Data protection declaration
- Controller
The Controller in accordance with article 4 para. 7 EU General Data Protection Regulation (GDPR) is
Bolsover sp. Z. o. o limited partnership, al. Armii Ludowej 26, Warszawa
- The following applies with regards to interested parties, customers, suppliers and business partners
We store data provided by you as a customer, supplier or business partner by means of information, such as in the course of an enquiry or for the conclusion of a contract. This includes, for example, first and last name, address and e-mail address, telephone number, bank details or contract details.
We will only pass on personal data to third parties if it is necessary for the purpose of contract execution or for invoicing purposes and if you have given consent beforehand. We have concluded processor contracts in conformity with the law with all third parties - if necessary.
The stored personal data will be deleted, if your data is not required for the purpose of the storage any longer or if the storage is or becomes unlawful for other legal reasons. Data for invoicing purposes and accounting purposes are subject to the legal retention period in accordance with the Federal Tax Code (BAO) and are not affected by a deletion request.
The below points are the legal basis of data processing:
• Contract initiation and performance in accordance with article 6 para 1 lit b GDPR in order to carry out your requests in a completely satisfactory manner.
• Legal obligations in accordance with article 6 para 1 lit c GDPR we have to comply with such as retention and documentation obligations prescribed by law.
• Justified interests of our company in the sense of article 6 para 1 lit f GDPR,
• Article 6 para 1 lit a GDPR in the course of obtaining consent.
- Informative use of the website
For purely informative use of the website we only collect the personal data your browser transmits to our server. If you wish to look at our website, we will collect the data that is technically required by us to show you our website and to ensure stability and quality, only:
• IP address
• Date and time of the enquiry
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (concrete page)
• Access status/HTTP status code
• Website the request originates from
• Browser
• Operating system and its interface
• Language and version of the browser software.
Article 6 para 1 lit f GDPR is the legal basis
- Newsletter or VIP Club
If you decide to become a member of our VIP Club, we will process the data you enter in the form (online or print).
A membership in our VIP Club with many financial advantages requires the permission of the controller to send you offers, information, advertisements, invitations to competitions as well as promotions of the partners of the designer outlet via e-mail.
In order to complete your registration in the VIP Club, we need your first and last name as well as a valid email address or further confirmation that you are really the intended recipient of the dispatches addressed to you. For this purpose, we will send a confirmation e-mail to the registered e-mail address with a link in it (double opt-in), only after clicking on this link the registration is completed.
If you want to receive special birthday vouchers as a member of the VIP Club, we also need your date of birth. You can also become a member without mentioning your date of birth.
In this context, we collect further data to the extent that you provide it, but these are not necessary for the receipt of the advertisements. For example, we use your postal code to evaluate statistically and without personal reference which regions we reach with the newsletter.
When you participate in our VIP Club Sweepstakes, we process your data to conduct the sweepstakes, identify and notify the winner, and send the prize. In this context, we also need your date of birth, as participants must be at least 18 years old.
If you no longer wish to send mail, you can terminate your membership at any time informally via e-mail to the contact details listed in section one.
Article 6 para 1 lit a GDPR is the legal basis
- Cookies
In addition to the data mentioned above, cookies will be stored on your server when you use our website. Cookies are small text files that are stored on your hard drive; they are allocated to the browser used by you and allow certain information to reach the organisation that places the cookie (in this case us). Cookies are not able to carry out programmes or to transfer viruses to your computer.
By means of the cookie you will be recognised when you visit the website without the need to re-enter data you already entered previously.
The information contained in the cookies is, for example, used to determine whether you are logged in or what data you already entered, or to recognise you as a user if a connection is established between our web server and your browser. Most web browsers accept cookies automatically.
By using our website you consent to the use of these cookies, to the extent cookies are accepted in accordance with your browser settings.
- Transient cookies
Transient cookies are deleted automatically when you close the browser. They include session cookies, in particular. Session cookies store a so-called session ID which allow various enquiries by your browser to be allocated to the joint session. This makes it possible to recognise your computer when you return to our website. These session cookies are deleted when you log out or close the browser.
- Persistent cookies
Persistent cookies are deleted automatically after a predetermined period of time which may vary depending on the cookie. You can delete the cookies at any point in time in your browser’s safety settings.
- Third-party provider cookies
These are cookies from providers other than the operator of the website. They may be used, for example, to collect information for marketing purposes, user-defined contents and web statistics.
- Browser
Most browsers’ standard settings are set to accept all cookies. You can program your browser in such a way that you will be informed about the placement of cookies and that you allow cookies in individual cases only, exclude the acceptance of cookies in certain cases or in general. If cookies are deactivated, the functionality of our website may be restricted.
You can remove cookies stored on your PC at any point in time by deleting the temporary internet files.
