I. GENERAL PROVISIONS

1.1. This Privacy Policy (hereinafter referred to as “Policy”) refers to the website in the subdomain www.products.pcc.eu and other websites maintained by or on behalf of PCC Rokita SA, on which it was posted (hereinafter: “Website”). The rules of using the Website are set out in the Regulations available at products.pcc.eu/en/terms-of-service/.

1.2. The Policy does not regulate the processing of personal data and information concerning Users on external websites, to which links are included in the Website. PCC Rokita SA urges that after switching to other websites, read the privacy policy set out there.

1.3. The Website’s Policy is informative, which means that it is not a source of obligations for people using the Website (hereinafter: “Users”).

1.4. All words, expressions and acronyms appearing on this page and written in capital letters (e.g. Electronic Service) should be understood in accordance with their definition contained in the Regulations of the Website available on the Website unless the provisions of the Policy define them in a different way.

 

II. PERSONAL DATA CONTROLLER

2.1. The Personal Data Controller is PCC Rokita SA, 4 Sienkiewicza Street, 56-120 Brzeg Dolny, included in the Companies Register of the District Wroclaw-Fabryczna in Wroclaw, 9th Commercial Department of the National Court Register under number 0000105885, NIP 917-000-00-15, REGON 930613932, with share capital PLN 19.853.300, paid in whole; contact e-mail: iod.rokita@pcc.eu – hereinafter referred to as the “Personal Data Controller”.

2.2. The User’s personal data is processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and repealing of Directive 95/46/EC (Journal of EU No L 119, p. 1) (hereinafter: GDPR). Personal data constitute data referred to in art. 4 of GDPR (hereinafter: ‘Personal Data’).

2.3. In order to comply with legal requirements, the Personal Data Controller selects and applies appropriate technical and organizational measures to ensure protection of Personal Data being processed and protects data against unauthorized disclosure, as well as against processing that violates applicable law.

 

III. PURPOSE AND SCOPE OF PROCESSING OF PERSONAL DATA, THE LEGAL BASIS FOR ITS PROCESSING AND ITS RECIPIENTS

3.1. The Personal Data Controller takes particular care to protect the rights and freedom of personal data, and in particular ensures that the Personal Data collected by him is processed:

  1. in accordance with the law, fairly and transparently for the data subject,
  2. with marked, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes,
  3. adequately, appropriately and in a limited manner to what is necessary for the purposes for which it is processed,
  4. in the most current version, which was obtained by the Personal Data Controller, and updated if necessary,
  5. in a form which permits the identification of the data subject for no longer than is necessary for the purposes for which it is processed,
  6. in a manner that ensures adequate security of Personal Data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical and organizational measures.

3.2. The Personal Data Controller processes User’s Personal Data:

  1. first name and last name,
  2. company name,
  3. e-mail address,
  4. Phone number,
  5. User’s IP.

3.3. The User’s Personal Data is processed for purposes such as:

  1. creating a Profile,
  2. use of certain Electronic Services,
  3. marketing the Personal Data Controller’s own products and services,
  4. marketing of products and services of entities forming the PCC Capital Group (the full list of companies is available at: https://www.pcc.eu/en/pcc-worldwide/), including information about the financial situation and information on issuance of securities carried out by entities from the PCC Capital Group,
  5. current contact with the User,
  6. related to the potential for disputes to arise.

3.4. The basis for the processing of Personal Data:

  1. in the scope of the purpose indicated in point a., b., the basis is art. 6 par. 1 (b) GDPR, i.e. performance of the contract or taking action to conclude it at the User’s request,
  2. within the scope of the purposes set out in point c., e., f., the basis is art. 6 par. 1 (f) GDPR, i.e. the legitimate interests pursued by the Personal Data Controller,
  3. in the scope of the purpose indicated in point d., the basis is art. 6 par. 1 (f) GDPR, i.e. a legitimate interest pursued by a third party.

