GDPR Regulations

Dear Sir or Madam ,

In connection with the entry into force on May 25, 2018 of the new regulation on the protection of personal data (“GDPR“), we would like to inform you that:

In accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR“), the administrator of your personal data is Merlion Sp. . z o.o. located at ul. Różana 3, 75-212 Koszalin with the NIP number 669-247-87-48

In order to answer questions regarding data processing, the Administrator has prepared a contact point that can be contacted by sending a message to the e-mail address biuro@merlion.pl

The administrator processes personal data in particular:

Guided by the principles of purposefulness and adequacy consisting in the fact that the Administrator processes your personal data in a strictly defined, minimum scope necessary to achieve the purpose referred to below.
Based on Art. 6 ust. 1 lit. b) and lit. c) GDPR in order to:
1. to take action before concluding the contract at the request of the data subject or to perform the contract to which the data subject is a party (the data necessary to conclude the contract are indicated on the contract form),
2. compliance with the legal obligation incumbent on the Administrator;
Based on Art. 6 ust. 1 lit. f) GDPR, i.e. on the basis of the Administrator’s legitimate interest in order to:
1. marketing of own products or services, including those personalized based on the customer’s profile,
2. organizing and conducting contests and other marketing campaigns,
3. investigating or securing claims,
4. conducting technical quality analyzes of the services and goods provided;
Based on art. 6 ust. 1 lit. a) RODO i.e. on the basis of separate consent in order to:
1. to verify the customer’s payment credibility based on information from economic information offices,
2. providing the customer with information about products and services cooperating with the Administrator about the change of the name (company), address or registered office, confirmation of accepting the complaint and replying to the indicated e-mail address (e-mail),
3. analysis of customer preferences, informing the customer about promotions and competitions, upcoming inspection dates and expiry of own and third-party products (e.g. insurance),
4. direct marketing of the Administrator’s own products or services,
5. direct marketing of products or services of entities cooperating with the Administrator, but the customer’s personal data will not be made available to third parties, and the information will be provided by the Administrator.
Activities related to direct marketing referred to in point 4 lit. d) and e) may be implemented by the Administrator using electronic means of communication (e.g. SMS, MMS, e-mail), telecommunications end devices (e.g. telephone, tablet) and automatic calling systems (e.g. devices used to initiate automatic phone calls).
In exceptional situations, your personal data may be transferred to a third country or an international organization only with your explicit consent obtained after prior presentation of the principles and potential effects of such transfer to you.
In the case specified in point 6, your data will be secured with the use of appropriate technical and technological solutions in accordance with good practices applied in the process of safe processing of personal data in a manner ensuring their confidentiality.
Your data will not be processed in an automated manner – decisions regarding your situation will not be made using specialized algorithms, including in the form of automatic profiling.Your data will not be processed in an automated manner – decisions regarding your situation will not be made using specialized algorithms, including in the form of automatic profiling.

The period for which personal data will be stored:

Your personal data processed in order to conclude or perform the contract and fulfill the Administrator’s legal obligation will be kept for the duration of the contract, and after its expiry for the period necessary to:
1. after-sale customer service (e.g. handling complaints),
2. securing or pursuing any claims due to the Administrator,
3. filling the Administrator’s legal obligation (e.g. resulting from tax or accounting regulations),
Your personal data processed for the purposes of marketing the Administrator’s own products or services on the basis of a legitimate legal interest, will be processed until an objection is raised or consent is withdrawn by the data subject.

In connection with the rights of the data subject, as the Administrator of your data, we provide you with:

the right to access your data (Article 15 of the GDPR),
the right to request the rectification of your data (Article 16 of the GDPR),
the right to request the deletion of your data (Article 17 of the GDPR),
the right to request the restriction of the processing of your data (Article 18 of the GDPR),
the right to transfer your data (Article 20 of the GDPR),
the right to object to the processing of your data (Article 21 of the GDPR and Article 6 ust. 1 lit. f) of the GDPR).

The use of the above rights is possible by sending a message by e-mail to the e-mail address: biuro@merlion.pl

We also inform you that you have the right to lodge a complaint to the supervisory entity competent for the protection of personal data and the right to withdraw consent to the processing of personal data. Withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal.

The rights listed above can be exercised by contacting the data protection officer or by sending correspondence to the Administrator (addresses are provided at the beginning).

Providing personal data is voluntary, but without you providing your data, we will not be able to implement marketing activities and the needs related to the implementation of concluded contracts.

Categories of data recipients (including entities processing personal data on behalf of the Administrator):

The administrator specifies groups of data recipients such as: Business partners (e.g. agents, sponsors), debt collection companies, insurance companies, banks, postal operators, carriers, economic information offices, document archiving companies, companies dealing with customer opinion research, partners providing technical services (e.g. developing and maintaining IT systems and websites).

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

We are waiting for you!