Personal data protection
Personal data controller
The controller of your personal data is Vasco Electronics Góralski Group S.K.A. with its registered office in Kraków, Poland, at al. 29 Listopada 20, 31-401 Kraków.
You can contact us by electronic mail: email@example.com.
What data do we process?
For the purposes described below, we collect and process the following personal data:
- Identification data – Data such as: Name, Surname, address are necessary to place an order, conduct the sales process, conduct after-sales service, as well as create a user account in our store.
- Contact details – An e-mail address is necessary to place an order and register an customer account in our store. The e-mail address may also be used to provide certain functionalities of our store. In terms of contact with the user, we can also process the telephone number of our clients.
- Sales data – In order to fulfill our obligations towards our customers and in connection with legal obligations, we may process sales data such as order number, payment data, delivery data, etc.
- Information on browsing the store's website – Data such as: access time, number of accesses, IP address and information about actions on website (such as errors, freezes, reboots and upgrades to new versions) and other diagnostic, error and usage information e.g. time of using the services, the search terms entered by the User on the website and any information stored in cookies placed on the User's device.
Your personal data will be processed for the following purposes:
- carrying out the sales process - identification data, contact details – pursuant to Article 6 par. 1 letter b) GDPR (necessary for the conclusion and/or performance of a contract);
- consideration of a complaint - identification details, contact details, sales details – pursuant to Article 6 par. 1 letter b) GDPR (necessary for the conclusion and/or performance of a contract);
- contact in matters related to the performance of the contract or the Administrator's offer – identification data, contact details, sales data - pursuant to art. 6 sec. 1 lit. b GDPR (necessity to conclude and / or perform the contract) or other applicable;
- issuing an invoice and meeting other requirements arising from the provisions of tax law - identification data, contact details, sales details – pursuant to Article 6 par. 1 letter c) GDPR (necessary for compliance with a legal obligation to which the Company is subject);
- storage of unpaid enquiries - sales details – pursuant to Article 6 par. 1 letter f) GDPR (legitimate interests of the personal data controller) Legitimate interests of the Company include keeping statistics of unrealized orders in order to improve the quality of services provided;
- direct marketing - contact details – pursuant to Article 6 par. 1 letter a) GDPR (consent);
- establishment, exercise or defence of legal claims - identification data, contact details, sales details – pursuant to Article 6 par. 1 letter f) GDPR (legitimate interests of the personal data controller; legitimate interests of the Company include protection of the Company’s/Users property interest;
- possessing archives and evidence, in order to secure information which can be used to demonstrate the facts - identification data, contact details, sales details – pursuant to Article 6 par. 1 letter f) GDPR (legitimate interests of the personal data controller). legitimate interests of the Company include possession of information which are needed for example by state;
- analytical purposes, among others analyses of the data automatically collected using the website, including cookies - Information on browsing the website, cookies – pursuant to Article 6 par. 1 letter a) GDPR (consent) and Article 6 par. 1 letter f) GDPR (legitimate interests of the personal data controller). legitimate interests of the Company include gathering information about activities of the users;
- website administration - Information on browsing the website, cookies – pursuant to Article 6 par. 1 letter f) GDPR (legitimate interests of the personal data controller) legitimate interests of the Company include efficient website administration;
- uploading comments to the website - identification data, contact details – pursuant to Article 6 par. 1 letter a) GDPR (consent);
- the users adding opinions about the services - identification data, contact details – pursuant to Article 6 par. 1 letter a) GDPR (consent).
You can withdraw your consent any time provided that such withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Provision of personal data is voluntary, however:
- provision of such data as name and e-mail address is necessary for evaluation of the service and conclusion of the agreement (provision of the service will be impossible without that data);
- provision of such data as name, e-mail address, order number is necessary for resolution of the complaint and in the case of money reimbursement - also provision of address of residence and bank account number (without that data, the complaint cannot be resolved and reimbursement cannot be made);
- provision of such data as name and surname, company name, registered address, tax number is necessary for issuing of an invoice for the services and results from the provisions of law (invoices cannot be issued without that data);
- provision of such data as name and e-mail address is necessary for granting a discount for the future services (the discount cannot be granted without that data);
- in case of shipping the order to particular countries - it is necessary to provide the ID number so as to ship the order (without providing the ID number it will be impossible to ship the order to particular countries).
