GDPR

Detailed information on the processing of personal data

Personal Data Administrator.
1. The administrator of your personal data is the company ZIMET SP. z o.o. with headquarters in Jadwisin at ul. Malinowa 1, 05-140 Jadwisin, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court in Warsaw, KRS 0000547677, NIP number 7010472661, with the share capital fully paid up.
  Contact details Administrator:
  
  Address:
  
  Zimet Sp. Z o.o. , Malinowa 1, 05-140 Jadwisin Poland
  
  Email:
  
  office@sewing-machines.cy
Data Protection Officer.
1. The administrator has appointed a Data Protection Officer, whom you can contact electronically by sending a message to the e-mail address office@sewing-machines.cy
Purposes and legal grounds for the processing of personal data.
1. Zimet processes your personal data primarily for the purposes of concluding and then performing, including considering complaints, terminating and settling the Purchase and Sale Agreement, and accepting payments using payment instruments, i.e. for the purposes related to the provision of services by Zimet to the Merchant. payment covered by the Agreement. The above also includes the processing of personal data related to communication between Zimet and you to the extent that it is related to the purposes referred to in the first sentence. Zimet processes this personal data on the basis of art. 6 sec. 1 lit. b) Regulations ¹, this is due to the fact that the processing of this data is necessary for the conclusion and performance of a payment service contract (Agreement for accepting payment using payment instruments) to which you are a party, and to take steps related to its conclusion – before concluding Contracts.
2. Zimet processes your personal data related to the provision of payment services and the conclusion of a purchase and sale contract and for the provision of payment services (Agreements for accepting payments using payment instruments) also for the purpose of possible claims related to non-performance or improper performance of your obligations related to the Agreement, in in particular, obligations related to the payment of amounts due to Zimet from you for the performance and / or non-performance or improper performance of the Agreement. Zimet processes this personal data on the basis of art. 6 sec. 1 lit. f) Regulations ¹, it is due to the fact that the processing of these is necessary for the purposes of the legitimate interests pursued by the Administrator.
3. ZIMET processes your personal data related to the provision of the purchase and sale contract and payment services, with the exception of the so-called sensitive data ^2,³, to the extent necessary to prevent fraud related to the performed payment services or the operation of the payment system as well as the investigation and detection of such fraud by the competent authorities. Zimet processes this personal data on the basis of art. 6 sec. 1 lit. c), d) and f) of the Regulation, it is due to the fact that the processing of these is necessary to fulfill the legal obligation incumbent on the Administrator and is necessary to protect the interests of payment service users, and is also necessary for the purposes of legitimate interests pursued by payment service providers.
4. Zimet processes your personal data related to the conclusion and performance of the Agreement and accepting payments with the use of payment instruments for purposes related to the performance of obligations under the provisions on counteracting money laundering and terrorist financing, in particular to identify and assess risks related to money laundering and terrorist financing. , application of security measures including, inter alia, customer identification and verification of its identity. Zimet processes this personal data on the basis of art. 6 sec. 1 lit. c) of the Regulation in connection with the provisions on counteracting money laundering and terrorist financing, i.e. due to the fact that the processing of these is necessary to fulfill the legal obligation incumbent on the Administrator as an intermediary institution and obliged within the meaning of the provisions on counteracting money laundering and terrorist financing.
5. Zimet processes your personal data for informational purposes, in particular for marketing its own services and services offered by entities affiliated with Zimet. The above also includes the processing of personal data related to communication between Zimet and you to the extent that it is related to these information purposes, including marketing, referred to in the first sentence. Zimet processes this personal data on the basis of art. 6 sec. 1 lit. f) of the Regulation, i.e. in order to implement the Administrator’s legitimate goals, and may also process them on the basis of your consent (Article 6 (1) (a) of the Regulation).
6. In addition, Zimet processes your personal data for other, permitted by law, purposes directly or indirectly related to the purposes referred to in paragraph 1-4, in particular for archival and statistical purposes, for purposes related to audits, management control, or for consulting purposes. Zimet processes this personal data pursuant to art. 6 sec. 1 lit. f) of the Regulation, i.e. to implement the Administrator’s legitimate goals.
The categories of personal data that are processed.
1. Zimet primarily processes personal data related to the identification of your person and verification of your identity, which includes in particular your name (s) and surname (s), citizenship, PESEL number (or dates of birth and your birthdays – if you have not been given a PESEL number) ), a series and number of a document stating your identity, address of residence, name (company) of your business, its tax identification number and the address of the main place of conducting this business. In addition, Zimet processes your personal data related to the provision of services, including payment services and counteracting violations of law , including – apart from the data referred to in the first paragraph – in particular the following data: your identification number assigned by ZImet in the system, telephone numbers, e-mail addresses, correspondence addresses, payment account numbers, including bank accounts, IP addresses used by you and Your representatives By virtue of this, Zimet primarily processes names and surnames, telephone numbers, residential addresses, business addresses, correspondence addresses and e-mail addresses.
2. Zimet also processes your financial data, including those related to the provision of services, including the provision of a given service, your property and financial situation.
Information on categories of data recipients.

