The trust of those whose personal data we process and the compliance with the legal provisions on the protection of personal data are very important to us. We would like to inform you about our policies for collecting, processing, securing, transferring and using your personal data and who you can contact regarding your personal data.
As required by REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE EUROPEAN COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the "GDPR", we inform you that:
1. Personal data Administrator
The controller of personal data, hereinafter referred to as the "Administrator", is a company M. Ostrowski sp. j. with its registered office in Wrocław, 50-541, at Al. Armii Krajowej 5, entered in the National Court Register of the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register, under entry No. 0000069431, NIP: 899-24-29-726, REGON: 932711521
The personal data administrator is responsible for the use of personal data in a safe manner, in accordance with the purposes for which they were collected and in accordance with the applicable provisions of law.
2. Contact with the Administrator
Administrator's contact details:
M.Ostrowski Sp. J.
al. Armii Krajowej 5
50-541 Wrocław
Poland
Telefon: +48 71 79 74 600
E-mail iod@muzyczny.pl
General provisions
We use the personal data we have collected only for the specific and legitimate purpose for which they were collected. The scope of personal data, the purpose of their processing, the legal basis of such processing, the period of processing and the categories of recipients of the data result from the legal requirements incumbent on the Administrator and the nature and scope of the activities undertaken by the data subject.
3. The purpose of the processing by the Administrator, the legal basis of the processing and the period for which the personal data will be stored:
| Purposes of the data processing | Legal basis of the processing | Storage period |
|---|---|---|
| Action to be taken at the request of the data subject prior to the conclusion of the contract (e.g. preparation of an offer). | Article 6 (1) b GDPR („performance of a contract”) | The data shall be kept for the period necessary for the performance, termination or expiration of the contract and settlements and for the period after which any claims are time-barred. |
| Concluding and performing the contract (including ensuring the appropriate quality of services). | Article 6 (1) b GDPR („performance of a contract”) | The data shall be kept for the period necessary for the performance, termination or expiration of the contract and settlements and for the period after which any claims are time-barred. |
| Conducting direct marketing (directing messages to carefully selected individual customers, in individual contact, in order to obtain a direct response). | Article 6 (1) f GDPR („purposes of the legitimate interests pursued by the controller >Administrator<”) | The data shall be kept for as long as there is a legitimate interest on the part of the Administrator and for as long as any claims are time-barred. If an effective objection is expressed to the use of his/her personal data by a data subject, the Administrator will no longer process the data for the purpose of direct marketing. |
| Conducting marketing | Article 6 (1) a GDPR („consent to the processing of (…) personal data”) | The data shall be stored until the data subject's consent to the further processing of his data for marketing purposes has been withdrawn. |
| Issue, collection and storage of invoices and accounting documents and keeping of accounts | Article 6 (1) c GDPR („processing is necessary for compliance with a legal obligation”) | The data is stored for the period in which the regulations require keeping the books of accounts and accounting documents (i.e. for 5 years, counting from the beginning of the year following the financial year to which the data refer) and for the period after which any tax obligations become time-barred. |
| Conducting service work | Article 6 (1) b GDPR („performance of a contract”) or Article 6 (1) c GDPR
(„processing is necessary for compliance with a legal obligation”) | The data is stored for 1 year after the expiration of the warranty period or settlement of the complaint, and later for the period after which any possible claims will become time-barred. |
| Providing answers to complaints within the time limit and in the form provided for by law. | Article 6 (1) c GDPR
(„processing is necessary for compliance with a legal obligation”) | The data is stored for 1 year after the expiration of the warranty period or settlement of the complaint, and later for the period after which any possible claims will become time-barred. |
| The Client's expression of opinion. | Article 6 (1) a GDPR
(„consent to the processing of (…) personal data”) | The data shall be kept until the data subject's consent to the further processing of his data for that purpose has been withdrawn. |
| Fraud detection and prevention. | Article 6 (1) c GDPR
(„processing is necessary for compliance with a legal obligation”) | The data shall be kept for the duration of the contract and thereafter for the period after which the claims arising from the contract are time-barred. In the event of the Administrator pursuing a claim or notifying the competent authorities, for the duration of such proceedings and for five years from the beginning of the year following the financial year in which the operations, transactions and proceedings were finally terminated, discharged, settled or time-barred. |
| Determining, defending and enforcing the claims raised by or against the Administrator (including the sale of receivables to another entity). | Article 6 (1) f GDPR („purposes of the legitimate interests pursued by the controller >Administrator<”) |
• for the period after which claims under the contract are time-barred; • in the event of a claim by the Administrator in civil proceedings or in criminal or tax proceedings, accounting documents (which may include personal data) must be kept for 5 years from the beginning of the year following the financial year in which the operations, transactions and proceedings were finally terminated, repaid, cleared or time-barred; • for the time when the Administrator may suffer legal consequences of non-performance, e.g. receive an administrative penalty. |
4. Recipients of data
In order to perform the agreement and to ensure the proper functioning of the Administrator's websites, the Administrator uses the services of external entities cooperating with the Administrator (e.g. post office, couriers, payment processing entities). Personal data shall be transferred to third parties only if and to the extent that it is necessary for the purpose of processing. External entities may use the transferred personal data only for the purpose of performing a task ordered by the Administrator.
