[General Provisions]
The Privacy Policy sets forth the rules for the processing and protection of personal data of individuals using the Website available at https://allintraders.com, hereinafter referred to as Data. The Privacy Policy is an appendix to and an integral part of the Terms and Conditions, and all terms used herein have the meanings defined in the Terms and Conditions.
Data is information about an identified or identifiable natural person to whom the Data relates, i.e. one who can be identified directly or indirectly, in particular on the basis of characteristics such as name, identification number, location data, Internet identifier or one or more characteristics that define the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.
The Administrator of the Data is ALLin Traders P.S.A., with its registered office in Katowice at 138A Wojciech Korfantego Street, 40-156, entered in the register of the National Court Register by the District Court of Katowice-Wschód, VIII Economic Division of the National Court Register under the KRS number: 0000943197, having tax identification number NIP: 6343005951, with equity capital: PLN 85,400.26, e-mail: support@allintraders.pl
The Data Administrator has appointed a Data Inspector, who can be contacted in writing at the Data Administrator’s registered office address or via e-mail: iod@allintraders.pl.
The Data Controller declares that the Data is processed in accordance with the regulations contained in the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as RODO, and the Act of May 10, 2018 on the protection of personal data, regulations amending or replacing these acts, implementing regulations and any other generally applicable laws.
Data processing, as defined in the Privacy Policy, means an operation or set of operations performed on Data or sets of Data in an automated or non-automated manner, such as collecting, recording, organizing, structuring, storing, adapting or modifying, downloading, viewing.
[Source of Data]
The source of Data is information obtained directly from Data Subjects, in particular in the course of Registration, Logging in, placing Orders, entering into Contracts or Fee-based Agreements, providing information through the Website or communicating with Data Subjects, as well as information obtained from/to:
state authorities, public registers and other publicly available sources – names and surnames, genders, dates of birth, identification numbers (including but not limited to PESEL, NIP, REGON and other numbers in relevant registers of foreign entities), e-mail addresses, telephone numbers, fax numbers, business, residential and mailing addresses (street, house number, city with postal code), website address,
payment processors – names, genders, email addresses, financial transaction data (e.g., account numbers, credit or payment cards, other unique identifiers), Internet providers – location data, Internet identifiers (IP addresses), types of Internet browsers, devices and systems used by the Data subject, the sites the Data subject accesses and the actions the Data subject takes on them, the content of cookies.
[Purposes and basis of Data processing]
The use of the Website by the Data Subject is tantamount to the Data Subject’s awareness that his Data may be processed for the following purposes and on the following grounds:
responding to inquiries from Data subjects and storing data in cookies, collecting Data from websites and mobile applications – on the basis of the Data subject’s consent,
to take action at the request of the Data subject prior to the conclusion of an Agreement or a Paid contract and for the purpose of their performance, in particular:
providing services electronically through the Website, including enabling Registration, Logging in, placing Orders, entering into Agreements or Paid Contracts, making information available through the Website, smooth running and operation of the Website and ensuring the security of its use, creating, maintaining and managing an Account, including providing Account maintenance and resolving technical problems, executing an Order, settling a transaction, including issuing an invoice, amendment, termination or cancellation of an Agreement or Paid Contract, communication with Data Subjects, including processing of requests, complaints and other letters addressed by Data Subjects to the Data Controller, fulfillment of legal obligations incumbent on the Data Controller, in particular the fulfillment of accounting, tax, financial, and archival obligations arising from legitimate interests pursued by the Data Controller or third parties, indicated in para. 10-12 below, including for the purpose of: establishing, asserting or protecting the Data Controller’s claims (evidentiary), protecting against claims of Data Subjects (evidentiary), direct marketing of the Data Controller’s own services, including matching them against needs, i.e. profiling, indirect marketing of services of third parties cooperating with the Data Controller, e.g. in the form of discount coupons, including matching them on a needs basis, i.e. profiling, satisfaction surveys of Data Subjects, determining the quality of service and the level of satisfaction of Data Subjects, analytical, statistical and management, including internal management, statistical and research reporting and analysis aimed at developing and improving the services provided by the Data Controller, conducting internal audits and inspections, implementing business controls, managing operations of acquisitions, mergers, divisions, transformations.
[Scope of Data].
Processed Data may include names, genders, dates of birth, companies, identification numbers (including but not limited to PESEL, NIP, REGON and other numbers in relevant registers of foreign entities), e-mail addresses, telephone numbers, fax numbers, business, residential and mailing addresses (street, house number, city with postal code), financial transaction data (including but not limited to. account, credit or payment card numbers, other unique identifiers), location data, Internet identifiers (IP addresses), the types of Internet browsers, devices and systems used by the Data Subject, the pages the Data Subject accesses and the actions he/she takes on them, the content of cookies, and other personal data voluntarily provided by the Data Subject on the Website, including through interactive forms or surveys or when contacting the Data Controller.
[Voluntariness of providing Data]
Except as absolutely and universally required by law, the provision of Data by the Data subject is voluntary; however, refusal to do so is tantamount to not being able to Register, Login, place Orders, enter into Contracts or Fee-based Agreements, provide information through the Website or communicate with Data subjects.
[Recipients of Data]
The Data Administrator reserves the right to disclose the Data to competent authorities, including courts, governmental and local government authorities, pre-trial investigation authorities, enforcement authorities and other legal protection authorities, business information bureaus, debt buyers, entities participating in the processes of acquisitions, mergers, divisions, transformations of business entities carried out with the participation of the Data Administrator, based on an appropriate legal basis, in accordance with the provisions of generally applicable law.
