Privacy Policy
privacy policy
This document governs the Privacy and Cookies Policy
for the website available at https://tdi-cad.pl, owned by
TDI-CAD Elżbieta Dedich, ul. Zbarska 2, 54-620 Wrocław
§1 Personal Data Administrator
1.1 The administrator of your personal data is TDI-CAD Elżbieta Dedich, ul. Zbarska 2,
54-620 Wrocław, NIP 7531937275 REGON 360626960 (hereinafter referred to as: "Administrator").
1.2 Administrator's contact details:
Correspondence address: ul. Zbarska 2, 54-620 Wrocław
E-mail address: biuro@tdi-cad.pl
Phone: 888 203 047
1.3 The Administrator has appointed a Data Protection Inspector (DPO).
1.4 Responsibilities related to the protection of personal data are performed by Tomasz Dedich.
§2 Definitions
Administrator – Personal Data Administrator, the entity that decides on the purposes and means of processing personal data
Personal data - information about natural persons, they concern a person identified or identifiable, directly or indirectly; personal data include, in particular, an identification number, factors determining physical, physiological, mental, economic, cultural or social characteristics
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
Privacy and cookies policy - this document hereinafter referred to as the "Policy"
Website – website run by the Administrator at: https://tdi-cad.pl
Website User – any natural person visiting the Website or using at least one service provided by the Administrator or a function of the Website
Cookies - in Polish "cookies", are small pieces of information in the form of a text string placed or read by the website in the web browser used by the User.
JDG entrepreneurs - natural persons running a business on the basis of an entry in the Central Register and Information on Business
§3 General provisions
3.1 The Administrator collects data of Users of the Website located at:
https://tdi-cad.pl.
3.2 The type of data collected by the Administrator depends on the service offered by the Administrator and used by the User.
3.3 Personal data will be processed by the Administrator in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as the General Regulation on the protection of personal data, hereinafter referred to as "GDPR".
3.4 Providing any personal data is voluntary and depends on the User's decision. However, in some cases, providing specific personal data is necessary to meet the User's expectations regarding the use of the services offered by the Administrator.
3.5 The services offered by the Administrator on the Website are offered to persons who are over 18 years of age. Therefore, the Administrator does not consciously process children's personal data.
§4 Purpose, basis and time of data processing
4.1 Customer Account Registration
4.1.1 Whose data is processed?
The data of persons who have registered their account on the website https://tdi-cad.pl are processed.
4.1.2 What data is processed?
- name and surname
- e-mail address
- delivery address
- billing address
- company name and Tax Identification Number (JDG Entrepreneurs)
4.1.3 What is the purpose of data processing?
The data will be processed for the purpose of providing services related to maintaining and servicing an account on the Website.
4.1.4 What is the legal basis for data processing?
- Preparation and execution of the contract – art. 6 section 1 letter b GDPR.
- Justified interest of the Administrator in order to optimize the services provided - Art. 6 section 1 letter f GDPR.
4.1.5 What is the data storage period?
The data is processed until the contract is completed (e.g. deletion of the account from the Website), and then for the period necessary to establish, pursue or defend against claims.
4.1.6 Is it necessary to provide data?
Providing data is voluntary, but without providing the data you will not be able to create an account.
4.2 Order processing in the store:
4.2.1 Whose data is processed?
Data of people who placed an order on the website https://tdi-cad.pl.
4.2.2 What data is processed?
- name and surname
- e-mail address
- telephone number
- delivery address
- billing address
- company name and Tax Identification Number (JDG Entrepreneurs)
4.2.3 What is the purpose of data processing?
The data will be processed for the purpose of fulfilling the order, complaint proceedings, pursuing or defending against claims, as well as in connection with the fulfillment of obligations related to tax and accounting regulations.
4.2.4 What is the legal basis for data processing?
- Preparation and execution of the contract – art. 6 section 1 letter b GDPR.
- Legitimate interest in determining, investigating and defending against possible claims - Art. 6 section 1 letter f GDPR.
- Fulfillment of the legal obligation imposed on the Administrator - Art. 6 section 1 letter c GDPR.
4.2.5 What is the data storage period?
- Data are processed until the contract is performed, while data obtained for the fulfillment of legal obligations are processed until they are fulfilled.
