Skip to main content

Privacy and cookie policy

websites https://romgosbioenergia.pl/

All personal data shall be collected and processed by the Controller, as a part of their business activity, in accordance with relevant regulations including, primarily, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereafter referred to as GDPR. The Controller shall ensure that the data processed is kept confidential and secure and the information about the data processing shall be communicated to the persons to whom it applies.

General information

This Privacy and Cookie Policy lays down the rules of personal data processing and protection and the use of cookie with reference to the use of the Internet website by its Users.

§1. Definitions

For this Privacy and Cookie Policy the following definitions shall be adopted:

  1. Controller – The Controller of your data is ROMGOS Bio Energia Limited liability company with its registered office in Jarocin, ul. Zaciszna 1d, 63-200 Jarocin, entered into the Register of Entrepreneurs kept by the District Court in Poznań Nowe Miasto in Poznań, 9th Commercial Division of the National Court Register [KRS], under number: 0001013752, REGON: 524199527, NIP: 6172225389, Share capital 10 000,00 PLN (fully paid-up). )
  2. Website – available on https://romgosbioenergia.pl/.
  3. User – any entity who browse the website content.
  4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

§2. Personal information

  1. The user personal data, having regard to the GDPR, shall be administrated by Controller.
  2. The Controller shall process the users data for specific purposes and on a legal basis. This might be stated as a user consent – freely given specific and informed, expressed for example by a specific form on the Internet website. Users personal data shall be processed also when Controller is obliged to process personal data on the legal basis or to comply with the contract’s provisions and also for the purposes of the legitimate interests pursued by the controller.
  3. Personal data provided by the User to the Controller might occur not only by available website forms but also by instant message services or social media profiles, particularly by:
    1. Personal data provided to the Controller by the User in the contact form or in an email sent to the Controller’s address, shall be processed to reply the User’s inquiry. Providing personal data by the User is voluntary but indispensable for User to receive a reply. Data shall be processed for the purposes of the legitimate interests pursued by the controller (Article 6(1)(f) GDPR). This data shall be processed until the correspondence finishes and until possible claims expire.
    2. Personal data provided to the Controller by the User on their social media profiles or in a message sent by instant message services, shall be processed to reply the User’s inquiry. Providing personal data by the User is voluntary but indispensable for User to receive a reply. Data shall be processed for the purposes of the legitimate interests pursued by the controller (Article 6(1)(f) GDPR). This data shall be processed until the correspondence finishes and until possible claims expire.
  4. The Controller may entrust your personal data to companies that support achieving above mentioned objectives, including IT services providers such as hosting services provider, website software provider, authorized employees and cooperators replying to your inquiries generated in a contact form. Furthermore, the Controller may entrust your data to the supporting consulting, audit and law firms as well as to postal and courier companies, to banks, to Social Insurance Institution [ZUS] and to the Tax Office [US] – within Contrller’s legal obligations.
  5. User’s personal data shall not be transferred to third-country recipients nor to any international organizations which cannot ensure an adequate data protection level. An adequate data protection level should be confirmed by a relevant decision of the European Commission or by any binding legal instrument.
  6. The Controller shall not process your personal data by automated means in such manner that the automated processing could result in any decision-making, could result in any legal effect or in any other manner could significantly influence your rights and obligations.
  7. The service shall be hosted (automatically maintained) on the operator’s server: Ih.pl
  8. The Controller shall provide confidentiality of all personal data received.
  9. The personal data shall be stored with due diligence and accurately protected against unauthorized persons access, and its processing shall be conducted in compliance with and on conditions laid down in:
    1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC,
    2. Act of 10 May 2018 on personal data protection.

