lazisewinery.com

Privacy Policy

PRIVACY AND COOKIE POLICY

I. GENERAL PROVISIONS

  1. This Privacy Policy describes how we handle Personal Data collected via the website. https://lazisewinery.com/pl/, belonging to LAZISE sa limited liability company based in Warsaw, which refer to the provisions of this policy, as well as Personal Data collected via e-mail or other electronic means of communication. 
  2. Your Personal Data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  3. Each User using the Platform accepts the provisions of the Policy and expresses consent to the manner in which the Administrator collects, stores, uses and protects Personal Data. If the User refuses to provide the Administrator with certain Personal Data, it will not be possible to conclude an Agreement with the Administrator, and the Administrator will not be able to provide the User with the services offered by him.

II. GLOSSARY OF TERMS

  1. The following expressions are given the following meanings:
  • Administrator – this should be understood as LAZISE spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, ul. Limanowskiego 11, 02-943 Warsaw, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court for the capital city of Warsaw in Warsaw, 13th Commercial Division of the National Court Register under the KRS number: 0001077266, REGON: 527260486, NIP: 5214050127, with the share capital of 000 zloty,  
  • Platform – this should be understood as an internet platform operating at the internet address https://lazisewinery.com/pl/ run by the Administrator,
  • Cookies – this should be understood as text files placed by the server on the device on which the Browser is running. Cookies are computer data, in particular text files, which are stored on the User's end device and are intended for using the Platform,
  • Personal Data – this shall be understood as any information relating to an identified or identifiable natural person, in particular based on an identifier such as a name and surname, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person,
  • Browser – this should be understood as an IT program used to display websites (e.g. Mozilla Firefox, Google Chrome),
  • Third country – this should be understood as a country outside the European Economic Area,
  • Profiling – this should be understood as any form of automated processing of Personal Data which involves the use of Personal Data to evaluate certain personal aspects of a natural person, in particular to analyse or forecast aspects relating to the performance of that natural person’s work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements,
  • Privacy Policy (hereinafter also referred to as the "Policy") – this should be understood as a document containing primarily information on the scope of data processing, methods and principles of processing the data of Users using the Platform and the rights of such persons,
  • Processing – this should be understood as any operation or set of operations performed on Personal Data or sets of Personal Data in an automated or non-automated manner, such as collecting, recording, organizing, structuring, storing, adapting or modifying, downloading, consulting, using, disclosing by transmission, disseminating or otherwise making available, matching or combining, limiting, deleting or destroying,
  • Platform Regulations– this should be understood as the Platform regulations available at https://lazisewinery.com/regulamin-sklepu,
  • GDPR – this should be understood as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC,
  • User – this should be understood as a natural person, a legal person or an organizational unit without legal personality, capable of performing legal acts, which uses the Platform’s services under the terms and conditions specified in the Regulations.

 

III. SCOPE OF APPLICATION

This Privacy Policy describes the principles of processing Personal Data in connection with the use of the Platform by Users, the provision of services offered by the Administrator available to Users via the Platform, or for the purpose of establishing contact and providing additional services.

IV. TRANSFER OF PERSONAL DATA

The Administrator may obtain Personal Data:

  • directly from the Users themselves (i.e. Personal Data is provided by the User when using the Platform, filling out forms available on the Platform, and also through any exchange of information with the Administrator by telephone, e-mail or in any other way, as well as when filing a complaint),

from another entity that has the appropriate legal authorisation in this respect (in particular, information provided by the proxy for the purpose of registering the Account on the Platform, data provided by the User in order to enable employees to access the functionalities offered within the Account). In such a case, the Administrator may obtain the following categories of Personal Data: first name, last name, e-mail address, telephone number.


V. LEGAL BASES, PURPOSES, TIME AND SCOPE OF PERSONAL DATA PROCESSING WITHIN THE PLATFORM

  1. The User's Personal Data may be processed for the following purposes and on the following legal bases:

 

Purpose of processing

Legal basis

Processing time

taking steps to conclude the Agreement, concluding and exercising the rights and obligations arising from the Agreement, providing services by electronic means in the scope of retail sale of Goods via the Internet

Article 6 paragraph 1 letter b) of the GDPR and Article 6 paragraph 1 letter f) of the GDPR (i.e. the legitimate interest of the Controller in conducting business activity)

Personal Data is processed for the time necessary to conclude and execute the Agreement.

determining, investigating or defending against possible claims related to the concluded Agreement

Art. 6 sec. 1 letter f) GDPR (i.e. the legitimate interest of the Controller in determining, pursuing or defending against claims that may arise in connection with the provision of services or the use of the Platform)

Personal Data will be processed until the expiry of the limitation periods for claims that may arise in connection with the concluded Agreement.