Article 6 para 1 lit f (in the case of technical cookies), lit a (for all other cookies) GDPR is the legal basis
- Server log files
To optimise this website with regards to system performance, user friendliness and provision of useful information about our services, the provider of the website automatically collects and stores information in the so-called server log files which are automatically transmitted to us by your browser. This includes the Internet Protocol address (IP address) of the requesting computer (including mobile devices), browser and language settings, operating system, referrer URL, your internet service provider and date/time.
This data is not combined with personal data sources. We reserve the right to carry out a subsequent check of this data, if we become aware of concrete indications regarding illegal use, and - in the event of a hacker attack - to transmit the data to the law enforcement authorities. Otherwise data will be not passed on to third parties.
Article 6 para 1 lit f GDPR is the legal basis
- Use of data for services provided by Google
We have signed a contract with Google Ireland Limited (“Google”), a company registered and operated in accordance with Irish law (registration number: 368047) with its seat at Gordon House, Barrow Street, Dublin 4, Ireland. Nevertheless, it is possible that data is transmitted from Europe to the USA, without having any influence on that on our side.
For data exchange with companies seated in the USA, there is currently no adequacy decision of the EU Commission within the meaning of Article 45 (1) 3 of the General Data Protection Regulation (GDPR). This means that the EU Commission has so far failed to positively determine that the country-specific level of data protection of this country is the same as that of the European Union under the GDPR (Section 4 - appropriate guarantees).
The GDPR presupposes so-called appropriate guarantees for the transfer of data to a third country or to an international organization, Article 46(2), 3 GDPR. Such is not available for the above-mentioned country of destination.
Any risks that cannot be excluded for you as a data subject in connection with the aforementioned information are in particular:
- Your personal data may be shared with other third parties (e.g.: US authorities) in addition to the actual purpose of fulfilling the order by Google USA.
- You may not be able to enforce your right of access to Google USA in a sustainable manner.
- There may be a higher probability that incorrect data processing may occur, as the technical and organizational measures for the protection of personal data do not fully meet the requirements of the GDPR, both quantitatively and qualitatively.
By agreeing to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can revoke this consent informally by sending us an e-mail at any time. The data processing that took place before the revocation of your consent is not affected by the revocation and is therefore legally compliant.
Article 6 paragraph 1 lit a GDPR is the legal basis
- Google Analytics
We use Google Analytics, a web analysis service provided by Google on the legal basis of the overriding justified interest (analysis of the website use).
This website uses the function Activation of IP anonymisation” (i.e Google Analytics was extended by the code gat._anonymizelp();” in order to ensure anonymised collection of IP addresses (so-called IP-Masking)). As a result your IP address is first shortened by Google within member states of the European Union or in other contract states of the agreement about the European Economic Area. The full IP address is transmitted to a Google server in the USA and shortened there in exceptional cases only.
In accordance with information by Google, Google uses the information it obtained to analyse your use of the website, produce reports concerning the website activities and to provide further services regarding the use of the website and internet use to us. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data by Google. If necessary, Google will transmit this information to third parties, if prescribed by law or to the extent this data is processed by third parties on behalf of Google. You can prevent storage of the cookies by means of respective settings of your browser software. We would like to point out that in this case you will not be able to use all functions of the websites in full. You can also prevent collection of the data created by the cookie related to your use of the websites (including your anonymised IP address) by Google and processing of this data by Google by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=de).
For further information on user terms and conditions and data protection see www.google.com/analytics/terms/de.html or support.google.com/analytics/answer/6004245
Article 6 para 1 lit a GDPR is the legal basis
- Google Analytics Conversion Tracking (Google Ads)
This website also uses Google Conversion Tracking. Hereby Google Ads places a cookie on your computer if you arrived on our website via a Google Ad. These cookies are valid for 30 days and are not used for personal identification. If the user visits certain pages of the Ads customer’s website and the cookie has not expired, Google and the customer are able to see that the user has clicked on the ad and was taken to this page. Every Ads customer receives a different cookie. Cookies can therefore not be traced via the websites by Ads customers. The purpose of the information obtained by means of the conversion cookie is to create conversion statistics for Ads customers who have chosen Conversion-Tracking. The Ads customers are provided with the total of users who have clicked on their ad and were taken to a page provided with a Conversion-Tracking tag. They are, however, not provided with any information that would enable them to personally identify users. If you do not wish to participate in the Tracking process, you can decline the required placement of a cookie - for example via a browser setting that generally deactivates automatic placement of cookies. You can also deactivate cookies for Conversion-Tracking by setting your browser in such a way that the cookies from the domain www.googleadservices.com” are blocked. Click here for Google’s data protection information.
