Privacy Policy
I/ For the Owner of this website, the protection of Users’ personal data is of the utmost importance. The Owner makes every effort to ensure that Users feel secure when entrusting their personal data while using the website.
II/ Users’ personal data is processed only to the extent necessary to ensure the functionality of the website and services. Users’ personal data is processed exclusively with their consent. Exceptions apply in cases where prior consent cannot be obtained for factual reasons and where data processing is permitted by law.
III/ A User is a natural person, a legal entity, or an organizational unit without legal personality to which the law grants legal capacity, using the electronic services available on the website.
IV/ This privacy policy explains the principles and scope of the processing of the User’s personal data, the rights to which the User is entitled, as well as the obligations of the data controller, and provides information on the use of cookies.
V/ The controller employs state-of-the-art technical measures and organizational solutions to ensure a high level of protection for the personal data being processed and to safeguard against unauthorized access.
I. PERSONAL DATA CONTROLLER
The personal data controller is LOUDER AND HIGHER PROSTA SPÓŁKA AKCYJNA, with its registered office in Katowice at ul. Józefa Wolnego 4, 40-857 Katowice, Poland, entered in the Register of Entrepreneurs maintained by the District Court in Katowice, Commercial Division, under KRS number 0001007204, NIP 9542850449, REGON 524236530 (hereinafter referred to as the “Owner”). The Administrator can be contacted as follows:
a) via email at info@briefit.it
II. PURPOSE OF PERSONAL DATA PROCESSING
1. The Administrator processes the User’s personal data for the purpose of:
to register the User in the database of individuals awaiting information regarding access to the tool in the MVP version and the full version – pursuant to Article 6(1)(a) of the GDPR (consent);
– monitoring the User’s activity on the website, including analyzing how the website is used – pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest in analyzing and optimizing the website);
– providing the newsletter service – pursuant to Article 6(1)(b) of the GDPR for the duration of the service or until the user unsubscribes from the newsletter;
– marketing of our own products or services, including providing information about promotions, new products, and services pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest);
– handling inquiries submitted via the contact form – pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest);
– concluding and performing a service agreement – pursuant to Article 6(1)(b) of the GDPR for the time necessary to fulfill the order and perform the agreement;
– presenting the offer, including providing information about the Controller’s products, services, and activities – pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest);
– issuing and using an invoice for accounting purposes pursuant to Article 6(1)(c) of the GDPR (legal obligation) for the period required by law;
– establishing, pursuing, or defending claims, including demonstrating the content of the concluded contract and the accompanying circumstances – pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest) until the expiration of the statute of limitations for claims arising from the contract;
– processing payments – pursuant to Article 6(1)(b) of the GDPR for the time necessary to process the payment;
2. The foregoing means that the User’s personal data being processed is necessary in particular for:
a) concluding a contract;
b) processing payments;
c) delivering the goods ordered by the User or providing services;
3. The User may also consent to receiving information about news and promotions, which will result in the controller also processing personal data for the purpose of sending the User commercial information regarding, among other things, new products or services, promotions, or sales.
4. Personal data is also processed to fulfill the legal obligations incumbent upon the data controller and to perform tasks in the public interest, including tasks related to security and defense or the retention of tax records.
5. Personal data may also be processed for the purposes of direct marketing of products, securing and pursuing claims, or protecting against claims by the User or a third party, as well as for the marketing of third-party services and products or for the Company’s own marketing that does not constitute direct marketing.
III. TYPE OF DATA
1. Each time you visit our website, data and information are automatically collected from the computer system accessing the site, specifically regarding:
a) the type and version of the browser used;
b) the User’s operating system;
c) the User’s internet service provider;
d) the User’s IP address;
e) the date and time of the User’s visit to the website;
f) the websites from which the User’s system accesses the website: HTTPS://BRIEFIT.IT/;
g) the websites that the User’s system accesses via the website: HTTPS://BRIEFIT.IT/;
h) log files containing IP addresses or other data that allow them to be attributed to the User (if provided on another website through which the User accessed the website: HTTPS://BRIEFIT.IT/). This data is recorded in system log files and is not stored together with the User’s other personal data.
2. The Data Controller processes the following personal data of the User, the provision of which is necessary for:
a) making purchases via the website:
– first and last name;
– shipping address;
– phone number;
– email address.
3. The Administrator also processes optional data provided by the User:
– date of birth;
– PESEL number (if an invoice is requested);
– tax ID number (in the event of a request for an invoice for a business);
– other personal data not listed above, if received from the User.
IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
1. Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ EU L 119 of 2016, May 4, 2016, hereinafter referred to as: “the GDPR.”
2. The Controller processes the User’s personal data only after obtaining the User’s prior consent, granted in particular at the time of confirming a transaction made on the website.
3. Consent to the processing of personal data is entirely voluntary; however, failure to provide such consent prevents the User from making purchases via the website.
V. USER RIGHTS
1. The user may at any time request information from the controller regarding whether their personal data is being processed and to what extent. The user also has the right to access this data.
2. The user may at any time request the correction or rectification of their personal data.
3. The User may withdraw their consent to the processing of their personal data at any time, without providing a reason. A request to cease processing data may pertain to a specific processing purpose indicated by the User, e.g., withdrawal of consent to receive commercial information, or may apply to all data processing purposes. Withdrawal of consent for all processing purposes will result in the User’s account being deleted from the website, along with all of the User’s personal data previously processed by the controller. Withdrawal of consent will not affect actions already taken.
