PRIVACY AND COOKIES POLICY

§ 1 GENERAL INFORMATION

  1. The website https://dopodpisu.pl/ is operated by EuroCert Limited Liability Company, with its registered office in Warsaw (02-844), at ul. Puławska 474, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register, under KRS number 0000408592, NIP: 9512352379, REGON: 145930258.

  2. The Data Controller of personal data collected via the website https://dopodpisu.pl/ is EuroCert Limited Liability Company, with its registered office in Warsaw.

  3. Personal data is collected through this Website in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”, the Personal Data Protection Act of 10 May 2018 (Journal of Laws 2019, item 1781) and the Act on the Provision of Electronic Services of 18 July 2002 (Journal of Laws 2013, item 1422).

  4. The Controller takes all measures to ensure an adequate level of security of the stored data.

  5. The Website processes only the personal data of Users who voluntarily provide them for the purposes indicated by the Website while completing the relevant forms.

  6. The Controller processes your personal data for the following purposes:
    a) performance of a service/order – based on Article 6(1)(b) GDPR, i.e. the processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract. Personal data will be processed for the duration of the order/service and for the necessary period thereafter;
    b) handling complaints – based on Article 6(1)(c) GDPR, i.e. processing is necessary for compliance with a legal obligation to which the controller is subject. Personal data will be processed for the duration of the legal obligation and any further use of services offered by the Controller;
    c) pursuing claims – based on Article 6(1)(f) GDPR (legitimate interest of the Controller: pursuing claims and defending our rights) and Article 9(2)(f) GDPR. Data will be processed for the duration of pursuing claims;
    d) compliance with tax obligations – based on Article 6(1)(c) GDPR in connection with Article 74(2) of the Accounting Act. Data will be processed for the period necessary to fulfil tax obligations. Accounting and tax data is processed for 5 years from the end of the calendar year in which the tax obligation arose;
    e) legitimate interests of the Controller – based on Article 6(1)(f) GDPR: marketing of own products or services, direct marketing, sending any communications related to the Controller’s services, including new products, services or features; in this case, data will be processed until an objection is raised by the data subject.

  7. The Controller also processes personal data of individuals visiting its profiles on social media platforms (Facebook). Data is processed to promote the Controller’s services, those of its Partners, and to inform about events, promotions, and campaigns organized by the Controller or cooperating entities. Processing is based on Article 6(1)(f) GDPR (legitimate interest of the Controller).

  8. In order to use our services, you must explicitly consent to the processing of your personal data by checking the appropriate consent box.

  9. If the User does not consent to the processing of their personal data via the registration form (with or without creating an account), the Website will not be able to fulfil the User’s order.

§ 2 USER RIGHTS

  1. Right to withdraw consent – If we process your data based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal. Consent may be withdrawn via email: biuro@eurocert.pl or by post: EuroCert Sp. z o.o., ul. Puławska 474, 02-884 Warsaw.

  2. Right of access – You may request information about your personal data held by us. Contact: biuro@eurocert.plor by post at the above address.

  3. Right to data portability – If processing is based on consent, contract, or automated means, you may request a copy of your data in a structured, commonly used, machine-readable format, and you may request transfer of your data to another entity.

  4. Right to rectification – You may request correction or completion of inaccurate or incomplete data. If you have an account on the website, you can edit your data at any time.

  5. Right to erasure – You may request deletion of your personal data unless:
    a) you have outstanding financial obligations towards the Controller,
    b) you have an open or partially completed order,
    c) you are bound by a contract with us,
    d) the law requires retention of your data,
    e) data must be retained for accounting purposes.

  6. Right to restriction – You may request restriction of processing if:
    a) you contest the accuracy of your data,
    b) processing is unlawful and you oppose erasure,
    c) we no longer need your data, but you require them to establish or defend claims,
    d) you object to processing – restriction applies until it is determined whether our legitimate grounds override your objection.

  7. Right to object – You may object at any time to processing of your data on grounds relating to your particular situation. You also have the right to object to processing for direct marketing purposes, including profiling, after which your data will no longer be processed for such purposes.

  8. Right to lodge a complaint – If you believe we process your data unlawfully, you have the right to lodge a complaint with the supervisory authority.

§ 3 REGISTRATION FORM

  1. The Website processes personal data when the User completes the registration form (with or without creating an account).

  2. Data is processed only for purposes related to Customer Account registration, order handling, and execution.

  3. Consent to data processing is required to place an order; without it, the Website cannot process the order.

  4. Required data:
    a) full name,
    b) address,
    c) phone number,
    d) email address,
    e) company name,
    f) tax identification number (NIP).

  5. The Seller may also process usage data (operational data): identifiers, session details, scope of service use.

  6. Users may optionally consent to receive newsletters. Consent is voluntary and can be withdrawn at any time.

  7. For online electronic signature services, additional data is processed:
    a) full name, email, phone number, PESEL, ID number, and other ID details,
    b) for bank verification – bank account number (not stored or reused),
    c) for video verification – user’s image (recordings/photos).

  8. Data is retained for 7 years after account deletion/contract termination, due to tax/legal obligations.

  9. For qualified certificate-based electronic signatures, data is retained for 20 years.

  10. After the retention period, personal data is irreversibly deleted or anonymized (unless law requires further retention).

§ 4 CONTACT FORM

  1. The Website processes personal data when the User completes the contact form.

  2. Data is processed solely for purposes related to the submitted inquiry.

  3. Required data: full name, address, phone number, email, company name, NIP.

  4. The Seller may also process operational data (see §3 point 5).

  5. Users may optionally consent to receiving newsletters. Consent is voluntary and may be withdrawn.

§ 5 DATA RECIPIENTS

  1. Personal data may be shared with entities necessary for order fulfilment, such as:
    a) Authorized EuroCert Partners (see: https://sklep.eurocert.pl/pl/i/Punkty-Sprzedazy/14),
    b) Shoper Platform (DreamCommerce S.A., Kraków),
    c) PayPro S.A. (Poznań),
    d) subcontractors, IT providers, intermediaries, marketing partners (incl. newsletter services), advisors, auditors, legal firms, accountants, courier services, banks, financial institutions, debt collection services, ID verification providers, security companies, and public authorities (courts, police, prosecutor’s office) when required by law.

  2. Data may be disclosed to public authorities in connection with proceedings conducted under applicable law.

  3. Personal data is stored only within the European Economic Area (EEA).

§ 6 COOKIES POLICY

Cookies are IT data, in particular text files, stored on the User’s device to enable use of the Website. Cookies usually contain the website name, storage duration, and a unique ID.

  • The Website uses cookies to:

    • adapt its content to User preferences and optimize browsing,

    • create statistics on how Users interact with the Website.

  • Types used:

    • “Necessary” cookies – required for Website services.

  • Users may disable cookies in their browser, remaining anonymous, but this may prevent identification of preferences and reduce functionality.

  • Cookies may also be used by advertisers and partners cooperating with the Website.

  • Please note: use of the Website involves risks related to third-party interference in data transmission over the Internet.

§ 7 CONTACT DETAILS

You may contact us via email: biuro@eurocert.pl or by post: EuroCert Sp. z o.o., ul. Puławska 474, 02-884 Warsaw.
For matters related to personal data, you may contact our Data Protection Officer via email: iod@eurocert.pl.

§ 8 CHANGES TO THE PRIVACY POLICY

We reserve the right to amend this Privacy Policy by publishing a new or updated version on this website.