Privacy Policy

This privacy policy describes the rules for processing information about you, including personal data and cookies.

1. General Information

This policy applies to the website operating at the URL: spiz.com.pl

The operator of the website and the Data Controller is:
Przedsiębiorstwo Wielobranżowe “SPIŻ”, Spółka Jawna, G. Wawrzak, C. Wawrzak
Address: Rydza-Śmigłego 32A, 42-229 Częstochowa, Poland
Email: biuro@spiz.com.pl

The Operator is the Controller of your personal data with regard to data provided voluntarily on the website.

The website uses personal data for the following purposes:

  • Newsletter distribution
  • Handling inquiries via the contact form
  • Processing product orders – preparation, packaging, shipping
  • Provision of ordered services
  • Issuance of appropriate accounting documents
  • Debt collection
  • Presentation of offers or information
  • Fulfilling legal obligations imposed on the Data Controller pursuant to Article 6(1)(c) of the GDPR, as specified in separate regulations (e.g., accounting obligations)

The website collects information about users and their behavior in the following ways:

  • Through data voluntarily entered in forms, which is entered into the Operator’s systems
  • By saving cookies on end-user devices

2. Selected Methods of Data Protection Used by the Operator

  • Login and data entry areas are protected at the transmission layer (SSL certificate). This ensures that personal data and login details entered on the site are encrypted on the user’s device and can only be read on the target server.
  • The Operator regularly changes its administrative passwords.
  • The Operator regularly creates backup copies for data protection.
  • An important aspect of data protection is the regular updating of all software used by the Operator for processing personal data, including regular updates of software components.

3. Hosting

The website is hosted (technically maintained) on the servers of: cyberFolks.pl

To ensure technical reliability, the hosting company keeps server-level logs. These logs may include:

  • Resources identified by URLs (addresses of requested pages/files)
  • Time of the request
  • Time of the response
  • Name of the client station – identified via the HTTP protocol
  • Information about errors occurring during HTTP transactions
  • Referrer URL – if the transition to the website occurred via a link
  • Information about the user’s browser
  • IP address
  • Diagnostic information related to the ordering process through the website’s forms
  • Information related to email handling directed to and sent by the Operator

4. Your Rights and Additional Information on Data Usage

In certain situations, the Administrator may transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the Administrator’s legal obligations. This applies to the following groups of recipients:

  • Hosting provider on the basis of a data processing agreement

Your personal data processed by the Administrator will not be retained longer than necessary for the purposes defined by specific legal regulations (e.g., accounting regulations). For marketing data, your data will not be processed for more than 3 years.

You have the right to request from the Administrator:

  • Access to your personal data
  • Rectification of your data
  • Deletion of your data
  • Restriction of processing
  • Data portability

You have the right to object, as specified in section 3.2, to the processing of personal data for purposes based on legitimate interests pursued by the Administrator, including profiling. However, the right to object does not apply if there are valid, legally justified grounds for processing that override your interests, rights, and freedoms – particularly for establishing, pursuing, or defending legal claims.

You have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland.

Providing personal data is voluntary but necessary to use the website.

You may be subject to automated decision-making, including profiling, for the purpose of providing services under a concluded contract and for the Administrator’s direct marketing purposes.

Your personal data is not transferred to third countries within the meaning of data protection laws. This means that we do not transfer your data outside the European Union.

5. Information Provided in Forms

The website collects information provided voluntarily by the user, including personal data, if submitted.

The website may store information about connection parameters (timestamp, IP address).

In some cases, the website may save information that helps associate form data with the email address of the user submitting the form. In such cases, the user’s email address may appear in the URL of the page containing the form.

Data provided in the form is processed for purposes resulting from the function of the specific form—for example, to handle a service request, business inquiry, service registration, etc. The context and description of each form clearly indicate its purpose.

6. Administrator Logs

Information about user behavior within the website may be logged. This data is used for website administration purposes.

7. Important Marketing Techniques

The Operator uses statistical analysis of website traffic via Google Analytics (Google Inc., based in the USA). The Operator does not share personal data with the service provider—only anonymized information is transmitted. The service relies on the use of cookies stored on the user’s end device.

Regarding information about user preferences collected by Google’s advertising network, users can view and edit information derived from cookies using the tool available at:
https://www.google.com/ads/preferences/

8. Information About Cookies

The website uses cookies.

Cookies are IT data—specifically text files—stored on the end device of the Website User, intended for use with the Website’s pages. Cookies typically contain the name of the website they come from, their storage duration, and a unique number.

The entity placing cookies on the User’s device and accessing them is the Website Operator.

Cookies are used for the following purposes:

  • Maintaining the user session after logging in, so that the user does not need to re-enter their login and password on every subpage
  • Fulfilling the purposes specified above under “Important Marketing Techniques”

The website uses two main types of cookies: “session” cookies and “persistent” cookies.
Session cookies are temporary files stored on the user’s device until logout, leaving the website, or closing the web browser.
Persistent cookies remain stored on the user’s device for the time specified in the cookie parameters or until manually deleted by the user.

Web browsing software (internet browsers) usually allows cookies to be stored by default. Website users may change these settings. The browser allows for the deletion of cookies or automatic blocking. Detailed information can be found in the help or documentation of the browser.

Limiting the use of cookies may affect some functionalities available on the Website.

Cookies stored on the User’s end device may also be used by third-party partners cooperating with the Website Operator—especially:
Google (Google Inc., USA)
Facebook (Facebook Inc., USA)
Twitter (Twitter Inc., USA)

9. Managing Cookies – How to Give and Withdraw Consent in Practice?

If the user does not wish to receive cookies, they may change their browser settings. Please note that disabling essential cookies related to authentication, security, or user preferences may hinder or—in extreme cases—prevent the use of the website.

To manage cookie settings, select your browser from the list below and follow the instructions:

Desktop browsers:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

Mobile devices:

  • Android
  • Safari (iOS)
  • Windows Phone
Scroll to Top