The Data Controller reserves the right to entrust Data processing to third parties providing to the Data Controller, in particular, hosting services, management of the Website, including in the process of servicing Data subjects, transportation services (including postal operators, persons conducting postal or courier activities which are not postal operators), payment intermediation (including banks and payment institutions), information technology, equipment repair, marketing, collection of opinions about Products, consulting, accounting, tax, financial, debt collection, legal, archiving and destruction, storage of documentation, and above all loss adjustment (including contractors for loss adjustment services).
The Data Controller reserves the right to entrust the processing of Data to third parties providing to it or directly to Data Subjects the services necessary for the use of the Website, including Registration, Logging in, placing Orders, entering into Contracts or Fee-based Agreements, providing information via the Website or communicating with Data Subjects, including for the purpose of processing complaints.
Data may be processed on the territory of Poland, a member state of the European Union (EU), a signatory to the Agreement on the European Economic Area (EEA). Data may also be processed outside the EEA, including by international organizations, by transfer by the Data Controller, but only if it is necessary to achieve the purposes set out in paragraph 8 above, and the transfer and processing of Data outside the EEA are covered by an adequate degree of protection, adequate to the principles provided for in the DPA, recognized by a decision of the European Commission. The Data Controller shall inform about the intention to transfer Data outside the EEA at the stage of collection.
[Data retention periods]
The Data will be stored by the Data Controller for as long as there is a legal basis for its processing, unless generally applicable law would require longer storage. Thus, the Data will be kept by the Data Controller for the following periods:
until the Data Subject revokes his or her consent – in case the processing is based on the consent given,
until an objection is lodged – where the processing is necessary for purposes arising from the legitimate interests pursued by the Administrator, subject to the proviso referred to in paragraph 19 above,
until the expiration of obligations arising from the Contract or Paid Contract and claims for their performance – where their processing is necessary for the performance of the Contract or Paid Contract or to take action at the request of the Data Subject prior to the conclusion of the Contract or Paid Contract,
until the expiration of the Data Controller’s obligations under generally applicable laws,
until the expiration, including the expiration of the statute of limitations, of the rights, claims or obligations of the Data Controller and the Data Subject – in case their processing is necessary for purposes arising from the legitimate interests pursued by the Data Controller.
At the end of the retention period, the Data will be deleted or anonymized.
[Profiling of Data]
The Data will also be processed by automated means, including profiling for which information about the Data Subject’s activities on the Website, including Contracts or Paid Contracts entered into, or socio-demographic data, is used to tailor marketing information to the Data Subject’s individual preferences.
[Rights and Obligations of Data Subjects].
A Data Subject has the right to request from the Data Controller:
access to personal data and to be sent a copy of the complete Data and information about the processing of the Data,
rectification of the Data by indicating incorrect or outdated data,
deletion of the Data, with the Data Controller having the right to refuse this deletion in cases specified by generally applicable law,
transfer of Data by preparation and transmission by the Data Controller of the indicated Data to another controller or to the Data subject in a structured, commonly used machine-readable format,
to restrict the processing of the Data.
The Data Subject also has the right to object, at any time, to the processing of Data on the basis of legitimate interests pursued by the Data Controller, including profiling on that basis, on grounds related to his or her particular situation, which shall be binding on the Data Controller, unless he or she demonstrates the existence of valid legitimate grounds for processing overriding the interests, rights and freedoms of the Data Subject, or grounds for establishing, asserting or defending claims.
If the Data is processed for the purposes of direct marketing of the Data Controller, the Data Subject has the right to object at any time to the processing of such Data for such marketing, including profiling, to the extent that the processing is related to such direct marketing.
If the Data Controller processes the Data on the basis of the Data Subject’s consent, the consent may be revoked at any time, and such revocation shall not affect the lawfulness of the processing performed on the basis of the consent prior to its revocation (future effect).
The Data Subject may exercise the rights referred to in paragraphs 18-21 above, in particular by sending an appropriate request by e-mail to ido@allintraders.pl, together with his/her name and surname, by telephone at +48 699 224 191 or in person at the Data Controller’s premises.
If the Data Subject also places any Data of other individuals on the Website, he/she may do so only on condition that he/she does not violate generally applicable laws and personal rights of such individuals.
The Data Subject is entitled to use Data and content provided by other individuals on the Website during and in connection with the use of the Website and with their consent in a manner consistent with generally applicable laws, unless he/she obtains consent from such individuals to process their Data and content to the extent and for the purpose provided for in the Privacy Policy and beyond the use of the Website.
The Data Subject also has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, his or her place of work or the place where the alleged violation was committed, if he or she considers that the processing of the Data violates the provisions of the RODO. The supervisory authority in Poland is the President of the Office for Personal Data Protection.
[Data Security]
The Data Controller shall use technical and organizational measures to protect the Data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. When Data is collected and processed, information is transferred in encrypted form to prevent its misuse by third parties. The security measures used by the Data Controller are continuously revised and adapted to the development of technology.
In order to provide Data Subjects with a high level of Data security, the Data Controller employs measures to ensure:
the ability to continuously ensure the confidentiality, integrity, availability and resilience of processing systems and services, the ability to quickly restore the availability of and access to Data in the event of a physical or technical incident, regular testing, measurement and evaluation of the effectiveness of technical and organizational measures to ensure the security of processing.
[Use of cookies]
Cookies are small text files that are locally stored in the intermediate memory of the web browser on the computer of the person to whom the Personal Data relates, from which the website was visited.
Cookies allow the identification of the web browser, in order to optimize the content offered by the site and simplify the use of this site. This data is not used to personally identify the person who visited the website.
The use of cookies is based on the Cookie Policy, attached to the Privacy Policy.
[Final Provisions]
In matters not regulated in the Privacy Policy, the provisions of the law on Data processing, including the RODO, shall apply.