Privacy Policy

  1. Introduction

1.1. 1.1. This Privacy Policy outlines the protocols for processing and protecting personal data submitted by Users in relation to the services offered by Columbus Industries Sp. z o. o., located in Warsaw at ul. Moniuszki 1A, 00-014 Warsaw, NIP: 5223048182, being the controller of personal data (hereinafter: “Administrator”).

  1. Scope and Purpose of Data Collection

2.1. The following categories of Users’ personal data are processed:

– Name,

– Email address,

– Phone number,

– Other data entered voluntarily in the contact form,

– Data collected automatically (browser type, operating system version and information about the websites from which the User navigated to the Administrator’s website).

2.2. Personal data is processed for:

– Addressing inquiries submitted through the Contact form,

– Delivering electronic services, including newsletter content,

– Statistical and analytical for the Administrator’s internal purposes.

  1. Legal Basis for Processing

3.1. The processing of Users’ personal data is based on:

– The necessity of processing for the performance of the contract (Article 6(1)(b) of the RODO),

– User’s consent (Article 6(1)(a) of the RODO) regarding the use of cookies.

  1. 4. Personal Data Protection

4.1. Data Administrator, Columbus Industries Sp. z o.o., attaches the utmost importance to protecting the privacy of Users. Personal data is processed with due diligence and in accordance with applicable laws, including Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), hereinafter referred to as “GPRD”.

4.2. The Administrator undertakes to protect personal data by using appropriate technical and organizational measures to prevent unauthorized access or use of the data. Among the measures in place are data encryption, data access control, regular security audits, the use of data protection procedures, and training for staff on personal data protection

4.3. The processing of personal data takes place on servers with high security standards, which are protected from third-party access.

4.4. The Administrator shall take all necessary steps to ensure that third parties who may have access to personal data to perform services for the Administrator comply with data protection requirements and do not use such data for other purposes.

4.5. Users’ personal data may be transferred to third countries (outside the EEA) only if necessary and in accordance with relevant laws. In such a case, the Administrator shall ensure that the transfer is carried out in accordance with the provisions of the GPRD, including through the use of standard contractual clauses approved by the European Commission or any other mechanism to ensure an adequate degree of protection that is required by the GPRD.

4.6. In the event of a leak of personal data, the Administrator shall immediately, no later than 72 hours after the discovery of the breach, report it to the relevant supervisory authority in accordance with the procedures set forth in the GPRD. If such leakage is likely to pose a high risk to the rights and freedoms of individuals, the Administrator shall also inform data subjects of the breach.

4.7. The User has the right to be informed about the processing of his personal data, the right to access data, rectify it, delete it, limit processing, transfer data, not be subject to automated decision-making, including profiling, and the right to withdraw consent to the processing of personal data at any time. without affecting the lawfulness of processing based on consent before its withdrawal.

4.8. The user also has the right to lodge a complaint with the supervisory authority responsible for the protection of personal data if he/she considers that the processing of his/her personal data violates the provisions of the GDPR.

4.9. The Administrator may appoint a Data Protection Officer, whose contact information will be published on the company’s website and in other appropriate places. The Data Protection Officer is available to Users on data protection issues.

4.10. The Privacy Policy is subject to change, of which Users will be informed on the Administrator’s website.

  1. Data Recipients

5.1. Recipients of the data may include:

– In the case of a User who uses an electronic delivery or payment method, the Administrator shall make the collected personal data of the User available to the selected carrier, operator or intermediary performing shipments on behalf of the Administrator or to the institution handling electronic payments in the online store.

– Authorized employees and associates who use the data to fulfill the purpose of the site.

– Entities providing technical services (e.g., IT development and maintenance of the website, hosting providers).

  1. User Rights Related to Data Processing

6.1. Users have the right to:

– Access and obtain copies of their data,

– Rectify their data,

– Restrict personal data processing,

– Delete personal data,

– Data transfers,

– Object to data processing,

– Withdraw consent to process personal data at any time.

6.2. In order to exercise the above rights, you can contact the Administrator via e-mail address: idea@columbusarte.com

  1. Data Storage Period

7.1. Users’ personal data are kept for the period necessary to fulfill the purposes for which they were collected, unless a longer retention period is required by law.

Information about cookies

8.1. The website uses cookies. They constitute IT data, in particular text files, which are stored on the User’s terminal device and are intended for use in the use of the Website. Cookies usually contain the name of the website from which they originate, the time they are stored on the end device and a unique number.

8.2. The entity placing cookies on the Service User’s terminal equipment and accessing them is the Service operator.

8.3. Cookies are used for the following purposes:

– Maintaining the session of the Service user (after logging in), thanks to which the user does not have to

Re-enter login and password on each sub-page of the Website;

– statistical analysis of site traffic, through Google Analytics (Google Inc. based in

USA). The operator does not transfer personal data to the operator of this service, but only

anonymized information. The service is based on the use of cookies on the device

end user. In terms of user preference information collected

through Google’s advertising network, the user can view and edit the information resulting from the from cookies using the tool: https://www.google.com/ads/preferences/;

8.4. The Service uses two main types of cookies: “session cookies” and “permanent cookies” (persistent cookies). “Session” cookies are temporary files that are stored on the User’s terminal device until the User logs out, leaves the website or shuts down the software (web browser). “Permanent” cookies are stored in the User’s terminal device for the time specified in the parameters of the cookies or until they are deleted by the User.

8.5. Web browsing software (Internet browser) usually allows cookies to be stored on the User’s terminal device by default. Users of the Service may change their settings in this regard. Your web browser allows you to delete cookies. It is also possible to automatically block cookies For details, please refer to your browser’s help or documentation.

8.6. Restrictions on the use of cookies may affect some of the functionality available on the Website.

8.7. Cookies placed in the Service User’s terminal equipment may also be used by entities cooperating with the Service Operator, in particular this concerns companies: Google (Google Inc. based in the USA), Meta (Meta Platforms, Inc. based in the USA) and LinkedIn (Linkedin Corp. based in the USA).

  1. Changes to the Privacy Policy

9.1. The administrator reserves the right to change the privacy policy, of which users will be informed in advance.

  1. Contact

10.1. Any questions or concerns regarding the privacy policy can be directed to the e-mail address: idea@columbusarte.com or postal address of the company.