Privacy Policy

Definitions used in this information

Administrator – Franc-Textil Sp. z o.o. with its registered office at ul. Przemysłowa 10, 58-130 Żarów, NIP PL8842486272.

Personal data – information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as an IP address, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Policy – this Privacy and Cookies Policy.

User – any natural person visiting the Website or using one or more of the services or features described in the Policy, as well as a natural person whose personal data is processed by the Administrator, e.g. a visitor to the Administrator’s premises or someone who contacts the Administrator by email or letter.

Website – a website operated by the Administrator at https://www.franctextil.pl.

Introduction

  1. The purpose of this Policy is to define the principles, methods of processing and use of Users’ personal data. The Policy also includes information on the rights of individuals with regard to the personal data they provide. The legal basis for the Policy is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, as well as the Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018, item 1000). This Policy is a fulfilment of the obligations of the Controller arising from Articles 12 and 13 of the GDPR.
  2. The Policy applies to every website, application or service referring to this information, as well as to data transmitted through them, by telephone, electronic means or in person at the Controller’s premises. Please note that by leaving the Controller’s website, Users enter an area where the Policy does not apply. The Controller is not responsible for the privacy policies of sites operated by other entities.
  3. In connection with the economic activity carried out by the Controller and the use of the Service by Users, the Controller collects data to the extent necessary for the provision of individual services offered, as well as information on Users’ activity on the Service. Below are detailed rules and purposes of personal data processing.

Using the Service

Personal data of all persons using the Service (including IP address or other identifiers and information collected through cookies or similar technologies) is processed by the Administrator:

  • for the purpose of providing electronic services in the scope of providing Users with content collected in the Service – in this case, the legal basis for processing is the necessity to process in order to perform the contract (Art. 6 Para. 1 pt. b GDPR);
  • for analytical and statistical purposes – in this case, the legal basis for processing is the legitimate interest of the Administrator (Art. 6 Para. 1 pt. f GDPR), consisting in conducting analyses of Users’ activities, as well as their preferences, in order to improve the functionalities used and services provided;
  • for the purpose of any claims settlement or defense against claims – the legal basis for processing is the legitimate interest of the Administrator (Art. 6 Para. 1 pt. f GDPR), consisting in protecting his rights;

 

The User’s activity in the Service, including his personal data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and actions related to the IT system used to provide services by the Administrator). The information collected in the logs is primarily processed for the purposes related to the provision of services. The Administrator also processes them for technical and administrative purposes, for the purposes of ensuring the security of the IT system and managing this system, as well as for analytical and statistical purposes – in this respect, the legal basis for processing is the legitimate interest of the Administrator (Art. 6 Para. 1 pt. f GDPR).

Email and Traditional Correspondence

In case of contacting the Administrator via e-mail or traditional correspondence unrelated to the services provided to the sender or any other contract concluded with him, personal data contained in this correspondence is processed solely for the purpose of communication and settling the matter to which the correspondence relates.

The legal basis for processing is the legitimate interest of the Administrator (Art. 6 Para. 1 pt. f GDPR) consisting in conducting correspondence addressed to him in connection with his business activity.

Telephone Contact

In case of contacting the Administrator by telephone in matters unrelated to the concluded contract or services provided, the Administrator may request personal data only if it is necessary to handle the matter to which the contact relates. The legal basis in such a case is the legitimate interest of the Administrator (Art. 6 Para. 1 pt. f GDPR) consisting in the need to resolve the reported matter related to his business activity.

Collecting Data in the Course of Business Contacts

In connection with the conducted business activity, the Administrator collects personal data, for example during business meetings or through exchange of business cards – for the purposes related to initiating and maintaining business contacts.

Such personal data is processed for the realization of the Administrator’s and his counterparty’s legitimate interest (Art. 6 Para. 1 pt. f GDPR) consisting in creating a network of contacts in connection with the conducted business activity.

Processing Data in Connection with the Provision of Services or Exercise of Other Rights

In the event of collecting data for the purposes related to the performance of a specific contract, the Administrator provides the person whose data is concerned with detailed information regarding the processing of their personal data at the time of entering into the contract or at the time of obtaining personal data in the case where processing is necessary in order to take action requested by the Data Subject before entering into the contract.

Processing personal data of the Administrator’s clients or contractor’s personnel/representatives

If you represent a client or contractor or another entity (e.g. your employer, principal or contractor) in your contacts with us, the data we process about you are contact data related to your function or relationship with the entity on whose behalf you act. We obtained these data directly from you or received them from that entity.

