PRIVACY POLICY

WEB PAGE

(WWW.CARBORATING.COM)

1. For the Owner of this website, the protection of Users’ personal data is of the utmost importance. Carborating Sp. z o.o.  makes every effort to ensure that users feel safe when entrusting their personal data when using the website.

2. A user is defined as a natural person, a legal person or an organizational unit without legal status, which is granted legal capacity by law, using electronic services available on the website.

3. This privacy policy explains the principles and scope of processing  the User’s personal data, his rights as well as the obligations of the data administrator, and also informs about the use of cookies.

4. The Administrator uses the latest technical measures and organizational solutions to ensure a high level of protection of processed personal data and protection against access by unauthorized persons.

I. PERSONAL DATA ADMINISTRATOR

The administrator of personal data is Carborating sp zoo with its registered office at: Gołuchowska 57 61-417 Poznań, entered into the register of entrepreneurs kept by the District Court in: Poznań, Commercial Division, under KRS number: 0001049184, NIP: 7831884732 (hereinafter referred to as: „Owner „).

II. PURPOSE OF PROCESSING PERSONAL DATA

1. The Administrator processes the User’s personal data for :

Marketing purposes

2. This means that this data is needed in particular to register on the website.

3. The User may also consent to receiving information about new products and promotions, which will result in the administrator also processing personal data in order to send the User commercial information, including: new products or services.

4. Personal data is also processed as part of the fulfillment of legal obligations imposed on the data controller and the implementation of tasks in the public interest, including: to perform tasks related to security and defense or storing tax documentation.

5. Personal data may also be processed for the purposes of direct marketing of products, securing and pursuing claims or protection against claims of the User or a third party, as well as marketing of services and products of third parties or own marketing, which is not direct marketing.

III. DATA TYPE

1. The administrator processes the following personal data, the provision of which is necessary for:

a. register on the website:

– first name and last name;

– e-mail adress;

b. Data provided by the User optionally:

– date of birth;

IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

1. Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /WE (General Data Protection Regulation), OJ L 119, 4/05/2016, pp. 1-88, hereinafter referred to as: „GDPR”.

2. The Administrator processes personal data only after obtaining the User’s consent, expressed at the time of registration on the website.

3. Consent to the processing of personal data is completely voluntary, however, failure to consent makes it impossible to register on the website.

V. RIGHTS OF THE USER

1. The user may at any time request information from the administrator about the scope of personal data processing.

2. The User may at any time request correction or rectification of his or her personal data. The user can also do it themselves after logging in to their account.

3. The user may withdraw his/her consent to the processing of his/her personal data at any time, without giving a reason. The request not to process data may concern the specific purpose of processing indicated by the User, e.g. withdrawal of consent to receive commercial information, or concern all purposes of data processing. Withdrawal of consent for all purposes of processing will result in the User’s account being deleted from the website, along with all the User’s personal data previously processed by the administrator. Withdrawal of consent will not affect actions already performed.

4. The User may at any time, without giving a reason, request that the administrator delete his data. A request to delete data will not affect any activities performed so far. Deleting data means simultaneous deletion of the User’s account, along with all personal data previously saved and processed by the administrator.

5. The User may at any time object to the processing of personal data, both in terms of all the User’s personal data processed by the administrator, and only to a limited extent, e.g. regarding the processing of data for a specific purpose. The objection will not affect any actions taken so far. Filing an objection will result in deletion of the User’s account, along with all personal data saved and processed by the administrator so far.

6. The User may request that the processing of personal data be limited, either for a specified period of time or without a time limit, but to a specific extent, which the administrator will be obliged to comply with. This request will not affect any actions performed so far.

7. The User may request that the administrator transfer the User’s processed personal data to another entity. For this purpose, the User should write a request to the administrator, indicating to which entity (name, address) the User’s personal data should be transferred and what specific data the User would like the administrator to provide. After the User confirms his/her wish, the administrator will provide the User’s personal data in electronic form to the indicated entity. The User’s confirmation of the request is necessary due to the security of the User’s personal data and to ensure that the request comes from an authorized person.

8. The Administrator informs the User about the actions taken within one month of receiving one of the requests listed in the previous points.

VI. PERSONAL DATA STORAGE PERIOD

1. In principle, personal data is only stored for as long as necessary to fulfill the contractual or statutory obligations for which it was collected. This data will be deleted immediately when their storage is no longer necessary, for evidentiary purposes, in accordance with civil law or in connection with a statutory obligation to retain data.

2. Information regarding the contract is stored for evidentiary purposes for a period of three years, starting from the end of the year in which the business relationship with the User ended. The data will be deleted after the statutory limitation period for pursuing contractual claims has expired.

