§ 1 GENERAL PROVISIONS

  1. This document defines the Privacy Policy of the Nanomax.co online store, operating at https://nanomax.co/, operated by VAIA Prosta Spółka Akcyjna with its registered office in Bielsko-Biała, at Jana Szajtera nr 2G/2, 43-300 (Bielsko-Biała), entered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Bielsko-Biała, 8th Commercial Division of the National Court Register under the KRS number 0001028004, REGON 524867727, NIP 5472237249, which in particular includes regulations concerning the protection of personal data and security of other data entered on the Website by the User.
  2. The Privacy Policy is an integral appendix to the Regulations of the https://nanomax.co/ online store.

§2 DEFINITIONS

The terms used in this document shall have the following meaning:

  1. Personal Data Controller (also referred to as Controller) – VAIA Prosta Spółka Akcyjna with its registered office in Bielsko-Biała, Jana Szajtera nr 2G/2, 43-300 (Bielsko-Biała), entered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Bielsko-Biała, 8th Commercial Division of the National Court Register under the KRS number 0001028004, REGON 524867727, NIP 5472237249.
  2. Website – the website available at https://nanomax.co/ as well as any and all of its subpages,
  3. User – a natural person who uses the Website and enters their personal data thereon.
  4. Personal data – information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including image, voice recording, contact data, location data, information contained in correspondence, information collected through recording equipment or other similar technology,
  5. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC,
  6. Regulations – Regulations of the Nanomax.co. online store.

§3 PERSONAL DATA PROTECTION

  1. The Controller is the controller of personal data within the meaning of the GDPR.
  2. The Controller collects and processes personal data in accordance with the relevant laws, including in particular the GDPR, and in accordance with the principles provided for in these laws. 
  3. The Controller informs about the processing of data at the time of collection. The Controller processes your data to the extent, within the time and for the purpose indicated each time in the information provided under the forms used to collect personal data from you.
  4. The Controller transfers Personal Data only to the Controller’s trusted subcontractors, i.e. couriers, suppliers responsible for operating IT systems, entities such as warehouses, banks and payment operators, entities providing accounting services, legal services, marketing agencies (for marketing services), entities providing other IT and software services. 
  5. The Controller shall have the right to transfer selected Personal Data to competent authorities and third parties if such necessity arises from applicable laws and when such entities make a request for such data based on an appropriate legal basis.
  6. The Controller shall ensure the security of the processed personal data and its confidentiality, as well as provide access to information on data processing to the User. If, despite the security measures in place, a breach of personal data protection (e.g., data “leakage” or data loss) were to occur and such a breach could cause a high risk of violation of the User’s rights or freedoms, the Controller shall inform the User of such an event in a manner consistent with the law.
  7. The user may contact the data controller. The contact information is as follows:

Correspondence address:

Jana Szajtera nr 2G/2, 43-300 Bielsko-Biała

E-mail address:

rodo@nanomax.co

Phone number

+48 12 400 44 00

§4 SECURITY OF PERSONAL DATA

  1. The Controller shall use all technical and organizational capabilities at its disposal to ensure the security of the User’s personal data and protect it from accidental or intentional destruction, accidental loss, modification, unauthorized disclosure or access. Users’ personal data shall be retained and processed on highly secured servers, with appropriate safety measures meeting the requirements of the Polish law.
  2. The data entrusted shall be retained on the top-spec hardware and servers in properly secured information storage centres, accessible exclusively by authorized persons.
  3. The Controller shall carry out activities related to the processing of personal data in accordance with all legal and technical requirements imposed by the personal data protection regulations. The Controller continuously analyzes the risks associated with its processing of personal data and ensures that only authorized persons have access to the data and only to the extent necessary to perform their duties. 
  4. The Controller shall take all necessary measures to ensure that its subcontractors and other cooperating entities also provide guarantees to apply appropriate security measures whenever they process Personal Data on behalf of the Controller.
  5. The Controller undertakes to retain backup copies containing personal data of you.