Your personal data are processed for the purpose of:

  • performing the legal obligations of the Administrator, including accounting purposes,
  • performing the legitimate interests of the Administrator, consisting of ensuring the necessary contacts for servicing and performing the contract concluded with the entity on whose behalf you act, providing you with answers to your questions, maintaining business contacts, as well as establishing, pursuing and defending against claims.

The legal basis for processing your personal data is:

  • compliance with legal obligations incumbent on the Administrator (Art. 6 (1) (c) GDPR), consisting in particular in maintaining the Administrator’s accounting (this obligation results primarily from the Accounting Act of 29 August 1997, the Accounting Act of 29 September 1994 and the Value Added Tax Act of 11 March 2004),
  • the legitimate interest of the Administrator (Art. 6 (1) (f) GDPR) described above.

 

Providing personal data is voluntary, but necessary to cooperate with the entity you represent. Refusal to provide personal data will result in the impossibility of maintaining necessary contacts for the performance of the contract or to provide an answer to your question.

Conducting the recruitment process by the Administrator

As part of the recruitment process, the Administrator expects the personal data (e.g. in CV or resume) to be provided only to the extent specified in the labor law (Art. 6 (1) (c) GDPR). In the event that the submitted applications contain additional data that goes beyond the scope indicated by labor law, their processing will be based on the candidate’s consent (Art. 6 (1) (a) GDPR), expressed by an unambiguous confirmatory action of sending the application documents by the candidate. If the submitted applications contain information that is inadequate for the purpose of recruitment, they will not be used or taken into account in the recruitment process.

The recruitment process consists of several stages during which candidates’ personal data are processed: initial selection of received applications, contact with selected candidates, selection of an employee. In the case of expressing agreement by the candidate to process the given personal data in future recruitments, the legal basis for their processing is Art. 6 (1) (a) GDPR, which allows for the processing of personal data on the basis of voluntarily given consent, which can be withdrawn at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

Performing legal obligations imposed on the Administrator

The Administrator processes Users’ personal data in connection with the performance of legal obligations incumbent on him, relating to e.g. maintaining accounting and bookkeeping documentation, as well as the protection of rights of the persons whose data concern.

Such personal data are processed on the basis of Art. 6 (1) (c) GDPR – processing is necessary to fulfil a legal obligation incumbent on the Administrator.

Determination, assertion of claims and defense against claims

In order to determine, assert claims and defend against claims, including documenting objections submitted against the processing of personal data, the Administrator will process personal data of Users that have been provided to him by individuals whose data concern.

The legal basis for processing personal data is Art. 6 (1) (f) GDPR, which allows for the processing of personal data in order to eventually determine, assert or defend against claims, which is the legitimate interest of the Administrator.

Recipients of personal data

In connection with the performance of activities requiring the processing of personal data, personal data may be disclosed to external entities.

The following entities are recipients of personal data entrusted to the Administrator by individuals whose data concern in the minimum necessary scope for the purpose/goals for which the data were obtained:

  • authorized personnel of the Administrator,
  • entities processing personal data on behalf of the Administrator (e.g. accounting office, technical service providers, hosting service providers),
  • relevant authorities authorized pursuant to applicable law.

 

The Administrator declares that he does not sell, disclose or transfer the gathered personal data to other persons or institutions unless it is done with explicit consent or at the request of the persons whose data concern or at the request of authorized state bodies for the purpose of their proceedings or actions related to security or defense, for specific purposes required by law for the public interest, when necessary to fulfill the Administrator’s legitimate objectives.

Transfer of personal data outside the European Economic Area (EEA)

The Administrator does not transfer personal data outside the EEA or to international organizations.

Period of personal data processing

The Administrator processes obtained personal data for the period necessary to achieve the purpose/goals for which they were provided. The period of data processing is related to the purposes and bases of the data processing, therefore:

  • data processed on the basis of legal (tax) requirements will be processed for the time during which legal regulations require data to be stored;
  • if the basis for processing is the fulfillment of the contract, then the data will be processed by the Administrator for as long as it is necessary to perform the contract;
  • data processed on the basis of the legitimate interest of the Administrator will be processed until an effective objection is made by the person whose data concern or the end of that interest. The data processed for the purpose of determining or asserting claims will be processed for a period equal to the limitation period of such claims;
  • personal data processed on the basis of consent will be processed until the consent given by the person whose data concern is withdrawn;
  • personal data processed as part of the recruitment process will be processed until the end of that process.

