Privacy Policy

This privacy policy has been adopted in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union No. L 119/1 of 4 May 2016; hereinafter referred to as «GDPR»). The purpose of this policy is, in particular, to fulfill the information obligation referred to in Articles 13 and 14 of the GDPR.

1.DEFINITIONS

In the content of this privacy policy, we use the following terms:

  1. Service – the website operated by FABB Limited Liability Company at www.fabb.pl.
  2. We, FABB, Administrator – FABB Spółka z ograniczoną odpowiedzialnością (Polish limited liability company) with its registered office in Bielsko-Biała (43-300), at 39-41 Komorowicka Street, registered in the National Court Register maintained by the District Court in Bielsko-Biała, VIII Economic Department, under the KRS number 0000668648, VAT ID 9372691985, REGON 366806136, email address: fabb@fabb.pl, phone number 334711174.
  3. You, Sir, Madam, Ladies and Gentlemen, Customers – individuals whose personal data are processed by FABB in connection with the use of the Service.

2. WHO IS THE DATA CONTROLLER?

The data controller is the person or entity responsible for determining the purposes and methods of processing personal data. In your case, the data controller for your personal data is FABB Sp. z o.o.

3. WHOSE PERSONAL DATA DO WE PROCESS?

In connection with our business activities, we process the personal data of users of the Service. The scope of processed data is always appropriate to the purposes of processing.

4. WHAT DATA DO WE COLLECT THROUGH THE SERVICE AND FOR WHAT PURPOSES DO WE USE IT?

The scope of your data that we collect and the purposes of their processing depend on the functionalities of the Service used, as follows:

4.1.Browsing the Service Website

I. What data do we collect?

Data is stored in the form of server logs, in which the user is identified by the URL address. This data includes:

a) the time of the request,

b) the time of sending the response,

c) the name of the client station – identification performed by the HTTP protocol,

d) information about errors that occurred during the execution of HTTP transactions,

e) the URL address of the page previously visited by the user (referer link) – in the case of accessing the Service via a hyperlink,

f) information about the user’s browser,

g) Information about the IP address.

II. For what purpose do we process data?
For the purpose of administering the server on which the Service is hosted, as well as for the statistical analysis of traffic on the Service.

III. Do you have to provide us with your data?
Providing data is voluntary, with the reservation that it conditions the possibility of proper use of the Service.

IV. On what legal basis do we process your data?
Based on:

a) the concluded contract, the subject of which is the electronic service provided in the form of making the Service available (Article 6(1)(b) of the GDPR), and

b) our legitimate interest (Article 6(1)(f) of the GDPR) – consisting of the ability to provide the Service to third parties and ensuring the proper display of the Service.

V. Who can we share your data with?
The personal data may be disclosed to third parties only if we are obliged or authorized to do so under the law. Recipients of the data may include, in particular:
a) Persons servicing our infrastructure or IT systems,

b) Persons providing data hosting,

c) Subcontractors participating in the implementation of agreements concluded with you.

VI.  How long will we process your data?
For the duration necessary to perform the concluded contracts or for the duration of our legitimate interest in data processing, but in each case not shorter than the period of your visits to the Serwis websites.

Please note that if the legal basis for data processing is our legitimate interest, you have the right to object to further data processing, as described in point 8 below.

4.2.Newsletter

I. What data do we collect?
Email address.

II. For what purpose do we process data?
For marketing purposes related to sending newsletters, including informing about the content of our offer, currently available files, resources, etc.

III. Do you have to provide us with your data?
Providing data is voluntary, with the condition that it is necessary to receive the newsletter.

IV. On what legal basis do we process your data?
Based on your consent to receive the newsletter (Article 6(1)(a) of the GDPR), granted in particular by completing the relevant form within the Service and clicking the confirmation button («Sign up»).Please note that you have the right to withdraw your consent at any time (e.g., by sending a relevant email message to: fabb@fabb.pl), without affecting the lawfulness of processing based on consent before its withdrawal.

V. Who can we share your data with?
The personal data may be disclosed to third parties only if we are obliged or authorized to do so under the law. Recipients of the data may include, in particular:

a) Persons servicing our infrastructure or IT systems,

b) Persons providing data hosting,

c) Subcontractors participating in the implementation of agreements concluded with you.


VI. How long will we process your data?
Until the consent to receive the newsletter is withdrawn.

4.3. Registration of a Designer Account on the Service and using the Service’s functionalities through the Designer Account

I. What data do we collect?
Data necessary for registering an account on the Service, including: first name and last name, email address.