Your personal data can be shared with our couriers, lawyers, payment service providers, hosting company, accounting company, insurance company, the company managing the ERP system, the company involved in customer service management, additionally, we can also be bound for example on the basis of the provisions of law to share your personal data with private and public entities.
Transfers of personal data to third countries or international organisations
The Personal Data Controller does not transfer your personal data to international organizations.
Your personal data may be transferred by the Personal Data Controller to countries outside the European Economic Area (which includes the European Union, Norway, Liechtenstein and Iceland), i.e. to entities such as Google LLC, Facebook Inc, Twitter Inc.
The transfer of your personal data to entities outside the EEA takes place on the basis of your consent or to the extent necessary to perform the concluded agreement.
We would like to inform you that if your personal data is transferred to entities outside the EEA, there is a risk that countries where these entities have their registered seats may not provide an equivalent level of protection of your personal data to that granted by the GDPR.
However, in order to ensure the highest possible level of protection of your personal data, in our relations with entities from outside the EEA we also use standard contractual clauses on personal data protection, approved by the European Commission.
Personal data storage duration
Your personal data will be stored for the following periods:
- duration of the agreement — in reference to personal data processed for the purpose of concluding and performing the agreement;
- for the period of 3 years or 6 years + 1 year — in reference to personal data processed in order to establish, exercise or defend claims (the length of the period depends on whether both parties are entrepreneurs or not);
- for the period of 6 months — in reference to personal data which were collected during evaluation of the service and the agreement was not concluded immediately, i.e. processing for the purpose of future conclusion of the agreement;
- for the period of 5 years — in reference to personal data processed in order to meet the tax requirements;
- until the moment of withdrawal of the consent or achievement of the processing goal, but not longer than for 5 years — in reference to personal data processed under consent;
- until the moment of lodging an effective objection or achievement of the processing goal, but not longer than for 5 years — in reference to personal data processed under legitimate interests of the personal data controller or for marketing purposes;
Information about your rights connected with personal data processing
You are entitled to access your personal data, request correction of the data, their deletion and limitation of their processing, to transfer the data and to bring objection against data processing.
You can request execution of your data in the following manner:
- at the e-mail address: firstname.lastname@example.org.
- by post at the address: al. 29 Listopada 20, 31-401 Kraków.
The request should contain the data allowing us to expressly identify you.
The right to lodge a complaint with a supervisory authority
You are also entitled to lodge a complaint with a supervisory authority engaged in personal data protection - to the Information Commissioner’s Office, if you decide that your personal data are processed against the law.
We make every effort to secure your personal data and protect it against the actions of third parties. We use all the necessary security measures for servers, connections and website to protect data, in particular SSL encryption. All connections related to the execution of payments by our clients will take place via a secure encrypted connection. We would like to inform you that the actions we take may turn out to be insufficient if our clients do not follow the safety rules themselves. In particular, each user should keep the login and password to his account on the website confidential and not disclose them to third parties. Please be advised that we never ask our clients for login details.
The owner of the website is Vasco Electronics Góralski Group S.K.A. with its registered office in Kraków, Poland, at al. 29 Listopada 20, 31-401 Kraków, Poland, hereinafter referred to as the “Shop”.
We respect the right of privacy of the users of the Shop operating by the name: vasco-electronics.co.uk. We adopt organizational and technical measures to prevent interfering in the privacy of our users by third parties.
Level of protection
Our purpose is to ensure the level of protection arising out of the applicable legal regulations:
- Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the GDPR),
- Polish Act of 18 July 2002 on Providing Services by Electronic Means,
- Polish Act of 16 July 2004 – Telecommunications Law.
Purchases in our Shop are secured with the SSL protocol that is a special standard of encrypted data transmission. As part of our Shop’s website we place links through which you can reach other websites. While using the Shop’s website, in order to improve its functionality, through the links provided, Cookies from other service providers, for example: Facebook, Twitter, Google, may be placed on your device.
- Google: https://policies.google.com/?hl=en and https://www.google.com/about/company/user-consent-policy/
- Facebook: https://www.facebook.com/privacy/explanation
- Twitter: https://twitter.com/en/privacy
- Cookie – information saved on a user’s computer by the Shop which may be read by the Shop when the computer is connected with the Shop again.