- Data processed on the basis of legitimate interest is processed until its implementation or the User submits an effective objection. The above processing periods may be extended by a maximum of the time necessary to establish, pursue or defend against claims. After this period, personal data will be anonymized or deleted.
4.2.6 Is it necessary to provide data?
Providing data is voluntary, but without providing the data it will not be possible to process the order.
4.3 Newsletter:
4.3.1 Whose data is processed?
Data of people who have signed up for the Newsletter.
4.3.2 What data is processed?
Data provided by the User who has a Customer Account, in particular the e-mail address.
4.3.3 What is the purpose of data processing?
- Providing the Newsletter service, providing information about discounts, promotions and new offers.
- Matching the content of the ordered Newsletter service to the User's activity on the Website.
4.3.4 What is the legal basis for data processing?
- Performance of the contract for the provision of the Newsletter service - art. 6 section 1 letter b GDPR.
- Legitimate interest in direct marketing (information about the offer, new products, personalization of content) - Art. 6 section 1 letter f GDPR.
4.3.5 What is the data storage period?
Personal data will be processed until the User withdraws consent to processing, and then for the period necessary to establish, pursue or defend against claims. After this period, personal data will be anonymized or deleted.
4.3.6 Is it necessary to provide data?
Providing data is voluntary, but without providing the data it will not be possible to subscribe to the Newsletter.
4.4 Contact form:
4.4.1 Whose data is processed?
Data of people who contact us via the contact form.
4.4.2 What data is processed?
- name
- e-mail address
4.4.3 What is the purpose of data processing?
Identification of the contacting User and answering the question.
4.4.4 What is the legal basis for data processing?
Legitimate interest - art. 6 section 1 letter f GDPR.
4.4.5 What is the data storage period?
Until the limitation period for claims expires.
4.4.6 Is it necessary to provide data?
Providing data is voluntary, but necessary for User verification.
4.5 Product availability information:
4.5.1 Whose data is processed?
Details of people who want to receive information about product availability.
4.5.2 What data is processed?
- name
- e-mail address
4.5.3 What is the purpose of data processing?
Providing information about product availability.
4.5.4 What is the legal basis for data processing?
Providing information about product availability based on the consent granted - Art. 6 section 1 letter a GDPR.
4.5.5 What is the data storage period?
The data is processed for the period necessary to provide information or until consent is withdrawn, depending on which event occurs first.
4.5.6 Is it necessary to provide data?
Providing data is voluntary, but necessary to provide information.
4.6 Loyalty program
4.6.1 Whose data is processed?
Data of people participating in the loyalty program.
4.6.2 What data is processed?
Data required when joining the program.
4.6.3 What is the purpose of data processing?
- Information about promotional campaigns, discounts, new products.
- Conducting analytical and statistical activities.
- Establishing, pursuing or defending claims.
4.6.4 What is the legal basis for data processing?
- Conclusion or performance of an agreement on participation in a loyalty program - Art. 6
paragraph 1 letter b GDPR.
- For analytical and statistical purposes - Art. 6 section 1 letter f GDPR.
- Establishing, pursuing or defending claims - Art. 6 section 1 letter f GDPR.
4.6.5 What is the data storage period?
For the duration of the contract, i.e. until the User ends his participation in the loyalty program, terminates it and/or until he raises an objection or withdraws his consent.
4.6.6 Is it necessary to provide data?
Providing data is voluntary, but necessary to participate in the loyalty program.
§5 Entrusting and sharing personal data
5.1 In connection with its business activities, the Administrator may disclose personal data to the following entities if it is necessary to achieve the purposes of processing:
5.1.1 Companies providing services or IT solutions,
5.1.2 Companies providing courier and postal services,
5.1.3 Banks and other financial and payment institutions,
5.1.4 Public authorities receiving data in connection with the implementation of the Administrator's legal obligations,
5.1.5 Companies providing marketing activities,
5.1.6 Employees and collaborators,
5.1.7 Companies providing accounting and accounting services.
§6 Website user rights
6.1 In connection with the processing of personal data, the User has the following rights:
6.1.1 the right to access the content of your data - the User has the right to obtain information regarding his/her personal data stored by the Administrator, including a copy of this data.
6.1.2 the right to rectify (correct) your data - the User has the right to request the rectification of their personal data that is incorrect or incomplete.