§ 5 YOUR RIGHTS

  1. In the case of any change in personal data, you must update it by sending an appropriate message to the Controller.
  2. You have the following rights:
    1. the right to information about the processing of Personal Data,
    2. the right to obtain a copy of the Personal Data that the Controller processes,
    3. the right to rectify Personal Data,
    4. the right to erasure of Personal Data (on this basis, you can request erasure of data, the processing of which is no longer necessary to carry out any of the purposes for which they were collected),
    5. the right to restrict the processing of Personal Data,
    6. the right to portability of Personal Data,
    7. the right to object to the processing of Personal Data for marketing purposes (you may object to the processing of Personal Data for marketing purposes at any time, without having to justify such objection),
    8. the right to object to other purposes of data processing (you may object at any time – for reasons related to your particular situation – to the processing of Personal Data that is carried out on the basis of the legitimate interests of the Controller; such objection requires a justification),
    9. the right to withdraw consent, if the Personal Data is processed on the basis of the consent given (withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal),
    10. the right to complain to the supervisory authority for the processing of Personal Data, having jurisdiction over your habitual residence, place of work or the place where the alleged violation was committed. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.
  3. The Controller may refuse to erase your personal data if retention thereof is necessary due to the obligation imposed on the Controller by law.
  4. You have the right to submit a request for the exercise of your rights indicated above by letter or electronic mail (e-mail). The contact details of the Controller are indicated in § 3.7. 
  5. If, based on the request referred to in paragraph 4, the Controller is unable to determine and identify the natural person to whom the request pertains, it will request additional information from the applicant. Failure to provide additional information shall result in denial of the applicant’s request. 
  6. The controller shall respond to the request within one month of receiving it. If it is necessary to extend this period, the Controller shall inform the applicant of the reasons for it and the expected date for responding to the request.  

§ 6  BASIS, PURPOSE AND RETENTION OF PERSONAL DATA

  1. Personal data is processed for the following purposes and on the following grounds:
    1. Use of the Website: 

Personal data of all persons using the Website (including IP address or other identifiers and information collected through cookies or other similar technologies), are processed by the Controller for the purpose of:

  1. provision of services by electronic means (legal basis: necessity of processing for performance of the agreement – Article 6(1)(b) GDPR),
  2. analytical and statistical purposes (legal basis: consent – Article 6(1)(a) GDPR),
  3. establishing and pursuing of claims or defending against claims (legal basis: the Controller’s legitimate interest – Article 6(1)(f) GDPR, which is to protect the Controller’s rights).
  4. Registration on the Website, order form:

In order to establish, operate and maintain a User Account, you are asked to provide the Personal Data indicated in the registration form. In order to place an order on the Website, you are asked to provide the Personal Data indicated in the order form. It is not mandatory to provide data, but refusal to do so will result in the inability to place an order. The Personal Data indicated by you are processed by the Controller for the purpose of:

  1. provision of electronic services and conclusion of a sales agreement (legal basis: necessity of processing to perform the agreement – Article 6(1)(b) GDPR),
  2. analytical and statistical purposes (legal basis: consent – Article 6(1)(a) GDPR),
  3. establishing and pursuing of claims or defending against claims (legal basis: the Controller’s legitimate interest – Article 6(1)(f) GDPR, which is to protect the Controller’s rights).
  4. Newsletter:

You who have notified the Controller of their wish to do so receive e-mail messages with advertising content. Subscribing to the Newsletter involves providing the Controller with your Personal Data. Provision of data is not mandatory, but refusal to provide such data shall result in the inability to provide Newsletter. The Personal Data indicated by the User is processed by the Administrator for the purpose of:

  1. provision of services by electronic means (legal basis: necessity of processing for the performance of the contract – Article 6(1)(b) GDPR – in the scope of data necessary for the dispatch of the Newsletter),
  2. analytical and statistical purposes (legal basis: consent – Article 6(1)(a) GDPR),
  3. establishing and pursuing of claims or defending against claims (legal basis: the Controller’s legitimate interest – Article 6(1)(f) GDPR, which is to protect the Controller’s rights).  
  4. Marketing

The Controller processes your Personal Data in order to carry out marketing activities, which may consist, in particular, in displaying to you marketing content corresponding to your interests or sending commercial information by electronic means for purposes related to direct marketing of goods and services. In this case, your Personal Data is processed by the Controller on the basis of your consent (Article 6(1)(a) GDPR), which may be revoked. The fulfillment of the Controller’s marketing purposes may be carried out through profiling, which involves the automatic processing of Personal Data and its evaluation for the purpose of analyzing your behavior and creating a forecast for the future, which is sued for displaying content to you in accordance with your individual preferences and interests. 

