Rolv.pl privacy policy was updated on April 22nd, 2024
At Rolv.pl we know how important your privacy is to you. That’s why we have adopted the highest standards for its protection, clearly defining the ways in which we collect, process and store your data.
This privacy policy is designed to protect your privacy.
This Privacy and Cookies Policy describes the principles of handling personal data and the use of cookies and other technologies on the website www.rolv.pl, which is operated by ROLV Group Sp. z o.o. Failure by the Client to accept this Privacy Policy shall be tantamount to not being able to fully use the services provided on the Website.
§1 Definitions
For the purposes of this Privacy Policy, the following terms shall have the following meanings:
- Administrator – ROLV Group Sp. z o.o. based in Pruszków (05-800) at Traktowa 6 Street, entered in the register of entrepreneurs kept by the District Court for the capital city of Warsaw in Warsaw, XIV Economic Department of the National Court Register under the KRS number: 0000387535, having NIP: 5342472319, REGON: 142955045, with the share capital of 636 000,00 PLN
- Site/Service – website available at https://rolv.pl
- User -any entity that uses the Site.
- Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Confidentiality – the property of ensuring that information (e.g., personal data) is accessible only to authorized persons
- Data processing – any operation performed on personal data, such as collection, recording, storage, development, alteration, sharing and deletion, especially those performed in computer systems.
- Personal data – information about a natural person identified or identifiable by one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity, including image, voice recording, contact data, location data, information contained in correspondence, information collected through recording equipment or other similar technology.
- Policy – this Personal Data Processing Policy.
- RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
- Data Subject – the natural person to whom the personal data processed by the Controller pertains
§2 Scope
- The Privacy Policy applies to personal data processed on the Administrator’s website to enable the use of the functionality of the Site, including those collected automatically during visits (cookies).
§3 Data processing by the Administrator
- In connection with its business activities, the Administrator shall collect and process Personal Data in accordance with the relevant laws, including in particular the RODO, and the data processing rules provided therein.
- The Administrator shall ensure that the data collected and processed by the Administrator are in accordance with the relevant laws, including in particular the RODO, and the data processing rules provided therein.
- The Administrator ensures transparency in the processing of Personal Data, in particular, always informs about the processing of data at the time of collection, including the purpose and legal basis of processing (e.g. when concluding a contract for the sale of goods). The Administrator shall ensure that the data is collected only to the extent necessary for the stated purpose and processed only for the period of time necessary.
- When processing Personal Data, the Administrator shall ensure its security and confidentiality, as well as access to information about the processing to data subjects. Should a breach of the protection of Personal Data (e.g., data “leakage” or data loss) occur despite the security measures in place, the Administrator shall inform Data Subjects of such an event in a manner consistent with the regulations.
- Contact with the Administrator possible at e-mail address: sklep@rolv.pl
Transfers of data outside the EEA - The level of protection of Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator has decided not to transfer personal data outside the EEA. However, if necessary, they would be transferred with an appropriate level of protection.
§4 Personal data
- All personal data provided by the Customer shall be processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016, on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) The Administrator shall ensure that Customers have free access to their personal data, their change, forgetting, correction and deletion.
- The Administrator shall ensure that Customers have free access to their personal data, their change, forgetting, correction and deletion.
- Access, change, correction of personal data can be made at any time through the Customer Account after prior registration and login.
- All information regarding access, change, correction and deletion of one’s personal data will be obtained by the Customer by contacting via e-mail or calling the telephone number located on the Site in the “contact” tab.
- Customer has the right to lodge a complaint to a supervisory authority
- Personal data shall be processed by the Administrator only for the purpose and to the extent entrusted to it.
§5 Purposes and legal basis for processing
Registration on the Service
- Data subject when registering on the Service, is asked to provide the data necessary to create and operate an account. In order to facilitate the service, the User may provide additional data, thereby agreeing to their processing. Provision of data is voluntary. Personal data is processed for the purpose of providing services related to the maintenance and operation of the account – the legal basis for processing is the necessity of processing for the performance of the contract (Article 6.1.b RODO). They are also processed for analytical and statistical purposes – the legitimate interest of the Administrator (Article 6(1)(f) of the RODO).
- If the User posts any Personal Data of other persons (including name, address, telephone number or e-mail address), he/she may do so only under the condition of not violating the law and personal rights of such persons.