 

implementation of the complaint procedure or the right to withdraw from the Agreement

Article 6, paragraph 1, letter b) and c) of the GDPR, including in connection with Article 8, paragraph 3, point 4) of the Act on the provision of services by electronic means, Article 27 of the Act on consumer rights

Personal Data will be processed for the time necessary to implement the complaint procedure and/or the right to withdraw from the Agreement

fulfilling tax and accounting obligations (including for the purpose of issuing a VAT invoice or other document on the basis of which the Administrator makes settlements, or settling the commission charged to the Seller)

Article 6, section 1, letter c) of the GDPR, including in connection with Article 70 of the Tax Ordinance and Article 74 of the Accounting Act

 

 

Personal Data will be processed for the time necessary to fulfill the statutory obligations of the Administrator resulting from the provisions of tax law.

 

fulfilling obligations related to the protection of personal data (including creating registers of data processing activities and records resulting from the GDPR)

Article 6, paragraph 1, letter c) of the GDPR

 

 

Personal Data will be processed for the time necessary to fulfill the statutory obligations of the Administrator related to the processing of Personal Data.

management and improvement of the Platform

Article 6, paragraph 1, letter f) of the GDPR

(i.e. the legitimate interest of the Administrator in conducting business activity)

Personal Data is processed for the time necessary to implement the legitimate interest of the Administrator or until the User files a justified objection

analytical and statistical

Article 6, paragraph 1, letter f) of the GDPR

(i.e. the legitimate interest of the Administrator consisting in particular in conducting analyses of Users’ activities and their preferences in order to improve the functionalities used and services provided, or to optimise the Platform)

Personal Data is processed for the time necessary to implement the legitimate interest of the Administrator or until the User files a justified objection

enabling the User to transfer and exchange information with the Administrator (including in order to conclude the Agreement and/or to conduct electronic correspondence and telephone contact)

Article 6 paragraph 1 letter b) of the GDPR and/or Article 6 paragraph 1 letter f) of the GDPR (i.e. processing is necessary due to the legitimate interest of the Controller, which is the intention to conclude the Agreement and conduct correspondence with the User)

Personal Data provided for the purpose of concluding the Agreement are processed for the time necessary to conclude the Agreement, in the case of Personal Data processed on the basis of a legitimate legal interest, Personal Data are processed until the Administrator's legitimate interest exists or until the User files a justified objection

displaying contextual advertising (conducting direct marketing of the Administrator's own services or goods or services or goods of third parties)

Article 6, paragraph 1, letter f of the GDPR (i.e. processing is necessary due to the legitimate interest of the Controller, which is to promote the products or services of the Controller or third parties)

Personal Data is processed until the User ceases to use the Platform or until a justified objection is filed by the User.

displaying behavioral advertising based on previously viewed content, customizing categories of offers or individual goods or services based on activity on the Platform

Article 6, paragraph 1, letter f) of the GDPR in connection with Article 173 of the Telecommunications Law

(i.e. processing is necessary due to the legitimate interest of the Administrator in promoting the Products or services of the Administrator or third parties)

Personal Data is processed until the consent is withdrawn (granted under the provisions of telecommunications law) or until an effective objection is expressed to the processing of Personal Data; the withdrawal of consent does not affect the legality of the previous processing

contacting Users for purposes related to permitted marketing activities, including sending the Newsletter, through available electronic communication channels (via e-mail, SMS, push-up notifications, telephone contact)

Article 6, paragraph 1, letter f) of the GDPR in connection with Article 10 of the Act on the provision of services by electronic means or Article 172 of the Telecommunications Law (i.e. processing is necessary due to the legitimate interest of the Controller in promoting the goods or services of the Controller or third parties in connection with the voluntary consent to the communication channel)

Personal Data is processed until the consent to receive marketing messages or information is withdrawn (pursuant to the provisions of the Act on the provision of services by electronic means or the Telecommunications Law) or the effective objection to the processing of Personal Data is expressed; the withdrawal of consent does not affect the legality of the previous processing

After the processing period has elapsed, Personal Data are immediately deleted or anonymized.

