I. Terms and conditions of liability of the websites as the entity managing and operating the websites.
1. The administrator of the websites is Solartech Sp. Z o.o.
2. The author of the content and graphic works contained on the websites is Solartech Sp. Z o.o.
3. The websites and all their components are protected by applicable law, in particular the Act of February 4, 1994, on copyright and related rights.
4. The authors of the graphic works and content posted do not consent to their publication or modification in any way (in publications, presentations, websites, and in any other manner specified in the Copyright Act) without their written consent.
6. The user has the right to use all content published on the websites, provided that copyright is not infringed. No part of the website may be used for commercial purposes without the prior consent of the website owner.
7. The website owner and its authors are not liable for any moral or financial losses incurred as a result of using the content on the websites.
8. The websites use cookies to identify the browser when using the website. Cookies do not collect any personal data. The data collected, such as the type of browser used, time spent on the website, etc., is used to analyze the statistics of individual websites.
9. The commercial offer presented on the websites does not constitute an offer within the meaning of Article 66 § 1 of the Civil Code and other relevant legal provisions. Each page is for informational purposes only.
II. Personal Data Protection
1. Personal data is processed by Solartech Sp. Z o.o. in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as: GDPR), as well as on the basis of other provisions regulating the protection of personal data.
2. Personal data collected through all types of forms posted on the Administrator’s websites, including, among others, such information as: name and surname, contact telephone number, e-mail address, are used only to identify the Customer, establishing commercial contact with them, providing the Customer with materials prepared by the Administrator, providing a quote for services provided by the Administrator, conducting commercial negotiations with the Customer, and possibly signing and performing a contract.
3. Personal data collected through all types of forms posted on the Administrator’s websites are processed on the basis of the consent of the person (Article 6(1)(a) of the GDPR), as well as on the basis of Article 6(1)(b) of the GDPR, i.e. their processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
4. The consent to the processing of personal data may be withdrawn by the Administrator’s Customers at any time. The withdrawal of consent to the processing of data does not affect the lawfulness of the data processing carried out by the Administrator on the basis of consent before its withdrawal.
5. Consent may be withdrawn by sending an appropriate statement to the following e-mail address: biuro@solartech.pl.
6. The categories of recipients to whom the personal data of the Administrator’s Customers may be disclosed are: employees, associates of the Administrator, accounting office, law firms, national debt registers.
7. Solartech Sp. Z o.o. processes the personal data of Customers using computer systems and software that ensure the highest level of security for the processing of such personal data (such as, among others, encryption and anonymization of transmitted information, periodic changes of system access passwords). The administrator processes the personal data of its customers outside the IT system using technical and organizational measures that ensure the highest level of security for the processing of personal data.
8. The data subject has the right to access their data and rectify it, delete it (the right to be forgotten), restrict its processing, the right to transfer data, the right to withdraw consent to its processing at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.
9. The data subject has the right to object to the processing of their data by the Controller. The objection should be sent to: biuro@solartech.pl
10. If the data subject considers that the processing of their personal data by the Controller violates the provisions of the General Data Protection Regulation, they have the right to lodge a complaint with the Inspector General for Personal Data Protection, who, after the entry into force of the General Data Protection Regulation, will be replaced by the President of the Personal Data Protection Office.
III. The Controller’s obligation to communicate transparently with the data subject (Article 12 of the GDPR):
1. The Controller shall, in a concise, transparent, intelligible, and easily accessible form, using clear and plain language, in particular when the information is addressed to a child, provide the data subject with all the information referred to in Articles 13 and 14 of the GDPR, and communicate with the data subject pursuant to Articles 15-22 and 34 of the GDPR. The information shall be provided in writing or by other means, including, where appropriate, electronically. If the data subject so requests, the information may be provided orally, provided that the identity of the data subject is confirmed by other means.
2. If the Controller has reasonable doubts as to the identity of the natural person making the request referred to in Articles 15-21 of the GDPR, it may request additional information necessary to confirm the identity of the data subject.
IV. Obligations of the Personal Data Controller when processing personal data
The obligations of Solartech Sp. Z o.o., as a personal data controller, arising directly from the GDPR, include in particular:
1. Taking data protection into account at the design stage and default data protection – in order to fulfill this obligation, the Controller has implemented appropriate technical and organizational measures, such as pseudonymization, designed to effectively implement data protection principles, such as data minimization, and to provide the necessary safeguards for processing, so as to protect the rights of data subjects to the highest possible extent.
2. Entrusting data for processing on the basis of a written contract – The controller shall only use the services of processors who provide sufficient guarantees to implement appropriate technical and organizational measures to protect the rights of data subjects.
3. Recording of processing activities.
The controller is required to keep a record of personal data processing activities.
The controller shall make the record available to the supervisory authority upon request.
4. Security of processing. Solartech Sp. z o.o. has implemented and applies the following technical and organizational measures to minimize the risk of personal data breaches: a) pseudonymization and encryption of personal data;
b) the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
d) regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of processing.
When assessing whether the level of security is adequate, the Controller shall take into account, in particular, the risks associated with processing, in particular those resulting from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise processed.
5. Reporting a personal data breach to the supervisory authority. In the event of a personal data breach, the Administrator shall, without undue delay after becoming aware of the breach, report it to the supervisory authority, unless the breach is unlikely to result in a risk to the rights or freedoms of natural persons.
If a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.
6. Conducting a data protection impact assessment.
If a type of processing, in particular using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the start of the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data.
7. Conducting prior consultations.
If the data protection impact assessment indicates that the processing would result in a high risk if the Controller did not take measures to minimize that risk, the Controller shall consult with the supervisory authority on the possibilities and means of processing before commencing processing.
V. Processing of data of minors
By definition, all activities of Solartech Sp. Z o.o. are directed at adults who are capable of making decisions or influencing their making. If the legal guardians of a minor become aware that the minor has filled out a form available on the Administrator’s websites, please contact the Administrator to have this data removed from the database or to withdraw consent by sending an appropriate email to: biuro@solartech.pl
VI. Rights of users of websites belonging to Solartech Co. Ltd.
The data subject:
a) has the right to obtain confirmation from the Administrator as to whether personal data concerning him or her are being processed, and if so, has the right to access them and obtain a range of information (Article 15 of the GDPR),
b) has the right to request the Administrator to immediately rectify any personal data concerning them that is incorrect (Article 16 of the GDPR),
c) has the right to request the Controller to immediately erase personal data concerning her in specified circumstances (Article 17 of the GDPR),
d) has the right to request the Controller to restrict the processing of data in specified cases (Article 18 of the GDPR),
e) has the right to receive, in a structured, commonly used, machine-readable format, personal data concerning them that they have provided to the Controller, and
f) has the right, in the cases listed, to transmit that personal data to another controller without hindrance from the controller to whom the data has been provided (Article 20 of the GDPR),
g) has the right to object to the processing of personal data concerning him or her (Article 21 of the GDPR),
h) has the right not to be subject to a decision based solely on automated processing of personal data concerning him or her, including profiling (Article 22 of the GDPR).
VII. Changes to the privacy policy
Solartech Co. z o.o. reserves the right to change the above privacy policy and regulations by publishing a new privacy policy. If you have any additional questions regarding the privacy policy and regulations of the website, please contact the Administrator at the following e-mail address: biuro@solartech.pl