If you use SSL search, Google’s encrypted search function, the search terms are usually not sent as part of the URL in the reference URL. There are a number of exceptions, for example if you use certain browsers that are less common. Here you will find more information on SSL search. Search queries or information in the reference URL can possibly be viewed via Google Analytics or an Application Programming Interface (API). Advertisers may also receive information on the exact search queries that were triggered by clicking on an ad. policies.google.com/faq
Article 6 para 1 lit a GDPR is the legal basis
- Google Doubleclick
The Website uses the online marketing tool DoubleClick. As a result the Google advertising network and certain Google services and Adwords customers and publishers can be supported when they place and administrate an ad on the web. DoubleClick uses cookies in order to place ads that are relevant for the users, to improve the reports on campaign performance or to prevent a user from seeing the same ads several times. Google uses a cookie-ID to record what ads are placed in what browser and is thus able to prevent that they are shown several times. DoubleClick is also able to record so-called conversions related to the ad requests by means of cookie-IDs. This is the case if, for example, a user sees a Doubleclick ad and later accesses the advertiser’s website by means of the same browser and buys something there. According to Google Doubleclick cookies do not contain any personal information. On the basis of the marketing tools that are used your browser automatically establishes a direct connection with Google’s server. We have no influence on the extent and further use of the data that is collected as a result of the use of this tool by Google and therefore inform you according to our level of knowledge: As a result of using DoubleClick, Google receives the information that you have accessed the respective part of our internet presence or clicked directly on one of our ads. If you are registered with a Google service, Google can assign your visit to your account. Even if you are not registered with Google or have not logged in, it is possible for the provider to find out and store your IP-address.
Article 6 para 1 lit a GDPR is the legal basis
- Google Maps
On this website we use Google Maps. This enables us to show you interactive maps directly on the website and as a result we are able to offer you the comfortable use of the map function. Via your visit to our website Google is notified that you accessed the respective sub-page on our website
If you are logged in at Google, your data is directly allocated to your account. If you do not consent to the allocation to your profile at Google, you must log out before activating the button. Google stores your data as user profiles and uses it for the purpose of advertising, market research and/or needs-based design of its website. This analysis takes place especially (even for users who are not logged in) to deliver needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object against the creation of these user profiles, whereby you must contact Google to exercise this right.
For further information on purpose and extent of the data collection and use of the data by the plug-in provider see the provider's data protection declaration. Here you will also receive further information on your respective rights and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy.
Article 6 paragraph 1 lit a GDPR is the legal basis
- Google reCaptcha
We use the Google service reCaptcha to determine whether a person or computer makes a specific entry in our contact or newsletter or VIP Club form. Google uses the following data to check whether you are a human or a computer: IP address of the device used, the website you visit with us and on which the captcha is integrated, the date and duration of the visit, the recognition data of the type of browser and operating system used, Google account when you are logged in to Google, mouse movements on the reCaptcha surfaces and tasks where you need to identify images.
Article 6 paragraph 1 lit a GDPR is the legal basis
- Google Tag Manager
We use the so-called Google Tag Manager in order to identify your user behaviour. The Google Tag Manager is a solution that allows the marketer to administer website tags via a surface. The tool itself (implementing the tags) is a cookie-free domain and does not record personal data. The tool ensures that other tags are triggered which potentially record data. Google Tag Manager does not access this data. If a deactivation took place on domain or cookie level, it remains in force for all tracking tags implemented by means of Google Tag Manager.
For further information see: www.google.com/intl/de/tagmanager/faq.html.
Article 6 para 1 lit a GDPR is the legal basis
- Use of data and services provided by Facebook
Our services use Social Plugins (“plugins”) by Facebook (Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland). The plugins are recognisable by one of the Facebook logos (dark grey or black “f” on light grey circle or white “f” on blue tile, or the term “like”, “share” or a “thumbs-up” sign) or they are marked with the addition “Facebook social plugin”. The list and appearance of the Facebook social plugins are available here: https://developers.facebook.com/docs/plugins/.
If a user accesses a website of this offer containing such a plugin, the browser will create a direct connection with Facebook’s servers. Facebook directly transmits the content of the plugin to your browser and includes it in this website. We therefore have no influence on the extent of the data Facebook obtains by means of this plugin.
The data obtained this way is anonymous for us, this means we do not see individual users’ personal data. This data is, however, stored and processed by Facebook and we notify you in accordance with our level of knowledge. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s guideline for data use https://www.facebook.com/about/privacy/. You can enable Facebook and its partners to place advertising campaigns on and outside Facebook. It can also store a cookie on your computer for these purposes.
For data exchange with companies seated in the USA, there is currently no adequacy decision of the EU Commission within the meaning of Article 45 (1) 3 of the General Data Protection Regulation (GDPR). This means that the EU Commission has so far failed to positively determine that the country-specific level of data protection of this country is the same as that of the European Union under the GDPR (Section 4 - appropriate guarantees).