The recipient of the data is a natural or legal person, public authority, entity or other entity to which Zimet discloses your personal data, regardless of whether it is a third party or not.
Public authorities that may receive personal data in the course of a specific proceeding under EU law or the law of a Member State are not considered recipients.
Therefore, Zimet informs about the following categories of recipients:
a.other service providers, to the extent that data must be transferred to them in connection with the provision of services, and to the extent that data must be transferred to them for the purposes referred to in points III.3 and III.4, as well as for other purposes cases where these entities are entitled to obtain information from Zimet, including information containing personal data; in particular, this includes banks and branches of foreign banks, credit institutions, electronic money institutions, payment institutions, credit, payment and virtual card operators;

entities providing legal services related to the activities of Zimet;
entities providing IT services related to the activities of Zimet, including hosting services;
entities providing audit and other services related to controlling the activities of Zimet;
statutory auditors examining documents related to the activities of Zimet;
entities of the capital group in which Zimet is located;
entities other than those indicated above, which are authorized by law to obtain from Zimet information related to the activities of Zimet, which information may include your personal data, including in particular the supervisory authorities of Zimet.

Information on the intention to transfer personal data to a third country or an international organization.
1. Zimet does not intend to transfer your personal data to a third country (i.e. you outside the European Economic Area) or to an international organization.
The period for which personal data will be stored or the criteria for determining this period.
1. Your personal data processed for the purpose referred to in point III.1 will be processed for the duration of the Agreement, and after its termination – for the period resulting from the provisions of law.
2. Your personal data processed for the purpose referred to in point III.2 will be processed for the duration of the Agreement, and after its completion – for the period in which it is possible to pursue claims in court, i.e. until the expiry of the limitation period
3. Your personal data processed for the purpose referred to in point III.3 will be processed for the period necessary to achieve these purposes, in particular taking into account the limitation periods for the criminality of such offenses.
4. Your personal data processed for the purpose referred to in point III.4 will be processed for the period resulting from the provisions of the law on counteracting money laundering and terrorist financing referred to therein, in particular information obtained as a result of applying security measures is stored for a period of 5 years, counting from on the first day of the year following the year in which the transaction with the client was conducted, and information on transactions carried out by the obligated institutions and documents relating to the transaction are kept for a period of 5 years, counting from the first day of the year following the year in which the last transaction related entry was made.
5. Your personal data processed for the purpose referred to in point III.5 will be processed for the duration of the Agreement – if the data are processed pursuant to art. 6 sec. 1 lit. f) of the Regulation, but no longer than until the date of the reasoned objection. However, if the data will also be processed on the basis of your consent, the data will also be processed after the end of the Agreement, for the period indicated in this consent falling after the term of the contract, but no longer than until the consent is withdrawn.
6. Your personal data processed for the purpose referred to in point III.6 will be processed for the period appropriate to the original purpose for which they were collected. However, if, as part of this purpose, data other than as a result of the implementation of the purposes referred to in points III.1-III.5, the data will be processed for the duration of the contract and 10 years from its completion, but no longer than until the date of objection. against such processing, insofar as it is justified.
Information on the obligatory or optional nature of providing personal data.
1. Providing the data referred to in point III.1 is a contractual as well as statutory requirement and you are obliged to provide it. Therefore, if you do not provide them, Zimet will not conclude the Agreement with you. However, if the Agreement was concluded subject to supplementing these data after its conclusion – if they are not supplemented, the Agreement will be terminated.
  Providing the data referred to in point III.2 is a contractual requirement and you are obliged to provide it. Therefore, if you do not provide them, Zimet will not conclude the Agreement with you. However, if the Agreement was concluded subject to supplementing these data after its conclusion – if they are not supplemented, the Agreement will be terminated.
  Providing the data referred to in points III.3 and III.4 is a statutory requirement and you are obliged to provide it. Therefore, if you do not provide them, Zimet will not conclude an Agreement with you, and if the Agreement has been concluded – it will be terminated.
  Providing the data referred to in point III.5 is voluntary, so you may not provide it. However, if these data are also processed for the purposes described in sections III.1-III.4, failure to provide them will have the consequences described above.
  If, as part of the purpose referred to in point III.6, you will be asked to provide personal data other than those collected for the purposes referred to in points III.1-III.5, their provision is voluntary, so you may not provide them.
Information about your rights.