II. For what purpose do we process data?
For the purpose of:
a) executing an agreement for the provision of an electronic service – by creating a Designer Account on the Website,

b) using the functionalities of the Designer Account, including downloading files and resources for use in design programs,

c) customizing the content of the Website to match your preferences, depending on the actions you take on the Website.

d) marketing FABB products offered within the Website – including informing about our product offerings, updating files and resources intended for design programs.

e) conducting correspondence using all known technologies, including email or other communication methods (e.g., internet messengers).

f) creating compilations, analyses, and statistics – including, in particular, market research, analysis of commercial data, service development planning, etc.

g) pursuing claims or defending against reported claims.

III. Do you have to provide us with your data?
Providing data is voluntary, with the condition that it is necessary to register a Designer Account on the Website and use the associated functionalities of the Website.

IV. On what legal basis do we process your data?
Based on:

a) contracts concluded, the subject of which is the operation of a Designer Account on the Website and the provision of electronic files and resources (Article 6(1)(b) of the GDPR),

b) universally applicable regulations that impose legal obligations on us, for the fulfillment of which data processing is necessary – especially in the field of tax law and accounting or archiving regulations (Article 6(1)(c) of the GDPR),

c) our legitimate interest (Article 6(1)(f) of the GDPR) – consisting of the ability to take actions indicated in point II. lit. c-g above.


V. Who can we share your data with?
Personal data may only be disclosed to third parties if we are obligated or authorized to do so under the law. Recipients of the data may include, in particular:

a) Persons who operate our IT infrastructure or information systems,

b) Persons providing data hosting services,

c) Persons providing audit or advisory services on our behalf – for example, in the field of legal, tax, or accounting assistance.

VI. How long will we process your data?
Depending on the legal basis for processing, this will be:

a) the time necessary to perform the contract concluded through the Service, as well as the limitation periods for related claims,

b) the duration of legal obligations that require the processing of your data,

c) the time during which our legitimate interest in data processing exists.

Please note that if the legal basis for data processing is our legitimate interest, you have the right to object to further data processing, as stated in point 8 below.

4.4. Cookies
The cookies policy is attached as Annex No. 1 to this Privacy Policy.

5.CAN DATA BE PROCESSED IN PROCESSES INVOLVING AUTOMATED DECISION-MAKING, INCLUDING «QUALIFIED» PROFILING?

Currently, we do not use any operations that involve automated decision-making that would have legal effects on the data subjects or significantly affect them in a similar way. In the event of the future implementation of such operations related to the processing of personal data, we will ensure their compliance with the applicable regulations, including Article 22 of the GDPR.

6. CAN YOUR PERSONAL DATA BE TRANSFERRED OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)?

Currently, we do not foresee transferring your data outside the European Economic Area. However, we do not exclude the possibility that we may consider it necessary in the future. In such a case, the data will be secured in accordance with the requirements of applicable laws, particularly by using standard contractual clauses (SCC).

7.WHAT RIGHTS DO YOU HAVE IN CONNECTION WITH DATA PROCESSING?

You have the right to:

  1. Access to the data we process (including information about our data processing or the provision of data copies),
  2. Rectification (correction) of data,
  3. Limitation of processing (suspending data operations or not deleting data),
  4. Data erasure («right to be forgotten»),
  5. Data portability to another data controller.

The above requests can be made, in particular, in the manner specified in point 11 below – and will be considered in accordance with the relevant regulations, including Articles 15-20 of the GDPR.

8. RIGHT TO OBJECT

Regardless of the above, you have the right to object to the processing of your data, which is based on our legitimate interest. In such a case:

  1. If personal data is processed for marketing purposes, we will immediately cease such processing.
  2. If the basis for data processing is a different type of interest, we will stop such processing unless we demonstrate that the mentioned interest is superior to your interests, rights, and freedoms or that there is a basis for establishing, pursuing, or defending against claims.

The right to object can be exercised, in particular, by sending an appropriate statement in the manner specified in point 11 below.

9. COMPLAINT TO THE SUPERVISORY AUTHORITY

If you believe that the processing of your data violates applicable regulations, you have the right to lodge a complaint with the supervisory authority, namely the President of the Office for Personal Data Protection (PUODO). Contact details for PUODO are available, in particular, on the website https://uodo.gov.pl/pl/p/kontakt.

10. PUBLICATION LOCATION AND PRIVACY POLICY UPDATES

This privacy policy may be subject to changes from time to time. The current version of the policy will always be available on our website at the following address: https://fabb.pl/en/privacy-policy/.

