50-116), ul. Rynek 60, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Wrocław Fabryczna, VI Commercial Division of the National Court Register, under KRS number: 0000920549, Tax Identification Number (NIP): 8971895535, REGON number: 389908123, (hereinafter referred to as: ‘Controller’).
    2. The processing of personal data of Website users (hereinafter referred to as ‘Users’) takes place in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as: ‘GDPR’.
    3. The processing of Users’ data is necessary for the performance of the contract concluded between the parties (i.e. pursuant to Article 6(1)(b) of the GDPR), e.g. for the following purposes:
      a) handling orders placed by the User and considering complaints regarding the services provided,
      b) handling enquiries and notifications,
      c) storing data for archival purposes.

4. In some situations, the Controller processes data because it is required by law, in particular tax and accounting regulations (i.e. pursuant to Article 6(1)(c) of the GDPR).

5. The Controller also processes Users’ personal data in the performance of its legitimate interests (i.e. pursuant to Article 6(1)(f) of the GDPR), for the purposes of:

a) compiling general statistics on the use of its services by Users;

b) determining, protecting and pursuing possible claims,

c) conducting court, arbitration and mediation proceedings,

d) ensuring the security and integrity of the services it provides to Users electronically, including counteracting fraud and abuse and ensuring traffic safety,

e) storing data to ensure accountability (including demonstrating the Controller’s fulfilment of obligations under the GDPR).

The Controller processes Users’ personal data on the basis of consent (Article 6(1)(a) of the GDPR) in the field of marketing activities, including sending the newsletter .

Providing personal data by Users is voluntary. Data are obtained from Users when they contact the Controller by telephone, e-mail or via the contact form on the Website: https://gicsa.eu/en/contact

    1. Like most entrepreneurs, in our business we use the help of other entities, which often involves the need to provide Users’ personal data, e.g. in order to provide the ordered service. Therefore, if necessary, we transfer Users’ personal data to the following recipients:
      a) persons authorised by us, our associates who must have access to data to perform their duties,
      b) processing entities to which the Controller will commission this task, e.g. companies dealing with the operation of the ICT system or providing ICT tools, courier companies, payment operators, companies providing consulting services, accounting offices, hosting providers, suppliers of software facilitating business operations (e.g. accounting software ), relevant public authorities to the extent that the Controller is obliged to provide them with data.

7. The Controller undertakes to protect the processed personal data against access by unauthorised persons.

Users personal data will not be transferred to a third country.

8. Personal data will be processed by the Controller for the duration of the contract and after its termination, if there is a risk of pursuing claims in connection with its performance, but as a rule, no longer than for a period of 6 years from the date of its termination. In the case of processing personal data on the basis of the consent granted, until its withdrawal.

9. In connection with the processing of personal data by the Controller, the User is entitled to:

9.1. the right to access personal data,

9.2. the right to rectify personal data,

9.3. the right to have personal data erased (right to be forgotten),

9.4. the right to restrict the processing of personal data,

9.5. the right to personal data portability,

9.6. the right to object to data processing,

9.7. the right to lodge a complaint to the President of the Personal Data Protection Office, when the User considers that the processing of personal data violates the provisions of the GDPR.

  1. The controller processes the following categories of personal data: first name, surname, address, telephone number, e-mail address.
  2. Users’ personal data will not be processed in an automated manner,
    including profiling.
  3. Contact with the Controller’s Data Protection Officer is possible at the following e-mail address: biuro@gicsa.eu

    II. Cookies 

    1. The website uses the so-called cookies – IT data saved by web servers on the Website User’s end device, which can be read by internet servers each time a connection is made to the User’s end device.
    2. Cookie files may be placed on the Website user’s end device by the Controller and used by the Controller, as well as by entities cooperating with the Controller, including in particular the Internet service provider, and third parties.
    3. Cookies have an expiry date. Cookies without an expiration time are deleted after closing the browser on the end device. Cookies that expire after the end of the session are called session cookies. They have a fixed period of validity, which is enforced by the server mechanism. Other cookies are stored on the end device and enable recognition of the User’s browser the next time they visit the Website (persistent cookies).
    4. Cookies used on this Website are divided into two types:

4.1. Cookies technically necessary for the proper functioning of the Website, not requiring the User’s consent (so-called necessary cookies)
4.2. Other cookies (so-called other cookies) – for the operation of which the User must agree.

The collected and used information about Users is limited to the necessary minimum, which allows us to provide services at an appropriate level.

Cookies used on the Website:

  1. Necessary cookies: help to make the Website useful by enabling basic functions such as navigation through the Website pages and access to secure areas of the Website. The website cannot function properly without these cookies,
  2. Preference cookies: allow the Website to remember information that changes the way the Website behaves or looks, e.g. preferred language or region in which the User is located,
  3. Statistical cookies: help to understand how visitors interact with the pages of the Website, collecting and reporting information anonymously for the purpose of creating reports and traffic statistics within the Website,
  4. Google Analytics – used to keep statistics for the Website; the exact operation and privacy policy of Google Analytics can be found at:

https://marketingplatform.google.com/about/analytics/terms/pl/ ,

Users of the Website can change the cookie settings at any time, in particular by blocking the use of cookies or deleting them. Detailed information on the possibilities and ways of handling cookies are available in the settings of the web browser used by the Website User. Allowing the use of cookies, or not disabling this option, if it is enabled by default, means that cookies will be placed on the Website User’s end device and the Website will be able to access them. Restrictions on the use of cookies may cause difficulties or even prevent the use of the Website.

III. Final Provisions

In order to ensure that the Service’s Privacy Policy meets the current requirements imposed by law at all times, the Service reserves the right to amend it at any time.