We manage our websites in accordance with the principles set out below:
We undertake to comply with statutory data protection regulations and endeavor always to take into account the principles of data avoidance and data minimization.
1. CONTROLLER
The controller, within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other statutory data protection regulations, is:
Company:
Basic Engineering Sp. z.o.o.
Al. Jana Pawła II 27, 00-867 Warsaw, Poland
Managing Director:
Serhii Tsyviuk
Telephone: +48 22 300 0955
Email: hello@basicobd.com
Website: www.basicobd.com
2. EXPLANATION OF TERMS
We have designed our Privacy Statement in accordance with the principles of clarity and transparency. However, should there be any ambiguity regarding the use of various terms, the corresponding definitions can be found here.
3. LEGAL BASIS FOR PROCESSING PERSONAL DATA
A. PROCESSING OF PERSONAL DATA ACCORDING TO THE GDPR
We process your personal data – such as your first and last names, your e-mail address, IP address, etc. – only if there is a legal basis for doing so. The following rules come into consideration here, in accordance with the General Data Protection Regulation (GDPR):
However, we will always inform you at the appropriate points in this Privacy Statement of the legal basis on which your personal data are being processed.
B. CONSENT OF THE CUSTODIAN ACCORDING TO ART. 8 (1) GDPR
A custodian must consent to all data processing within the scope of this website for which the consent of a minor who has not yet reached the age of 16 is required.
Information on the individual data processing operations, their purposes, and the categories of data concerned, for which the consent of the person concerned is required, can be found in the data protection declaration.
You may withdraw your consent at any time by sending the withdrawal notice in text form to the contact details of the controller. The processing until the revocation remains lawful.
C. PROCESSING OF INFORMATION ACCORDING TO § 25 (1) TTDSG
We also process information pursuant to Section 25 (1) TTDSG by storing information on your terminal equipment or accessing information that is already stored on your terminal equipment. This can be both personal information and non-personal data, e.g., cookies, browser fingerprints, advertising IDs, MAC addresses, and IMEI numbers. Terminal equipment in this context is any device connected directly or indirectly to the interface of a public telecommunications network for the purpose of sending, processing, or receiving messages, § 2 (2) (6) TTDSG.
As a rule, we process this information on the basis of your consent, Section 25 (1) TTDSG.
As far as an exception according to § 25 (1) (1) and (2) TTDSG is given, we do not need your consent. Such an exception is given if we exclusively access or store the information in order to transmit a message via a public telecommunication network or if this is absolutely necessary so that we can provide a telemedia service expressly requested by you.
You may withdraw your consent at any time. We inform you that the withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the withdrawal.
4. DISCLOSURE OF PERSONAL DATA
Where personal data are disclosed, processing is also carried out within the meaning of section 3, above. At this point, however, we would like to inform you separately about the disclosure of data to third parties. The protection of your personal data is particularly important to us. For this reason, we are especially careful when disclosing your data to third parties.
Data is only disclosed to third parties if there is a legal basis for the processing. For example, we disclose personal data to persons or companies acting as processors on our behalf, pursuant to Art. 28 GDPR. A processor is anyone who processes personal data on our behalf, in particular under our instruction and control.
In accordance with the requirements of the GDPR, we conclude a contract with each of our processors in order to ensure that they comply with data protection regulations, thus providing comprehensive protection for your data.
5. STORAGE PERIOD AND ERASURE
We will erase your personal data once those data are no longer necessary for the purposes for which they were collected or otherwise processed, and where the processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
6. SSL ENCRYPTION
This site uses SSL encryption for security reasons and to safeguard the transfer of confidential content, such as any requests you send to us as the operators of the site. An encrypted connection can be identified by the change in the address from “http://” to “https://” and by the padlock symbol in your browser’s address bar.
With SSL encryption activated, the data that you transfer to us cannot be read by third parties.
