I. Processing principles for users' personal data
As Corleonis S.A. (hereinafter: Corleonis) we pay great attention to respecting and honouring your rights, with particular emphasis on your right to privacy.
Corleonis is responsible for the lawful use of the personal data collected, which shall be done in a manner that guarantees its security and compliance with the provisions of the GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC).
Corleonis, as data controller, processes data in accordance with the following principles:
- • „lawfulness, fairness and transparency,”,
- • „purpose limitation”,
- • „data minimisation”,
- • „correctness”,
- • „storage limitation”,
- • „integrity and confidentiality”.
Corleonis processes personal data based on the relevant legal provisions, i.e. the Article 6 para 1 of the GDPR, ie:
- •when the processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract;
- • when the processing is necessary for compliance with a legal obligation to which the controller is subject;
- • when the processing is necessary to protect the vital interests of the data subject or of another natural person;
- • when the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests shall be overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
When browsing our website, one or more cookies may be stored on your computer (terminal device) according to your browser configuration.
Before giving your consent, cookies necessary for the proper functioning of the website are stored on your computer.
Cookies may be placed by Corleonis, as well as by third parties with whom Corleonis cooperates. Please read the information on cookies and how they are used.
II. Information on data collected
In order to use some of the functionalities offered by our website, registration will be required. During registration, we ask users for a login and password that they will use on our site. They will be also asked to agree to the processing of their personal data by Corleonis.
When you visit our website, data about your visit are automatically collected, in particular your IP address, domain name, browser type, operating system type. For more information, see the cookies policy.
III. Personal data administrator
The administrator of the personal data is: Corleonis S.A. ul. Kazimierska 150, 84-230 Rumia, NIP: 588-215-80-64, entered in the National Court Register kept by the District Court Gdańsk-Północ in Gdańsk, VIII Commercial Division of the National Court Register under KRS number 0000957206
The Administrator has not appointed a Data Protection Inspector, nevertheless, regarding your personal data it is possible to contact you at the following e-mail address: [_] or in writing to the address of the Administrator's registered office.
IV. Purpose and basis of personal data processing
Personal data obtained in connection with the use of the website shall be processed by Corleonis for the following purposes:
- • in order to undertake activities aimed at concluding a contract such as submitting an offer, correspondence on agreeing the terms of the contract, etc. - on the basis of Art. 6 para. 1 letter b GDPR;
- • to perform the concluded contract - on the basis of Article 6 para 1 letter b of GDPR;
- • in order to fulfil the Administrator's legal obligations, in particular as regards settlements arising from tax law, the Accounting Act - on the basis of Article 6 para. 1 letter c of GDPR,
- • for the purpose of sending you personalised commercial information concerning related products and services or the Newsletter service, if you have given your consent - on the basis of Article 6 para. 1 letter a of GDPR
- • to the extent necessary for the purposes arising from the legally justified interests pursued by the Administrator - on the basis of Article 6 para 1 letter f of GDPR, in particular:
- • for the purpose of marketing their own products and services;
- • for fraud prevention purposes;
- • for network and information security purposes;
- • for the purpose of establishing, investigating or defending against claims;
- • for customer satisfaction surveys;
- • for archival purposes.
V. Who will have access to your personal data
Recipients of personal data will be entities entitled to obtain personal data, in particular entities participating in the performance of the contract such as, among others, courier companies and postal services providers, entities conducting payment activities (banks, institutions providing payment and settlement services), as well as accounting offices, entities providing legal services to the controller, public administration bodies to the extent specified by the relevant legislation, financial institutions to the extent of providing services to the controller, entities performing consulting or audit services.
Your personal data may also be transferred to a third country or international organisation based on the relevant legal protections, which are the standard contractual clauses for the protection of personal data approved by the European Commission. This may be mainly in connection with:
- • the activities carried out on social networks and the use of plug-ins and other tools from these networks ( including Facebook, Twitter, Google+);
- • the use of analytical tools and tools for anonymous tracking of user activity, in particular such as Google Analytics, Gemius Traffic, Chartbeat;
- • the use of advertising platforms to raise funds for the maintenance of websites (in particular Google adsense).
VI. How long the data will be stored
Personal data will be stored for the period of cooperation or use of the Account if the service has been activated, and after its termination at least for the period specified by the law on public and legal settlements, but not less than until the final settlement or statute of limitations of potential claims arising from mutual cooperation, and in the event of a dispute until its final settlement, which also means the effective termination of enforcement proceedings. In the case of processing of personal data based on Article 6 para letters a or f of the GDPR, subject to the provisions of the GDPR, respectively until you withdraw your consent or object to such processing.
VII. What are your rights in relation to the data collected
In accordance with the provisions of the GDPR, subject to the relevant provisions, each user has the right:
- • to request access to the personal data concerning them;
- • to rectify the data;
- • to request the completion of incomplete personal data, including by providing an additional statement;
- • to erase the data or to restrict processing;
- • to object to further processing of their personal data;
- • to have their personal data transferred.
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent given before its withdrawal.
When processing data that are collected through cookies, Corleonis are in most cases unable to identify the user. Therefore, if the beneficiary wishes to use their rights, they may be asked to provide additional information for identification purposes.
If there are doubts about the correctness of the processing of personal data by Corleonis, there is the right to lodge a complaint with the supervisory authority.
VIII. What happens if data is not provided
The provision of data is voluntary or may be a necessary condition for the conclusion of a contract (e.g. creation of an account on the website) or the provision of services. Without their provision, the contract cannot be concluded.
Rumia, September 10, 2018