3.6. Personal Data is stored by the Personal Data Controller for the purposes specified above for the duration of the contract, and in the case of processing Personal Data for marketing purposes – until the objection, unless the law will oblige for longer processing of this data or it will be stored longer in case of potential claims, for a period of limitation which is determined by law, in particular the Civil Code.

3.7. Recipients of Personal Data that is processed by the Personal Data Controller may be entities:

  1. entitled to its processing under applicable law,
  2. supporting the Personal Data Controller in sending e-mails, and in the case of marketing activities – also in marketing campaigns,
  3. providing support and operation of teleinformation tools and systems (e.g. data storage),
  4. carrying out shipments,
  5. providing ongoing legal services,
  6. providing scanning, printing, correspondence, archiving and document destruction services,
  7. conducting audits,
  8. from the PCC Group supporting the Personal Data Controller in the framework of the above activities.

3.8. Each User has the right to:

  1. access to their Personal Data,
  2. correct their Personal Data,
  3. request removal of their Personal Data,
  4. requests to limit the processing of their Personal Data,
  5. object to the processing of their Personal Data,
  6. transfer their Personal Data to another Personal Data Controller (unless the basis of processing is a legitimate interest of the Personal Data Controller),
  7. lodging a complaint to the President of the Office for the Protection of Personal Data.

3.9. Each User may contact the Data Protection Supervisor regarding the processing of User’s Personal Data by email at: iod.rokita@pcc.eu.

 

IV. COOKIES

4.1. The Personal Data Controller uses cookies (small text files), which are saved in the User’s end device in order to facilitate the User’s use of the Website.

4.2. Cookies collect different types of information which, as a rule, do not constitute Personal Data (they do not allow for identification of the User). Some information, depending on its content and use, may be assigned to a specific person, e.g. by linking it to the data provided in the User’s registration process, and thus be considered Personal Data. In relation to this type of information, provisions regarding Personal Data (paragraphs 2-3 above) apply accordingly.

4.3. Cookies allow, among others:

  1. maintaining the User’s session after logging in, so that there is no need to log in again on each subpage of the Website;
  2. remembering the information provided once so that the User does not have to complete the form again each time;
  3. adjusting the Website to the ways of using it by the User and increasing its accessibility for the User;
  4. keeping statistics of Website visits.

4.4. Information obtained through cookies includes, among others the name of the internet service provider, the User’s IP address, the country from which the User connects to the Website.

4.5. The Website uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). Persistent cookies are stored on the User’s device for the time specified in the cookie file parameters or until they are deleted by the User.

4.6. In many cases, the web browser by default allows the storage of cookies on the end device of the User. The User may at any time delete cookie files stored in his/her end device or block the possibility of storing them in the browser’s settings (also in a mobile phone or other device allowing access to the Internet).

4.7. Detailed information on the methods of blocking / deleting cookies are available in the “Help” section in the browser menu used by the User. For example, in Internet Explorer, cookies can be modified from: Tools -> Internet Options -> Privacy; in the Mozilla Firefox browser: Tools -> Options -> Privacy; while in Google Chrome: Settings -> Show advanced settings -> Privacy -> Content settings -> Cookies. Access paths may vary depending on the browser version used.

4.8. Cookies are not harmful to the User or his/her device. Restrictions on the use of cookies may affect some of the functionalities available on the Website, prevent or significantly impede proper use of the Website, including the inability to maintain logging sessions, therefore the Personal Data Controller recommends not to disable their use in browsers.

4.9. The main purpose of cookies used by the Personal Data Controller is to optimize the User’s service while using the Website. However, the Personal Data Controller cooperates with other companies in the scope of their marketing (advertising) activity and for the purposes of analysing the statistics of websites (including demographic data and interest reports using the Google Analytics tool). For the purposes of this cooperation, the browser or other software installed on the User’s device also saves cookies from entities that carry out such marketing activities (so-called third-party cookies). Cookies used by these entities are designed to provide the User with only those advertisements that correspond to his/her individual interests and needs. In the Personal Data Controller’s opinion, displaying a personalized advertisement is more attractive to the User than an advertisement which is not related to his/her needs. Without these files, this would not be possible because it is the companies cooperating with the Personal Data Controller that provide advertising content on websites visited by the User after leaving the Website.

