Privacy Policy

§ 1 General Provisions

  1. This Privacy Policy sets out the rules for processing and protecting personal data of Customers using the online store available at https://solarbp.pl (hereinafter referred to as the "Online Store").
  2. This Privacy Policy fulfills the information obligation of the Controller in accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as "GDPR").

§ 2 Data Controller

The Data Controller of the Online Store Customers' personal data is Stanisław Bajorski conducting business under the name Solar Building Polska Stanisław Bajorski, 36-002 Jasionka 954E, Poland, Tax ID (NIP): 8133650623, REGON: 361381896 (hereinafter referred to as the "Controller").

§ 3 Contact Information

The Controller can be contacted via email: [email protected] or by mail at: Solar Building Polska Stanisław Bajorski, 36-002 Jasionka 954E, Poland.

§ 4 Personal Data Processing Principles

  1. The Controller processes Customers' personal data in accordance with GDPR provisions.
  2. The Controller applies technical and organizational measures required by EU law to ensure protection of processed personal data and to secure personal data against unauthorized access, unauthorized acquisition, processing in violation of regulations, as well as alteration, loss, or destruction.
  3. Providing data marked as required in the Online Store is voluntary but necessary for using the functionality, including creating and maintaining a Customer account and placing and processing orders.

§ 5 Purposes and Legal Bases for Processing Personal Data

Customers' personal data will be processed for the following purposes:

  1. maintaining the Customer account in the Online Store (Article 6(1)(b) GDPR),
  2. processing orders in the Online Store (Article 6(1)(b) GDPR),
  3. providing newsletter services (Article 6(1)(b) GDPR),
  4. direct marketing of own services and products, apart from newsletter services, being a legitimate interest of the Controller (Article 6(1)(f) GDPR),
  5. responding to email or telephone contact, which constitutes a legitimate interest of the Controller (Article 6(1)(f) GDPR),
  6. analytical research, particularly examining and analyzing traffic on our website for marketing purposes, which constitutes a legitimate interest of the Controller (Article 6(1)(f) GDPR),
  7. archival (evidentiary) purposes in case of legal need to demonstrate facts, which is a legitimate interest of the Controller (Article 6(1)(f) GDPR),
  8. possible establishment, exercise, or defense of claims being the realization of the Controller's legitimate interest (Article 6(1)(f) GDPR).

§ 6 Personal Data Retention Period

Customer data will be stored for the following periods:

  1. data related to maintaining the Customer account – for the period of its maintenance in the Online Store and no longer than until the Customer requests its deletion,
  2. data related to order processing – for a period of 5 years from the end of the year in which the sale was made, unless further storage is justified by the limitation period for claims,
  3. newsletter service provision – until unsubscribing from the newsletter,
  4. data related to direct marketing – until an objection is raised,
  5. data related to responding to email or telephone contact – until the end of correspondence or withdrawal of consent, unless further data storage is justified by the Controller's overriding interest, such as defense against potential claims,
  6. maintaining statistics – until an objection is raised, but no longer than 50 months from the Customer's last activity on the website,
  7. archival purposes – for the period necessary to achieve this purpose,
  8. establishment, exercise, or defense of claims – for the period necessary to achieve this purpose.

§ 7 Categories of Personal Data

  1. The Controller collects, processes, and stores the following Customer data:

    1. in connection with creating a Customer account: email address, first and last name,
    2. in connection with placing an order: email address, first and last name, address, telephone, and for businesses also company name and Tax ID,
    3. in connection with email or telephone contact: email address, first and last name, and telephone number,
    4. in connection with providing newsletter services: email address.
  2. When using the Online Store, the Controller automatically collects and stores information such as: IP address, request URL, device identifier, time spent on individual pages, browser type, browser language, date and time of service use, screen resolution, operating system type and version, and other similar information.

§ 8 Cookies

  1. The Online Store uses small files called cookies. They are saved on the end device of the person visiting the Online Store if the web browser allows it.
  2. Cookies are computer data, particularly text files, stored on the Customer's end device and intended for use with the Online Store. Cookies typically contain the website name, storage time on the end device, and a unique number.

  3. Cookies are used for the following purposes:

    1. recognizing the device used by the Customer to properly display website content,
    2. creating statistics that help understand how Customers use websites, enabling improvement of their structure and content,
    3. maintaining the Online Store Customer's session, so the Customer does not have to re-enter login and password on each subpage of the Online Store,
    4. customizing the content and functioning of the Online Store by matching an anonymous, randomly generated tracking identifier, which allows checking where the Customer came from, which search engine was used, which link was clicked, which keywords were entered, and when the Customer stopped using the Online Store,
    5. collecting general and anonymous data for advertising campaigns through advertising networks and displaying advertising content tailored to Customer preferences.
  4. Web browsers usually allow storing cookies on the Customer's end device by default. Customers can change these settings. The web browser allows deletion of stored cookies as well as automatic blocking. Detailed information on this topic can be found in the web browser's help or documentation.
  5. The Online Store uses marketing and analytical tools from other providers who use cookies in the Online Store. These tool providers are primarily Google LLC (Google Analytics, Google Ads, Google Tag Manager), Facebook Inc. (Facebook Pixel), and Hotjar Ltd. (Hotjar). More information about cookies from the above-mentioned entities can be found in their privacy policies. Some of the above-mentioned providers may store Customer data outside the European Economic Area. This data is transferred only to countries that ensure an adequate level of protection, and to countries that do not ensure an adequate level of protection, only when appropriate safeguards are in place, including standard contractual clauses adopted by the European Commission.

§ 9 Data Sharing

  1. Customers' personal data may be transferred to entities to whom the Controller entrusts personal data processing based on agreements and to entities authorized to obtain personal data based on legal provisions.

  2. In order to fulfill the agreement concluded through the Online Store and to ensure proper functioning of the Store, the Controller shares Customers' personal data particularly with entities providing services:

    1. postal, forwarding, and courier services and order handling,
    2. electronic payments,
    3. accounting,
    4. hosting,
    5. IT and software delivery and tools used particularly for statistics, tracking traffic on our website, marketing automation, CRM systems,
    6. marketing related to online store operation.
  3. Entities providing services to the Controller may store Customer data outside the European Economic Area. In such situations, User data will be transferred only to countries that ensure an adequate level of protection, and to countries that do not ensure an adequate level of protection, only when appropriate safeguards are in place, including standard contractual clauses adopted by the European Commission.

§ 10 Customer Rights

  1. The Customer has the right to access their data and the right to request rectification, deletion, or restriction of processing. To the extent that the basis for processing personal data is the premise of the Controller's legitimate interest, the Customer has the right to object to the processing of their personal data.
  2. To the extent that the basis for processing the Customer's personal data is consent, the Customer has the right to withdraw consent. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
  3. To the extent that the Customer's data is processed for the purpose of concluding and performing the Agreement or processed on the basis of consent – the Customer also has the right to data portability, i.e., to receive from the Controller personal data in a structured, commonly used, machine-readable format. The Customer may send this data to another data controller.
  4. The Customer also has the right to lodge a complaint with the supervisory authority dealing with personal data protection.
Back to homepage