1. You have the right to request the Administrator to access your personal data, including obtaining a copy of the personal data subject to processing. The first copy is free of charge. For any subsequent copies you request, the Administrator may charge a reasonable fee based on administrative costs.
2. You have the right to request the Administrator to correct your personal data that is incorrect, in particular because it has been collected with errors or because it has changed after collection. The above right also covers the supplementation of missing data.
3. You have the right to request the Administrator to delete your personal data, with the proviso that you can exercise this right in the cases specified in the Regulation, i.e. when one of the following circumstances occurs:
  - Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed, in particular if the period in which the Administrator planned or was obliged to process your data has already expired;
  - you have withdrawn your consent (in accordance with the law referred to in section IX.7) on which the data processing is based, unless the controller has any other legal basis for processing;
  - you have objected to the processing (referred to in section IX.5) and there are no overriding legitimate grounds for processing;
  - you have objected to the processing (referred to in point IX.6);
  - if your personal data has been processed unlawfully;
  - if your personal data must be removed in order to comply with the legal obligation provided for in the Union law or the law of the Member State to which the Administrator is subject;
  Zimet may refuse to accept a justified request for the deletion of data referred to above, in cases provided for by law, in particular when further processing is necessary for compliance with a legal obligation requiring processing under Union law or the law of a Member State, for the establishment, exercise or defense of legal claims.
4. You have the right to request the Administrator to limit the processing of your personal data under the conditions set out in the Regulation, that is when:
  1. you question the correctness of personal data – for a period allowing the Administrator to check the correctness of this data;
  2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  3. The administrator no longer needs personal data for the purposes of processing, but you need them to establish, assert or defend claims;
  4. you have objected to the processing referred to in point IX.5. – until it is determined whether the legitimate grounds on the part of the Administrator override the grounds of your objection.
5. You have the right to object to the processing of your personal data by the Administrator in accordance with art. 21 sec. 1 of the Regulation, it is to object – for reasons related to your particular situation – to the processing of your data based on art. 6 sec. 1 lit. e) or f) of the Regulations, including profiling based on these provisions. In the case of the Administrator, the above right to object applies to personal data processed for the purposes referred to in points III.2, III.3, III.5 and III.6 In the event of such objection, the Administrator is no longer allowed to process this personal data, unless he demonstrates the existence of valid legally valid grounds for processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims. . In particular, further processing of personal data despite the objection may result from the purposes referred to in points III.2 and III.3.
6. You have the right to object to the processing of your data by the Administrator in accordance with art. 21 sec. 2 of the Regulation, i.e. to object to the processing of your data for the purposes of such direct marketing, including profiling, to the extent that the processing is related to such direct marketing. direct marketing.
7. You have the right to data portability. Therefore, you have the right to receive your personal data in a structured, commonly used and machine-readable format, which you provided to the Administrator, and you have the right to send this personal data to another administrator without any obstacles on the part of the Administrator, but you are entitled to this right only in the scope of data personal data which are processed on the basis of your consent or on the basis of the Agreement (i.e. in the cases referred to in sections III.5 and III.1), and in the scope of data the processing of which is carried out in an automated manner (but in accordance with point X. at the moment, Zimet does not process data in an automated manner). By exercising this right, you can also request that your personal data be sent by the Administrator directly to another administrator, if technically possible.
8. You have the right to withdraw the consent referred to in section III.5 at any time. Withdrawal of consent, however, does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal. In the event of withdrawal of consent, the Administrator stops processing your personal data, which he processes only on the basis of consent. If your personal data is also processed on a basis other than this consent, the Administrator may still process them on this other basis – as long as it is.
9. You have the right to lodge a complaint with the supervisory body, i.e. to one of the bodies established by individual EU Member States, whose task is to monitor the application of the Regulation. The supervisory body competent for the territory of the Republic of Poland is the Inspector General for Personal Data Protection / President of the Office for Personal Data Protection.
Information on automated decision making, including profiling.
1. Your data will not be processed in an automated manner, including in the form of profiling.
Processing of data for a purpose other than the purpose for which they were collected
1. Subject to point III.6, Zimet does not plan to further process your personal data for a purpose other than the purpose for which the personal data was

Address:	Zimet Sp. Z o.o. , Malinowa 1, 05-140 Jadwisin Poland
Email:	office@sewing-machines.cy