fbpx

Privacy Policy

PRIVACY POLICY OF THE WEBSITE

WWW.LASQUADRA.PL

  1. The controller of the Personal Data of the website www.lasquadra.pl, hereinafter referred to as the Website, is Maranello Motors sp. z o.o. with its registered office at: ul. Feliksa Bocheńskiego 109, 40-816 Katowice, KRS [National Court Register] number: 0000439173, NIP [Tax Identification Number]: 6342812537, REGON [Business Registry Number]: 243063127.
  2. Respecting your rights as personal data subjects (data subjects) and respecting the applicable legislation, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, the Personal Data Protection Act (hereinafter referred to as the Act) and other relevant data protection legislation, we are committed to maintaining the security and confidentiality of the personal data obtained from you. All employees have been adequately trained in the processing of personal data and our company, as a Personal Data Controller, has implemented appropriate safeguards and technical and organisational measures to ensure the highest level of personal data protection. We have implemented GDPR-compliant data protection procedures and policies to ensure the lawfulness and fairness of our data processing processes and the enforceability of any rights you have as a data subject. Additionally, if necessary, we cooperate with the supervisory authority in the Republic of Poland, i.e. the President of the Personal Data Protection Office (hereinafter referred to as President of the Personal Data Protection Office).
  3. Our company as a Personal Data Controller has appointed a Data Protection Officer, Konrad Cioczek. Any enquiries, requests, complaints regarding the processing of personal data by our company (Personal Data Controller), hereinafter referred to as Requests, shall be sent to the following email address of the Personal Data Protection Officer: iod@ferrarikatowice.pl or in writing to the address of the Personal Data Controller, i.e. Maranello Motors Sp. z o.o. with its registered office at: ul. Feliksa Bocheńskiego 109, 40-816 Katowice. The content of the Request should clearly specify:
  1. the details of the person or persons whom the Request concerns,
  2. the event which is the reason for the Request,
  3. your demands and the legal basis for these demands,
  4. the expected manner of settling the matter.
  5. We collect the following personal data on our Website:
  1. full name – in order to use the services provided on our Website, you will be asked to disclose your name so that we can provide the services and so that we can contact you,
  2. telephone number – we may call you in case of unexpected events and propose the most advantageous solution,
  3. email address – we use the email address to send you a confirmation of the services you will be using on the Website, and to contact you if there is a need for such services. If you have subscribed to our newsletter, we will also send you commercial information several times a month,
  4. Tax Identification Number (NIP) – we obtain the tax identification number from entrepreneurs and persons who request an invoice and have a NIP number,
  5. device’s IP address – information resulting from general rules of Internet connections such as IP address (and other information contained in system logs) is used by the Website administrator for technical purposes. IP addresses may also be used for statistical purposes, including in particular the collection of general demographic information (e.g. about the region from which the connection is made),
  6. Provision of the data indicated in the preceding point is necessary in the following cases:
  • in order to use the services on our Website using the Form provided on the Website (use of services without logging in/creating an account),
  • for the purpose of registering you with us, which is voluntary; in this case, we store the data you provide in our database in order to facilitate your future use of our Website,
  • for the newsletter service (subscription) – if you would like to be informed about interesting events and commercial offers, you can subscribe to our newsletter; subscribing is voluntary and you can unsubscribe at any time.
  1. Our website uses cookie technology in order to adapt its functioning to your individual needs. Therefore, you can consent to the data and information you have entered being remembered so that it can be used the next time you visit our Website without having to enter it again. Owners of other sites will not have access to this data and information. If, on the other hand, you do not consent to the personalisation of the Website, we suggest that you disable cookies in the options of your Internet browser.
  2. Each of you, as a user of our Website, has the opportunity to choose whether and to what extent you wish to use our services and share information and data about yourself to the extent set out in this Privacy Policy.
  3. Your personal data are processed by our company acting as the Personal Data Controller in order to carry out the services provided to you (i.e. the data subject) offered on the Website. In accordance with the principle of minimisation, we process only those categories of personal data which are necessary to achieve the objectives referred to in the preceding sentence.
  4. We process personal data for the time necessary to achieve the purposes listed in the preceding point. Personal data may be processed for a longer period than that indicated in the preceding sentence where such a right or obligation imposed on the Personal Data Controller arises from specific legislation or where the service we provide is of a continuous nature (e.g. newsletter subscription).
  5. The sources of the Personal Data processed by the Controller are the data subjects.
  6. Your personal data shall not be transferred to a third country as defined by the GDPR.
  7. We do not share any personal information with third parties without the express consent of the data subject. Personal data may only be disclosed without the consent of the data subject to public law entities, i.e. authorities and administrations (e.g. tax authorities, law enforcement authorities and other entities authorised by generally applicable laws).
  8. Personal data may be entrusted for processing to entities that process such data on behalf of our company acting as a Personal Data Controller. In such a situation, as the Personal Data Controller, we enter into an agreement with the processor for the outsourcing of the processing of personal data. The Processor shall process the entrusted personal data, but only for the purposes and to the extent indicated in the agreement for the outsourcing of the processing referred to in the preceding sentence. Without entrusting your personal data for processing, we would not be able to carry out our activities on the Website. As the Personal Data Controller, we entrust personal data for processing to entities:
  1. providing hosting services for the website on which our Website operates,
  2. providing other services to us as a Data Controller, which are necessary for the day-to-day operation of the Website.
  1. Personal data are not subject to profiling by the Personal Data Controller.
  2. In accordance with the GDPR, any person whose personal data we process as a Data Controller has the right to:
  1. be informed of the processing of personal data as referred to in Art. 12 of the GDPR – the Controller is obliged to provide you, as a data subject, with the information set out in the GDPR (including, but not limited to information concerning your data, the contact details of the DPO, the purposes and legal grounds for the processing of personal data, the recipients or categories of recipients of personal data, if any, or the period for which the data will be processed or the criteria for determining this period); this obligation must be fulfilled already at the moment of data acquisition (e.g. when the customer places an order in the Online Shop), and if the data are not obtained from the data subject, but from another source – within a reasonable period of time, depending on the circumstances; the Controller may refrain from providing this information if the data subject already has it,
  2. access their personal data, as referred to in Art. 15 of the GDPR – when you provide us with personal data, you have the right to view and access them; however, this does not mean that you have the right to access all documents on which your data appears, as these may contain confidential information; you do, however, have the right to know what your data are and for what purpose we process them, and the right to obtain a copy of your personal data, with the first copy being issued to you free of charge, and for each subsequent copy, in accordance with the GDPR, we will charge an appropriate administrative fee corresponding to the cost of making the copy,
  3. rectify, supplement, update, amend personal data referred to in Art. 16 of the GDPR – if your personal data have changed, please inform us as the Personal Data Controller of this fact so that the data we hold are factually correct and up-to-date; also, if there has been no change in your personal data, but for whatever reason the data are incorrect or have been recorded incorrectly (e.g. due to a clerical error), please inform us in order to correct or rectify such data,
  4. delete the data (right to be forgotten), as referred to in Art. 17 of the GDPR – in other words, you have the right to request the “erasure” of data held by us as a Personal Data Controller and the right to request that we, as a Personal Data Controller, inform other controllers to whom we have provided your data of the need to erase them. You may request the deletion of your personal data in particular if:
  • the purposes for which the personal data were collected have been achieved, e.g. we have fulfilled the sales agreement concluded with you in full,
  • the basis for the processing of your personal data was only consent, which was subsequently withdrawn and there is no other legal basis for further processing of your personal data, e.g. if you unsubscribe from the newsletter and otherwise no longer use our company’s offer,
  • you have lodged an objection based on Art. 21 of the GDPR and you consider that we do not have any overriding legal grounds to continue processing your personal data,
  • your personal data were being processed unlawfully, i.e. for illegal purposes or without any basis for processing your personal data – please note that in this case you must have a basis for your request,
  • the need to delete your personal data arises from the law,
  • the personal data concern a minor and were collected in connection with the provision of information society services,
  1. restrict the processing as referred to in Art. 18 of the GDPR – you can apply to our company to request a restriction of the processing of your personal data (which would consist of our company primarily just storing the data until the dispute is resolved) if:
  • you question the accuracy of your personal data, or
  • you consider that we are processing your data without a legal basis, but at the same time you do not want us to delete the personal data (i.e. you do not exercise the right referred to in the preceding letter), or
  • you have lodged an objection as referred to in letter f of this point, or
  • your personal data are needed to establish, assert or defend a claim e.g. before a court,
  1. transfer the data as referred to in Art. 20 of the GDPR – you have the right to obtain your data in a computer-readable format and the right to send your data in such a format to another controller; you have this right only if the basis for the processing of your data was consent (e.g. newsletter subscription) or the data were processed by automated means,
  2. object to the processing of your personal data as referred to in Art. 21 of the GDPR – you have the right to object if you do not consent to our processing of personal data that we have so far processed for legitimate purposes in accordance with the law; in particular, you have the right to object to the processing of your personal data for direct marketing purposes (e.g. newsletter subscription),
  3. not be subject to profiling as referred to in Art. 22 in connection with Art. 4 point 4 of the GDPR – on our Website you will not be subject to automated decision-making or profiling as defined in the GDPR, unless you have given your consent; in addition, we will always inform you of profiling if it should take place,
  4. lodge a complaint with a supervisory authority (i.e. the President of the Personal Data Protection Office) as referred to in Art. 77 of the GDPR – if you consider that we are processing your personal data unlawfully or in any way violating your rights under the generally applicable data protection legislation.
  5. With regard to the right to deletion of the data (right to be forgotten), we point out that under the GDPR you may not exercise this right if:
  1. the processing of your personal data is necessary for you to exercise your right to freedom of expression and information e.g. if you have posted your data on a blog, in comments etc,
  2. the processing of your personal data is necessary for our company to comply with legal obligations under the law – we cannot delete your data for the period of time necessary to comply with obligations (e.g. tax obligations) imposed on us by the law,
  3. the processing of your data is done for the purpose of investigating, establishing or defending claims.
  1. If you wish to exercise your rights referred to in the preceding point, please use the appropriate tabs on the Website, which allow you to delete your account and the data collected on our Website, or send a message by email to: iod@ferrarikatowice.pl or contact the Data Protection Officer referred to in point 3 above.
  2. Each identified security breach shall be documented and, in the event of one of the situations set out in the GDPR or the Act, the data subjects and, if applicable, the President of the Personal Data Protection Office shall be informed of such data breach.
  3. All capitalized words have the meaning given to them in the Terms and Conditions of our Website, unless otherwise stated in this Privacy Policy.
  4. In matters not regulated by this Privacy Policy, the relevant provisions of common law shall apply accordingly. In the event of any inconsistency between the provisions of this Privacy Policy and the aforementioned regulations, those regulations shall prevail.
Cars
Shop
Contact
Menu