E-MAIL AND TRADITIONAL CORRESPONDENCE - When personal data contained in such correspondence is directed to the Administrator via e-mail or traditional correspondence unrelated to the services provided to the sender by another contract concluded with the sender or otherwise unrelated to any relationship with the Administrator, the personal data contained in such correspondence shall be processed solely for the purpose of communication and resolution of the matter to which the correspondence relates.
- The legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) of the RODO), consisting of correspondence addressed to it in connection with its business activities.
- The Administrator processes only Personal Data relevant to the matter to which the correspondence relates. All correspondence is stored in a manner that ensures the security of the Personal Data (and other information) contained therein and is disclosed only to authorized persons.
Processing of Data in connection with the sale of goods, the provision of services or the performance of other contracts - When processing an order at a stationary point, the Administrator shall process customers’ personal data for the purposes of order processing.
- The legal basis for the processing is necessity for the performance of a contract to which the data subject is a party (Article 6(1)(b) of the DPA). In addition, Customers’ Personal Data will be processed in order to fulfill statutory obligations incumbent on the Administrator, resulting in particular from tax and accounting regulations – the legal basis for processing is a legal obligation (Article 6(1)(c) RODO). This processing occurs, for example, in the case of issuing an invoice or TAX FREE document.
Complaint Handling - In the event of a complaint, the Administrator shall process the personal data provided in order to handle the complaint.
- The legal basis for data processing is the legitimate interest of the Administrator (Article 6(1)(f) of the DPA), consisting in fulfilling the obligations arising from the contract concluded with the customer by handling the complaint.
COLLECTION OF DATA IN CONNECTION WITH COMPLAINTS AND COMPLAINTS - When a complaint or request is made, the Administrator shall process the personal data provided in order to handle such request.
- The legal basis for data processing is the Administrator’s legitimate interest (Article 6(1)(f) of the RODO); which is to improve the quality of services provided.
VISITORY MONITORING - Personal data in the form of surveillance recordings are processed to ensure the safety of persons and property and to maintain order on the premises, and possibly to defend against claims made against the Administrator or to establish and assert claims by the Administrator. The legal basis for the processing of personal data is the legitimate interest of the Administrator (Article 6(1)(f) RODO), which is to ensure the safety of persons and property located on the premises managed by the Administrator and to protect their rights.
- The area covered by the Administrator’s monitoring is marked with appropriate graphic signs.
§6 Period of processing of Personal Data
- The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. If the data is processed on the basis of the legitimate interest of the Administrator, the data is processed for a period of time that allows the fulfillment of this interest or until an objection to the processing is raised. If processing is based on consent, data are processed until the consent is withdrawn. When the basis for processing is the necessity to conclude and perform a contract, data are processed until the contract is terminated.
§7 Data sharing
- Data provided by the customer may be shared with other entities only within the limits of the law. We are talking about entities providing services to the administrator having signed the appropriate contracts for entrustment of personal data processing and not exceeding the purpose and scope of the consent given by the customer.
- Data may be shared with other entities.
- Data may be made available to authorized bodies on the basis of lawful requests. The Administrator is obliged to make all data available to the Customer upon his express request, which results from the provisions of the Regulation.
§8 Rights of Data Subjects
- Data Subjects have the right to:
- the right to be informed about data processing,
- the right to obtain a copy of the data.
- the right to obtain a copy of the data,
- the right to rectification,
- the right to erasure,
- right to restrict processing,
- right to delete,
- right to data portability,
- right to object to the processing of data for marketing purposes,
- right to object to the processing of data for marketing purposes,
- right to object to other purposes of data processing,
- the right to withdraw consent,
- right to complain
- Request for the exercise of Data Subjects’ rights may be made in writing to the Administrator’s email address or by letter. The request may be made in person or through a proxy (e.g., a family member). The request should be answered within one month of its receipt. If it is necessary to extend this period, the Administrator shall inform the requester of the reasons for this action. The Company shall store information regarding the request made and the person who made the request in order to ensure that compliance can be demonstrated and for the purpose of establishing, defending or asserting possible claims by data subjects. The register of requests shall be stored in a manner that ensures the integrity and confidentiality of the data contained therein.
§9 Cookies
- The Administrator uses cookies primarily to properly provide the User with services provided electronically. Accordingly, the Administrator and entities providing analytical and statistical services to the Administrator use cookies, storing and accessing information already stored in the User’s terminal equipment.