VI. DATA PROCESSED BY THE ADMINISTRATOR

  1. Data provided by the User for the purpose of registering an Account and implementing the Account Management Agreement:
  • in the case of Entrepreneurs, to the extent that it applies to individuals running a business activity individually:
    1. company,
    2. registered office address,
    3. Tax Identification Number,
    4. email address,
    5. telephone number,
    6. name and surname of the person representing the User – if applicable.
  • in the case of an Entrepreneur-Consumer:
  1. a) company,
  2. b) business address,
  3. c) Tax Identification Number,
  4. d) e-mail address,
  5. e) telephone number.
  • in the case of a Consumer:
  1. name and surname,
  2. residential address,
  3. email address,
  4. telephone number.
  5. In the event that the User uses communication channels with the Administrator (including via contact forms), the Administrator processes Personal Data necessary to communicate with the User, to respond to the User's query, or to fulfill the User's request. These may be data such as: name, e-mail address, Personal Data contained in the content of the message.
  6. If the User shares an Opinion on the Platform, the Administrator will process the Personal Data contained in the content of the Opinion and the User's name.
  7. Personal Data necessary to issue an invoice/other settlement documents. In such a case, the scope of processed Personal Data results from the provisions of tax law.
  8. Personal Data necessary to perform the statutory obligations incumbent on the Administrator in the scope of the GDPR (including the implementation of the rights granted to the User by the GDPR).
  9. In the event of exercising the right to withdraw from the Agreement and/or initiating the complaint procedure, the data indicated by the User will be processed, such as: name, surname, e-mail address, personal data contained in the declaration of withdrawal, and in the case of a complaint, also other information that the Administrator may require from the User in the event of reporting problems regarding the use of the Platform.
  10. In the case of the User subscribing to the Newsletter, the Administrator will process: e-mail address, User's name. Consent to receive commercial information sent by electronic means of communication is voluntary and you can withdraw it at any time.
  11. In the scope of marketing activities (based on the legitimate interest of the Administrator or the legitimate interest of entities cooperating with the Administrator, or based on the User's consent), information will be processed to help the Administrator match advertisements and content to the User's preferences and expectations (including in connection with the display of behavioral advertising). This may include, among others, information about the User's IP address, login data, type and version of the web browser, types and versions of plug-ins used by web browsers, operating system and platform, advertising identifier, information about visits, including the URL of the website on which the link leading to the Platform was clicked, products searched for or viewed, data download errors, time of visits to specific pages, interactions with other pages. In addition, the Administrator may also process the User's contact data, to the extent indicated by the User (phone number or e-mail address).
  12. For analytical and statistical purposes, as well as to tailor the content and functionality of the Platform to a given User, information will be collected on the User's activity on the Platform, including information related to the use of individual services, as well as Personal Data regarding the User's preferences and expectations.
  13. In accordance with applicable regulations and if required, after obtaining the User's consent, the Administrator may develop any combinations of information about the User, including his/her Personal Data and data obtained using analytical tools, which may also be sent to the Administrator's business partners or may be obtained from them. The Administrator may use this information and its combinations for the purposes specified in this Policy.
  14. Providing Personal Data referred to in paragraphs 1-7 above is voluntary, but necessary for the provision of Services by the Administrator within the Platform and for the conclusion and performance of the Agreement, as well as for other purposes mentioned above. Each time, the scope of required data is also indicated in the Platform Regulations and before the commencement of the provision of a specific Service within the Platform.

 

VII. RECIPIENTS OF PERSONAL DATA

  1. The Administrator informs that in connection with the provision of services, Personal Data will or may be disclosed to external recipients:
  • the Administrator’s business partners,
  • the Administrator’s service providers (in particular in the technical scope, hosting services, payments, analytical tool providers, accounting services, legal services, etc.),
  • persons cooperating with the Administrator within the Platform, on the basis of issued authorisations or concluded data processing entrustment agreements,
  • state authorities, including the prosecutor's office and the police (when required by law).
  1. The Administrator informs that the transfer of Personal Data to external recipients will take place when:
  • it is necessary to use the services of an external entity,
  • it is necessary to execute contracts concluded with external entities,
  • it is necessary for analytical and statistical purposes, including the optimisation of the Platform,
  • it is necessary to conclude a future Agreement between the Administrator and the User,
  • it is necessary to establish contact and conduct correspondence with the User, including in particular the presentation of a commercial offer,
  • this results from the provisions of generally applicable law,
  • it is necessary to defend the claims or rights of the Administrator, including in connection with an ongoing trial,
  • a circumstance occurred that constituted a threat to life, health, property or safety.

