PRIVACY POLICY

I. Definitions

1. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)

2.Personal data or personal data or data – all information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technology.

3. Administrator – KN MOTO Nadolny sp.k., with its registered office at ul. Bukowska 50, 62-070 Dąbrowa. Entered into the National Court Register kept by the District Court Poznań – Nowe Miasto i Wilda in Poznań, VIII Commercial Division of the National Court Register under KRS number: 0000761371, having NIP number: 7831793952, REGON: 381975210

4. User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.
5. Website – a website run by the Administrator at https://secamoto.com/

6. Policy – this Privacy Policy.

II. Processing of personal data by the Administrator

1. In connection with the use of the Service by Users, the Administrator processes data to the extent necessary to provide individual services offered through the Service and/or to ensure the use of functionalities specified in the Policy, as well as information about Users’ activity on the Service.

2. The Administrator also processes personal data of Users visiting Administrator’s profiles maintained on social media portals.

3. This Policy sets out the rules and conditions under which the Administrator processes Users’ personal data.

III. Objectives and legal basis for processing Users’ personal data

1. Using the Service

Personal data of Service Users (including IP address or other identifiers and information collected through cookies or other similar technologies) are processed by the Administrator:

– for the purpose of providing services electronically in the scope of providing Users with access to content and materials collected on the Website – the legal basis for processing is the necessity of processing for the performance of the contract (art. 6 sec. 1 lit b GDPR)

– for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users’ activity, as well as their preferences in order to improve the functionalities used and services provided;

– for the purpose of possible establishment and pursuit of claims or defense against them – the legal basis for processing is the legitimate interest of the Administrator (art. 6 sec. 1 lit f GDPR) consisting in protection of his rights.

2. SecaCare Program

Personal data of Users registering in the SecaCare Program (including name and surname, e-mail address, correspondence address, telephone number, product data, data concerning the proof of purchase, date of purchase, data concerning the place of purchase of the product and its seller, claim code, discount code (if such codes are assigned)) are processed by the Administrator:

– for the purpose of providing electronic services in the scope of handling the notification process for the SecaCare Program and handling the claims notification process within the SecaCare Program and providing electronic services in the scope of concluding and performing a warranty agreement on the terms and conditions specified in the SecaCare Program regulations in connection with the User’s notification to the SecaCare Program – then the legal basis for processing is taking action at the User’s request before concluding the contract and the necessity of processing for the performance of the contract (Article 6(1)(b) of the GDPR);

– for analytical and statistical purposes – then the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users’ activity, as well as their preferences in order to improve the functionalities used and services provided;

– for the purpose of possible determination and pursuit of claims or defense against them – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in protecting his rights

Providing this data is voluntary, but subject to providing a telephone number, which is optional, necessary to participate in the SecaCare Program or to report and handle claims within this program. Personal data is processed for the time necessary to implement the rights under the SecaCare Program. The data processing period may be extended if processing is necessary to determine and pursue any claims or defense against them, and after that time only to the extent and extent required by law. After the processing period has expired, the data is irreversibly deleted or anonymized.

3. Newsletter. 

1. To sign up for the Administrator’s newsletter, the User provides the following personal data through the newsletter registration form available on the Website: e-mail address and first name. Providing data is voluntary but necessary to sign up for the newsletter.

2. Signing up for the Administrator’s newsletter is also possible when registering for the SeacCare Program, which is voluntary and not required to participate in the SecaCare Program.

3. Personal data of Users who have agreed to receive the newsletter are processed for the purpose of sending the newsletter, and the legal basis for processing is consent (Article 6(1)(a) of the GDPR).

4. Personal data related to the newsletter will be processed until the User withdraws the consent given, which the User may withdraw at any time – without affecting the lawfulness of the processing carried out before its withdrawal.

5. The data processing period may be extended if processing is necessary to determine and pursue any claims or defense against them, and after that time only to the extent and extent required by law. After the processing period has expired, the data is irreversibly deleted or anonymized.

4. Contact

1. The Administrator provides the possibility of contacting him/her through appropriate electronic contact forms on the Website. It is also possible to contact the Administrator by e-mail.

2. Use of the form requires providing the following personal data: name and e-mail address necessary to contact the User and respond to the inquiry. The User may also provide other data including phone number to facilitate contact or inquiry handling. Providing data marked as mandatory is required to accept and handle the inquiry and failure to provide them results in inability to handle it. Providing other data is voluntary.

3. Contact with the Administrator by e-mail involves providing the Administrator with an e-mail address and other personal data indicated by the User. Providing personal data is voluntary but necessary to establish contact.

4. Personal data is processed:

– for the purpose of identifying the sender and handling their request sent via the provided form – in terms of data necessary to establish contact or handle the request, the legal basis for processing is the necessity of processing to perform a service contract (Art. 6 sec. 1 lit. b GDPR) 

– for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Art. 6 sec. 1 lit. f GDPR), consisting in conducting analyses of Users’ activity and preferences while using the Service and how they use their account to improve the functionalities used.

– for the purpose of identifying the sender and handling their request sent via the provided form – in terms of data that are not necessary to establish contact or handle the request and in case of establishing contact via e-mail – legal basis is User’s consent (Art. 6 sec. 1 lit. a GDPR).