  1. Contact form, traditional and electronic correspondence (e-mail)

You may direct messages to the Controller using e-mail using the Controller’s contact information available on the Website, the Terms and Conditions of the Website or this Privacy Policy, as well as through the contact form available on the Website. Personal data contained in this correspondence is used by the Controller solely for the purpose of communication and settlement of the matter to which the correspondence relates. The basis for the processing of the Data is the legitimate interest of the Controller – Article 6(1)(f) GDPR – which consists in the maintenance of correspondence addressed to it in connection with its business activities, and in the case of contact related to services provided or an agreement – the necessity of the processing for the performance of the agreement – Article 6(1)(b) GDPR.

  1. Phone contact

You may contact the Controller by phone for purposes related to the services provided or the agreement concluded, and for other matters. In the event of phone contact in matters not related to the concluded agreement or the provided service, the Controller may request Personal Data only if it is necessary to handle the reported matter. The legal basis for the processing of Personal Data is the legitimate interest of the Controller – Article 6(1)(f) GDPR – consisting in the necessity of resolving a reported case related to its business activity, and in the case of contact related to services provided or an agreement – the necessity of processing to perform the agreement– Article 6(1)(b) GDPR.

  1. Social media profiles 

The Controller has its profiles on social media (including Instagram, Facebook). The Controller processes Personal Data left by people responding to profiles, e.g., comments or web IDs. The Controller uses this data to effectively maintain profiles, to enable activity on these profiles, as well as for analytical or statistical purposes. The legal basis for the processing of Personal Data is the legitimate interest of the Controller – Article 6(1)(f) GDPR – to promote its activities and services provided, possibly for the purpose of asserting claims or defending against third-party claims. The above does not apply to the processing of personal data by social networks. In order to learn about the rules of data processing by social networks, please read their policies for processing Personal Data. 

  1. The period of data processing depends on the service provided, the purpose and the basis for processing. The principle is to process data for the duration of the service or order. Where the basis for the processing of Personal Data is consent, the data shall be processed until the consent is effectively withdrawn. Where the basis for the processing of Personal Data is the legitimate interest of the Controller, the data shall be processed until an effective objection is made. 
  2. The period of processing of Personal Data referred to in paragraph 2 may be extended in case the processing is necessary for the establishment, investigation and defense of possible claims. After this time, Personal Data may be processed only if and to the extent required by applicable law.
  3. After the expiration of the processing period for Personal Data, the Personal Data is deleted or irreversibly anonymized. 

§ 7 COOKIE POLICY

  1. The Controller uses cookies. Cookies are small text files sent (saved) by the Website on your terminal device (e.g. computer, smartphone). 
  2. The Controller uses cookies to provide services electronically, to improve and enhance their quality, as well as for analytical and statistical purposes and to customize the Website to the needs of its Users. Through the use of cookies, the Controller personalizes content and advertising. The Controller shares information about how you use the Website with trusted social, advertising and analytics partners in order to provide the highest possible quality of e-commerce operations, analytics, customization and personalization.
  3. The Website uses two types of cookies: session cookies and persistent cookies. “Session” cookies are temporary files that are stored on the User’s end device until the User logs out, leaves the website or shuts down the software (web browser). “Permanent” cookies are stored on the User’s end device for the time specified in the parameters of the cookies or until they are deleted by the User.
  4. The Controller uses the following types of cookies on the Website:
    1. essential – enable the use of services and functionalities available on the Website, such as those used in handling user authorization or to fill a shopping cart when shopping online; 
    2. functional – enable the User’s choices to be remembered and customized on the Site, e.g. in terms of language preferences, font size, appearance of the Site, etc.; analytical – enable the acquisition of a range of information, including the number of visits and sources of traffic on the Website. The collection of this data is used to determine, which pages are most frequently visited and leads to the creation of statistics on traffic on the Website. This data is used by the Administrator to improve the performance of the Website. The collected data is processed in anonymized form. These types of cookies include Google Analytics cookies;
    3. advertising – enable the adaptation of content displayed on the Website and outside the Website, including advertisements, to the interests of Users. Data on browsing history, website activity (e.g., purchase history, use of services, type of content and ads displayed) or geolocation data may be used to present personalized content. Based on information from the Service and the User’s activity on other services, a profile of the User’s interests is developed. 
  5. Functional, analytical and advertising cookies may be installed by the Administrator and its trusted partners through the Website.
  6. The legal basis for processing data in connection with the use of necessary cookies is the necessity of processing Personal Data for the performance of an agreement (Article 6(1)(b) GDPR). In the case of other cookies, the basis for processing Personal Data is the Controller’s legitimate interest or the User’s consent (Article 6(1)(a) and (f) RODO). The Controller in order to use functional, analytical and advertising cookies must obtain the User’s consent. 
  7. The consent referred to in paragraph 5 is granted using the relevant form displayed during the first visit to the Website. The consent granted may be withdrawn or adjusted differently at any time.
  8. You can change your cookie settings from your web browser. 
  9. Changing the settings of cookies and similar technologies may affect the way the Website works and the services it provides.
  10. The Website uses third-party tools to collect cookies. These entities process cookies under the terms of their privacy policies and other cookie standards documents: ………..