 

VIII. DATA PROCESSING IN THIRD COUNTRIES

  1. Taking into account the scope of the Controller's activities, Users' Personal Data may be transferred outside the European Economic Area as part of the Controller's use of the services of entities providing IT solutions and systems (e.g. hosting services, analytical tools), which entities may store Personal Data on servers located outside this area or as part of the Controller's provision of services related to the conducted business activity - to the extent necessary to perform them.
  2. The Administrator carefully selects entities with whom I cooperate or whose services I use and I am always guided by ensuring adequate data protection. The entities with which the Administrator cooperates guarantee an adequate level of protection of Personal Data, which is required by the provisions of European law.
  3. The transfer of Personal Data takes place on the basis of appropriate mechanisms guaranteeing the security of data processing. In the case of data transfer outside the European Economic Area, the basis for such data transfer may be a decision of the European Commission confirming the adequate level of protection. In turn, in the case of transfer of Personal Data to a third country for which the European Commission has not issued a decision confirming the adequate level of protection - the Controller will apply appropriate legal safeguards, which are in particular the so-called standard contractual clauses for data protection (adopted by the European Commission or by a supervisory authority and approved by the European Commission in accordance with the examination procedure) and ensuring an adequate level of security in accordance with applicable regulations. In the event that the European Commission does not issue a decision confirming the adequate level of protection or the Controller fails to provide appropriate legal safeguards, Personal Data may be transferred to a third country on the basis of one of the premises listed in Article 49 paragraph 1 of the GDPR.
  4. When transferring Personal Data to an entity located in a third country, the Administrator is obliged to register each case of export of Personal Data in the register of data processing activities.

 

IX. AUTOMATED DECISION-MAKING AND PROFILING

The Administrator may use Personal Data for automated decision-making, including profiling, taking into account information contained in Cookies. Profiling will affect the functionality and quality of the Platform, as well as proposing actions to the User that increase their activity on the Platform. In addition, profiling is carried out to achieve the goals described in point V of the Policy.
 

X. USER RIGHTS

  1. In accordance with the provisions of the GDPR, the User has the following rights related to the control of the processing of Personal Data:
  • the right to access the content of your Personal Data,
  • the right to make changes to the content, rectify, and update Personal Data,
  • the right to delete Personal Data,
  • the right to withdraw consent at any time if Personal Data is processed on the basis of consent,
  • the right to restrict the processing of Personal Data,
  • the right to transfer Personal Data,
  • the right to object to the processing of Personal Data,
  • the right to lodge a complaint regarding the processing of Personal Data to the President of the Personal Data Protection Office.

 

