Login

Privacy Policy

§1 Personal data administration

  1. The personal data controller is MAŁGORZATA BOCHIŃSKA, conducting business under the name “TECH-PLAST” MAŁGORZATA BOCHIŃSKA, ul. Wrocławska 7B, 55-220 Jelcz-Laskowice. The business is registered in the Central Registration and Information on Business under the Tax Identification Number (NIP): 9121315701, and the National Business Registry Number (REGON): 021741438.
  2. You can contact the person supervising personal data processing within the organization by email at biuro@tech-plast.com.pl, in writing at the Controller’s address, or by phone at 603121990.
  3. This Policy sets out the principles governing the processing of personal data by the Controller on the Website, including the basis, purposes, and scope of personal data processing, and the rights of data subjects.
  4. Personal data are processed by the Controller in accordance with applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official text of the GDPR: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679.
  5. User rights are not absolute and do not apply to all personal data processing activities.
  6. The Controller has appointed a Data Protection Officer (DPO). For matters related to personal data processing, please contact the Data Protection Officer: MAŁGORZATA BOCHIŃSKA, biuro@tech-plast.com.pl. The user may contact the DPO in particular to exercise their rights under the GDPR or to obtain information regarding the processing of their personal data.

§2 Definitions

  1. Administrator – MAŁGORZATA BOCHIŃSKA, conducting business under the name “TECH-PLAST” MAŁGORZATA BOCHIŃSKA, ul. Wrocławska 7B, 55-220 Jelcz-Laskowice. The business is registered in the Central Register and Information on Business Activity under the Tax Identification Number (NIP): 9121315701, National Business Registry Number (REGON): 021741438.
  2. Personal Data – information about a natural person identified or identifiable by one or more specific factors determining their physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, online identifier, and information collected via cookies and other similar technologies.
  3. Policy – this Privacy Policy.
  4. Cookie Policy – a document specifying the rules for the use of cookies on the Website, available at: https://tech-plast.com.pl/en/cookie-policy/.
  5. Profiling – automated processing of personal data that involves analyzing and predicting user behavior.
  6. GDPR / GDPR Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  7. Website – the website operated by the Administrator at tech-plast.com.pl.
  8. User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.

§3 Security

  1. The Controller has implemented appropriate technical and organisational measures to ensure the security of personal data processing, and in particular is responsible for and ensures that the data collected by him are:
    • processed lawfully;
    • collected for specified, legitimate purposes and not subject to further processing incompatible with those purposes;
    • substantively accurate and adequate in relation to the purposes for which they are processed;
    • stored in a form that permits the identification of data subjects for no longer than is necessary to achieve the purpose of processing, and processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage, using appropriate technical or organizational measures.

§4 Purposes and legal basis of data processing

  1. Pursuant to Article 6(1)(a) of the GDPR (consent), personal data may be processed for the following purposes:
    • Retargeting and behavioral advertising, including the display of personalized ads based on the user’s activity history on the Website and other websites. Data processing for these purposes is based solely on the User’s consent expressed in the cookie banner. Data may be collected using cookies and similar technologies, in accordance with the Cookie Policy.
    • Saving data in cookies in accordance with the Cookie Policy available at: https://tech-plast.com.pl/en/cookie-policy/.
    • Contact via remote communication tools, in particular:
    • telephone, email, or apps.
    • Content moderation.
    • Content personalization.
    • Marketing the Controller’s and its partners’ products and services.
    • Participating in a webinar or online training.
    • Participating in contests and loyalty programs.
    • Inviting participants to participate in surveys and market research.
  2. Pursuant to Article 6(1)(b) of the GDPR (performance of a contract), personal data may be processed for the following purposes:
    • Performing a sales contract or a contract for the provision of a Service, or taking action at the request of the data subject before or after entering into the contract, in particular:
    • the right to warranty, complaint processing.
    • Complaints or withdrawal from a contract concluded remotely.
  3. Pursuant to Article 6(1)(c) of the GDPR Regulation (legal obligation incumbent on the Controller), personal data may be processed for the following purposes:
    • Issuing and storing invoices, bills, or fulfilling other obligations arising from tax and accounting regulations (archiving obligations regarding accounting documents).
    • Cooperating with law enforcement agencies and public institutions.
    • Creating registers and other documentation required by the GDPR.
  4. Pursuant to Article 6(1)(f) of the GDPR Regulation (legitimate interest of the Controller), personal data may be processed for the following purposes:
    • Operating the tech-plast.com.pl Website.
    • Saving data necessary for the proper operation of the Website in cookies
    • in accordance with the Cookie Policy.
    • Managing accounts on Facebook, Instagram, and TikTok and interacting with
    • Users of the indicated portals.
    • Securing the security of the Website, managing the Website, and ensuring its proper
    • operation.
    • Preparing statistics and traffic analyses on the Website.
    • Direct marketing.
    • Determining claims raised by or against the Administrator.
    • Contacting the User.
  5. Personal data may also be processed for other purposes if the Controller has an appropriate legal basis for doing so, in particular pursuant to Article 6 of the GDPR, provided that this purpose does not violate the User’s rights and freedoms. In such a case, the User will be informed of the new processing purpose before processing for this purpose begins.

