The Privacy Policy outlines the principles for processing information about you, including personal data and cookies, by us.
This document reflects the Administrator’s commitment to respecting the rights of individuals visiting the Website and using the services offered through it.
This Policy also fulfils the information obligation arising from Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119 of 4 May 2016, p. 1) (hereinafter: “GDPR”).
**Definitions**
1. **Personal Data**: Any data relating to an identified or identifiable natural person, based on one or more specific factors determining their physical, biological, genetic, mental, financial, cultural, or social identity, including the IP address of a device, location data, online identifiers, and data collected through cookies and other similar technologies.
2. **Website**: The website operated by us at the address: x-cut.pl.
3. **Policy**: This Privacy Policy.
4. **GDPR**: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
5. **User**: Any person visiting the Website or using one or more of the services or functionalities described in the Policy.
**Purpose and Legal Basis for Processing Personal Data**
The Administrator processes data only to the extent necessary for the specified purposes and for the period required to fulfil contracts, comply with separate legal provisions, or until the User withdraws their consent.
**Purposes of Processing**:
1. Compliance with legal obligations (Article 6(1)(c) GDPR).
2. Performance of a contract or taking steps prior to entering into a contract (Article 6(1)(b) GDPR).
3. Protection of rights, execution of concluded contracts, obtaining due remuneration, as well as pursuing and defending against claims (Article 6(1)(f) GDPR).
4. Marketing of own services (Article 6(1)(f) GDPR).
5. Improving communication, particularly sending technical notifications (Article 6(1)(f) GDPR).
6. Ensuring reliable support for Website Users (Article 6(1)(f) GDPR).
7. Tailoring marketing content to the preferences and interests of Users and Service Providers (Article 6(1)(a) GDPR).
**1. General Information**
This Policy applies to the Website operating at the URL: x-cut.pl and x-cut.pro.
The Website Operator and Personal Data Administrator is: PPHU PROCOMP Maciej Mańkowski, Polna 8, 86-200 Chełmno, NIP: 8751166857, REGON: 871113764.
Operator’s contact email address: it@24max.pl.
The Operator is the Administrator of your personal data with regard to data voluntarily provided on the Website.
The Website uses personal data for the following purposes:
– Managing a newsletter.
– Handling enquiries via forms.
– Fulfilling ordered services.
– Debt recovery.
– Presenting offers or information.
The Website collects information about users and their behaviour in the following ways:
– Through data voluntarily entered into forms, which are then stored in the Operator’s systems.
– By saving cookies (so-called “cookies”) on end-user devices.
**2. Selected Data Protection Methods Used by the Operator**
Login and personal data entry areas are protected at the transmission layer (SSL certificate). This ensures that personal data and login details entered on the Website are encrypted on the user’s computer and can only be read on the target server.
The Operator periodically changes its administrative passwords.
To protect data, the Operator regularly creates backup copies.
A key element of data protection is the regular updating of all software used by the Operator to process personal data, particularly the regular updating of programming components.
**3. Hosting**
The Website is hosted (technically maintained) on the servers of the operator: home.pl.
**4. Your Rights and Additional Information on Data Use**
In certain situations, the Administrator may transfer your personal data to other recipients if it is necessary to perform a contract concluded with you or to fulfil the Administrator’s obligations. This applies to the following groups of recipients:
– Hosting company on a data processing agreement basis.
– Couriers.
– Postal operators.
– Law firms and debt collectors.
– Banks.
– Payment operators.
– Companies providing marketing services for the Administrator.
Your personal data processed by the Administrator will not be retained longer than necessary to carry out related activities specified by separate regulations (e.g., accounting). Marketing data will not be processed for more than 2 years.
Pursuant to Articles 15–22 of the GDPR, you have the right to request from the Administrator:
– Access to your personal data, their rectification, erasure, restriction of processing, and data portability.
You have the right to object to the processing outlined in point 3.3(c) regarding the processing of personal data for the Administrator’s legitimate interests, including profiling, although this right cannot be exercised if there are valid, legally justified grounds for processing that override your interests, rights, and freedoms, particularly for establishing, pursuing, or defending claims.
You may lodge a complaint regarding the Administrator’s actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-198 Warsaw.
Providing personal data is voluntary but necessary for the operation of the Website.
Actions involving automated decision-making, including profiling, may be taken with respect to you for the purpose of providing services under a concluded contract and for direct marketing by the Administrator.
Personal data is not transferred to third countries as defined by data protection regulations. This means we do not send it outside the European Union.
**5. Information in Forms**
The Website collects information voluntarily provided by the user, including personal data, if provided.
The Website may store connection parameter information (timestamp, IP address).
In some cases, the Website may store information linking form data to the email address of the user completing the form. In such cases, the user’s email address appears within the URL of the page containing the form.
Data provided in forms is processed for purposes arising from the specific form’s function, e.g., to process a service request, commercial contact, or service registration. The context and description of each form clearly indicate its purpose.
**6. Administrator Logs**
Information about user behaviour on the Website may be logged. This data is used for Website administration purposes.
**7. Key Marketing Techniques**
The Operator uses solutions that automate the Website’s operations with respect to users, e.g., sending an email to a user after visiting a specific subpage, provided the user has consented to receiving commercial correspondence from the Operator.
**8. Information About Cookies**
The Website uses cookies.
Cookies are IT data, particularly text files, stored on the Website User’s end device and intended for use with the Website’s pages. Cookies typically contain the name of the originating website, their storage duration on the end device, and a unique number.
The entity placing cookies on the Website User’s end device and accessing them is the Website Operator.
Cookies are used for the following purposes:
– Maintaining the Website User’s session (after logging in), so the user does not need to re-enter their login and password on every subpage.
– Achieving the purposes outlined in the “Key Marketing Techniques” section above.
The Website uses two main types of cookies: “session” (temporary) and “persistent” (permanent). Session cookies are stored on the User’s end device until they log out, leave the website, or close their browser. Persistent cookies are stored on the User’s end device for the time specified in the cookie parameters or until deleted by the User.
Web browsing software (browsers) usually allows cookies to be stored on the User’s end device by default. Website Users can change these settings. Browsers allow cookies to be deleted or automatically blocked. Detailed information is available in the browser’s help or documentation.
Restricting the use of cookies may affect some functionalities available on the Website.
Cookies placed on the Website User’s end device may also be used by entities cooperating with the Website Operator, particularly companies such as Google (Google Inc., USA), Facebook (Facebook Inc., USA), and Twitter (Twitter Inc., USA).
**9. Managing Cookies – How to Give and Withdraw Consent in Practice?**
If a user does not wish to receive cookies, they can adjust their browser settings. Note that disabling cookies necessary for authentication, security, or maintaining user preferences may hinder, and in extreme cases prevent, the use of websites.
To manage cookie settings, select your browser from the list below and follow the instructions:
– Edge, Chrome, Safari, Firefox, Opera
**Mobile Devices**:
– Android, Safari (iOS), Windows Phone
**Changes to the Privacy Policy**
1. The Administrator reserves the right to amend this Privacy Policy at any time, while committing to promptly publish the updated Policy on the Website and notify Users of the changes.
2. The Administrator reserves the right to modify, withdraw, or alter the functions or features of the Website’s pages, as well as to cease operations, transfer rights to the Website to a third party, and perform any legal actions permitted by applicable law.