3. In addition, the administrator may retain archival information regarding concluded transactions, as their storage is related to the User’s claims, e.g. under warranty.

4. If no agreement has been concluded between the User and the Owner, the User’s personal data is stored until the User’s account is deleted on the website. The account may be deleted as a result of the User submitting a request, withdrawing consent to the processing of personal data, or raising an objection to the processing of this data.

VII. ENRORSING DATA PROCESSING TO OTHER ENTITIES

1. The administrator may entrust the processing of personal data to entities cooperating with the administrator, to the extent necessary to complete the transaction, e.g. to prepare the ordered goods and deliver shipments or provide commercial information from the administrator (the latter applies to Users who have agreed to receive commercial information). .

2. Apart from the purposes indicated in this Privacy Policy, Users’ personal data will not be made available to third parties in any way, nor will they be transferred to other entities for the purpose of sending marketing materials of these third parties.

3. Personal data of website users are not transferred outside the European Union.

4. This Privacy Policy is consistent with the provisions arising from Art. 13 section 1 and section 2 of the GDPR regulation.

VIII. COOKIES

1. The website uses cookies or similar technology (hereinafter collectively referred to as „cookies”) to collect information about the User’s access to the website (e.g. via a computer or smartphone) and his preferences. They are used, among others, . for advertising and statistical purposes and to adapt the website to the User’s individual needs.

2. Cookies are pieces of information that contain a unique reference code that the website sends to the User’s device in order to store and sometimes track information about the device used. They usually do not allow the identification of the User. Their main task is to better adapt the website to the User.

3. Some cookies on the website are available only for the duration of a given internet session and expire when you close the browser. Other cookies are used to remember the User who is recognized there when he returns to the website. They are then retained for a longer period of time.

4. The cookies used on this website are:

Essential Cookies

These cookies are crucial for the basic operation of your website, affecting the user’s access to secure areas and basic functionalities.

__cf_bm – Cloudflare Bot Management

Purpose: Helps manage and mitigate bot traffic to protect the website and ensure consistent service for users.

Duration: Session-based (expires after the session ends).

_cfuvid – Cloudflare User ID

Purpose: Used by Cloudflare for identifying individual clients behind a shared IP address and applying security settings on a per-client basis.

Duration: Persistent (remains until explicitly deleted, typically after one year).

cf_clearance – Cloudflare Clearance

Purpose: Stores the results of the user completing the CAPTCHA or other security checks, allowing those who have passed these checks to access the website.

Duration: Persistent (usually for a year).

pll_language – Preferred Language

Purpose: Saves the user’s language preference to provide a better browsing experience by displaying the website in the user’s preferred language.

Duration: Persistent (typically one year).

wordpress_test_cookie – WordPress Cookie Check

Purpose: Used by WordPress to check if the user’s browser is set to allow or reject cookies.

Duration: Session-based (expires after the session ends).

Non-Essential Cookies

These cookies enhance the user experience or gather analytics but are not required for the basic functioning of the website.

_ga, _ga_B589GQJKNN, _ga_K8MMBLLLJD – Google Analytics IDs

Purpose: Used by Google Analytics to track user interactions such as visit frequency, page visits, and site preferences for analytics reports. These help improve the site based on user data.

Duration: Persistent (2 years for _ga, and varying durations for others).

_hjSessionUser_1958074 – Hotjar User Session

Purpose: Set by Hotjar to track the user across the website, collecting data on their behavior and interaction with the site, which is used for improving site usability and user experience.

Duration: Persistent (one year).

5. All cookies on the website are set by the administrator.

6. All cookies used by this website are compliant with applicable European Union law.

7. Most Users and some mobile browsers automatically accept cookies. If the User does not change the settings, cookies will be saved in the device’s memory.

8. The User can change preferences regarding the acceptance of cookies or change the browser to receive appropriate notification each time the cookie function is set. To change cookie acceptance settings, please adjust the settings in your browser.

9. It is worth remembering that blocking or deleting cookies may prevent full use of the website.

10. Cookies will be used for necessary session management, including:

a. Creating a special login session for the website User so that the website remembers that the User is logged in and his requests are delivered effectively, securely, and consistently.

b. Recognizing a User who has previously visited the website, which allows us to identify the number of unique users who have used the website and allows us to ensure that the website has sufficient capacity for the number of new users.

c. Recognizing whether a website visitor is registered on the website.

d. Recording information from the User’s device, including: cookies, IP address and information about the browser used, in order to diagnose problems, administer and track Website Usage;

e. Customizing elements of the graphic design or content of the website.

f. Collecting statistical information about how the User uses the website in order to improve the website and determine which areas of the website are the most popular for Users.