Personal data may be transferred to the following recipients, cooperating with the Administrator:
| Type of entity | Extent |
|---|---|
| Entities conducting postal, courier and similar activities (e.g. courier brokers). | To the extent necessary for delivery and correspondence. |
| Payment card or electronic payment service providers. | To the extent necessary to process such payments. |
| Lessors / entities providing credit. | To the extent necessary to service the leasing payment or payment in instalments. |
| Selected entities acting on behalf of the Administrator in providing services in accounting, tax, advisory, legal and debt collection matters (including entities purchasing receivables). | To the extent necessary to achieve the specific purpose of the processing. |
| Entities providing technical support services to the Administrator and providers of IT solutions enabling the Administrator to run its business (e.g. software providers, e-mail and hosting providers). | The Administrator makes personal data available to the trusted provider acting on his behalf only in the case and to the extent necessary to achieve the specific purpose of the processing. |
| Providers of solutions for expressing/publishing customer opinions. | To the extent necessary to express an opinion. |
5. Transmission of data outside the European Economic Area
Personal data may be transferred outside the European Economic Area (including the European Union, Iceland, Liechtenstein and Norway) to Google LLC subject to appropriate legal safeguards, which are the standard contractual clauses for the protection of personal data approved by the European Commission. See also section 9 - Online analysis.
6. Rights of the person whose data are processed by the Administrator
The processing of personal data does not require consent if, among other things, the processing is necessary for the performance of a contract, or to take action before the conclusion of a contract, results from a legal obligation incumbent on the Administrator, or is necessary for the fulfilment of the legally justified interest of the Administrator. If consent is necessary in order to be able to process personal data for a specific purpose (e.g. consent to the use of cookies), the Administrator asks for such consent. Consent may be withdrawn at any time.
Where consent is withdrawn, the data shall no longer be processed as far as the consent was concerned, but the withdrawal of consent shall not affect the lawfulness of any processing carried out on the basis of the consent prior to its withdrawal.
Pursuant to the principles set out in the GDPR, the data subject is also entitled to demand from the Administrator the access to personal data concerning him/her, to rectify them, to delete ("be forgotten") them or to limit their processing, to object to the processing, and also to transfer the data.
Where personal data are processed for the purposes of direct marketing, the processing of such data for the purposes of marketing, including profiling, may be objected to at any time in so far as the processing is linked to direct marketing.
In order to exercise the above rights, you should submit a request to the Administrator by e-mail, letter or by submitting a request in person at the Administrator's registered office. The contact details of the Administrator are given at the beginning. To ensure that the person submitting the application is entitled to its submission, the Administrator may request additional information confirming the identity of the applicant.
It is clear from the provisions of the GDPR to what extent each of these rights may be exercised. This will depend in particular on the legal basis and the purpose of the processing of personal data by the Administrator. The above rights may be exercised free of charge not more frequently than once every 6 months. In accordance with Article 12 of the GDPR, where the data subject's requests are manifestly unfounded or excessive, in particular because of their continuing nature, the controller may charge a fee.
The data subject shall have the right to lodge a complaint with the relevant supervisory authority.
7. Obligation or absence of obligation to provide personal data
Using the services of the Administrator and providing him/her with personal data is voluntary.
However, the data subject shall be obliged to give the data in connection with it concluding an agreement with the Administrator - in this case providing personal data is a contractual condition and the data subject is obliged to provide the required data if he wants to enter into an agreement with the Administrator. The scope of the data required for the conclusion of an agreement shall be communicated to the data subject on each occasion. The consequence of not providing the data is that it is not possible to conclude a contract.
The data subject shall also be obliged to give the data in connection with implementation of the obligations imposed on the Administrator by the provisions of law - in this case the provision of personal data is a statutory condition resulting from the provisions imposing on the Administrator the obligations to process personal data (e.g. in connection with the obligation to issue, collect and store invoices and accounting documents and to keep the books of accounts). Failure to provide these data will prevent the Administrator from performing the indicated duties, which will result in the inability to conclude an agreement.
8. Use of the data for advertising purposes
8.1 Newsletter
The newsletter is sent only to those Users who have given their consent and e-mail address. Consent to receive the newsletter may be withdrawn at any time by clicking on the „unsubscribe” link provided in each newsletter or by contacting the Administrator at the address provided above.
