Blue Star

znaki_towarowe-07
Menu
znaki_towarowe-07
Menu

Privacy Policy


www.bluestar.pl

§ 1 GENERAL PROVISIONS

  • The administrator of personal data collected via the website www.bluestar.pl is PartnerTele.com Sp. z o.o. Sp. k. with its registered office at Sołtysowska Street 22 in Kraków. Email address: kontakt@bluestar.pl, phone number: +48 721 808 007, hereinafter referred to as the “Administrator” and also the “Service Provider”.
  • The personal data collected by the Administrator via the website is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR.
  • Any terms or expressions written in capital letters in this Privacy Policy should be understood in accordance with their definition contained in the Terms of Service of the website www.bluestar.pl.

§ 2 TYPES OF PERSONAL DATA PROCESSED, PURPOSE, AND SCOPE OF DATA COLLECTION

  • Purpose of Processing and Legal Basis. The Administrator processes the personal data of visitors to the website www.bluestar.pl in the following cases:
    Using the Review System to obtain the Client’s opinion on the concluded Sales Agreement with the Administrator, based on Article 6(1)(f) of the GDPR (legitimate interest of the entrepreneur),
  • Subscribing to the Newsletter to send commercial information electronically. Personal data is processed upon separate consent, based on Article 6(1)(a) of the GDPR,
  • Using the Contact Form to send a message to the Administrator, based on Article 6(1)(f) of the GDPR (legitimate interest of the entrepreneur).
    Types of Personal Data Processed. The Service Recipient provides, in the case of: Account: email address,
    Order: first and last name, address, NIP, email address, phone number,
    Review System: first and last name,
    Contact Form: first and last name, email address.
    Personal Data Retention Period. The personal data of Service Recipients is stored by the Administrator:
    When the data processing basis is the performance of a contract, as long as it is necessary to perform the contract, and after that, for a period corresponding to the statute of limitations for claims. Unless a special provision states otherwise, the limitation period is six years, and for periodic benefits and claims related to business activities – three years,
  • When the data processing basis is consent, until the consent is withdrawn, and after the withdrawal of consent, for a period corresponding to the statute of limitations for claims that the Administrator may raise and that may be raised against him. Unless a special provision states otherwise, the limitation period is six years, and for periodic benefits and claims related to business activities – three years.
  • Additional information may be collected during the use of the website, in particular: the IP address assigned to the Service Recipient’s computer or the external IP address of the Internet provider, domain name, browser type, access time, and operating system type.
  • Upon separate consent, based on Article 6(1)(a) of the GDPR, data may also be processed for the purpose of sending commercial information electronically or making telephone calls for direct marketing – in accordance with Article 10(2) of the Act of 18 July 2002 on the provision of electronic services or Article 172(1) of the Act of 16 July 2004 – Telecommunications Law, including those directed as a result of profiling, provided the Service Recipient has given appropriate consent.
  • Navigational data may also be collected from Service Recipients, including information about links and references they choose to click on or other actions taken on the website. The legal basis for such actions is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR), consisting of facilitating the use of services provided electronically and improving the functionality of these services.
  • Providing personal data by the Service Recipient is voluntary.
    The Administrator takes special care to protect the interests of the persons to whom the data pertains, and ensures that the data collected is:
    Processed in accordance with the law,
  • Collected for specified, lawful purposes and not subjected to further processing incompatible with those purposes,
  • Factually correct and adequate in relation to the purposes for which it is processed, and stored in a form that allows the identification of the persons to whom it pertains, no longer than necessary to achieve the purpose of processing.

§ 3
DISCLOSURE OF PERSONAL DATA

  • Personal data of Service Recipients is transferred to service providers used by the Administrator in running the website, in particular to:
    • Hosting providers,
    • Providers of software that enables business operations,
    • Entities providing mailing system services,
    • Providers of software necessary to operate the website.
  • The service providers referred to in point 1 of this paragraph, to whom personal data is transferred, depending on contractual arrangements and circumstances, either follow the Administrator’s instructions regarding the purposes and methods of processing this data (processors) or independently determine the purposes and methods of processing (controllers).
  • The personal data of Service Recipients is stored exclusively within the European Economic Area (EEA), subject to § 5 point 5 and § 6 of the Privacy Policy.