XI. COOKIES AND ANALYTICAL TOOLS

  1. The Administrator uses Cookies within the Platform.
  2. The Administrator processes the data contained in Cookies when Users use the Platform for the following purposes:
  • remembering User settings and preferences,
  • remembering the User's session (unsaved data),
  • remembering authorisation to the Platform (login details).
  1. The Administrator uses the following Cookies within the Platform:
    • Own Cookies – files placed on the Platform directly by the Administrator,
    • External Cookies – files placed on the Platform by entities other than the Administrator,
    • Session Cookies – files placed and read from the User's end device during one session of a given User's device. Cookies are stored until the Browser is turned off (after the device session ends),
    • Persistent Cookies – files placed and read from the User's end device. The files are not deleted automatically after the end of the device session, unless the User's end device configuration is set to the mode of deleting Cookies after the end of the device session. The files are stored for a defined period of time, which is determined by the parameter contained in the Cookies file. The User also has the option of manually deleting all or selected Cookies,
    • Necessary Cookies – Cookies that are absolutely necessary for the proper functioning of the Platform or tools that the User wants to use. Cookies are used to store and identify the User's unique session identifier in order to manage the User's session on the Platform.
    • Functional Cookies – Cookies files enable the User to remember the settings selected by the User and personalize the User interface (e.g. in terms of the selected language or region from which the User comes, font size, appearance of the Platform). The User can disable or restore the option of collecting Cookies at any time by changing the settings in the Internet Browser.
    • Analytical Cookies – Cookies enable the Administrator to collect analytical data, such as information on the number of views and traffic on the Platform, which allows the Administrator to evaluate and improve its functioning.
    • Social media cookies – social media cookies, such as Facebook, LinkedIn and YouTube, whose plug-ins have been placed on the Platform.
    • Advertising cookies – Cookies enable the delivery of advertising content tailored to the interests of the User.
  2. The Platform also uses Google Analytics analytical tool plugins. Google Analytics is a service that analyzes services and internet activities. Google Analytics uses Cookies that allow for the analysis of the use of the Platform and its improvement in accordance with User preferences. Details about this Google service are available by clicking the link: https://analytics.google.com/analytics/web/provision/?hl=pl#/provision.
  3. If Cookies are not necessary for the proper functioning of the Platform, upon the first visit to the Platform's website, a message is displayed regarding the use of Cookies, through which the User has the option of expressing consent for the Administrator to place acceptance of optional Cookies, block Cookies or adjust Cookies. In addition, the User can control and manage Cookies by changing the Browser settings.
  4. Most Browsers allow you to view, manage, delete and block Cookies on a website. However, please note that deleting or disabling them may affect the operation of the Platform (e.g. it may be impossible to log in or use it).
  5. Detailed information on the settings of Cookies and their independent removal in the most popular Browsers should be available in the "help" section or similar. Below are links to the official websites of the manufacturers of the most commonly used Device Browsers, which contain information on the actions needed to change the settings of a given Browser in the scope described above:
  6. Detailed information on cookie settings and their self-removal in the most popular web browsers should be available in the "help" section (or other similar) of the web browser and on the following pages:
  • in Google Chrome:

http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647

  • in Mozilla Firefox:

http://support.mozilla.org/pl/kb/ciasteczka

  • in Internet Explorer:

https://support.microsoft.com/pl-pl/topic/usuwanie-plik%C3%B3w-cookie-i-zarz%C4%85dzanie-nimi-168dab11-0753-043d-7c16-ede5947fc64d

  • in Opera browser:

http://help.opera.com/Windows/12.10/pl/cookies.html

  • in Safari browser:

https://support.apple.com/kb/PH5042?locale=en-GB.

 

XII. PERSONAL DATA SECURITY

The Administrator shall provide appropriate security measures to ensure that Personal Data is processed by him in a secure manner, ensuring first and foremost that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. The Administrator shall take all necessary steps to ensure that entities cooperating with him guarantee the application of appropriate security measures, whenever they process Personal Data on behalf of the Administrator. The data shall be secured in a database on a dedicated server.

 

XIII. REFERRALS

The Platform may contain redirects (links) to business partners' websites. In the event of redirection, the User is required to familiarize themselves with the regulations and privacy policy of the given business partner. As a result of such redirection, the Administrator does not process the User's Personal Data, and the entity processing it will be the administrator of the website to which the User was redirected, under the terms specified in its privacy policy

 

XIV. CONTACT DETAILS

 In case of any questions, requests or applications regarding the User’s Personal Data or the wish to exercise a specific right, the User may contact the Administrator in writing at the following address:
ul. Limanowskiego 11, 02-943 Warsaw or by e-mail to the following address:

info@lazisewinery.com.

 

XV. CHANGES TO PRIVACY POLICY

The Administrator strives to ensure that this Policy is current and updated.
In the event of changes in legal regulations, court decisions, guidelines of bodies responsible for supervising the processing of Personal Data, introduction of codes of good practice (if the Administrator is bound by such codes), changes in technology, methods, purposes or legal basis for processing Personal Data, the Administrator will make appropriate changes to this Policy, about which the Users will be informed.

© 2024 Lazise Winery
Search

Welcome to lazisewinery.com

The site is intended for adults only. It contains, among other things, descriptions of alcoholic beverages offered by Lazise Winery.

Are you over 18 years old?

Yes
NO

*I declare that I am of legal age and consent to the presentation of content regarding alcoholic products. (If you do not consent or are not of legal age, please click "NO".)