4.10. Cookie files referred to in paragraph 9 above may come from the following companies:

  1. Google – more information regarding Google’s privacy policy and data collection can be found on the website: https://policies.google.com/privacy?hl=en;
  2. Facebook – more information regarding Facebook’s privacy policy and data collection can be found on the website: https://www.facebook.com/privacy/explanation/.

More information on the cookies of these entities can be found in their privacy policies.

4.11. The administrator of this website uses Google services:

  1. Google Analytics – a service that enables data to be collected for the purpose of analysing website visit statistics. Detailed information on how data is processed by Google Analytics can be found on the website: https://support.google.com/analytics/answer/6004245?hl=en. The User can prevent the collection of their data by installing the following browser add-on that blocks the transfer of data to Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en;
  2. Google reCAPTCHA – a service that checks whether data on a website (e.g. in a form) has been entered by a person or by an automated system by observing the User’s behaviour. The analysis takes place automatically in the background after opening the website without informing the User. As part of the analysis, the mechanism takes into account various types of information (e.g. IP address, mouse movements, time spent on the website), and the collected data is then sent to Google. More information about Google reCAPTCHA can be found on the website: https://www.google.com/recaptcha/intro/v3.html.

4.12. The website uses the following types of cookies:

  1. strictly necessary cookies – necessary for the proper display of website functions;
  2. functional cookies – saving the User’s preferences;
  3. external cookies – allowing to improve the operation of the Website based on the way the User uses it;
  4. third-party cookies – allowing the display of advertising content about the Personal Data Controller on websites visited by the User after leaving the Website.

 

V. CONTACT WITH THE PERSONAL DATA CONTROLLER AND DATA PROTECTION SUPERVISOR

5.1. The User may at any time directly contact the Personal Data Controller in writing or by e-mail to the Personal Data Controller’s address indicated at the beginning of the Policy.

5.2. The User may at any time directly contact the Data Protection Supervisor in writing at the address: PCC Rokita SA, Data Protection Supervisor, ul. Sienkiewicza 4, 56-120 Brzeg Dolny, Poland or by e-mail to the following address: iod.rokita@pcc.eu.

5.3. The Personal Data Controller stores correspondence with the User for statistical purposes and for the best and quickest response to emerging inquiries, as well as in the scope of complaint settlements and decisions made on the basis of administrative interventions in the indicated Profile. The addresses and data collected in this way will not be used to communicate with the User for purposes other than the User’s management request.

 

VI. SECURITY

6.1. The Personal Data Controller uses technical and organizational measures to protect the Personal Data in accordance with the degree of the threat and categories of data, in particular, protects data against unauthorized access, downloading it by an unauthorized person, processing in violation of applicable laws and changes, loss, damage or destruction.

6.2. The Personal Data Controller provides the following technical measures to prevent the unauthorized access and modification of Personal Data sent electronically:

  1. securing the database against unauthorized access,
  2. SSL certificate on the Website pages where users’ data are provided,
  3. encryption of data used to authorize the User,
  4. access to the Profile only after providing an individual Login and Password.

 

VII. CHANGE OF PRIVACY POLICY

7.1. The Personal Data Controller reserves the right to change the Policy in the future – this may occur, among others for the following important reasons:

  1. changes in the binding provisions, in particular regarding the protection of Personal Data, telecommunications law, services provided electronically and changes regulating consumer rights, affecting the rights and obligations of the Personal Data Controller or the User,
  2. development of functionality or Electronic Services dictated by the progress of internet technology, including the application / implementation of new technological or technical solutions affecting the scope of the Policy.

7.2. Personal Data Controller will each time publish information about changes in the Policy on the Website. With every change, the new version of the Policy will appear with a new date.
7.3. This version of the Policy has been in force since 25/05/2018.