Chat with us, powered by LiveChat
Menu
Settings
Select Store
en English
Select Store
en English
Search
Advanced Search
  • Compare Products
Cart
privacy_policy

§1 Administration of personal data

    1. The administrator of the personal data is AUTO 724 SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ based in WARSAW, UL. KLASYKÓW 8 /20, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court of the Capital City of Warsaw, 14th Commercial Division of the National Court Register under KRS number 0000921434, NIP: 5242925336, REGON 38995697800000, share capital of 5 000,00 ZŁ
    2. Contact with the person supervising the processing of personal data in the organization is possible by e-mail at: [email protected], in writing to the Administrator's address or by phone at +48 530 835 837.
    3. This Policy contains the rules regarding the Administrator's processing of personal data on the Website, including the grounds, purposes and scope of personal data processing and the rights of data subjects.
    4. Personal data are processed by the Administrator in accordance with applicable laws, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) Official text of the RODO Regulation: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679.
    5. The User's rights are not absolute and do not apply to all personal data processing activities.

    §2 Definitions

    1. Administrator - AUTO 724 SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ based in WARSAW, UL. KLASYKÓW 8 /20, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court of the Capital City of Warsaw, 14th Commercial Division of the National Court Register under KRS number 0000921434, NIP: 5242925336, REGON 38995697800000, share capital of 5 000,00 ZŁ.
    2. Personal data - information about a natural person identified or identifiable by one or more specific factors that determine physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, Internet ID and information collected through cookies and other similar technology.
    3. Policy - this Privacy Policy.
    4. Cookie Policy - a document defining the rules for the use of cookies on the Website available at: https://auto724.eu/cookie-policy.
    5. Profiling - automated processing of personal data that involves analyzing and predicting user behavior.
    6. RODO / Regulation RODO - Regulation of the European Parliament and of the Council (EU) 2016/679 of 27.04.2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
    7. Service - Internet service run by the Administrator at auto724.eu.
    8. User - any natural person visiting the Site or using one or more of the services or functionalities described in the Policy.

    §3 Security

    1. The controller has implemented appropriate technical and organizational measures to ensure the security of the processing of personal data, and in particular is responsible for and ensures that the data it collects are:
      • processed in accordance with the law;
      • collected for designated legitimate purposes and not subjected to further processing incompatible with those purposes;
      • Substantially correct and adequate in relation to the purposes for which they are processed;
      • stored in a form that allows identification of the individuals to whom they relate for no longer than necessary to achieve the purpose of the processing, and processed in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organizational measures.

    §4 Purposes and legal basis for data processing

    1. Based on Article 6(1)(a) of the RODO Regulation (consent), personal data may be processed for purposes:
      • Marketing of products and services of the Administrator and the Administrator's partners.
      • Retargeting and behavioral advertising, including the display of personalized ads based on the User's activity history on the Website and on other websites. Data processing for these purposes is carried out only on the basis of the User's consent expressed in the cookie banner. Data may be collected via cookies and similar technologies, in accordance with the Cookies Policy.
      • Newsletter Dispatches.
      • Moderation of content on the Service.
      • Save data in cookies in accordance with the Cookies Policy.
      • Publication of reviews of a product or service.
      • Participate in a webinar or online training.
      • Contact through remote communication tools, in particular: telephone, email or application.
      • Participation in contests and loyalty programs
      • Invite participation in surveys and market research
      • Personalization of content on the Service.
      • Based on Article 6(1)(b) of the RODO Regulation (performance of a contract), personal data may be processed for purposes:
        1. To perform a sales contract or a contract for the provision of a Service or to take action at the request of the data subject before the conclusion of the indicated contract or after the conclusion of the contract, in particular: the right of warranty, consideration of
        2. Complaint or withdrawal from a contract concluded at a distance
    2. Based on Article 6(1)(c) of the RODO Regulation (legal obligation incumbent on the Administrator), personal data may be processed for purposes:
      • Issuance and storage of invoices, receipts or fulfillment of other obligations under tax and accounting regulations, (archiving obligation for accounting documents).
      • Cooperation with law enforcement agencies and public institutions.
      • Creation of records and other documentation mandated by RODO regulations.
    3. Based on Article 6(1)(f) of the RODO Regulation (legitimate interest of the Administrator), personal data may be processed for purposes:
      • Proper execution of the contract, will be processed for the duration of the contract and the rights arising therefrom, such as the right of complaint. Provision of data is voluntary, but also necessary.
      • Safeguard the security of the Service, the management of the Service and its proper operation.
      • To conduct statistics and analysis of traffic on the Website.
      • Direct Marketing.
      • Determine claims raised by or against the Administrator.
      • User Contact.
      • Service Support auto724.eu
      • To store data necessary for the proper operation of the Service in cookies in accordance with the Cookie Policy.
      • Supporting the Facebook, Instagram account and interacting with Users of the indicated portals.
      • Data may be transferred to the following recipients or categories of recipients of personal data, i.e. courier companies, postal operators, law firms, accounting firms, IT service providers and service providers.
    4. Personal Data may also be processed for other purposes if the Administrator has an appropriate legal basis for doing so, in particular under Article 6 of the RODO, provided that this purpose does not violate the User's rights and freedoms. In this case, the User will be informed of the new purpose of processing before processing for that purpose begins.