 

The period of data processing may be extended in case the processing is necessary to determine or assert claims or defense against claims, and after that period – only to the extent required by applicable law. After the data processing period, the data will be irretrievably removed or anonymized.

Cookies

Cookies are small files sent by the web server to the User’s browser and stored on their computer. Cookies help the Administrator analyze network traffic and recognize which part of the website was visited. Cookies do not allow the Administrator to access the User’s computer or information about the Users, except for information on how the website was used and personal data automatically shared due to browser settings.

The Administrator uses session and permanent cookies. Session cookies are temporary files that are stored in the User’s end device until they log out or leave the website. Permanent cookies enable the Administrator to recognize your browser during the next visit to the websites administered by the Administrator and to adapt the Services to the Users’ needs (e.g. remembering preferred language or font size), and for statistical purposes. Permanent cookies remain in the memory of your peripheral device until they are deleted. By using the Service, the User agrees to place cookies on their computer or other device for the purposes indicated above. If the User does not agree to receive cookies, they can manage and control them through the settings of their browser. However, it should be remembered that deleting or blocking cookies may affect how the Administrator’s service is used.

For the purpose of monitoring and improving the website, aggregate information about Users is collected when browsing the website, including details concerning operating system, browser version, domain name, IP address, User’s URL address from which they came to the Administrator’s website and the one to which they go, and which sub-pages of the website have been visited. The Administrator may maintain general statistics, collect data on network traffic to the website, as well as information about related websites and provide this aggregate data to third parties for marketing, advertising or other promotional purposes. However, this aggregate data does not contain any personal data. For statistical purposes, the Administrator uses the services of such suppliers as Google Analytics.

Personal data subjects’ rights

The Administrator enforces the rights related to the processing of their personal data. In particular, the data subjects have the right to:

  • access to their personal data,
  • rectification of personal data,
  • deletion of data (“right to be forgotten”),
  • restriction of the processing of personal data,
  • objection to the processing of personal data.

 

In case the legal basis for the processing of personal data is a legitimate interest of the Administrator, the data subjects have the right to object to the processing of personal data at any time, without having to explain their decision, especially in cases where the legitimate interest consists of direct marketing activities.

The consent given by the data subjects through the websites may be withdrawn at any time, which will not affect the lawfulness of processing of data made before its withdrawal.

The Administrator informs that there is no obligation to delete data (i.e. to realize the “right to be forgotten”) if processing of that data is necessary for:

  • exercising the right to freedom of expression and information,
  • compliance with a legal obligation incumbent on the Administrator on the basis of EU or Polish law,
  • archiving purposes in the public interest, scientific or historical research purposes or statistical purposes,
  • determining, pursuing or defending claims.

 

The rights mentioned above, as well as the intention to withdraw consent, can be realized through the submission of a relevant request electronically to the Administrator’s e-mail address: [email protected], or by mail to the Administrator’s registered office address indicated in point I of the Policy.

In any case where it is believed that the rights of a natural person arising from legal provisions and this Policy are violated, Users have the right to lodge a complaint with the Office for Personal Data Protection located in Warsaw at ul. Stawki 2.

Personal data security

The Administrator ensures the security of personal data against unauthorized disclosure to third parties, taking over data by unauthorized persons, destruction, loss, damage or alteration, as well as processing of data in breach of GDPR.

The Administrator of data takes technical and organizational measures to secure entrusted personal data, meeting GDPR requirements, in particular measures listed in Art. 24 and Art. 32 of GDPR, to ensure confidentiality, integrity and accessibility of processing services of the personal data supplied.

Automated decision-making and profiling

Your data may be processed by the Administrator in an automated way, including profiling. However, decisions concerning individuals resulting from this processing will not be automated.

Final provisions

In all fields not covered by this Policy, EU and national data protection regulations are binding.

Do you have any questions?

If you have any questions about the processing of your personal data and your rights, please contact our Data Protection Officer: [email protected].

Last updated: February 15th, 2024

Contact details

Linkedin Youtube Facebook Map-marked-alt

Privacy policy

Copyright Franc-Textil © 1993-2024, All rights reserved

Our brands

Privacy policy

Copyright Franc-Textil © 1993-2024, All rights reserved