7. COOKIES
We use cookies on our website. Cookies are small data packets created automatically by your browser and stored on your client device when you visit our website. These cookies are used to store information about the client device being used.
When cookies are used, a distinction is made between technically necessary cookies and “other” cookies. Cookies are said to be technically necessary if they are essential for providing an information society service that you have expressly requested.
A. TECHNICALLY NECESSARY COOKIES
In order to make the use of our services more convenient for you, we use technically necessary cookies, what are known as session cookies (e.g., language and font selection, shopping basket, etc.), consent cookies, cookies to ensure server stability and security, or similar. These session cookies come under the category of technically necessary cookies and are automatically deleted after you have left our site. The legal basis for the cookies derives from Art. 6(1)(f) GDPR, our legitimate interest in the error-free operation of the website, and the interest in providing you with our services optimized.
B. OTHER COOKIES
Insofar as we use further cookies, e.g., for statistical purposes, analysis, and marketing and retargeting purposes, we obtain your consent in advance for this in accordance with Art. 6 (1) (a) GDPR.
You can withdraw your consent to the use of cookies at any time. We would like to inform you that the revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until the withdrawal.
For this purpose, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (whereby the functionality of the online offer can also be limited), or, in individual cases, set an opt-out for the corresponding service.
You can also declare your objection to the use of cookies for marketing purposes via the EU website http://www.youronlinechoices.com or generally at http://optout.aboutads.info.
We will point out the legal basis on which this data is processed for the respective services within the data protection declaration.
8. COOKIE BANNER
To obtain consent for the cookies we use, we use the cookie banner of the service provider Cookiebot, Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. This itself sets a so-called consent cookie to query and process the respective consent status. This consent cookie is technically necessary and is therefore used based on our legitimate interest pursuant to Art. 6 (1)(f) GDPR, § 25 (1) TTDSG.
9. COLLECTION AND STORAGE OF PERSONAL DATA, THEIR TYPE AND INTENDED PURPOSE
A. EXTERNAL HOSTING
Our website is hosted at [Your Hosting Provider Name], [Provider Address].
For this reason, all personal data collected on our website is stored on the servers of our hoster, unless an external service of a third party is integrated. This may be the IP address, your e-mail address, communication data, or the like. You can find out what specific personal data is involved in the individual functions and services explained by us below. If we use an external service of a third party, this will be made clear in the description of the respective service or tool.
The hoster processes your
data only on our instructions and to the extent necessary to fulfill the services on the website. The hoster does not process the data for its own purposes. We have concluded a data processing agreement with the hoster.
B. WHEN VISITING THE WEBSITE
When you access our website, information is automatically sent to our web server by the browser being used on your client device. This information is stored temporarily in what is known as a log file. The following information is recorded without any action on your part and stored until it is automatically erased:
We process the above-mentioned data for the following purposes:
Data that permit you to be identified as an individual, such as the IP address, will be erased after 7 days at the latest. Any data we store beyond this period will be pseudonymized so that they can no longer be associated with you.
The legal basis for the data processing is Art. 6(1)(f) GDPR. Our legitimate interest derives from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of identifying you as an individual.
C. NEWSLETTER
Content of the newsletter and registration data
The sending of our newsletter and the implementation of statistical surveys and analyses as well as logging of the registration process will only take place if you order it from us and have given your corresponding consent in accordance with Art. 6 (1) (a) GDPR, § 25 (1) TTDSG.
The contents of the newsletter are specifically described during registration. To register for a newsletter, it is sufficient to give your e-mail address. If you choose to provide additional data, such as your first name and surname, these will be used solely to personalize the newsletter we send you.
Double-Opt-In and logging
For security reasons, we use the double opt-in procedure to register for our newsletter so that no one can register with other people’s e-mail addresses. Therefore, after you have registered for our newsletter, you will first receive an e-mail asking you to confirm your registration. Only with the confirmation of the registration does it become effective.
