PRIVACY POLICY
1. General information
This Privacy Policy sets out the rules for processing personal data of users of the website operating at https://shop.steel-containers.com (hereinafter: the “Service”).
The controller of personal data is:
WIM Michał Olejarz
Rondo Ignacego Daszyńskiego 2B
00-843 Warsaw
NIP: 6572571770
Contact with the Controller:
e-mail: sales@steel-containers.com
phone: +48 602 659 101
The Controller processes personal data in accordance with applicable law, in particular the GDPR.
2. Scope and purposes of data processing
Users’ personal data are processed for the following purposes:
- handling inquiries (forms, e-mail),
- conducting business communication (B2B and B2C),
- execution of orders and contracts,
- payment processing,
- fulfillment of accounting and tax obligations,
- handling complaints and claims,
- pursuing or defending against claims,
- analytics and statistics,
- own marketing activities (subject to consent).
Providing data is voluntary but necessary to achieve the above purposes.
3. Legal basis for processing
Data are processed on the basis of:
- Article 6(1)(b) GDPR – performance of a contract,
- Article 6(1)(c) GDPR – legal obligation,
- Article 6(1)(f) GDPR – legitimate interest,
- Article 6(1)(a) GDPR – consent (e.g. marketing cookies).
4. Data recipients
Data may be transferred to:
- hosting and IT service providers,
- accounting and advisory firms,
- logistics and courier companies,
- payment operators:
- Stripe Payments Europe Ltd. / Stripe Inc.,
- mElements S.A. (Paynow),
- banks,
- legal firms,
- marketing service providers,
- public authorities (in accordance with law).
Data are not sold.
5. Electronic payments
In the case of payments made through the Service, user data are transferred to payment operators to the extent necessary to complete the transaction.
The scope of data may include:
- first and last name,
- e-mail address,
- phone number,
- address,
- transaction details.
Payment operators are independent data controllers.
6. Data retention period
Data are stored:
- for the duration of the contract and as required by law,
- accounting data – in accordance with legal requirements,
- data processed on the basis of consent – until such consent is withdrawn,
- marketing data – up to 3 years.
7. User rights
The user has the right to:
- access to their personal data,
- rectification of personal data,
- erasure of personal data,
- restriction of processing,
- data portability,
- object to processing,
- withdrawal of consent at any time.
A complaint may be lodged with the President of the Personal Data Protection Office.
8. Data transfers outside the EU
Data may be transferred outside the European Economic Area in connection with the use of services:
- Stripe,
- Google,
- Meta.
Transfers are carried out on the basis of standard contractual clauses approved by the European Commission.
9. Data security
The Administrator applies technical and organizational measures to ensure the protection of personal data, in particular:
- SSL encryption,
- server-level security measures,
- regular updates,
- restricted access to data,
- backups.
10. Cookies
The Service uses cookies for the purpose of:
- ensuring proper functioning of the website,
- statistical analysis,
- marketing activities (subject to consent).
Types of cookies:
- necessary,
- analytical,
- marketing.
The user can manage cookies via browser settings or the consent banner.
11. Analytical and marketing tools
The Service uses:
- Google Analytics (Google LLC),
- Google Ads (Google LLC),
- Meta Ads (Meta Platforms Ireland Ltd).
These entities may place their own cookies and process data as independent controllers.
Privacy policies:
12. Final provisions
The Controller reserves the right to amend this Privacy Policy. The current version is always available on the Service.