§ 4
RIGHT TO CONTROL, ACCESS, AND RECTIFY PERSONAL DATA

  • The person whose data is being processed has the right to access their personal data, as well as the right to rectify, delete, limit processing, transfer data, object, and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Legal bases for the Service Recipient’s request:
    • Access to data – Article 15 of the GDPR
    • Rectification of data – Article 16 of the GDPR
    • Deletion of data (the “right to be forgotten”) – Article 17 of the GDPR
    • Limitation of processing – Article 18 of the GDPR
    • Data transfer – Article 20 of the GDPR
    • Objection – Article 21 of the GDPR
    • Withdrawal of consent – Article 7(3) of the GDPR
    •  
  • To exercise the rights mentioned in point 2, you can send an appropriate email to: reklamacje@partnertele.com.
  • When the Service Recipient exercises their rights arising from the aforementioned provisions, the Administrator will comply with the request or refuse to comply with it immediately, but no later than within one month of receiving the request. However, if the nature of the request is complex or there are numerous requests, the Administrator may extend the deadline by an additional two months, informing the Service Recipient within one month of receiving the request about the extension and the reasons for it.
  • If it is determined that the processing of personal data violates the provisions of the GDPR, the person whose data is being processed has the right to file a complaint with the President of the Office for Personal Data Protection.

§ 5
COOKIES

  • The Administrator’s website uses cookies.
  • The installation of cookies is necessary for the proper functioning of the website. Cookies contain information essential for the proper operation of the website and also allow for the compilation of general statistics regarding website visits.
  • Two types of cookies are used on the website: “session” and “permanent.”
    “Session” cookies are temporary files stored on the Service Recipient’s end device until they log out (leave the website).
    “Permanent” cookies are stored on the Service Recipient’s end device for the time specified in the parameters of the cookies or until they are deleted by the Service Recipient.
  • The Administrator uses its own cookies to better understand how Service Recipients interact with the content of the website. Cookies collect information about how the Service Recipient uses the website, the type of website from which the Service Recipient was redirected, the number of visits, and the time of the Service Recipient’s visit to the website. This information does not record specific personal data of the Service Recipient but is used to compile usage statistics for the website.
  • The Administrator uses external cookies to collect general and anonymous statistical data via analytical tools such as Google Analytics (external cookies administrator: Google LLC, based in the USA).
    Cookies may also be used by advertising networks, particularly the Google network, to display ads tailored to how the Service Recipient uses the website. For this purpose, they may retain information about the Service Recipient’s navigation path or the time spent on a given page.
  • The Service Recipient has the right to decide on the access of cookies to their computer by:
    Selecting the types of cookies they consent to collect right after entering the website and seeing the cookie notice,
    Changing the settings in their browser window. Detailed information about the possibilities and methods of handling cookies is also available in the settings of the software (web browser).

§ 6
ADDITIONAL SERVICES RELATED TO USER ACTIVITY ON THE WEBSITE

  • The website uses social plugins (“plugins”) from social media services. When displaying the www.bluestar.pl website containing such a plugin, the Service Recipient’s browser will establish a direct connection with the servers of Facebook and Google.
  • The content of the plugin is transmitted by the respective service provider directly to the Service Recipient’s browser and integrated into the website. This integration allows the service providers to receive information that the Service Recipient’s browser has accessed the www.bluestar.pl website, even if the Service Recipient does not have a profile with the service provider or is not currently logged in. This information (including the Service Recipient’s IP address) is sent by the browser directly to the service provider’s server (some servers are located in the USA) and stored there.
  • If the Service Recipient logs in to one of the above social media services, the service provider can directly associate the visit to the www.bluestar.pl website with the Service Recipient’s profile in the respective social media service.
    If the Service Recipient uses the plugin, for example, by clicking the “Like” or “Share” button, the corresponding information will also be transmitted directly to the service provider’s server and stored there.
  • The purpose and scope of data collection and their further processing and use by service providers, as well as the Service Recipient’s rights in this regard and options for privacy settings, are described in the service providers’ privacy policies:
    Facebook Privacy Policy
    Google Privacy Policy
  • If the Service Recipient does not want social media services to associate the data collected during visits to the www.bluestar.pl website directly with their profile in the respective service, they must log out of that service before visiting the www.bluestar.pl website. The Service Recipient can also completely prevent the loading of plugins on the website by using appropriate browser extensions, such as script blocking with “NoScript.”
  • The Administrator uses remarketing tools on its website, such as Google Ads, which involve the use of cookies by Google LLC related to the Google Ads service. Within the cookie settings management mechanism, the Service Recipient can decide whether the Service Provider will be able to use Google Ads (external cookie administrator: Google Inc., based in the USA) concerning them.

§ 7
FINAL PROVISIONS

  • The Administrator employs technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data covered by protection, and in particular, secures data against unauthorized access, unauthorized acquisition, processing in violation of applicable laws, and alteration, loss, damage, or destruction.
  • The Administrator provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically.
  • In matters not regulated by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law apply accordingly.