1. General Information

1. This policy applies to the Website, operating under the url: delifoods.pl
2. The operator of the website and the administrator of personal data is: Delifoods sp. z o.o. ul. Parysa 91, 20-712 Lublin. NIP: 7123304988, REGON: 363344416, KRS: 0001212227
3. Operator’s email address: info@delifoods.pl
4. The Operator is the Administrator of your personal data in relation to the data provided voluntarily on the Website.
5. The website uses personal data for the following purposes:
   1. Handling inquiries via the form
   2. Presentation of the offer or information
6. The website collects information about users and their behavior in the following ways:
   1. Through data voluntarily entered into forms, which is then entered into the Operator’s systems.
   2. By storing cookies on end devices.

2. Selected data protection methods used by the Operator

1. Login and personal data entry fields are protected at the transmission layer (SSL certificate). This means that personal data and login details entered on the website are encrypted on the user’s computer and can only be read on the target server.
2. In order to minimize the risk of unauthorized access to data, the Operator uses complex passwords containing lowercase and uppercase letters, numbers, and special characters, no shorter than 8 characters.
3. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.
4. In order to protect data, the Operator regularly makes backup copies.

3. Hosting

1. The website is hosted (technically maintained) on the operator’s server: zenbox.pl
2. Registration details of the hosting company: cyber_Folks S.A. with its registered office in Poznań, ul. Wierzbięcice 1B, 61-569 Poznań, entered in the National Court Register by the District Court Poznań – Nowe Miasto i Wilda in Poznań, 8th Commercial Division of the National Court Register under KRS number 0000685595, REGON 367731587, NIP 7792467259, share capital PLN 306,288.00 paid in full.
3. At https://zenbox.pl, you can learn more about hosting and check the hosting company’s privacy policy.
4. Hosting company:
   1. uses measures to protect against data loss (e.g., disk arrays, regular backups),
   2. uses adequate measures to protect processing sites in the event of a fire (e.g., special fire extinguishing systems),
   3. uses adequate measures to protect processing systems in the event of a sudden power failure (e.g., dual power supply lines, generators, UPS power backup systems),
   4. applies physical security measures to protect access to data processing sites (e.g., access control, monitoring),
   5. applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g., control of environmental conditions, specialized air conditioning systems),
   6. implements organizational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.),
   7. appointed a Data Protection Officer.
5. In order to ensure technical reliability, the hosting company keeps logs at the server level. The following may be recorded:
   1. resources specified by a URL identifier (addresses of requested resources – pages, files),
   2. time of inquiry,
   3. time of sending the reply,
   4. client station name – identification performed by the HTTP protocol,
   5. information about errors that occurred during the execution of HTTP transactions,
   6. URL address of the website previously visited by the user (referrer link) – if the transition to the Website took place via a link,
   7. information about the user’s browser,
   8. information about the IP address,
   9. diagnostic information related to the process of ordering services independently via the recorders on the website,
   10. information related to the handling of e-mail addressed to the Operator and sent by the Operator.

4. Your rights and additional information about how your data is used

1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to the following groups of recipients:
   1. hosting company on a trust basis
   2. authorized employees and associates who use the data to fulfill the purpose of the website
   3. companies providing marketing services to the Administrator
2. Your personal data will be processed by the Administrator for no longer than is necessary to perform the activities related to them, as specified in separate regulations (e.g., on accounting). With regard to marketing data, the data will not be processed for longer than 3 years.
3. You have the right to request from the Administrator:
   1. access to your personal data,
   2. their corrections,
   3. removal,
   4. processing restrictions,
   5. and data transfer.
4. You have the right to object to the processing referred to in point 3.3 c) to the processing of personal data for the purposes of the legitimate interests pursued by the Controller, including profiling, but the right to object shall not apply where there are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, in particular for the establishment, exercise, or defense of legal claims.
5. The Administrator’s actions may be appealed to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
6. Providing personal data is voluntary, but necessary for the operation of the Website.
7. Automated decision-making, including profiling, may be used in relation to you for the purpose of providing services under the concluded agreement and for the purpose of direct marketing by the Administrator.
8. Personal data is transferred from third countries within the meaning of data protection regulations. This means that we transfer it outside the European Union.