§5 Profiling

  • The Administrator uses profiling for marketing purposes by analyzing the User's activity on the Website using cookies and similar technologies.
  • Profiling may include:
    • Personalization of ads based on browsing history,
    • Analysis of the User's interaction with the content on the Website,
    • Adjustment of displayed advertising content on external services (e.g. Google Ads, Facebook).
  • Profiling is carried out only on the basis of the User's consent.
  • You may withdraw your consent to profiling at any time by changing your settings or by contacting the Administrator at the following email address: [email protected]

§6 Period of processing of Personal Data

  • The period of data processing by the Administrator depends on the type of service provided and the purpose of the processing. As a general rule, data are processed for the duration of the service, until the withdrawal of the consent given, or until an effective objection to data processing is made in cases where the legal basis for data processing is the legitimate interest of the Administrator.
  • The processing period may be extended if the processing is necessary for the establishment and assertion of possible claims or defense against claims, and thereafter only if and to the extent required by law. After the expiration of the processing period, the data shall be irreversibly deleted or anonymized.
  • Specific retention periods depending on the purpose, such as:
    • Data related to the performance of the contract - kept for the duration of the contract, and then until the expiration of the statute of limitations for claims (3 or 6 years).
    • Accounting and tax data - kept for the period required by tax law (currently 5 years).
    • Marketing data (newsletters, behavioral ads) - stored until consent is withdrawn.
    • Data related to user inquiries - stored for up to 12 months after the end of correspondence.

§7 User Rights

  • You have the following rights with respect to your personal data:
    • Access to their personal data,
    • rectify personal data at any time,
    • Delete your personal data at any time,
    • receive a copy of their data,
    • limitation of personal data processing,
    • Object to the processing of personal data,
    • portability of personal data,
    • withdrawal of consent; withdrawal of consent does not affect the lawfulness of processing performed before its withdrawal,
    • object to the processing of personal data on the basis of the legitimate interest of the Administrator for marketing, direct marketing and non-marketing purposes,
    • To file a complaint with the supervisory authority.
  • In order to exercise the above rights, the User may contact the Administrator by sending a message to the e-mail address [email protected] or correspondence to the Administrator's registered office address. The Administrator undertakes to process the request within 30 days of its receipt.
  • In some cases, the Administrator may refuse to comply with a User's request if the law requires further processing.

§8 Recipients of personal data

  • The Administrator, in order to properly run the Website, transfers the User's personal data to other external entities, in particular: Hosting company, courier companies, payment operators.
  • The Administrator reserves the right to disclose personal data in a situation where this will result from applicable laws, including the obligation to provide information to the relevant administrative or law enforcement authorities.

§9 Transfer of personal data outside the EEA

  • The level of protection of Personal Data outside the European Economic Area (EEA) may differ from that provided by European law. For this reason, the Administrator transfers Personal Data outside the EEA in the following cases: 
    • When it is necessary for the performance of the contract.
    • When the Administrator uses technology and infrastructure providers from outside the EEA, such as, but not limited to: marketing, analytics, advertising, cloud services and CRM systems providers.
  • The administrator ensures an adequate degree of protection, primarily by: 
    • Cooperation with processors of Personal Data in countries for which a relevant decision of the European Commission has been issued regarding the determination of ensuring an adequate level of protection of Personal Data; 
    • application of binding corporate rules approved by international certification standards and the relevant supervisory authority; 
    • Use of standard contractual clauses issued by the European Commission under Article 46 of the RODO. 
    • Personal data may also be transferred outside the EEA based on the User's consent. The User is informed of this event in advance.

§10 Security of Personal Data

  • The Administrator conducts risk analysis on an ongoing basis to ensure that Personal Data is processed by him in a secure manner. Through its actions, it ensures first and foremost that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks they perform.
  • The Administrator shall take all measures permitted by law to ensure that all operations on Personal Data are recorded and performed only by an authorized entity.
  • The Administrator is also obliged to ensure that other entities cooperating with the Administrator provide a guarantee of the application of appropriate security measures whenever they process Personal Data on behalf of the Administrator.
  • The administrator uses technical safeguards such as encryption of data transmission (SSL/TLS), restriction of access to systems and procedures to protect against unauthorized access to data.

§11 Changes to Privacy Policy

  • The policy is continuously reviewed and updated.
  • The current version of the Policy was adopted and is effective from 2025-03-12.