You can visit our website without providing any personal data. Each time the website is accessed the server automatically saves only the so-called server logs, such as the name of the requested file, IP address, date and time of the call, the amount of data transferred and the Internet service provider submitting the query (access data) and documents the page call. We are not able to identify you based on the information provided above.

If you decide to contact us, you will be asked to provide your personal data. Mandatory fields are marked as such because the data they contain are necessary for us to consider the case in question and to provide you with an answer. Without the data, we will not be able to answer your question. What data is collected results from the forms into which the data is entered. We will delete your data after the expiry of the limitation period for any claims that may arise in connection with the inquiry. The law basis for our processing of your personal data isto implement our legitimate interest, i.e. the need to answer business inquiries of current and potential customers..

We collect personal data only when you voluntarily provide it to us by placing your order, by contacting us in connection with the performance of the contract (e.g. using the contact form or e-mail) or by creating a customer account. Mandatory fields are marked as such because the data they contain are necessary for us to perform the contract or set up a customer account. Without their provision, it is not possible to complete the order or create a customer account. What data is collected results from the forms into which the data is entered. We use the data provided by you to perform the contract. After the execution of the contract or the deletion of your customer account, the processing of your data will be limited to the minimum necessary. We will delete the data completely after the expiry of the limitation period for any claims that could arise in connection with the conclusion and performance of the contract. Your customer account can be deleted at any time by you. For this purpose, please send a message to our contact address indicated in the section ‘Our contact details and your rights’ or use the appropriate function in your customer account. You also have more limited rights to "be forgotten", i.e. a legal right of erasure - see further at paragraph 7 below. Customers who are under the age of 13 years in the UK require their parents' consent before submitting any personal data to us.

We ensure the protection of all personal data concerning you and we do not disclose this information to third parties in cases other than those listed below unless we obtain your consent or disclosure of the data is necessary due to the legal obligation imposed on us. We may disclose the personal data provided to the following categories of entities:

• external entities providing accounting services to the extent that disclosure of data is necessary to provide these services to us;legal advisers to the extent that disclosure of data is necessary to obtain legal advice or protect our rights in court proceedings;
• government administration, justice and law enforcement authorities, if required by law.

In addition, we transfer personal data:

• as part of entrusting data processing – on our behalf, an external service provider provides us with services in the field of hosting and presentation of websites. All data that – as described in this privacy policy – have been collected as part of the use of our website or in the forms provided for this purpose in the online store, are stored on the servers of this service provider. Processing on other servers takes place only to the extent specified in this privacy policy. This service provider is based in a country belonging to the European Economic Area ("EEA") and/or the UK so we export UK personal data between UK and the EEA.

By transferring your personal data, we use the services of entities processing personal data in the UK and the EEA. If it is necessary to use the services of entities outside the UK and EEA, personal data will be transferred to them, provided that appropriate basis for data export regarding international data transfers is followed.

Use of social plug-ins

Our website uses so-called social plug-ins ("plug-ins") of social networks.
By displaying our website with such a plug-in, your browser will establish a direct connection to the servers of Facebook, Google, Twitter or Instagram. The content of the plug-in is transmitted by the respective service provider directly to your browser and integrated into the website. Thanks to this integration, service providers receive information that your browser has displayed our website, even if you do not have a profile with a given service provider or are not logged in at the time. Such information (along with your IP address) is sent by your browser directly to the server of a given service provider (some servers are located in the USA) and stored there. If you are logged in to one of the social networking sites, this service provider will be able directly to assign the visit to our website to your profile on the given social networking site. If you use a given plug-in, for example, click on the "Like" button or the "Share" button, the relevant information will also be sent directly to the server of the given service provider and stored there. This information will also be published on a given social network and will be shown to people added as your contacts.

The purpose and scope of data collection and their further processing and use by service providers, as well as the possibility of contact and your rights in this regard and the possibility of making settings to protect your privacy are described in the privacy policy of service providers.

http://www.facebook.com/policy.php

If you do not want social networking sites to assign the data collected during your visit to our website directly to your profile on a given website, you must log out of this website before visiting our website. You can also completely prevent the plug-ins from being loaded on the page by using appropriate extensions for your browser, e.g. script blocking with "NoScript" (http://noscript.net/)."

General

In order to allow exercise of your rights to your personal data we may sometimes ask you to provide additional information that will allow us to confirm your identity. If you do not provide us with this information, or if the information we have about you is not sufficient to prove your identity, we have the right to refuse to comply with your request.
If you want to exercise any of the rights described below, you can do so by contacting the data controller at [email protected].

Access to data

You have the right to access your personal data that we have collected. If you exercise this right, we may also provide you with a copy of your personal data that we process or, at our option, details of that data, .
We will fulfil your request by sending a copy of your data or details of the data by electronic means unless you explicitly specify in your request another method of exercising this right.

Deletion, rectification and limitation of data processing

If you believe that the information we have about you is incorrect, you can contact us so that we can update the information and ensure that it is correct. In addition, you can correct your data yourself in the settings of your customer account.
Depending on the purpose of processing your personal data, we will automatically delete them after the purpose for which the data was collected has been completed or after the expiry of the limitation period for any claims that could arise in connection with the conclusion and performance of the contract. Nevertheless, you also have the right to request us to delete your personal data at any time and we will remove except where we are not allowed to do so by law.
You also have the right to restrict data processing.

Data transferability

Where the processing of your personal data takes place based on a contract, you have the right to receive the personal data provided to us in a structured and commonly used, machine-readable format. You also have the right to request us to transfer this data to another controller, if technically feasible.

Withdrawal of consent and the right to object to processing

If the data processing requires your consent, you can withdraw such consent at any time. Where we send you marketing communications using the soft-opt in basis under the Privacy and Electronic Communications (EC Directive) Regulations 2003 we will give you the opportunity to "click to un-subscribe" on each such email and if you then exercise that right we will then remove you from our database within 30 days However, please remember that the withdrawal of consent will not make the processing of data that took place before the withdrawal of consent illegal.
If the processing of your data takes place in connection with the implementation of our legitimate interest, you have the right to object to such processing.

Changes to the privacy policy

We update this privacy policy regularly and we strive to improve it. We, therefore, reserve the right to amend it from time to time. However, we will not limit your rights listed in this privacy policy without your express consent. Each change to the privacy policy will be marked with the date of publication and will be effective from that date. Access to earlier versions of the privacy policy can be obtained at [email protected].

How to contact us for additional help?

If you have any questions or concerns about this privacy policy, or if you would like more information about how we protect your personal data or what your rights are, please contact us.
We hope to be able to answer any questions you may have and resolve any disputes amicably. Nevertheless, if you believe that your rights have not been respected or that there has been a breach of privacy, you can raise the matter with us and/or lodge a complaint with the UK's Information Commissioner's Office.

Applicable law

The Data Protection Act 2018, UKGDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003 in the UK are applicable to the processing of your personal data. To the extent data is exported to our Polish parent company Torf Corporation Sp. z.o.o. EU/Polish data protection law is applicable including the EU GDPR.