5. Information in forms

1. The website collects information provided voluntarily by the user, including personal data, if provided.
2. The service may store information about connection parameters (time stamp, IP address).
3. In some cases, the website may store information that facilitates linking the data in the form with the email address of the user filling out the form. In such cases, the user’s email address appears within the URL of the page containing the form.
4. The data provided in the form is processed for the purpose resulting from the function of a specific form, e.g. to process a service request or commercial contact, register services, etc. Each time, the context and description of the form clearly informs you what it is used for.

6. Administrator Logs

1. Information about user behavior on the website may be logged. This data is used for the purpose of administering the website.

7. Important marketing techniques

1. The operator uses statistical analysis of website traffic via Google Analytics (Google Inc., based in the USA). The operator does not transfer personal data to the operator of this service, only anonymized information. The service is based on the use of cookies on the user’s end device. With regard to information about user preferences collected by the Google advertising network, the user can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/
2. The Operator uses remarketing techniques that allow advertising messages to be tailored to the user’s behavior on the website, which may give the illusion that the user’s personal data is being used to track them, but in practice no personal data is transferred from the Operator to advertising operators. The technological prerequisite for such activities is the enabling of cookies.

8. Information about cookies

1. This website uses cookies.
2. Cookies are IT data, in particular text files, which are stored on the Website User’s end device and are intended for use on the Website’s pages. Cookies usually contain the name of the website they come from, their storage time on the end device, and a unique number.
3. The entity placing cookies on the Website User’s end device and accessing them is the Website operator.
4. Cookies are used for the following purposes:
   1. maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on every subpage of the Website;
   2. achieving the objectives set out above in the section “Significant marketing techniques”;
5. The Website uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User’s end device until they log out, leave the website, or close the software (web browser). Persistent cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
6. Software for browsing websites (web browser) usually allows cookies to be stored on the User’s end device by default. Website users can change their settings in this regard. A web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help section or documentation of your web browser.
7. Restrictions on the use of cookies may affect some of the functionalities available on the Website.
8. Cookies placed on the Website User’s end device may also be used by entities cooperating with the Website operator, in particular the following companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing cookies – how to give and withdraw consent in practice?

1. If you do not want to receive cookies, you can change your browser settings. Please note that disabling cookies necessary for authentication, security, and maintaining user preferences may hinder, and in extreme cases may prevent, the use of websites.
2. To manage cookie settings, select the web browser you use from the list below and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

   Mobile Devices:

   • Android
   • Safari (iOS)
   • Windows Phone

GDPR

In accordance with Article 13(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), we hereby inform you that the personal data received will be processed in accordance with generally applicable regulations on the protection of personal data, and in particular:
1. The controller of the personal data provided by you is DELIFOODS SP. Z O.O., 20-217 Lublin, ul. Parysa 91 , telephone number: 815276060, e-mail address: info@delifoods.pl
2. The basis for the processing of personal data is Article 6(1)(b) of the GDPR – processing is necessary for the performance of the contract to which you are a party.
3. The personal data you provide will be stored for the time necessary to perform the contract and until the expiry of the limitation period for claims arising from this contract.
4. The processing of data such as telephone number and email address serves to facilitate contact and the transfer of information related to the conclusion of the contract. Providing this data is not necessary, but it will greatly facilitate communication and improve the transfer of information between the parties to the contract.
5. You have the right to access your personal data, the right to rectify it, request its deletion, as well as the right to restrict its processing, the right to transfer data, and the right to object to the processing of personal data.
6. Furthermore, if you believe that the processing of your personal data violates the provisions of the EU GDPR, you have the right to lodge a complaint with a supervisory authority. Since May 25, 2018, this authority is the President of the Personal Data Protection Office.
7. Personal data will be disclosed to third parties only to the extent necessary for the performance of the contract.
8. The data will not be subject to profiling.