Privacy Policy | Microelectronics

This Privacy Policy sets out the rules governing the storage of and access to data on Users’ Devices used in connection with the provision of electronic services by the Controller through the Service, as well as the rules governing the collection and processing of Users’ personal data voluntarily provided by them through the tools available within the Service.

This Privacy Policy forms an integral part of the Terms of Use, which set out the rules, rights, and obligations of Users using the Service.

1. Definitions

Service - the website "microelectronics.pl" available at https://microelectronics.pl
External Service - websites of partners, service providers, or clients cooperating with the Controller
Service / Data Controller - the controller of the Service and the controller of the data (hereinafter the Controller) is Microelectronics Sp. z o.o., with its registered address at: ul. Augusta Lewakowskiego 53 lok. 303, 38-400 Krosno, Tax Identification Number (NIP): 6842637296, REGON: 181030348, KRS: 0000480001, providing electronic services through the Service
User - a natural person to whom the Controller provides electronic services through the Service.
Device - an electronic device, together with software, through which the User accesses the Service
Cookies - text data collected in the form of files stored on the User’s Device
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Personal Data - information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person
Processing - any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction
Restriction of Processing - the marking of stored personal data with the aim of limiting its processing in the future
Profiling - any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements
Consent - any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them
Personal Data Breach - a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, personal data transmitted, stored, or otherwise processed
Pseudonymisation - the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person
Anonymisation - the irreversible processing of data which destroys / overwrites personal data in such a way that it is no longer possible to identify, or link a given record to, a specific User or natural person.

2. Data Protection Officer

Pursuant to Article 37 GDPR, the Controller has not appointed a Data Protection Officer.
For all matters relating to data processing, including the processing of personal data, please contact the Controller directly.

3. Types of Cookies

First-party Cookies - files placed and read from the User’s Device by the ICT system of the Service
Third-party Cookies - files placed and read from the User’s Device by the ICT systems of External Services. Scripts of External Services that may place Cookies on Users’ Devices have been deliberately embedded in the Service through scripts and services made available and installed within the Service
Session Cookies - files placed and read from the User’s Device by the Service or External Services during a single session of a given Device. Once the session ends, the files are deleted from the User’s Device.
Persistent Cookies - files placed and read from the User’s Device by the Service or External Services until they are manually deleted. The files are not deleted automatically after the Device session ends unless the User’s Device is configured to delete Cookies after the end of the Device session.

4. Data Storage Security

Mechanisms for storing and reading Cookies - The mechanisms for storing, reading, and exchanging data between Cookies stored on the User’s Device and the Service are implemented through the built-in features of web browsers and do not allow any other data to be retrieved from the User’s Device or from other websites visited by the User, including personal data or confidential information. The transfer of viruses, Trojan horses, and other malware to the User’s Device is also practically impossible.
First-party Cookies - the Cookies used by the Controller are safe for Users’ Devices and do not contain scripts, content, or information that could compromise the security of personal data or the security of the Device used by the User.
Third-party Cookies - the Controller takes all reasonably possible steps to verify and select Service partners with Users’ security in mind. The Controller chooses well-known and reputable partners enjoying broad public trust. However, the Controller does not have full control over the contents of Cookies originating from third-party partners. To the extent permitted by law, the Controller shall not be liable for the security of Cookies, their content, or their use in accordance with the applicable licence terms by scripts installed in the Service and originating from External Services. A list of partners is provided later in this Privacy Policy.
Cookie Controls

The User may, at any time, independently change the settings relating to the storage, deletion, and access to data stored in Cookies for each website
Information on how to disable Cookies in the most popular desktop browsers is available at: how to disable cookies or from one of the providers listed below:

The User may, at any time, delete all Cookies stored so far using the tools available on the User’s Device through which the User accesses the Service.

