Privacy Policy

Privacy Policy of the eurohermes.eu Internet Service

§1.

In accordance with the requirements of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR), as well as other applicable laws concerning the protection of personal data, we are committed to maintaining the security and confidentiality of the personal data we collect. All employees of the service have been properly trained in the processing and protection of personal data.

§2.

Every user of the service has the option to choose whether and to what extent they want to use our services and share information about themselves. Every user of the service has the right to have their data deleted or to not use our service.

§3.

The administrator of the personal data of users of the service is Eurohermes Sp. z o.o., ul. Żytnia 8, 41-200 Sosnowiec. We have appointed a Data Protection Officer (DPO), who is the person to contact for all matters related to the processing of personal data and the exercise of rights related to such processing. Contact information for the DPO:

Mailing Address: Eurohermes Sp. Z o.o. ul. Żytnia 8, 41-200 Sosnowiec

Email: rodo@eurohermes.eu

§4.

When processing the personal data of users, we adhere to the following principles:

  • Legality, fairness, and transparency: We process personal data in accordance with legal requirements. We provide comprehensive information to the individuals whose data is being processed (users) on all related matters.
  • Data minimization and adequacy: We process only the data that is truly necessary to achieve a specific purpose.
  • Data accuracy: We take the utmost care to ensure that the data we process is current and accurate.
  • Purpose limitation and secure data storage: We collect personal data only for a specific and legally justified purpose. We store data in a format that allows the identification of the data subjects. We process it only for as long as necessary to achieve the purpose for which it was obtained (unless legal obligations require further processing).
  • Integrity and confidentiality of data: We provide technical and organizational solutions to ensure the security of processed personal data.
  • Accountability: We can demonstrate that we are processing personal data in accordance with applicable legal requirements.

§5.

In our service, we collect the following personal data from users:

  • First and last name: Collected when placing an order, necessary for order processing and contact.
  • Residential address or company address: Used for shipping ordered goods.
  • Phone number: Used for order-related communication.
  • Email address: Used to send order confirmations and for potential communication.
  • IP address and other information from system logs: Information derived from general internet connection principles, such as IP address.
  • Cookies: The service uses cookies to customize the service to individual needs and enable order placement.

§6.

Providing the above data is necessary in the following cases: Registration in the Customer database is voluntary, and the data is stored in the database to prepare an offer or update it. Users can consent to have the above data saved for future use without re-entry during subsequent visits to our website. User consent can be revoked at any time by contacting the DPO (rodo@eurohermes.eu). Owners of other websites will not have access to this data. If a user does not agree to personalize the service, they should disable cookies in their web browser’s settings.

§7.

The legal basis for processing personal data for various purposes and the duration of their processing are as follows:

Purpose – Execution of a contract between Eurohermes Sp. z o.o. and the Service User – Legal basis – Article 6(1)(b) of the GDPR – necessity for the performance of a contract to which the data subject is a party.

Purpose – Marketing the products and services of the administrator (including automated analysis and profiling of data for marketing purposes) and statistical measurements – Legal basis – Article 6(1)(a) – consent of the data subject (User).

Purpose – Processing data for technical reasons to maintain the continuity of the service’s operation and functionality – Legal basis – Article 6(1)(f) – legitimate interests of the administrator.

Personal data of the service’s users will be processed only if one of the legal bases allowed by the GDPR is present and only for purposes consistent with that basis, as described above.

Data will be processed for as long as there is a legal basis for their processing:

  • In the case of consent, until the consent is withdrawn, restricted, or other actions are taken by the data subject limiting this consent.
  • In the case of data necessary for the performance of a contract, for the duration of the contract and for a period necessary to assert claims and to comply with legal obligations, such as tax obligations.
  • In the case where the processing of data is based on the legitimate interests of the administrator, for as long as those legitimate interests exist.

§8.

If a user has given their consent, the email address provided by them will be used for marketing the administrator’s (Eurohermes Sp. z o.o., ul. Żytnia 8, 41-200 Sosnowiec) own products and for statistical purposes. The consent given by the service user can be withdrawn at any time. If consent for receiving a newsletter was given, it can be revoked by sending information to the email address rodo@eurohermes.eu.

§9.

The personal data obtained from the service users are not disclosed to third parties, except for entities cooperating with the service, such as payment system operators, courier and shipping companies, subcontractors of services, and hosting companies. In such cases, the amount of data shared with companies cooperating with the service is limited to the necessary minimum for the proper provision of the service. All companies cooperating with the service that have access to the personal data provided by users have committed to protect such data in accordance with applicable law and to train their employees in data processing and protection.

The personal data we possess may be disclosed to relevant public authorities if required by applicable law. We do not store confidential data, such as credit card numbers or bank account access data.

§10.

Personal data obtained from users are not transferred outside the European Economic Area, and we do not plan to do so in the future.

§10.

Users have the following rights in connection with the processing of their personal data:

  • The right to access their data, including obtaining a copy of the data.
  • The right to request the correction of data.
  • The right to delete data (in certain situations).
  • The right to file a complaint with the data protection authority.
  • The right to limit data processing.
  • The right to object (in certain situations).

If data is processed based on consent, users can also exercise the right to withdraw their consent to the extent that data is processed on that basis. Withdrawal of consent does not affect the lawfulness of processing that occurred based on consent before its withdrawal. The methods for withdrawing consent are outlined in §6 and §8 above.

If a user’s data is processed based on consent or as part of a service provided (data is necessary to provide the service), they may also exercise the right to data portability, which allows them to receive their personal data from the administrator in a structured, commonly used, machine-readable format, which can be transmitted to another data controller.

To exercise these rights, users should contact the administrator or the Data Protection Officer (DPO) (contact information provided in §3 above).

Learn more about our services

Do you want to learn more about our offerings? Explore our website and don't hesitate to contact us with any questions. We look forward to your inquiry.

Receive an offer