PERSONAL DATA PROTECTION
1. GENERAL INFORMATION
a) On 25 May 2018 enters into force (GDPR) Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016. In on the protection of individuals with regard to the processing of data personal data and on the free flow of such data at the same time Directive 95/46 / EC of 1995
b) The European regulation regulates protection directly and comprehensively personal data protection on the whole European Union. The premise of the document
is to reduce the diversity of laws between individual member states. GDPR brings new solutions and strengthens existing ones requirements. It also introduces many new rights
for individuals and duties for administrators.
c) “MigostalBoats”, as an Administrator, it responsibly approaches the issues of personal data protection of its clients.
d) The Administrator makes every care to protect the interests of the data subjects, and in particular ensures that the data it collects are processed in accordance with the law; collected for specified, legitimate purposes and not undergoing to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed and kept in a form allowing identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.
e) Giving personal data by the Client (Customer) is voluntary, however not to provide personal data necessary to conclude and implement the Sales Agreement or contract for the provision of the Service may result in the inability to conclude this contract.
2. THE SCOPE OF DATA COLLECTION
a) The Administrator may process the following personal data of the Customers or Clients:
• first name and last name;
• e-mail address;
• contact phone number;
• delivery address (street, house number, apartment number, zip code, city, country);
• address of residence / business / seat (if different from the delivery address)
b) In the case of Clients who are not consumers, the Administrator may process additionally:
• company name
• tax identification number (NIP)
c) Giving personal data referred to in the point above may be necessary for the conclusion and implementation of a sales contract or a contract for the provision of a service.
3. THE PURPOSE OF DATA PROCESSING
Customer’s personal data obtained at the concluding the contract and during its term will be used for the following purposes:
a) Conclude and performance of a commercial contract, including ensuring the correct quality of services for the duration of the aforementioned contract and settlements after its completion (in accordance with article 6 of the GDPR)
b) Implementation of legal obligations incumbent on the Administrator, such as – issuing and storing invoices and accounting documents, – responding to complaints in the form and date provided in the law.
In this situation, the Data Administrator will use the data:
• for the duration of the duties, for example issuing an invoice (Article 6 paragraph 1c of the GDPR)
• for a period of time, which is regulated by other provisions according to which data should be stored, for example tax (Article 6 paragraph 1c of the GDPR)
• for the period of time in which the Administrator may incur legal consequences of non-fulfillment of the obligation, for example obtain a penalty from state offices (Article 6 paragraph 1f of the GDPR),
f) Detecting and preventing abuse for the duration of the contract, and then for the period after which the claims resulting from the contract expire, and in the case of settling any claim by Administrator or notifying the competent authorities – for the duration of such proceedings.
g) Direct marketing – the duration of the contract or on the basis of the Customer’s consent for the time of its withdrawal.
h) Creating juxtapositions, analyzes and statistics for internal purposes, including in particular reporting, marketing research, service development planning or development work in information systems, creating statistical models – for the duration of the contract, and then no longer than for the period, claims arising out of from the contract expire.
i) Service support – including by informing about failures, adjusting service based on, among others, data about the offer from which the Customer uses or the complaints submitted so far – for the duration of the contract.
4. CUSTOMER’S RIGHTS
According to the decret of the European Parliament and the Council of the European Union no. 2016/679 dated 27th April 2016 concerning protection of individuals in relation to processing of personal data and free movement of personal data, the Customer shall have the following rights:
a) The right of rectification – the Customer has the right to request the Administrator to correct incorrect personal data or supplement incomplete data arising from improper gathering or processing the data.
b) The right of erasure – the Customer has the right to submit an application for a deletion of a personal data relating to him. In the event of recognition of legitimacy of the application, the Administrator shall erase all the data.
c) The right of restriction of processing – the Customer has the right to submit an application for a restriction of processing his personal data. In the event of recognition of legitimacy of an application, the Administrator is allowed only to maintain the data.
d) The right to access – in exercising this right, the Customer has the possibility to obtain the information how and which personal data is processed by Administrator.
e) The right to transfer – in exercising this right, the Customer has the possibility to transfer his personal data by Administrator directly to the another administrator, as well as a possibility to receive a copy of personal data in a structured, machinereadable format, allowing the Customer to transfer on his own his personal data to the another administrator.
f) The right to complain – if the Customer’s personal data used by the Administrator are not associated with the realization of the commercial contract, the legal obligation or do not constitute the legitimate interest of the Administrator and if the Customer believes processing of his personal data violates the law, the Customer has the right to lodge a complaint to the Deputy President of the Personal Data Protection.
5. ADMINISTRATOR OF THE PERSONAL DATA PROTECTION
6. FINAL PROVISIONS
a) The Administrator uses technical and organizational measures to provide protection of processed personal data suitable to dangers and categories of data protected and in particular it protects data against unauthorized access, unauthorized removal, processing in violation of applicable laws and change, loss, damage or destruction.