NECESSARY COOKIES - Administrator uses necessary cookies primarily to provide Users with the services and functionalities of the Website that the User wants to use. Necessary cookies may only be installed by the Administrator through the Service.
- The legal basis for the processing of data in connection with the use of essential cookies is the necessity of the processing for the performance of the contract (Article 6(1)(b) RODO)
ANALYTIC AND STATISTICAL COOKIES - Functional cookies are used to remember and customize the Service according to the User’s choices and may be installed by the Administrator and its partners through the Service.
- Analytical cookies enable the acquisition of information such as the number of visits and sources of traffic to the Service. They are used to determine which pages are more and which are less popular, and to understand how Users navigate the Site by keeping statistics on traffic on the Site. The data processing is done to improve the performance of the Website and may be installed by the Administrator and its partners through the Website.
- The legal basis for the processing of Personal Data in connection with the use of necessary and analytical cookies by the Administrator, for this purpose, is its legitimate interest (Article 6(1)(f) of the RODO), which is to ensure the highest quality of services provided on the Service
- Processing of Personal Data in connection with the use of functional and analytical cookies is subject to the User’s consent to the use (separately) of functional and analytical cookies. This consent can be withdrawn at any time via this platform
Marketing COOKIES - Marketing cookies allow us to tailor the advertising content displayed to the interests of Users within the Service and outside the Service. Based on the information from these cookies and User activity is profiled. Advertising cookies may be installed by the Administrator and its partners through our website.
- The legal basis for the processing of Personal Data in connection with the use of advertising cookies by the Administrator, for this purpose, is its legitimate interest (Article 6(1)(f) RODO).
- Processing of Personal Data using cookies is possible after obtaining consent, which can be withdrawn at any time.
§10 Analytical and marketing tools
Administrator employs various solutions and tools used for analytical and marketing purposes. Below is basic information about these tools.
GOOGLE ANALYTICS
- Google Analytics cookies are cookies used by Google to analyze your use of the Website, to create statistics and reports on the operation of the Website. Google does not use the collected data to identify the User, nor does it combine this information to enable identification. Detailed information about the scope and principles of data collection in connection with this service can be found at the link: https://www.google.com/intl/pl/policies/privacy/partners.
GOOGLE ADWORDS - Google AdWords is a tool that makes it possible to measure the effectiveness of advertising campaigns implemented by the Administrator, allowing analytics such as keywords and number of unique users. The Google Adwords platform also allows us to display our ads to people who have visited the Service in the past. Information about Google’s data processing for the above service is available at the following link: https://policies.google.com/technologies/ads?hl=pl.
FACEBOOK Pixels - Facebook Pixels is a tool that allows you to measure the effectiveness of advertising campaigns implemented by the Administrator on Facebook. The tool allows for advanced data analytics to optimize the Administrator’s activities also using other tools offered by Facebook. Detailed information on data processing by Facebook can be found at this link: https://pl-pl.facebook.com/help/443357099140264?helpref=about_content.
§11 Managing cookie settings
- The use of cookies to collect data through them, including accessing data stored on the User’s device, requires the User’s consent. This consent may be withdrawn at any time.
- The User’s consent may be withdrawn at any time.
- Withdrawal of consent for the use of cookies is possible through browser settings.
- Consent can also be withdrawn by contacting the Administrator
- User may at any time verify the status of his/her current privacy settings for the browser used using the tools available at the following links: http://www.youronlinechoices.com/pl/twojewybory and http://optout.aboutads.info/?c=2&lang=EN
§12 Server Logs
- Information about certain behaviors of Customers is subject to logging at the server layer. This data is used for the purpose of administration and to ensure the most efficient operation of the services provided.
- The data is used for the purpose of administration and to ensure the most efficient operation of the services provided.
- Browsed resources are identified through URLs. The record may be subject to:
- time of arrival of a request or query,
- time of sending the response,
- the name of the client station (http protocol),
- information about errors (that occurred during the execution of the http transaction),
- information about the client’s browser,
- information about the IP address,
- The above data is not associated with specific browsers,
- The above data is used only for server administration purposes.
§13 Changes to privacy and cookies policy
- Policy is reviewed on an ongoing basis and updated as necessary.
- For more information, please see our Transparency Policy
- The last update to the provisions of the Policy is as of 12/01/2023.