11. HOW CAN YOU CONTACT US?

If you have any questions regarding the use of your personal data by us, you can contact us by phone, email, or postal mail using the following contact information:

FABB spółka z ograniczoną odpowiedzialnością
ul. Komorowicka 39-41
43-300 Bielsko-Biała

with the note: «personal data protection»
phone. 334711174, e-mail: fabb@fabb.pl

APPENDIX NO. 1 TO THE PRIVACY POLICY – COOKIE POLICY»

§1

  1. This Policy defines the rules for storing information by the Administrator and the Administrator’s access to information already stored on the Client’s Devices in the form of Cookies files.
  2. All concepts defined in the Privacy Policy also retain their meaning in this Cookies Policy. Additionally, the following terms have the following meanings:
    • Cookies – means computer data, especially small text files, stored and stored on devices through which the Client uses the website of the Service. Cookies usually contain the name of the website they come from, the time of storing them on the end device, and a unique number.
    • Own Cookies – means Cookies placed by the Administrator, related to the provision of electronic services by the Administrator through the Service.
    • External Cookies – means Cookies placed by third parties through the Service’s website.
    • Policy – this Cookie Policy, which is Attachment No. 1 to the Privacy Policy.
    • Device – means an electronic device through which the Client accesses the Service.

§2

  1. The Administrator stores information on the Client’s Device using Cookies files or accesses information already stored, in accordance with the rules defined in this Policy.
  2. The Administrator uses the following types of Cookies files:
    • Session Cookies: These are stored on the Client’s Device and remain there until the end of the session of a given browser. The saved information is then permanently deleted from the Device’s memory.
    • Persistent Cookies: These are stored on the Client’s Device and remain there for the period specified in the file’s parameters or until they are deleted. Ending the session of a given browser or turning off the Device does not result in the deletion of this type of Cookies from the Device.
  3. The Administrator’s use of Cookies files does not make any configuration changes to the Client’s Device or the software installed on that Device.

§3

1. The Administrator uses Own Cookies to customize the content of the Service to the User’s preferences and needs, especially taking into account the type of Device used by the User to access the Service. These types of Cookies include:

  1. «essential» cookies enabling the use of services available within the Service, e.g., authentication cookies used for services requiring authentication within the Service;
  2. cookies for security purposes, such as those used to detect abuse in the authentication process within the Service;
  3. «performance» cookies allowing the collection of information on how the User uses the Service’s web pages;
  4. «functional» cookies allowing the «remembering» of User-selected settings and personalization of the User interface, e.g., in terms of the selected language or region, font size, page layout, etc.;
  5. «advertising» cookies enabling the delivery of advertising content to Users more tailored to their interests.


2. The Administrator uses External Cookies to create aggregate statistics and analyses, serving to monitor how Clients use the Service – which allows for its best adaptation to the needs of Clients. In this respect, the Administrator uses the services of:
a) Google Analytics – at the moment the Service is opened, information about the origin of users identified based on IP is read, written, and sent to Google’s secure server. Detailed information in this regard is available on the Google website https://policies.google.com/technologies/types?hl=pl).
b) WordPress.org – where the Service is hosted. WordPress.org collects information such as browser type, language preferences, referring site, and the date and time of each visitor request (specific information in this regard is available on the website: https://pl.wordpress.org/about/privacy/
c) Google AdWords and Facebook Ads – where the Service uses so-called remarketing codes. The codes are used to match individualized ads to specific Clients and then display them on the advertising network of a given provider (Google or Facebook). These networks include both providers’ websites and their trading partners. Detailed information in this regard is available on the providers’ websites, including:
• Google – https://policies.google.com/technologies/types?hl=pl
• Facebook: https://www.facebook.com/policy/cookies/
3. In connection with the use of cookies, the Administrator only collects statistical data related to browsing history. Other data (such as name, surname, address, etc.) are not recorded in any way.

§4

  1. The Client has the option to limit or disable access to Cookies on their Device through the settings of their web browser or by configuring the service – in particular, to block the automatic handling of Cookies or to be informed about the placement of Cookies on the Client’s Device each time. A description of the necessary actions for this purpose can be found on the websites of manufacturers, e.g.:
    a) Mozilla Firefox: https://support.mozilla.org/pl/kb/W%C5%82%C4%85czanie%20i%20wy%C5%82%C4%85czanie%20obs%C5%82ugi%20ciasteczek
    b) Google Chrome: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=pl
    c) Microsoft Edge: https://privacy.microsoft.com/pl-pl/windows-10-microsoft-edge-and-privacy
  2. The Client can delete Cookies at any time.
  3. Limiting the use of Cookies may affect some functionalities available on the Service’s website.