CREME DOR VIP

CREME DOR VIP

Creme Dor VIP

Professional Premium N₂O Cartridges

Certified Quality

High Performance

GDPR Information Obligation

The following information provides a concise, understandable, and transparent summary of the details presented in the Privacy Policy concerning the Data Controller, the purpose and method of personal data processing, and your rights related to this processing, as required to fulfill the GDPR information obligation. Further details on the processing methods and the entities involved are available in the aforementioned policy.

Who is the Data Controller?

The Personal Data Controller (hereinafter referred to as the Controller) is the company "GRUPA KJAN - POL Sp. z o.o.", operating at: Belęcin 89A 64-231, Belęcin, with Tax Identification Number (NIP): 9231734474, providing electronic services via the Website.

How can the Data Controller be contacted?

The Controller can be contacted in one of the following ways

  • Postal address - GRUPA KJAN - POL Sp. z o.o., Belęcin 89A 64-231, Belęcin

  • Email address - biuro@cremedor.pl

  • Phone call - +48 519 195 110

  • Contact form - available at: https://cremedor.pl/kontakt

Has the Controller appointed a Data Protection Officer?

Pursuant to Art. 37 of the GDPR, the Controller has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Controller directly.

Where do we obtain personal data from, and what are its sources?

Data is obtained from the following sources:

  • from the data subjects
  • from social media platforms, in the case of registration using such platforms, with the explicit consent of the data subjects.

What is the scope of personal data we process?

The website processes ordinary personal data, voluntarily provided by the data subjects
(e.g., name and surname, login, email address, phone number, IP address, etc.)

The detailed scope of processed data is available in the Privacy Policy.

What are the purposes of our data processing?

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:
    • Services for registration and maintenance of a User account on the Website and related functionalities
    • Newsletter services (including sending promotional content with consent)
    • Services for commenting on / liking posts on the Website without the need for registration
  • Communication between the Controller and Users regarding the Website and data protection
  • Ensuring the Controller's legitimate interest

What are the legal bases for data processing?

The Website collects and processes User data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
    • Art. 6(1)(a)
      the data subject has given consent to the processing of his or her personal data for one or more specific purposes
    • Art. 6(1)(b)
      processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
    • Art. 6(1)(f)
      processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
  • Act of May 10, 2018, on Personal Data Protection (Journal of Laws 2018, item 1000)
  • Act of July 16, 2004, Telecommunications Law (Journal of Laws 2004, no. 171, item 1800)
  • Act of February 4, 1994, on Copyright and Related Rights (Journal of Laws 1994, No. 24, item 83)

What is the legitimate interest pursued by the Controller?

  • For the purpose of establishing, exercising, or defending against claims, the legal basis for processing is our legitimate interest (Art. 6(1)(f) GDPR) in protecting our rights, including, but not limited to:
  • For the purpose of assessing the risk of potential clients
  • For the purpose of evaluating planned marketing campaigns
  • For the purpose of direct marketing

For what period do we process personal data?

As a rule, the indicated personal data is stored only for the period of service provision within the website operated by the Controller. They are deleted or anonymized within 30 days from the end of service provision (e.g., deletion of a registered user account, unsubscribing from the Newsletter list, etc.).

In exceptional situations, to safeguard the legitimate interest pursued by the Controller, this period may be extended. In such a case, the Controller will store the indicated data, from the time of the User's request for their deletion, for no longer than 3 years in the event of a breach or suspected breach of the website's terms and conditions by the data subject.

Who is the recipient of data, including personal data?

As a rule, the sole recipient of data is the Controller.

However, data processing may be entrusted to other entities providing services to the Controller to maintain the Website's operations.

Such entities may include, but are not limited to:
  • Hosting companies providing hosting or related services to the Controller
  • Companies through which the Newsletter service is provided

Will your personal data be transferred outside the European Union?

Personal data will not be transferred outside the European Union, unless published as a result of an individual User action (e.g., posting a comment or entry), which will make the data accessible to anyone visiting the website.

Will personal data be used as a basis for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What are your rights related to the processing of personal data?

  • Right of access to personal data
    Users have the right to obtain access to their personal data, exercised upon request submitted to the Controller.

  • Right to rectification of personal data
    Users have the right to demand from the Controller the immediate rectification of personal data that is inaccurate and/or the completion of incomplete personal data, exercised upon request submitted to the Controller.

  • Right to erasure of personal data
    Users have the right to demand from the Controller the immediate erasure of personal data, exercised upon request submitted to the Controller.

    In the case of user accounts, data erasure involves the anonymization of data enabling User identification.

    For the Newsletter service, the User has the option to independently delete their personal data using the link provided in each email sent.

  • Right to restriction of personal data processing
    Users have the right to restrict the processing of personal data in cases indicated in Art. 18 of the GDPR, including challenging the accuracy of personal data, exercised upon request submitted to the Controller.

  • Right to data portability
    Users have the right to receive from the Controller personal data concerning the User in a structured, commonly used, machine-readable format, exercised upon request submitted to the Controller.

  • Right to object to personal data processing
    Users have the right to object to the processing of their personal data in cases specified in Art. 21 of the GDPR, exercised upon request submitted to the Controller.

  • Right to lodge a complaint
    Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection.

Menu

Telefon

+48 662 456 589

E-mail

dahefu@gmail.com

Menu

Phone

+48 662 456 589

Email

dahefu@gmail.com

WhatsApp

+48 662 458 596