• Basket
    • Hello Public user
    My cart 0 My Wishlist 0 My Account My orders Edit Profile Change Password
    Logout

    Privacy policy

    § 1 GENERAL PROVISIONS

    1. The Controller of personal data collected via the website www.b2b.ostrovit.com is OSTROVIT SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ entered in the Register of Entrepreneurs by the District Court in Białystok, 12th Commercial Division of the National Court Register under KRS number: 0000994529, registered office and address for service: ul. Sitarska 16, 18-300 Zambrów, NIP: 7231641151, Polish National Business Registry No. (REGON): 523562090, email address: odo@ostrovit.com, phone No.: +48570707040, hereinafter referred to as the “Controller” and also acting as the “Service Provider”.
    2. Personal data collected by the Controller are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR.
    3. All words or expressions written in capital letters in this Privacy Policy shall be understood in accordance with their definitions contained in the Terms and Conditions of the Panel www.b2b.ostrovit.com.

    § 2 TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION

    1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes the personal data of Panel Service Recipients in the following cases:
      1. registration of an Account in the Panel, in order to create an individual account and manage this Account, pursuant to Article 6(1)(b) of the GDPR,
      2. placing an Order in the Panel, for the purpose of performing the Sales Contract, pursuant to Article 6(1)(b) of the GDPR,
      3. subscribing to the Newsletter in order to receive commercial information by electronic means, pursuant to Article 6(1)(a) of the GDPR,
      4. using the Contact Form to send a message to the Controller, pursuant to Article 6(1)(f) of the GDPR,
      5. marketing of the Controller's products, including for analytical and profiling purposes, based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR),
      6. defense against possible claims, based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR).
    2. TYPES OF PERSONAL DATA PROCESSED. The Service Recipient provides:
      1. Account: login, first and last name, email address, company name, registered address, telephone number.
      2. Order: first and last name, company name, registered address, tax identification number, email address, telephone number, delivery address.
      3. Newsletter: email address.
      4. Contact Form: first and last name, email address.
    3. PERIOD OF ARCHIVING PERSONAL DATA. Personal data of Service Recipients are stored by the Controller:
      1. in cases where the basis is contract performance – for as long as necessary to perform the contract, and thereafter for the limitation period (six years, or three years for periodic benefits or business-related claims);
      2. in cases based on consent – until such consent is revoked, and after revocation for the limitation period as above.
    4. When using the Panel, additional information may be collected, including: IP address, domain name, browser type, access time, operating system type.
    5. With separate consent (Article 6(1)(a) of the GDPR), data may also be processed for sending commercial information or marketing calls in accordance with the Polish Act on the provision of electronic services or Telecommunications Law, including profiling—if consent is given.
    6. Navigation data may also be collected, including information about links clicked or other actions in the Panel, based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR).
    7. Providing personal data is voluntary but necessary to use services as defined in § 2(2) of these Terms and Conditions.
    8. The Controller ensures that data are:
      1. processed lawfully,
      2. collected for lawful purposes and not further processed incompatibly,
      3. factually correct, adequate and stored only as long as necessary for processing purposes.

    § 3 SHARING OF PERSONAL DATA

    1. Personal data of Service Recipients are transferred to service providers used by the Controller in the operation of the Panel, in particular to:
      1. entities delivering the Products,
      2. payment system providers,
      3. accounting office,
      4. hosting provider,
      5. business software provider,
      6. entities providing a mailing system,
      7. provider of software necessary to operate the Panel.
    2. The service providers referred to in point 1 of this paragraph, to whom personal data are transferred, depending on contractual arrangements and circumstances, either follow the Controller's instructions as to the purposes and means of processing such data (processors) or determine the purposes and means of processing themselves (controllers).
    3. Personal data of Service Recipients are stored exclusively within the European Economic Area (EEA), subject to § 5 point 5 and § 6 of the Privacy Policy.

    § 4 RIGHT OF CONTROL, ACCESS TO THE CONTENT OF OWN DATA AND ITS CORRECTION

    1. The data subject has the right to access their personal data and the right to rectify, delete, restrict processing, transfer data, object, and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
    2. Legal basis for the Service Recipient's request:
      1. Access to data – Article 15 of the GDPR.
      2. Rectification of data – Article 16 of the GDPR.
      3. Deletion of data (the so-called right to be forgotten) – Article 17 of the GDPR.
      4. Restriction of processing – Article 18 of the GDPR.
      5. Data transfer – Article 20 of the GDPR.
      6. Objection – Article 21 of the GDPR.
      7. Withdrawal of consent – Article 7(3) of the GDPR.
    3. In order to exercise the rights referred to in point 2, you can send an email to the following address: odo@ostrovit.com.
    4. If the Service Recipient exercises their rights under the above provisions, the Controller shall comply with the request or refuse to comply with it immediately, but no later than within one month of receiving it. However, if, due to the complex nature of the request or the number of requests, the Controller is unable to comply with the request within one month, it will comply with it within the next two months, informing the Service Recipient in advance, within one month of receiving the request, of the intended extension and the reasons for it.
    5. If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.

