§1. General Provisions

  1. The Data Controller is as follows: Omnipack Sp. z o.o. with the seat in Duchnice, ul. Ożarowska 40/42, entered into the Register of Entrepreneurs with the following National Court Register number: KRS 0000604889, the registration files are kept by the District Court for the Capital City of Warsaw, 12th Economic Division of the National Court Register, VAT ID: 5223055791, REGON: 363864156, equity capital in the amount of: PLN 41.150.00.  
  2. Data protection is carried out in accordance with the requirements of generally applicable law and it is stored on secured servers.
  3. In order to better understand the Privacy Policy, the term “User” has been replaced with the term “You”, and the term “Controller” has been replaced with the term “We”. GDPR is the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  4. We respect the right to privacy and ensure safety of data.  
  5. Personal data entered into the form on the website or landing page is treated as confidential and not visible to unauthorised people.

§2. Data Controller

  1. The Service Provider is the Controller of data of its customers. This means that when you specify your data on our website, we will process the following data: name, surname, e-mail address, phone number and address of your online shop.
  2. The Service Provider is also the Controller of data of people who signed up to the newsletter and to the webinar (if the latter is organised).
  3. Personal data is processed:
    • In line with the regulations regarding personal data protection,
    • In line with the implemented Privacy Policy,
    • To the extent and for the purpose necessary to establish and shape the contents of an Agreement and for its change or resolution as well as to ensure proper implementation of the Services provided electronically,
    • In the scope and purpose required to fulfil justified business (legally-justified aims) of the Controller and the processing does not violate freedom rights of the person to whom it relates:
      • If you have sent an enquiry through the form on our website, landing page or via the form on Facebook,
      • In order to provide an offer of products and services directly (direct marketing), including in particular in the scope compliant with your consent, if you signed up to a newsletter,
      • for analytical, archiving, statistical and evidence purposes (settlement).
  4.  Each person to whom the data relates (if we are the data Controller) has the right to the following:
    • accessing their data and receiving its copy;
    • clarifying (correcting) their data;
    • deleting data – if in their opinion there are no grounds for our processing of the data;
    • limiting data processing – if in their opinion we possess incorrect data relating to them or process it without justification; or if such a person does not wish for the data to be removed as it is required for determining, investigating or defending claims; or for the time of an objection submitted by that person with regard to data processing;
    • object to processing of personal data for the purpose of direct marketing and the right to object to processing data on the basis of a legally justified business, for purposes other than direct marketing;
    • transferring data – you have the right to receive your personal data in a structured, commonly used machine-readable format, that was submitted to us based on an agreement or consent; you can also request us to send such data to another entity directly;
    • submitting a complaint to a supervision authority – if you feel that we are processing your data unlawfully, you can submit a complaint to the President of the Office of Personal Data Protection or another appropriate supervisory authority;
    • the right to revoke the consent for processing your personal data – you have the right to revoke the consent for processing your personal data at any time, that we process on the basis of your consent; revoking the consent will not affect the legality of the processing, which was made on the basis of the consent before its revoking.
  5. An inspector has been assigned at the Service Provider’s headquarters, Mateusz Sawaryn, that you can contact by writing to: kontakt@omnipack.pl
  6. Your data will be processed no longer than it is necessary for providing a response to your enquiry, to provide a cost estimate of services or sending a newsletter. After this time, the data may be processed until any possible claims are outdated. Personal data processed for purposes covered by the statement may be processed for such purposes until the consent is revoked. Revoking the consent has no impact on compliance with the law of processing that was made on the basis of the’ consent.
  7. Access to personal data of users may be provided to the following data recipients, while retaining all warranties ensuring safety of the data disclosed:
    • our authorised employees/co-workers,
    • service providers supplying technical and organisational solutions to us (specifically entities providing ICT and marketing services, courier companies, providers of legal and advice services and their authorised employees/co-workers),
    • entities analysing data in order to personalise advertisement and being separate controllers in this scope, in particular Google LLC.
  8. Furthermore, the Service Provider has the right to disclose personal data of a User and their other data to entities authorised according to the applicable laws (e.g. law enforcement agencies).
  9. Personal data of users may be provided to countries beyond the European Economic Area, such as:  Google LLC (Privacy Policy) and HubSpot Inc.  (Privacy Policy) subject to certification under EU – US Privacy Shield, which may be checked at any time at the following address: https://www.privacyshield.gov/list / Unbounce Marketing Solutions Inc. (Privacy Policy) – provided based on a decision confirming the proper protection level).
  10. Besides the above cases, we will not disclose or permit disclosing of personal data provided by the users outside the EEA (namely beyond the European Union, Norway, Lichtenstein, Iceland), unless we take the appropriate measures to ensure that such disclosing complies with GDPR. The measures referred to above may include particularly disclosing personal data  to a recipient in a country which, according to the decision of the European Commission, ensures proper personal data protection or a recipient in the USA, that certified compliance with the EU-USA Privacy Shield.
  11. Removing personal data may take place as a result of revoking a consent or submitting a legally-permitted objection for processing personal data.
  12. We have implemented pseudonymisation and encryption of data. We have also implemented access control which enables to minimise effects of any possible violation of data safety.
  13. Our service was not designed with children up to the age of 16 in mind. It is not addressed to children.

§3. Cookie

  1. Www.omnipack.pl uses cookies. Cookies are small text files sent by our web server and stored by a web browser. When the browser reconnects with the site, the site recognizes the type of device used by the User to connect. Parameters allow the information contained in the cookies to be read only by the server that created them. Therefore, cookies facilitate the use of websites that have been previously visited.
    Information collected relates to the IP address, type of used web browser, language, type of operating system, supplier of internet services, information about time and date, location and other information sent to the website via the contact form.
  2. The data collected is used for monitoring and checking in what way users browse our website, to improve service functioning ensuring more effective and problem-free navigation. Information about users is monitored via Google Analytics, which registers user behaviour on the website.
    Cookies identify a user which enables to adjust the website content to their needs. They enable to adjust advertisements targeted at a user by remembering the user’s preferences. We use cookie files to guarantee the highest standard of convenience of our website, while the data collected is used only internally by Omnipack in order to optimise activities.
    We also use Google AdWords, where Google is a separate personal data controller.  Data that we collect about users help us in better targeting advertisement and promotions.
    Within the website, also the following services are active: Facebook Ads and Facebook Business Tools (Facebook Pixel). Thanks to this technology, users who visited our website through an advertisement on another website of a Facebook partner, may see our advertisement again.
  3. Our website uses the following cookie files:
    • required cookies that enable use of services available within the website, e.g. encrypting cookie files used for services requiring encryption on the website;
    • cookie files used for ensuring safety, e.g. used for detecting violations in the scope of encryption on the website;
    • performance cookies enabling to collection information about the method of using particular pages of our website;
    • functional cookie files, enabling to remember settings selected by the user as well as personalisation of the user interface, e.g. in the scope of the selected language or region from which the user originates as well as the font size, website appearance, etc.;
    • advertising cookie files enabling to provide advertisement content to users that is more adjusted to the users interests.
  4. The User has the possibility of deactivating or restoring the option of collecting cookies by changing the web browser settings. Instruction for managing cookie files is available at: http://www.allaboutcookies.org/manage-cookies.