The GDPR presupposes so-called appropriate guarantees for the transfer of data to a third country or to an international organisation, Article 46(2), 3 GDPR. Such is not available for the above-mentioned country of destination.
Any risks that cannot be excluded for you as a data subject in connection with the aforementioned information are in particular:
• Your personal data may be shared with other third parties (e.g.: US authorities) in addition to the actual purpose of fulfilling the order by Facebook USA.
• You may not be able to enforce your right of access to Facebook USA in a sustainable manner.
• There may be a higher probability that incorrect data processing may occur, as the technical and organisational measures for the protection of personal data do not fully meet the requirements of the GDPR, both quantitatively and qualitatively.
By agreeing to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can revoke this consent informally by sending us an e-mail at any time. The data processing that took place before the revocation of your consent is not affected by the revocation and is therefore legally compliant.
Article 6 paragraph 1 lit a GDPR is the legal basis
- Adform
This website uses the online marketing tool Adform of Adform ApS, Hovedvagtsgade 6, 1103 Copenhagen K, Denmark. Adform uses cookies to display ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Using a cookie ID, Adform records which advertisements are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, Adform can use cookie IDs to collect so-called conversions related to ad requests. Adform cookies do not contain any personal information such as email addresses, names or addresses.
Due to the marketing tools used, your browser automatically establishes a direct connection to the Adform server. By integrating the adform cookie, Adform receives the information that you have accessed the corresponding part of our website or clicked on an advertisement from us.
In addition, the adform cookies used allow us to understand whether you are performing certain actions on our website after you have viewed or clicked one of our display/video ads on another platform via Adform (conversion tracking). Adform uses this cookie to understand the content you have interacted with on our websites in order to be able to send you targeted advertising later.
Article 6 para 1 lit a GDPR is the legal basis
- Cloud.Typography
Our website uses external fonts from Hoefler & Co., 611 Broadway, Room 725, New York, NY 10012-2608, USA.
This service provides the "Cloud.Typography" fonts, which are displayed on the end devices of the users. Your browser establishes a direct connection to the company's servers in the United States in each session, where your IP address can be retrieved.
For data exchange with companies seated in the USA, there is currently no adequacy decision of the EU Commission within the meaning of Article 45 (1) 3 of the General Data Protection Regulation (GDPR). This means that the EU Commission has so far failed to positively determine that the country-specific level of data protection of this country is the same as that of the European Union under the GDPR (Section 4 - appropriate guarantees).
The GDPR presupposes so-called appropriate guarantees for the transfer of data to a third country or to an international organisation, Article 46(2), 3 GDPR. Such is not available for the above-mentioned country of destination.
Any risks that cannot be excluded for you as a data subject in connection with the aforementioned information are in particular:
• Your personal data may be shared with other third parties (e.g.: US authorities) in addition to the actual purpose of fulfilling the order by Hoefler & Co.
• You may not be able to enforce your right of access to Hoefler & Co in a sustainable manner.
• There may be a higher probability that incorrect data processing may occur, as the technical and organisational measures for the protection of personal data do not fully meet the requirements of the GDPR, both quantitatively and qualitatively.
By agreeing to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can revoke this consent informally by sending us an e-mail at any time. The data processing that took place before the revocation of your consent is not affected by the revocation and is therefore legally compliant.
For more information, please refer to the Typography Privacy Policy: https://www.typography.com/policies/privacy
Article 6 paragraph 1 lit a GDPR is the legal basis
- Your rights
You have the following rights vis-à-vis us with regards to your personal data:
• Right to information, correction and deletion
• Right to restriction of processing
• Right to object to processing
• Right to data transferability
Please direct your enquiries and concerns to us by using the contact details provided to contact us.
In the event the data processed by us is incorrect, please notify us accordingly. We will correct it immediately and notify you accordingly. In the event you do not wish us to process your data any longer, please send us an informal message. We will, of course, delete the data immediately and notify you accordingly. If deletion is not possible due to mandatory legal reasons, we will notify you accordingly without undue delay.
If you believe we violate national or European data protection right in the course of processing your data and thus infringe your rights, please contact us to clarify any questions you may have.
You are also entitled to complain to the responsible data protection authority.
- Changes to this data protection declaration
We reserve the right to make adjustments to our data protection declaration from time to time. We will not restrict your rights in accordance with this data protection declaration without your express consent. All changes to this data protection declaration will be published by us on this page. Please check the respective current version of our data protection declaration in this respect.
- Exclusion of liability
The controller does not accept any liability for contents on third-party websites that are referred to via links. The operators of other websites are exclusively responsible for the contents of the linked pages.