§8  LOGS

  1. In accordance with the practice of most websites, the Controller stores HTTP requests directed to its server (server logs). Accordingly, the Controller stores the following information:
    1. IP addresses from which users browse information provided on our website;
    2. the time the query was received;
    3. response time;
    4. name of customer’s station – identification carried out via HTTP;
    5. information on errors in HTTP transactions;
    6. URL address of a page previously visited by the User (HTTP referrer);
    7. information about your browser.
  2. The logs collected shall be stored for an indefinite time as auxiliary materials for the purposes of Website administration. The information contained therein shall not be disclosed to anyone other than persons authorized to administer the Website. The log files may be used to generate statistics constituting aid in administration of the Website. Summaries in the form of such statistics shall contain no features identifying website visitors.
  3. The Controller processes the information contained in the logs for technical and administrative purposes, to ensure the security of the IT system and the management of this system, as well as for analytical and statistical purposes – in this regard, the legal basis for the processing of Personal Data is the Controller’s legitimate interest (Article 6(1)(f) GDPR).

§ 9  TRANSFER OF DATA OUTSIDE THE EEA

  1. As part of the Controller’s use of tools to support its day-to-day operations provided, for example, by Google, your Personal Data may be transferred to a country outside the European Economic Area (EEA), in particular to the United States of America (USA) or another country in which an entity cooperating with it maintains tools for processing Personal Data in cooperation with the Controller. The Controller transfers Personal Data outside the EEA only when necessary, and with an adequate degree of protection, primarily through the use of standard contractual clauses issued by the European Commission. 

§ 10 FINAL PROVISIONS

  1. This privacy policy is subject to updates in connection with the ongoing analysis of technical and legal conditions related to the processing of personal data. 
  2. This privacy policy is effective as of ……………….

COMMUNICATION

The Controller of the Personal Data processed in connection with your use of the Nanomax.co website run by VAIA Prosta Spółka Akcyjna, with its registered office in Bielsko-Biała, e-mail address: ……………

We use cookies files (so-called “cookies”) on this website, in which your personal data may be stored and then processed for analytical and marketing purposes. The information obtained may be shared with our advertising, social media and analytics partners. For more information, see our Privacy Policy. By allowing the cookies you choose, you consent to the processing of your data to the extent you choose.

Remember that consent to the use of cookies and data processing can be withdrawn by you at any time.

Allow selected cookiesAllow all cookies

After selecting the “Allow selected cookies” button, the following list should appear:

When you click on any group of cookies, a description of that group should appear, as well as information about the cookies that have been classified into it, along with details about the files. 

Information for “essential” cookies:

Essential
Essential cookies allow the website to function effectively. Without them, the website may not work as it should. 
Cookie files list
Name of fileFile providerPurpose of useExpiration dateType

Information for “Functional” cookies:

Website functionalities
Functional cookies collect information about your preferences for using and enjoying the website. They allow you to better customize your site.  
Cookie files list
Name of fileFile providerPurpose of useExpiration dateType

Information for “Advertising” cookies:

Advertising
Advertising cookies allow you to tailor the ads displayed to your interests. The advertising content in question may be displayed both on and off our website. 
Cookie files list
Name of fileFile providerPurpose of useExpiration dateType

Information for “Analytical” cookies:

Analytical
Analytical cookies allow us to evaluate the number of visits to the website and allow us to analyze the behavior of users on the website. They are also used for statistical purposes. 
Cookie files list
Name of fileFile providerPurpose of useExpiration dateType

Information for “Unclassified” cookies:

Unclassified
This group includes cookies that could not be classified into the earlier groups. 
Cookie files list
Name of fileFile providerPurpose of useExpiration dateType

Confirmation of consent to the use of cookies should be done by clicking the indicated button:

I consent to the selected cookies

Main Menu