§3. The user rights

  1. The User enjoys the rights connected to their personal data processing, including:
  2. Right of access by the data subject
  3. Right to rectification
  4. Right to restriction of processing
  5. Right to object
  6. Right to erasure (‘right to be forgotten’)
  7. Right to data portability
  8. Right to lodge a complaint with a supervisory authority with reference to personal data processing by the Controller
  9. The User enjoys the right to withdraw his or her consent at any time.   
  10. In order to exercise his or her rights the User shall address demand to: bioenergia@romgos.pl
  11. Legal basis of the User’s demand:
    1. Right of access by the data subject – Art. 15 GDPR.
    2. Right to rectification – Art. 16 GDPR.
    3. Right to erasure (‘right to be forgotten’) – Art. 17 GDPR.
    4. Right to restriction of processing – Art. 18 GDPR.
    5. Right to data portability – Art. 20 GDPR.
    6. Right to object – Art. 21 GDPR
    7. Right to withdraw his or her consent – Art. 7(3) GDPR.
  12. Should the User exercise one of the above mention rights, the Controller shall meet the request or shall refuse to do so without delay, however not later than within a month after receiving it. However in case of complex nature or the number of requests, the Controller shall be unable to meet the request within a month, it shall be met within two following months. Firstly, the User shall be  informed within a month from the request, about possible delay and its grounds.
  13. Should the personal data processing be found violating the GDPR law, the data subject enjoys the right to lodge a complaint to President of the Personal Data Protection Office in Warsaw.

§4. Cookies and other information

  1. The User’s data is automatically collected while using the Internet Website. The data include: IP address, domain name, browser, operating system type. The data may be also collected by cookies and can be saved in server’s logs.
  2. Cookies are files sent to the User’s computer or any other device (laptop, smart phone, tablet) whie using the Internet website. Cookies remember User’s preferences and behavior which enhances services quality, improve searching results and relevance of displayed information, including advertisement and anonymous tracing of User’s preferences.
  3. Current list of cookies used on the website is available through the cookie bar shared on the website.
  4. User grants a consent for cookies on his or her device by cookies bar displayed on the website. It can also be obtained by the User’s device browser settings In the same manner User can withdraw or change the scope of his or her consent.
  5. User may also remove cookies from his or her device by using specific functions of the Internet browser, dedicated programs for this purpose or tools available within User’s operating system.
  6. Data saved in servers logs or by cookies shall not be connected in any way with specific website Users and shall not be used by the Controller for User identification. Server’s logs shall serve for the website administrating purposes and their content shall not be disclosed to any entity other than persons authorized to administrate the server.
  7. The website also uses technologies anonymously recording User’s actions on the website. They include.:
    1. Google Analytics – used for website statistics analysis
    2. Facebook Pixel – used for Facebook advertisement management and optimization
  8. Data obtained by these tools shall not be connected in any way with specific website Users and shall not be used by the Controller for User identification.
  9. As a result of the use of technologies mentioned in § 3(7) shall be tailoring of the website, its content and the offer to the User’s needs.
  10. Restrictions regarding using cookies might influence some functionalities available on websites.
  11. If the user rejects cookies, the settings of the browser shall be changed. Disabling Cookies necessary for authentication process, security, maintenance of User’s preferences might cause difficulties and in severe cases might prevent the User from using the Internet websites.

§5. Purpose of data use

The data given by a User or collected automatically, shall be used by the Controller for the following purpose:

    1. proper functioning, configuration and security of the Internet website,
    2. monitoring of the session status,
    3. analysis, research and audit of the website’s views,
    4. and also for the statistical and marketing purposes.

§6. The final provisions

  1. The Controller shall provide adequate technical and organizational measures to ensure protection of processed personal data, appropriate regarding threats and protected data categories, against their unauthorized disclosure, takeover by unauthorized persons, processing with violation of the binding laws and change, loss or damage or destruction.
  2. The Controller provides adequate technical means to prevent obtaining and modification of personal data electronically sent, by any unauthorized persons.
  3. This document might be changed due to the Internet technology development, personal data protection law changes and our Website and Store development. Any subsequent modification shall be notified to the Users visibly and comprehensibly without delay.
  4. For the issues not covered by this Privacy and cookie policy, GDPR provisions and other provisions of Polish Law shall be applied accordingly.
  5. All considerations and questions about Privacy and cookie policy should be addressed to: bioenergia@romgos.pl