5. Personal data will be processed for the duration of correspondence with the User. Personal data for which consent has been given for processing will be processed until the expressed consent is withdrawn, which the User may withdraw at any time – without affecting the lawfulness of the processing carried out before its withdrawal.

6. The period of data processing may be extended if processing is necessary to establish and pursue any claims or defend against them, and after this time only to the extent and scope required by law. After the processing period, data is irreversibly deleted or anonymized.

5. Social media

1. The administrator processes the personal data of users visiting the administrator’s profiles on social media (Facebook, Instagram). This data is processed solely in connection with running the profile, including informing users about the administrator’s activity and promoting various types of events, services and products.

2. The legal basis for processing personal data by the administrator for this purpose is his legitimate interest (art. 6 sec. 1 lit. f GDPR) consisting in promoting his own brand

IV User rights related to the processing of personal data.

1. The user has the following rights related to the processing of personal data: the right to access personal data, the right to rectify personal data, the right to delete personal data, the right to restrict processing, the right to object to the processing of personal data, the right to transfer data, the right to lodge a complaint with a supervisory authority dealing with the protection of personal data and the right to withdraw consent to the processing of personal data, which does not affect the lawfulness of processing before its withdrawal.

2. The administrator enables the person whose data it concerns to exercise the rights mentioned above on the terms specified in the GDPR provisions, in particular in Articles 16-21 of the GDPR.

3. The user has the right to object to the processing of data for marketing purposes if the processing is related to the legitimate interest of the Administrator, as well as – for reasons related to the User’s particular situation – in other cases where the legal basis for data processing is the legitimate interest of the Administrator (e.g. in connection with analytical and statistical purposes)

4. The Administrator does not transfer and will not transfer personal data to recipients in third countries or to international organizations. The Administrator ensures that Users’ personal data is safe and confidential and guarantees the maintenance of all security measures and personal data protection required by the GDPR.

V. Data recipients

1. In connection with the provision of services and functionalities described in the Policy, personal data will be disclosed to external entities, i.e. entities whose services the Administrator uses during data processing and service provision or implementation of functionalities described in the Policy, including in particular service providers responsible for servicing the Service and sellers authorized by the Administrator.

2. The Administrator reserves the right to disclose selected information concerning the User to appropriate authorities or third parties who request such information, based on an appropriate legal basis and in accordance with applicable law

VI. Cookies

1. The Administrator uses cookies primarily to provide Users with services provided electronically and to improve the quality of these services, based on the Administrator’s legitimate interest, consisting in creating statistics and their analysis for the purpose of optimizing the Service

2. Cookies are small text files stored on end-user devices (e.g., computer, tablet, smartphone) that can be read by the Administrator’s IT system (first-party cookies) or third-party IT systems (third-party cookies).

3. Some cookies are deleted after the end of an internet browser session, i.e., after it is closed (session cookies), while others are stored on the end-user device and allow the Administrator to recognize the user’s browser during subsequent use of the Service (persistent cookies).

4. During the first visit to the Service, information about the use of cookies is displayed. Users have the option of managing cookies from within the Service or their browser or deleting cookies altogether. Browsers manage cookie settings in different ways. In the help menu of a given internet browser, there are explanations regarding changing cookie settings.

5. The Administrator also uses cookies from third parties in connection with the use by the Administrator of the following tools: • Google Analytics tool, which collects information about visits to the Service, for this purpose cookies of Google LLC related to the Google Analytics service are used; • Google Tag Manager tool, which allows monitoring of how Users use the Service, for this purpose cookies of Google LLC related to the Google Tag Manager service are used.

6. The Administrator also gives Users the possibility to use social functions such as sharing content on social networking sites. Their use may involve the use of cookies by administrators of social networking sites such as Facebook, Instagram, Twitter, Google+ or YouTube. Videos from YouTube are also placed in the Service and on social networking sites. For this purpose, cookies of Google LLC related to the YouTube service are used. By playing videos, Google receives information about it. The Service also uses plugins and other social tools provided by social networking sites. These services may directly assign data collected during visits to the Service to the User’s profile on a given site. The use of the Service is also associated with sending queries to the server on which the Service is stored. Each query directed to the server is saved in server logs. Logs include, among others, the User’s IP address, server date and time information about the web browser and operating system used by the User. Logs are saved and stored on the server. Data saved in server logs is not associated with specific persons using the Service and is not used by us for identification purposes. Server logs are only auxiliary material used for administering the Service and their content is not disclosed.

7. Using the service involves sending queries to the server on which the service is stored. Each query directed to the server is saved in the server logs. The logs include, among other things, the user’s IP address, the date and time of the server, information about the web browser and operating system used by the user. The logs are saved and stored on the server. The data saved in the server logs is not associated with specific individuals using the service and is not used by us for identification purposes. Server logs are only auxiliary material used to administer the service, and their content is not disclosed to anyone other than persons authorized to administer the server.

VII. Contact details, Policy changes

1. The Administrator reserves the right to change the Policy by publishing a new privacy policy on the Administrator’s website.

2. Any doubts or questions regarding the Policy or personal data processing should be directed to the Administrator via the contact form available on the website at https://secamoto.com/kontakt/.