§ 1 GENERAL PROVISIONS
2. The administrator of personal data collected via the Website is Erplast Sp. z o. o. with its registered office in Bydgoszcz at ul. Witebska 27, 85-778 Bydgoszcz, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in Bydgoszcz, 13th Commercial Division of the National Court Register, under KRS number 0000487094, with share capital of PLN 1,169,000 (fully paid), REGON 341507640, NIP 554-292-28-56 and e-mail address: firstname.lastname@example.org - hereinafter referred to as the "Administrator" and being also the Website Service Provider.
3. The term personal data should be understood as: all information identifying or enabling the identification of a natural person, such as name, surname, e-mail address, telephone number, IP address, or other internet identifiers collected via cookies or other similar technologies, e.g. location data.
4. The term data processing should be understood as: all operations performed on personal data, e.g. collection, recording, storage, modification, browsing, disclosure, deletion.
5. In connection with the use of the Website, the Administrator collects the Users 'personal data to the extent necessary to provide Electronic Services offered as part of the Website, and also collects information about the Users' activity on the Website. Personal data on the Website are processed by the Administrator in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and in the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation) - hereinafter referred to as "GDPR" or "GDPR Regulation". The official text of the GDPR Regulation: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679.
6. Using the Website, including the conclusion of contracts for the provision of electronic services is voluntary. Similarly, the related provision of personal data by the Service User using the Website is voluntary. However, in the case of concluding contracts for the provision of Electronic Services with the Administrator, failure to provide personal data necessary to conclude and perform the contract for the provision of Electronic Services with the Administrator in cases and to the extent indicated on the Website results in the inability to conclude this contract. In addition, sometimes providing personal data is a statutory requirement resulting from generally applicable law (e.g. processing of data for the purpose of keeping tax or accounting books).
7. The Administrator uses special diligence to protect the interests of persons to whom the personal data processed by him relates, and in particular is responsible and ensures that the data collected by him are: (1) processed in accordance with the law; (2) collected for specified, legitimate purposes and not subjected to further processing incompatible with those purposes; (3) factually correct and adequate in relation to the purposes for which they are processed; (4) stored in a form that allows identification of the persons they concern, no longer than necessary to achieve the purpose of processing, and (5) processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage by appropriate technical or organizational measures.
8. Taking into account the nature, scope, context and purposes of processing, as well as the risk of violation of the rights or freedoms of natural persons of various probability and severity of threat, the Administrator implements appropriate technical and organizational measures so that the processing takes place in accordance with the law and that he can demonstrate it. These measures are reviewed and updated as necessary. The administrator uses technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.
9. The administrator ensures that he does not plan to consciously collect data on persons under 16 years of age. The scope of collected personal data does not include the age of these people.
§ 2 BASIS FOR DATA PROCESSING
1. The administrator is entitled to process