4. The User may at any time request, without providing a reason, that the administrator delete their data. A request to delete data will not affect actions already taken. Deletion of data entails the simultaneous deletion of the User’s account, along with all personal data previously stored and processed by the administrator.
5. The User may at any time object to the processing of personal data, either with respect to all of the User’s personal data processed by the administrator or only to a limited extent, e.g., regarding the processing of data for a specifically indicated purpose. The objection will not affect actions taken to date. Filing an objection will result in the deletion of the User’s account, along with all personal data stored and processed by the administrator to date.
6. The User may request a restriction on the processing of personal data, either for a specified period or without a time limit but within a specified scope, which the controller is obligated to comply with. This request will not affect actions already taken.
7. The User may request that the controller transfer the User’s processed personal data to another entity. To do so, the User should submit a written request to the controller, specifying the entity (name, address) to which the User’s personal data should be transferred and exactly which data the User wishes the controller to transfer. After the User confirms their request, the controller will transfer the User’s personal data to the designated entity in electronic form. The User’s confirmation of the request is necessary to ensure the security of the User’s personal data and to verify that the request originates from an authorized person.
8. If the User believes that the Administrator is processing personal data in violation of applicable regulations, the User has the right to file a complaint with the competent supervisory authority, i.e., the President of the Personal Data Protection Office, located in Warsaw at ul. Stawki 2, 00-193 Warsaw.
9. The Controller shall inform the User of the actions taken within one month of receiving any of the requests listed in the preceding sections.
VI. RETENTION PERIOD FOR PERSONAL DATA
1. In general, personal data is retained only for as long as necessary to fulfill the contractual or statutory obligations for which it was collected. This data will be deleted immediately once its retention is no longer necessary for evidentiary purposes, in accordance with civil law, or in connection with a statutory data retention obligation.
2. The Controller archives the documentation for the purpose of demonstrating its content in the future pursuant to Article 6(1)(f) of the GDPR (the Controller’s legitimate interest in establishing, exercising, or defending legal claims) until the expiration of the statute of limitations for claims, which is generally 6 years. Data will be deleted after the statutory limitation period for pursuing contractual claims has expired.
3. Furthermore, the Controller may retain archival information regarding completed transactions, as their storage is related to claims to which the User is entitled, e.g., under warranty.
4. If no contract has been concluded between the User and the Owner, the User’s personal data is stored until the User’s account is deleted from the website. The account may be deleted as a result of a request by the User, the withdrawal of consent to the processing of personal data, or the filing of an objection to the processing of such data.
VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES
1. The Controller may entrust the processing of personal data to entities cooperating with the Controller, to the extent necessary for the performance of the contract, e.g., to prepare ordered goods, deliver shipments, or provide commercial information from the Controller (the latter applies to Users who have consented to receiving commercial information).
2. Personal data may be transferred to entities providing services to the Controller, including in particular IT, legal, accounting, and payment services, as well as to entities authorized to receive such data under the law (such as courts and government agencies).
3. Apart from the purposes specified in this Privacy Policy, Users’ personal data will not be disclosed to third parties in any way, nor will it be transferred to other entities for the purpose of sending marketing materials from such third parties.
3. The personal data of website Users is not transferred outside the European Union.
4. Users’ personal data will not be subject to automated decision-making, including profiling.
VIII. COOKIES
1. The website uses cookies or similar technology (hereinafter collectively referred to as “cookies”) to collect information about the User’s access to the website (e.g., via a computer or smartphone) and their preferences. They are used, among other things, for advertising and statistical purposes, as well as to tailor the website to the User’s individual needs.
2. Cookies are small pieces of information containing a unique reference code that the website sends to the User’s device for the purpose of storing, and sometimes tracking, information regarding the device being used. They usually do not allow the User to be identified. Their main purpose is to better tailor the website to the User.
3. Some of the cookies on this website are only available for the duration of a given web session and expire when the browser is closed. Other cookies are used to remember the User, who is recognized upon returning to the website. These are then stored for a longer period of time.
4. The cookies used on this website are:
The Website uses two main types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the User’s device until the User logs out, leaves the website, or closes the (web browser). „Persistent” cookies are stored on the User’s device for the duration specified in the cookie settings or until the User deletes them.
5. All cookies used on the website are set by the administrator.
6. All cookies used by this website comply with applicable European Union law.
7. Most Users and some mobile browsers automatically accept cookies. Unless the User changes their settings, cookies will be stored on the device.
8. You can change your preferences regarding the acceptance of cookies or change your browser to receive a notification each time cookies are set. To change your cookie acceptance settings, adjust your browser settings.
9. Please note that blocking or deleting cookies may prevent you from fully using the website.
10. Cookies will be used for necessary session management, including:
a) Creating a special login session for the website User so that the website remembers that the User is logged in and their requests are delivered effectively, securely, and consistently;
b) Recognizing a User who has previously visited the website, which allows for the identification of the number of unique users who have used the service and ensures that the service has sufficient capacity for the number of new users;
c) Determining whether a visitor to the website is registered on the website;
d) Recording information from the User’s device, including: cookies, IP address, and information about the browser used, in order to diagnose problems, administer, and track website usage;
e) Customizing elements of the website’s layout or content;
f) Collecting statistical information about how the User uses the website in order to improve the site and determine which sections of the website are most popular with Users.