Privacy Policy cameon.eu

1. GENERAL PROVISIONS

  1. The controller of personal data collected via the website cameon.eu is Martyna Marczak, conducting business under the name CAMEON, entered into the Central Registration and Information on Business (CEIDG) of the Republic of Poland, maintained by the minister competent for economic affairs, Tax ID (NIP): 5932649262, REGON: 542298416, email address: contact@cameon.eu, hereinafter referred to as the „Controller”.
  2. Personal data collected by the Controller through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation — GDPR), as well as the Polish Personal Data Protection Act of 10 May 2018.

2. TYPES OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF COLLECTION

  1. PURPOSE AND LEGAL BASIS FOR PROCESSING. The Controller processes personal data through cameon.eu in the following cases:
    • When the user uses the contact form. Personal data are processed on the basis of Article 6(1)(f) of the GDPR as the legitimate interest of the Controller.
  2. TYPES OF PERSONAL DATA PROCESSED. The Controller may process the following categories of user data:
    • First and last name,
    • Email address.
  3. DATA RETENTION PERIOD. User data will be retained:
    • If processing is based on contract performance, for the duration necessary to fulfil the contract and, after that, for the period of limitation of claims (six years, or three years for periodic benefits or claims related to business activity, unless otherwise provided by specific law).
    • If processing is based on consent, until the consent is withdrawn, and after withdrawal, for the period of limitation of claims that the Controller may pursue or that may be pursued against the Controller (same limitation periods apply).
  4. During use of the website, additional technical data may be collected, such as: IP address, external IP address of the internet provider, domain name, browser type, access time, operating system type.
  5. Navigational data may also be collected, including information about links clicked or actions taken on the site. The legal basis is the legitimate interest of the Controller (Article 6(1)(f) GDPR) to improve the functionality and user experience of the website.
  6. The provision of personal data by the user is voluntary.
  7. The Controller takes special care to protect the interests of data subjects, and ensures that:
    • Data are processed lawfully,
    • Collected for specific, lawful purposes and not further processed in a manner incompatible with those purposes,
    • Factually correct and adequate for the purposes for which they are processed, and kept in a form allowing identification no longer than necessary.

3. SHARING OF PERSONAL DATA

  1. User data may be shared with service providers used by the Controller to operate the website. These providers may act as processors (acting under instructions from the Controller) or as independent data controllers (determining their own purposes and means of processing).
  2. User data are stored exclusively within the European Economic Area (EEA).

4. RIGHT TO CONTROL, ACCESS AND CORRECT PERSONAL DATA

  1. The data subject has the right to access their data, rectify, delete or restrict processing, the right to data portability, object to processing, and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  2. Legal basis for user rights:
    • Access – Article 15 GDPR
    • Rectification – Article 16 GDPR
    • Erasure („right to be forgotten”) – Article 17 GDPR
    • Restriction of processing – Article 18 GDPR
    • Data portability – Article 20 GDPR
    • Objection – Article 21 GDPR
    • Withdrawal of consent – Article 7(3) GDPR
  3. To exercise these rights, send an email to: contact@cameon.eu.
  4. Upon receiving a valid request, the Controller will respond without undue delay, and no later than within one month. If the request is complex or numerous, the Controller may extend the response time by two additional months, but must inform the user within one month of the reason for the delay.
  5. If a data subject believes their rights under GDPR have been violated, they have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO) in Poland.

5. COOKIES

  1. The Controller’s website uses only essential technical cookies necessary for the proper functioning of the website (e.g. for handling the contact form or displaying graphic elements correctly). We do not use cookies for marketing or analytical purposes.
  2. The installation of cookies is necessary for proper service delivery. Cookies store information required for the correct functioning of the website.
  3. The site uses session cookies:
    • Session cookies are temporary and stored on the user’s device until they log out or leave the website.
  4. Users can manage cookie access via their browser settings. Detailed information on cookie management can be found in the browser’s help documentation.

6. FINAL PROVISIONS

  1. The Controller uses appropriate technical and organizational measures to secure personal data against unauthorized access, loss, alteration, or destruction.
  2. The Controller provides security measures that prevent data from being accessed or modified by unauthorized persons during electronic transmission.
  3. In matters not regulated by this Privacy Policy, the provisions of the GDPR and other relevant Polish legal regulations shall apply.