User-side Risks - the Controller applies all reasonably possible technical measures to ensure the security of data stored in Cookies. However, it should be noted that ensuring the security of such data depends on both parties, including the User’s own actions. The Controller shall not be liable for interception of such data, impersonation of the User’s session, or deletion of such data resulting from the User’s intentional or unintentional actions, viruses, Trojan horses, and other spyware with which the User’s Device may be or may have been infected. In order to protect themselves against such threats, Users should follow recognised cybersecurity practices.
Storage of Personal Data - the Controller ensures that it makes every effort to keep personal data voluntarily provided by Users secure, that access to such data is limited and granted only in accordance with its intended purpose and the purposes of processing. The Controller also ensures that it makes every effort to protect the data it holds against loss by applying appropriate physical and organisational safeguards.

5. Purposes for Which Cookies Are Used

Improving and facilitating access to the Service
Personalising the Service for Users
Compiling statistics (users, number of visits, types of devices, connection type, etc.)

6. Purposes of Personal Data Processing

Personal data voluntarily provided by Users is processed for one or more of the following purposes:

Provision of electronic services:
Communication between the Controller and Users regarding matters related to the Service and data protection
Pursuit of the Controller’s legitimate interests

Data relating to Users collected anonymously and automatically is processed for one or more of the following purposes:

Compiling statistics
Pursuit of the Controller’s legitimate interests

7. Cookies of External Services

The Controller uses JavaScript scripts and web components of partners within the Service, which may place their own Cookies on the User’s Device. Please note that in your browser settings, you can decide which Cookies may be used by individual websites. Below is a list of partners or services implemented within the Service that may place Cookies:

Analytics:
- Google Analytics

Services provided by third parties are beyond the Controller’s control. Those entities may change their terms of service, privacy policies, purposes of data processing, and methods of using Cookies at any time.

8. Types of Data Collected

The Service collects data about Users. Some data is collected automatically and anonymously, while some data consists of personal data voluntarily provided by Users when subscribing to or using individual services offered through the Service.

Anonymous data collected automatically:

IP address
Browser type
Screen resolution
Approximate location
Service subpages visited
Time spent on a given Service subpage
Operating system type
Address of the previous subpage
Referring page address
Browser language
Internet connection speed
Internet service provider

Data collected when sending the contact form:

First name / surname / company name
Email address
IP address (collected automatically)

Data collected when subscribing to the Newsletter service

Some data (excluding identifying data) may be stored in Cookies. Some data (excluding identifying data) may be transferred to a provider of statistical services.

9. Access to Personal Data by Third Parties

As a rule, the Controller is the sole recipient of the personal data provided by Users. Data collected as part of the services provided is not transferred to or sold to third parties.

Access to the data (most often under a data processing agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary to operate the Service, such as:

Companies responsible for the Controller’s accounting services (in the event of purchase transactions carried out through the Service)
Companies responsible for delivering physical products to the User (postal / courier services in the event of purchase transactions carried out through the Service)

Transfer of Personal Data - Accounting Services

Where a transaction is concluded, certain personal data of natural persons or data relating to sole traders is transferred to the entity providing accounting services to the Controller, Biuro Rachunkowe Grzegorz Patla. The transfer of such data is governed by an agreement concluded between the Controller and the service provider.

Transfer of Personal Data - Courier Services

Where a transaction is concluded that requires delivery of the subject matter of the transaction by post or courier, certain personal data of natural persons or data relating to sole traders is transferred to the entity providing postal / courier services to the Controller, selected by the User. The transfer of such data is governed by an agreement concluded between the Controller and the service provider.

10. Method of Processing Personal Data

Personal data voluntarily provided by Users:

Personal data will not be transferred outside the European Union unless it is published as a result of an individual action taken by the User (e.g. posting a comment or an entry), which will make the data available to any person visiting the Service.
Personal data will not be used for automated decision-making, including profiling.
Personal data will not be sold to third parties.

Anonymous data (non-personal data) collected automatically:

Anonymous data (non-personal data) may be transferred outside the European Union.
Anonymous data (non-personal data) will not be used for automated decision-making, including profiling.
Anonymous data (non-personal data) will not be sold to third parties.