6.1.3 the right to delete data - the User has the right to request the deletion of his or her personal data stored by the Administrator in the following cases: (a) the User's personal data are no longer necessary for the purposes for which they were collected, (b) the User has withdrawn consent to on which the processing is based and there is no other legal basis for processing, (c) the User has objected to the processing and there are no overriding legitimate grounds for processing or the objection concerns data processing for direct marketing purposes, (d) the User's personal data have been processed unlawfully, (e) personal data must be deleted in order to comply with a legal obligation under Union or national law.
6.1.4 the right to withdraw consent to the processing of personal data for marketing purposes at any time - the User has the right to withdraw consent to the processing of personal data at any time. Withdrawal of consent to processing will not affect the lawfulness of processing carried out before its withdrawal.
6.1.5 the right to limit data processing - the User has the right to request that the processing of his or her personal data be limited in the following cases: (a) the User questions the accuracy of the personal data, for a period enabling the Administrator to check the accuracy of the data, (b) the processing is unlawful , and the User objects to the deletion of personal data, requesting instead to limit their use, (c) The Administrator no longer needs the personal data for processing purposes, but they are necessary for the User to establish, pursue or defend claims, (d) The User has objected pursuant to art. 21(1) of the GDPR towards processing - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for objection.
6.1.6 the right to object to data processing (objection due to a special situation) - if the User's personal data are processed on the basis of the legitimate interest of the Administrator, the User has the right to object to the processing at any time, in accordance with Art. 21 GDPR.
6.1.7 the right to transfer data - the User has the right to receive personal data concerning him that he has provided to the Administrator in a structured, commonly used, machine-readable format, and has the right to send these personal data to another administrator without any hindrance from the Administrator to whom the data was provided personal data, if the processing is based on consent and in an automated manner.
6.1.8 the right to lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office.
6.2 If you wish to use the rights listed in point 6.1 of the Policy, please contact the Administrator.
§7 Transfer of personal data to third countries
The User's personal data will be transferred outside the European Economic Area.
§8 Cookie policy
8.1 Purpose of using cookies
8.1.1 The Administrator does not collect any information automatically, except for information contained in cookies.
8.1.2 Cookies are used in many ways.
8.1.3 Cookies are used for functional, content personalization, statistical, analytical and marketing purposes.
8.2 Types of cookies:
8.2.1 The website uses the following types of cookies:
- "session cookies", which are deleted from its hard drive after the browser session ends or the computer or mobile device is turned off.
- "persistent cookies", which are stored in the memory of a computer or mobile device until they are manually deleted by the User using appropriate tools in the web browser or they expire
- "third-party cookies" are information posted by scripts of other websites.
8.2.2 The Website uses the following types of cookies:
- "necessary", enabling the use of services available on the Website,
- "performance" cookies, enabling the collection of information about how the Website is used,
- "functional", enabling "remembering" the settings selected by the User
and personalization of the User interface, e.g. in terms of the selected language or region,
- "advertising", enabling the provision of advertising content to Users more tailored to their interests.
8.3 Google Analytics
- The website uses Google Analytics, a web services analysis service. Its supplier is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses the so-called "Cookies", text files that are saved on your computer and enable an analysis of your use of the website.
- Google Analytics cookies are stored on the basis of Art. 6 section 1 letter f) Personal Data Protection Regulation (GDPR). The administrator has a legitimate interest in analyzing user behavior both in order to optimize its online offer and its advertising.
- The Website User can read Google's privacy policy at: https://policies.google.com/privacy?hl=pl.
- If the Website User does not want information about him to be collected in this way, he can, for example, change his browser settings or use the tool https://tools.google.com/dlpage/gaoptout?hl=pl.
- The Administrator informs that in this case, the Website User's data is transferred outside the European Economic Area.
8.4 Meta Pixel (Facebook)
- The website uses Piksel Facebook, a service enabling effective marketing campaigns and product promotions. Its provider is Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA or, for users who are EU residents, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
- Facebook pixel is a short code placed on the website that allows you to measure the effectiveness of advertising based on the analysis of actions taken by users on the website, which we understand as our legitimate interest. (Article 6(1)(f) of the GDPR).
- The information collected as part of the Facebook Pixel is anonymous, i.e. it does not allow the User to be identified. We only know what actions have been taken as part of our website.
- With Facebook's privacy policy at: https://www.facebook.com/privacy/explanation.