- System log – information on a user’s computer which is transmitted by the computer at every connection. The system log can contain a number of data, e.g. an IP number which makes it possible to determine the location of the device.
- IP address – an individual number which is allocated to every computer connected to the Internet. It can be static or dynamic depending on how it is assigned to a device (on a permanent or temporary basis).
- URL address – a web resource locator, most often referred to in the context of a web page address. The address of a web page is based on the URL format.
We store server requests which are recognized by URL addresses and which refer to:
- IP address of the terminal device,
- name of the user station if identification is possible by the http protocol,
- username provided during the authorization process,
- the time of the request,
- the first line of the http request,
- the http answer code, the volume of data sent by the server,
- the refer link of the URL address of the previously visited web page if a user was directed to the Shop by an internal server,
- information about the user’s web browser,
- information about errors during transactions.
The data do not allow for direct identification of persons browsing the Shop.
The Shop does not automatically collect any information except for the information contained in cookies.
You can always change the privacy settings of your browser.
We use the following types of cookies:
- session cookies – stored on the terminal device until the user logs out or quits the Shop,
- permanent cookies – stored on the terminal device for the time determined in their parameters or until the user deletes them,
- performance cookies – containing information about the way in which the Shop is used,
- necessary cookies – needed for the correct fulfillment of an order,
- functional cookies – “remembering” users’ settings and personalizing the service,
- own cookies – placed by the Shop,
- external cookies – coming from a different site than the Shop.
External Cookies files are used for advertising purposes, but only if you give your consent. Not granting such consent does not adversely affect the functioning of the Shop's website.
These files do not contain information that allow for identification of users and do not make it possible to determine users’ personal data. You can change the scope of data collected by adjusting the settings of the web browser which you use. In order to adjust the settings adequately to your needs and change the conditions for storing or receiving cookies, we recommend selecting the “Help" option of a particular browser.
To change the privacy settings of your browser:
Information about the option to change the cookie settings of the most common web browsers:
Click on the menu (top right corner), Settings tab > Advanced. Under “Privacy and Security”, click Content settings. Under “Cookies”, the following settings of cookies can be changed: deleting cookies, blocking cookies by default, allowing cookies by default, keeping cookies and web page data until quitting the browser, allowing or blocking cookies for a specific site.
Internet Explorer 6.0 and 7.0:
In the browser menu (top right corner): Tools > Internet Options > Privacy, Sites button. Select the level with the slider and confirm the change with the OK button.
In the browser menu: Tools > Options > Privacy. Activate the box Firefox will: “use custom settings for history”. Selecting, or not, the box Accept cookies decides on the cookies.
In the browser menu: Tools > Preferences > Advanced. Selecting, or not, the box Cookies decides on the cookies.
In the Safari drop-down menu, select Preferences and click on the Security icon. The level of security is selected here in the “Accept cookies” field.
More information about cookies can be found on https://en.wikipedia.org/wiki/HTTP_cookie or in the “Help” section in the web browser menu.
Every user can set the level of privacy and the type of cookies
- maintaining the User’s session (after logging in), therefore the User is not required to enter the login and password again on every subpage of the Shop,
- adjusting the Shop to the Users’ needs, creating viewing statistics and analysis of the Shop’s website,
- adjusting advertising content to the User's preferences,
- verifying the User's activity on the website, including determining whether the User is not a robot - as part of the reCAPTCHA mechanism provided by Google.
ReCAPTCHA works by implementing an algorithm that analyzes User’s activity by taking a screenshot from the User's browser window. If the activity is considered mechanical (as a robot's activity), it is marked by the system.
reCAPTCHA collects and analyzes the following data:
- User’s patterns,
- Number of mouse clicks the User has made on the page or touches the application,
- User’s Browser Language Responses to the question fields,
- Answers to the question boxes on the website,
- CSS Information,
- Plug-ins installed in the browser,
- IP addresses that were previously recognized as "people" by Cookies.
The entity that places cookies on the Users’ terminal device and that has the access to the cookies is the operator of the Shop vasco-electronics.co.uk with its registered headquarters at the following address:
Vasco Electronics Góralski Group S.K.A.
al. 29 Listopada 20,