§5 Profiling

  1. The Administrator uses profiling for marketing purposes, which involves analyzing User activity on the Website using cookies and similar technologies.
  2. Profiling may include:
    • personalizing ads based on browsing history,
    • analyzing User interactions with content on the Website,
    • adapting the displayed advertising content on external websites (e.g., Google Ads, Facebook).
  3. Profiling is performed solely based on the User’s consent.
  4. The User may withdraw consent to profiling at any time by changing their settings or by contacting the Administrator at biuro@tech-plast.com.pl.

§6 Period of processing of Personal Data

  1. The period of data processing by the Controller depends on the type of service provided and the purpose of processing. Generally, data is processed for the duration of the service provision, until the consent is withdrawn or an effective objection is raised to data processing in cases where the legal basis for data processing is the Controller’s legitimate interest.
  2. The data processing period may be extended if processing is necessary to establish and pursue potential claims or defend against claims, and after that period only if and to the extent required by law.
  3. After the processing period expires, the data is irreversibly deleted or anonymized.
  4. Specific data storage periods vary depending on the purpose, e.g.:
    • Data related to the performance of the contract – stored for the duration of the contract and then until the statute of limitations for claims expires (3 or 6 years).
    • Accounting and tax data – stored for the period required by tax law (currently 5 years).
    • Data obtained on the basis of consent – ​​stored until consent is withdrawn.
    • Data related to user inquiries – stored for up to 12 months after the end of the correspondence.

§7 User Rights

  1. The User has the following rights in relation to his/her personal data:
    • Access to your personal data,
    • Rectification of your personal data at any time,
    • Delete your personal data at any time,
    • Receive a copy of your data,
    • Restrict the processing of your personal data,
    • Object to the processing of your personal data,
    • Portability of your personal data,
    • Withdraw consent; withdrawal of consent does not affect the lawfulness of processing
    • performed before its withdrawal,
    • Object to the processing of your personal data based on the legitimate interest of the Controller for marketing purposes, direct marketing, and
    • for purposes other than marketing,
    • To lodge a complaint with a supervisory authority.
  2. In matters concerning the exercise of their rights, the User may contact the Data Protection Officer (DPO) by sending an email to biuro@tech-plast.com.pl.
  3. In certain cases, the Data Controller may refuse to comply with the User’s request if legal provisions require further data processing.

§8 Recipients of personal data

  1. To properly operate the Website, the Administrator transfers Users’ personal data to other external entities, in particular: hosting companies, courier companies, payment processors, and banks.
  2. The Administrator reserves the right to disclose personal data when required by applicable law, including the obligation to provide information to the relevant administrative or law enforcement authorities.

§9 Personal Data Security

  1. The Controller conducts ongoing risk analysis to ensure that Personal Data is processed securely. Through this process, it ensures, above all, that only authorized individuals have access to the data and only to the extent necessary for the tasks they perform.
  2. The Controller is obligated to take all legally permitted measures to ensure that all operations on Personal Data are recorded and performed only by authorized entities.
  3. The Controller is also obligated to ensure that other entities cooperating with the Controller guarantee the use of appropriate security measures whenever they process Personal Data on behalf of the Controller.
  4. The Controller uses technical security measures, such as data transmission encryption (SSL/TLS), restricted system access, and procedures to protect against unauthorized access to data.

§10 Changes to the Privacy Policy

  1. The Policy is reviewed and updated on an ongoing basis.
  2. The current version of the Policy was adopted and is effective from November 7, 2025.
  3. The legal compliance of this document is guaranteed by lawyers from the KZ Law Firm.

Need
proven solutions?

With us you will find what you are looking for – quickly and conveniently

View products