    § 5 COOKIES

    1. The Controller's website uses cookies.
    2. The installation of cookies is necessary for the proper provision of services on the Panel's website. Cookies contain information necessary for the proper functioning of the website and also enable the compilation of general statistics on website traffic.
    3. Two types of cookies are used on this website: “session” and ”persistent.”
      1. “Session” cookies are temporary files that are stored on the Service Recipient's end device until they log out (leave the website). These cookies are necessary for certain features of the Portal to function properly.
      2. “Persistent” cookies are stored on the Service Recipient's end device for the time specified in the cookie parameters or until they are deleted by the Service Recipient. They make using the Portal easier (e.g., they remember the selected resolution and content layout). They can be used for various purposes, including remembering your preferences and choices when using the website. Persistent cookies will be stored on your device for a maximum period of 12 months or until you withdraw your consent.
    4. The Controller uses its own cookies to better understand how Service Recipients interact with the content of the website. The files collect information about how the Service Recipient uses the website, the type of website from which the Service Recipient was redirected, and the number of visits and duration of the Service Recipient's visit to the website. This information does not record specific personal data of the Service Recipient, but is used to compile statistics on the use of the website.
    5. The Controller also uses external cookies to collect general and anonymous statistical data through Google Analytics analytical tools (external cookie controller: Google LLC. based in the USA).
    6. Cookies may also be used by advertising networks, in particular the Google network, to display advertisements tailored to the way in which the Service Recipient uses the Panel. To this end, they may retain information about the Service Recipient's navigation path or the time spent on a given page.
    7. The Service Recipient has the right to decide on the access of cookies to their computer by:
      1. selecting the types of cookies that he/she agrees to collect immediately after entering the Panel and displaying a message regarding cookies,
      2. changing the settings in his/her browser window. Detailed information about the possibilities and methods of handling cookies is also available in the software settings (web browser).
      3. You can withdraw your consent at any time by deleting cookies from your browser on your device.

    § 6 ADDITIONAL SERVICES RELATED TO THE USER'S ACTIVITY IN THE PANEL

    1. The www.b2b.ostrovit.com Panel uses social media plug-ins (“plug-ins”) from social media sites. When displaying a Panel website containing such a plug-in, the Service Recipient's browser will establish a direct connection to Facebook, Instagram, and YouTube servers.
    2. The content of the plug-in is transmitted by the respective service provider directly to the Service Recipient's browser and integrated into the website. Thanks to this integration, service providers receive information that the Service Recipient's browser has displayed the page www.b2b.ostrovit.com, even if the Service Recipient does not have a profile with the service provider or is not currently logged in. This information (including the IP address of the service recipient) is sent by the browser directly to the server of the respective service provider (some servers are located in the USA) and stored there.
    3. If the Service Recipient logs into one of the above social networking sites, the service provider will be able to directly associate the visit to the Panel website with the Service Recipient's profile on that social networking site.
    4. If the Service Recipient uses a given plug-in, e.g. by clicking on the “Like” or “Share” button, the relevant information will also be sent directly to the server of the respective service provider and stored there.
    5. The purpose and scope of data collection and further processing and use by service providers, as well as the possibility of contact and the rights of the Service Recipient in this regard and the possibility of making settings to ensure the protection of the Service Recipient's privacy are described in the privacy policy of the service providers:
      1. https://www.facebook.com/policy.php
      2. https://help.instagram.com/519522125107875?helpref=page_content
      3. https://policies.google.com/privacy?hl=pl&gl=ZZ
    6. If the Service Recipient does not want social networking sites to associate data collected during visits to www.b2b.ostrovit.com directly with their profile on a given website, they must log out of that website before visiting www.b2b.ostrovit.com. The Service Recipient may also completely prevent plug-ins from loading on the website by using appropriate browser extensions, e.g. script blocking with “NoScript”.
    7. The Controller uses remarketing tools on its website, i.e. Google Ads, which involves the use of Google LLC cookies related to the Google Ads service. As part of the cookie settings management mechanism, the Service Recipient has the possibility to decide whether the Service Provider will be able to use Google Ads (external cookie controller: Google LLC. based in the USA) in regards to him/her.

    § 7 FINAL PROVISIONS

    1. The Controller shall implement technical and organizational measures to ensure the protection of personal data being processed in a manner appropriate to the risks and categories of data being protected, and in particular shall protect the data against unauthorized access, removal by an unauthorized person, processing in violation of applicable laws, and alteration, loss, damage, or destruction.
    2. The Controller shall provide appropriate technical measures to prevent unauthorized persons from obtaining and modifying personal data transmitted electronically.
    3. In matters not covered by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.

    § 8 AMENDMENTS TO THE PRIVACY POLICY

    In order to ensure that the Portal's Privacy Policy complies with the current legal requirements at all times, we reserve the right to amend it at any time. The above also applies in cases where the Privacy Policy needs to be amended to cover new or modified products or services of the Portal.

    To install this Web App in your iPhone/iPad press and then Add to Home Screen.