Privacy Policy 

1. General information

• This policy applies to the website, operating at URL: stellmet.pl.
• The Operator of the Service and the Administrator of personal data is STELLMET Sp. z o.o. Sp. k. ul. Jana III Sobieskiego, no. 11, loc. E6, 40-082 Katowice
• Operator’s e-mail contact address: biuro@stellmet.pl
• The Operator is the Administrator of your data concerning the data you voluntarily provide on the website.
• The Service uses personal data for the following purposes:
  • Maintaining a newsletter
  • Handling inquiries via the contact form
  • Presentation of offers or information
• The Service performs functions of obtaining information about users and their behavior in the following ways:
  • through voluntarily entered data in the forms entered into the Operator’s systems.
  • by storing cookies on end devices.

2. Selected data protection methods used by the Operator

• The login and personal data entry sites are protected in the transmission layer (SSL certificate). This ensures that the personal and login information entered on the site is encrypted on the User’s computer and can only be read on the target server.
• Personal data stored in the database is encrypted so only those holding the Operator’s key can read it. This protects the data in case the database is stolen from the server.
• User passwords are stored in hashed form. The hash function works unidirectionally – it is impossible to reverse its operation, which is now the modern standard for storing user passwords.
• The Operator periodically changes its administrative passwords.
• To protect the data, the Operator regularly makes security copies.
• An essential element of data protection is the regular updating of all software the Operator uses to process personal data, which in particular means regular updates of software components.

3. Hosting

• The Service is hosted (technically maintained) on the Operator’s servers: (…)
• The hosting company keeps logs at the server level to ensure technical reliability. The record may be subject to:
  • resources specified by the URL identifier (addresses of the requested resources – pages, files),
  • time of arrival of an inquiry,
  • time of sending a response,
  • the name of the client station – identification implemented by the HTTP protocol,
  • Information about errors that occurred during the execution of HTTP transactions,
  • URL address of the page previously visited by the User (referrer link) – in case the access to the website was made through a link,
  • information about the User’s browser,
  • IP address information,
  • diagnostic information related to self-ordering services through registrars on the site,
  • details on handling e-mails addressed to the Operator and sent by the Operator.

4. Your rights and additional information about how your data is used

• In certain situations, the Administrator has the right to transfer your data to other recipients, if necessary, to perform the contract concluded with you or fulfill obligations incumbent on the Administrator. This includes such groups of recipients:
  • hosting company on a trust basis
  • couriers
  • authorized employees and associates who use the data to fulfill the purpose of the site
  • companies, providing marketing services to the Administrator
• The Administrator processes your data for no longer than necessary to perform the related activities specified by separate regulations (e.g., on accounting). Marketing data will not be processed for more than three years.
• You have the right to request from the Administrator:
  • access to personal data concerning you,
  • their correction,
  • deletion,
  • limit processing,
  • and transfer of data.
• You have the right to object to the processing indicated in Section 3.2, to the processing of your data to carry out the legitimate interests pursued by the Administrator, including profiling, whereby the right to object will not be exercised if there are valid legitimate reasons for the processing that override your interests, rights, and freedoms, in particular the establishment, assertion or defense of claims.
• Provision of personal data is voluntary but necessary to operate the Service.
• Automated decision-making may be undertaken concerning you, including profiling to provide services under the concluded agreement and for the purpose of direct marketing by the Administrator.
• Personal data is not transferred to third countries in terms of data protection laws. This means that we do not send them outside the European Union.
  

5. Information in contact forms

• The Service collects information voluntarily provided by the User, including personal information, if provided.
• The Service can save information on connection parameters (time stamp, IP address).
• The Service, in some cases, may record information to help link the data in the form to the user’s e-mail address filling out the form. In this case, the User’s e-mail address appears inside the form’s page URL.
• The data provided in the form is processed for the purpose resulting from the function of the specific form, e.g., to perform the service request or business contact, registration of services, etc. Each time, the context and description of the form inform what it is used for.

6. Administrator Logs

• User behavior information on the site may be subject to logging. This data is used to manage the Service.

7. Relevant marketing techniques

• The Operator analyzes statistical website traffic through Google Analytics (Google Inc. based in the USA). The Operator does not transmit personal data to the Operator of this Service, only anonymized information. The Service is based on cookies being used on the User’s end device. Regarding the information about user preferences collected by the Google advertising network, the User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/
• The Operator uses remarketing techniques to tailor advertising messages to the User’s behavior on the site, which may give the illusion that the User’s personal information is being used to track the User. Still, in practice, no personal data is transferred from the Operator to the advertising operators. A technological prerequisite for such activities is that cookies are enabled.
• The Operator uses the Facebook pixel. This technology causes Facebook (Facebook Inc., based in the US) to know that a registered person is using the Service. Based on the data about which he is the Administrator, the Operator does not transfer any additional personal data from himself to Facebook. The Service is based on cookies used on the User’s end device.
• The Operator employs a solution to study user behavior by creating heat maps and recording behavior on the site. This information is anonymized before it is sent to the service provider so that it does not know which individual it relates to. In particular, typed passwords and other personal data are not recorded.
• The Operator uses a solution that automates the website’s operation for users, e.g., that can send an e-mail to a user after visiting a particular subpage, provided that the User has agreed to receive commercial correspondence from the Operator.

8. Information about cookies

• The website uses cookies.
• Cookies are IT data, mainly text files, stored in the Service User’s terminal equipment and intended for use on the Service’s websites. Cookies usually contain the name of the website from which they originate, the time they are stored on the end device, and a unique number.
• The entity placing cookies on the Service User’s terminal equipment and accessing them is the Service operator.
• Cookies are used for the following purposes:
  • maintaining the session of the Service user (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage of the Service;
  • to achieve the objectives above under “Important marketing techniques.”
• The Service uses two main types of cookies: session cookies and persistent cookies. “Session” cookies are temporary files stored on the User’s terminal device until the User logs out, leaves the website, or shuts down the software (web browser). “Persistent” cookies are stored on the User’s terminal device for the time specified in the cookie parameters or until the User deletes them.
• Web browsing software (Internet browser) usually allows cookies to be stored on the User’s terminal device by default. Users of the Service may change their settings in this regard. Your web browser will enable you to delete cookies. It is also possible to automatically block cookies. For details, please refer to your browser’s help or documentation.
• Restrictions on the use of cookies may affect some of the functionality available on the website.
• Cookies placed in the Service User’s terminal equipment may also be used by entities cooperating with the Service Operator; in particular, this applies to companies such as Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), and Twitter (Twitter Inc. based in the USA).

9. Managing cookies – how to give and revoke consent in practice?

• You can change your browser settings if you do not want to receive cookies. We stipulate that disabling cookies necessary for authentication processes, security, and maintenance of user preferences may hinder and, in extreme cases, may prevent the use of websites
• To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:
  • Edge.
  • Internet Explorer
  • Chrome
  • Safari.
  • Firefox.
  • Opera.
• Mobile devices:
  • Android.
  • Safari (iOS).
  • Windows Phone.