Furthermore, your registration for the newsletter will be logged. The logging includes the storage of the registration and confirmation time, your specified data, and your IP address. If you make changes to your data, these changes will also be logged.
Withdrawal of consent
If you no longer wish to receive the newsletter, you may withdraw your consent at any time with future effect. To do this, you can click on the unsubscribe link at the end of each newsletter, or send us an e-mail at the following e-mail address: hello@basicobd.com
The withdrawal of consent does not affect the lawfulness of processing carried out based on consent before its withdrawal.
The newsletter is sent by our corresponding entities Basic Engineering Sp. z.o.o., which send newsletters to our business partners on behalf of the group of companies. We have concluded a corresponding order processing agreement with them in accordance with Art. 28 (3) GDPR.
Use of Webflow.com
We send our newsletters using the newsletter service “[Service Name],” which is operated by [Service Provider Name and Address].
[Service Name] provides extensive analytics on how newsletters are opened and used. These analyses are group-related and are not used by us to evaluate individual newsletter recipients.
Furthermore, according to its own information, [Service Provider Name] may use this data in pseudonymous form, i.e., without assigning it to a user, to optimize or improve its own services, e.g., to technically optimize the dispatch and presentation of the newsletters or for statistical purposes to determine which countries the recipients come from. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
You can find [Service Provider Name]’s privacy policy here: [Service Provider Privacy Policy URL].
Statistical surveys and analyses
The newsletters sent via [Service Provider Name] contain a so-called “web beacon,” i.e., a pixel-sized file that is retrieved from the server of the dispatch service provider when the newsletter is opened. Within the scope of this retrieval, technical information, such as information on the browser and your system, as well as your IP address and the time of the retrieval are initially collected.
This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times.
The statistical surveys also include the determination of whether the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our nor [Service Provider Name]’s intention to monitor individual users. The analyses serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
D. CONTACT FORM
We provide a form on our website for you to contact us at any time. In order to use the contact form, you are required to enter a name (so that we can address you in person), your location, and a valid e-mail address, which we can use to contact you, so that we know who is making the request and we are able to process it.
If you send us requests using the contact form, your data from the request form will be processed, including the contact details you provided in it and your IP address, pursuant to Art. 6 (1)(b) and (f) GDPR, for taking steps prior to entering into a contract with you in response to your request, or to exercise our legitimate interest, i.e., in the performance of our business activities.
Requests and the data associated with them will be erased no later than 3 months after receipt, unless they are required for further contractual relationship purposes.
10. RIGHTS OF THE DATA SUBJECT
You shall have the following rights:
A. RIGHT OF ACCESS
Pursuant to Art. 15 GDPR, you shall have the right to request information about your personal data being processed by us. This right of access includes the following information:
B. RIGHT TO RECTIFICATION
In accordance with Art. 16 GDPR, you shall have the right to obtain from us without undue delay the rectification of inaccurate or incomplete personal data stored by us.
C. ERASURE
In accordance with Art. 17 GDPR, you shall have the right to obtain from us without undue delay the erasure of your personal data stored by us, unless further processing is required for one of the following reasons:
D. RIGHT TO RESTRICTION OF PROCESSING
Pursuant to Art. 18 GDPR, you may request the restriction of processing of your personal data for one of the following reasons:
E. NOTIFICATION OBLIGATION
If you have requested rectification or erasure of your personal data or restriction of processing in accordance with Art.16, Art.17(1), and Art.18, we shall notify all recipients to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You may request that we inform you about those recipients.
F. RIGHT TO DATA PORTABILITY
You shall have the right to obtain the personal data that you have provided to us in a structured, commonly used, and machine-readable format.
You shall also have the right to request the transfer of these data to a third party, provided that processing was carried out by automated means and based on your consent pursuant to Art. 6(1)(1)(a) or Art. 9(2)(a) or for the performance of a contract pursuant to Art. 6(1)(1)(b) GDPR.