- If the Website User does not want information about him to be collected in this way, he can, for example, change the settings by clicking the link: https://www.facebook.com/ads/preferences.
- The Administrator informs that in this case, the Website User's data may be transferred outside the European Economic Area.
8.5 Managing cookies:
8.5.1 Most often, browser settings allow cookies and other information to be placed on the end device by default. If the User does not agree to saving these files, it is necessary to change the web browser settings accordingly. It is possible to disable their saving for all connections from a given browser or for a specific website, as well as to delete them. How you manage your files depends on the software you use. The current file management rules can be found in the settings of the web browser used.
8.5.2 Information about managing cookies on your mobile phone can be found in the User Manual of your phone.8.2 Types of cookies:
8.2.1 The website uses the following types of cookies:
- "session cookies", which are deleted from its hard drive after the browser session ends or the computer or mobile device is turned off.
- "persistent cookies", which are stored in the memory of a computer or mobile device until they are manually deleted by the User using appropriate tools in the web browser or they expire
- "third-party cookies" are information posted by scripts of other websites.
8.2.2 The Website uses the following types of cookies:
- "necessary", enabling the use of services available on the Website,
- "performance" cookies, enabling the collection of information about how the Website is used,
- "functional", enabling "remembering" the settings selected by the User
and personalization of the User interface, e.g. in terms of the selected language or region,
- "advertising", enabling the provision of advertising content to Users more tailored to their interests.
8.3 Google Analytics
- The website uses Google Analytics, a web services analysis service. Its supplier is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses the so-called "Cookies", text files that are saved on your computer and enable an analysis of your use of the website.
- Google Analytics cookies are stored on the basis of Art. 6 section 1 letter f) Personal Data Protection Regulation (GDPR). The administrator has a legitimate interest in analyzing user behavior both in order to optimize its online offer and its advertising.
- The Website User can read Google's privacy policy at: https://policies.google.com/privacy?hl=pl.
- If the Website User does not want information about him to be collected in this way, he can, for example, change his browser settings or use the tool https://tools.google.com/dlpage/gaoptout?hl=pl.
- The Administrator informs that in this case, the Website User's data is transferred outside the European Economic Area.
8.4 Meta Pixel (Facebook)
- The website uses Piksel Facebook, a service enabling effective marketing campaigns and product promotions. Its provider is Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA or, for users who are EU residents, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
- Facebook pixel is a short code placed on the website that allows you to measure the effectiveness of advertising based on the analysis of actions taken by users on the website, which we understand as our legitimate interest. (Article 6(1)(f) of the GDPR).
- The information collected as part of the Facebook Pixel is anonymous, i.e. it does not allow the User to be identified. We only know what actions have been taken as part of our website.
- With Facebook's privacy policy at: https://www.facebook.com/privacy/explanation.
- If the Website User does not want information about him to be collected in this way, he can, for example, change the settings by clicking the link: https://www.facebook.com/ads/preferences.
- The Administrator informs that in this case, the Website User's data may be transferred outside the European Economic Area.
8.5 Managing cookies:
8.5.1 Most often, browser settings allow cookies and other information to be placed on the end device by default. If the User does not agree to saving these files, it is necessary to change the web browser settings accordingly. It is possible to disable their saving for all connections from a given browser or for a specific website, as well as to delete them. How you manage your files depends on the software you use. The current file management rules can be found in the settings of the web browser used.
8.5.2 Information about managing cookies on your mobile phone can be found in the User Manual of your phone.
8.5.3 Consent to the processing of cookies is voluntary. However, please remember that restrictions on their use may make it difficult or impossible to use some of the functionalities of the website located at: https:/tdi-cad.pl.
§9 Data security
9.1 The User's personal data is stored and protected with due care, in accordance with the implemented internal procedures of the Administrator. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular the provisions on the protection of personal data. These measures are primarily intended to protect Users' personal data against access by unauthorized persons.
9.2 In particular, access to Users' personal data is available only to authorized persons who are obliged to keep this data secret or entities entrusted with the processing of personal data on the basis of a separate data entrustment agreement.
§10 Final provisions
10.1 The Administrator reserves the right to change this Privacy and Cookies Policy. In such a case, an updated version will be published in this location.
10.2 To the extent not regulated by this Privacy Policy, personal data protection regulations apply.
10.3 This Privacy Policy is effective from March 9, 2023.