11. Legal Bases for Personal Data Processing

The Service collects and processes Users’ data on the basis of:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- Article 6(1)(a)
  the data subject has given consent to the processing of their personal data for one or more specific purposes
- Article 6(1)(b)
  processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract
- Article 6(1)(f)
  processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
Act of 16 July 2004 - Telecommunications Law (Journal of Laws 2004 No. 171, item 1800)
Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)

12. Period of Personal Data Processing

Personal data voluntarily provided by Users:

As a rule, the personal data indicated above is stored only for the period necessary to provide the Service through the Service by the Controller. It is deleted or anonymised within up to 30 days from the end of service provision (e.g. deletion of a registered user account, unsubscribing from the Newsletter, etc.)

An exception applies where further processing of such data is necessary to safeguard the Controller’s legitimate interests. In such a case, the Controller will retain the indicated data, from the time the User requests its deletion, for no longer than 3 years in the event of a breach or suspected breach of the Service terms and conditions by the User

Anonymous data (non-personal data) collected automatically:

Anonymous statistical data that does not constitute personal data is stored by the Controller for an indefinite period for the purpose of compiling Service statistics

13. Users’ Rights Related to the Processing of Personal Data

The Service collects and processes Users’ data on the basis of:

Right of access to personal data
Users have the right to obtain access to their personal data by submitting a request to the Controller
Right to rectification of personal data
Users have the right to request that the Controller promptly rectify inaccurate personal data and / or complete incomplete personal data by submitting a request to the Controller
Right to erasure of personal data
Users have the right to request that the Controller promptly erase personal data by submitting a request to the Controller. In the case of user accounts, erasure consists in anonymising data that makes it possible to identify the User. The Controller reserves the right to suspend compliance with a request for erasure in order to protect the Controller’s legitimate interests (e.g. where the User has breached the Terms of Use or where the data was obtained as a result of correspondence conducted).
In the case of the Newsletter service, the User may independently delete their personal data by using the link included in every email message sent.
Right to restriction of processing
Users have the right to request restriction of the processing of personal data in the cases set out in Article 18 GDPR, including where the accuracy of personal data is contested, by submitting a request to the Controller
Right to data portability
Users have the right to obtain from the Controller personal data concerning them in a structured, commonly used, and machine-readable format, by submitting a request to the Controller
Right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases specified in Article 21 GDPR, by submitting a request to the Controller
Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data.

14. Contact Details of the Controller

The Controller may be contacted using one of the following methods:

Postal address - Microelectronics Sp. z o.o., ul. Augusta Lewakowskiego 53 lok. 303, 38-400 Krosno
Email address - info@microelectronics.pl
Telephone - +48 13 42 002 14
Contact form - available at: https://microelectronics.pl/en/contact

15. Service Requirements

Restricting the storage of and access to Cookies on the User’s Device may result in some functions of the Service not operating correctly.
The Controller shall not be liable for any malfunctioning features of the Service if the User restricts, in any way, the ability to store and read Cookies.

16. External Links

The Service - including articles, posts, entries, or Users’ comments - may contain links to external websites with which the owner of the Service does not cooperate. These links and the websites or files they point to may be unsafe for your Device or may pose a risk to the security of your data. The Controller shall not be liable for content located outside the Service.

17. Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy at any time without informing Users in advance with respect to the use of anonymous data or the use of Cookies.
The Controller reserves the right to amend this Privacy Policy at any time with respect to the processing of Personal Data, of which Users holding user accounts or subscribed to the Newsletter service will be informed by email within 7 days of the amendment. Continued use of the services constitutes acknowledgement and acceptance of the changes introduced to the Privacy Policy. If the User does not agree with the changes introduced, they are required to delete their account from the Service or unsubscribe from the Newsletter service.
Any changes introduced to the Privacy Policy will be published on this subpage of the Service.
The changes come into effect upon their publication.