8.2 Banner advertising
Banner advertisement is an advertisement which, when clicked on it, transfers the User to another page. Banner advertising, for example, presents the products the user has seen or similar products. We can also present advertisements of our partners.
Banner advertising uses cookies or pixels. Direct User Information is not stored. Only pseudonymized data is used. See below for more information on cookies, pixels and retargeting/remarketing.
8.3 Cookies
The Administrator's websites use cookies, i.e. text files stored on the User's device. These files allow you to analyze how you use the website and identify your browser. By making appropriate settings in your browser, you can block the installation of cookies - this may limit the functionality of the website.
The Administrator may process the data contained in cookies for the anonymous analysis of the activities of visitors, research of their behavior (e.g. opening certain pages) in order to provide them with advertisements tailored to their anticipated interests, also when they visit other websites that are partners in the advertising network of Google Inc. and Facebook Ireland Ltd. and to improve the administration of the Administrator's websites.
8.4 Retargeting, third party cookies and data collection by third parties for the purpose of banner advertising
The Administrator's websites use the technology of retargeting (remarketing).
The Administrator uses the services of third parties who use cookies on the Administrator's website:
- Google Analytics, Universal Analytics and Google Remarketing are provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Detailed information on the operation of these services can be found at https://www.google.com/intl/en/policies/privacy/partners/ see also: https://policies.google.com/privacy/update?hl=en&gl=en
- Facebook Pixel from Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). Detailed information is available at https://www.facebook.com/about/privacy
8.6 How can I prevent cookies from being stored?
In order to prevent the storage of cookies, the User should enable settings in the User's browser to allow the User to accept the storage of cookies only if the User consents to them.
In order to accept the use of Administrator cookies, while at the same time blocking the use of third-party cookies, please select the option "Blocking cookies from third-party websites" in your browser settings.
8.7 Competitions, market studies and opinion polls
Each competition and promotional action has its own Rules and Regulations. In order to take part in them, the User is asked to provide the personal data specified in the given Regulations and by expressing consent to the use by the competition organizer, market research or opinion polls of telecommunications equipment (telephone number, e-mail address) in order to carry out direct marketing by the Administrator. The personal data you provide will be processed for the purpose of conducting the contest, notifying you of your winnings and for the purpose of market research or user opinion polling.
Responses to a market test or an opinion poll shall not be made available to third parties or published.
9. Online analysis
The administrator uses Google Analytics' web analytics service, which is provided by Google. Google Analytics analyzes your behaviour on the website by using cookies. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for Google Analytics and providing other services. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
By using the website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
The website is analyzed by Google Analytics with the extension "_anonymizeIp()" and therefore IP addresses are processed only in abbreviated form, which makes it impossible to directly associate the address with the user.
You may refuse the use of cookies by selecting the appropriate settings on your browser. This may limit the functionality of the website and you may not be able to use all of its features.
Consent to the collection and processing of personal data may be withdrawn at any time with effect from the future.
In order to prevent the data generated by the cookie on your use of the website (including your IP address) from being transmitted to Google and processed by Google, you will need to download and install the blocking plug-ins available at the following address on your browser: https://tools.google.com/dlpage/gaoptout?hl=en
10. Server log files
The web browser provides data about user activities on the Administrator's web pages, which are stored in server log files. The data records saved in this way contain the following data: the date and time of the download, the name of the page you are visiting, the amount of data you have downloaded, as well as information about the product version of the Internet browser you are using, the IP address, the URL of the reference page (the address of the page you were redirected from).
Server log file data records are analyzed to fix errors, manage server performance, protect against DDoS attacks, and customize offerings.
11. Automated decision making
Personal data will not be used for the automated taking of decisions which have legal effects vis-a-vis the data subject.
12. Data and data transmission security
Taking into consideration the security of personal data of Users, the Administrator introduced technical and organizational measures in order to protect these data against loss, modification, destruction, theft, disclosure and access of unauthorized persons.
All connections connected with the process of placing an order, as well as with the execution of electronic payments by the Customer are made in an encrypted manner, using an SSL certificate.
13. Final provisions
The Administrator's web pages may contain links to other web pages. Such websites operate independently from the Administrator and are not supervised in any way by the Administrator. The Administrator recommends that you review their own privacy policies when you navigate to other sites. The Administrator is not responsible for the rules of handling the data within these parties.
Strona korzysta z plików Cookies w celu realizacji usług zgodnie z Polityką Cookies. Możesz określić warunki przechowywania lub dostępu do cookies w Twojej przeglądarce.
Wszystkie prawa zastrzeżone. Copyright 1999 - 2025 - M.Ostrowski Sp. J. | Polityka prywatności | Polityka cookies
