- The protection of privacy and the security of personal data are important values for us. Therefore, we take care of appropriate personal data protection of people visiting the website of LIBERTIST YACHTS Sp. z o.o. (hereinafter: the “Service”) and clearly define the terms and conditions of our use of this data. A person visiting the Website shall hereinafter be referred to as the “User”.
The Controller of personal data
- The Controller of personal data is LIBERTIST YACHTS Sp. z o.o. with its registered office in Lewiczyn 24B, 05-622 Belsk Duży, entered into the Register of Entrepreneurs of the National Court Register under the number KRS 0000940403, the registration files of which are kept by the District Court Lublin Wschód in Lublin with its registered office in Świdnik, 6th Commercial Division of the National Court Register, NIP: 7972077991, REGON: 520751940 (hereinabove and hereinafter: the “Controller”).
- The Controller is responsible among others, for:
- organization of security and protection of personal data in accordance with the requirements of the GDPR and the Personal Data Protection Act and other provisions governing the principles of security and protection of personal data;
- issuing and revoking authorizations to process personal data and keeping records of persons authorized to process personal data at the Controller’s;
- conducting investigation proceedings in the event of a breach of personal data protection;
- monitoring the activities of the Controller’s employees/associates in terms of compliance of data processing with the provisions of law;
- initiating and undertaking projects in the field of improving the protection of personal data;
- ongoing monitoring and ensuring the continuity of the Website.
- The Controller has not appointed a personal data protection supervisor. If you have any questions or concerns regarding the manner, form or scope of personal data processing, please contact us by e-mail: firstname.lastname@example.org and by post at the following correspondence address: Libertist Yachts, Lewiczyn 24B, 05-622 Belsk Duży.
Method and purpose of data processing
- Personal data are processed by the Controller for the following purposes and reasons:
- in order to perform the contract for the provision of services/sales contract of products by the Controller – in accordance with the principles listed in Article 6 (1) (a) and (b) of the GDPR and on the basis of the consent of the data subject, as well as at his/her request before the conclusion of the contract. Data may be processed until the expiration of the service contract/sales contract by the Controller, and after its expiration only if it is allowed under applicable law, e.g. for the purpose of pursuing claims;
- for the purposes of marketing with regard to the Controller’s products and services, including analysing and profiling data for marketing purposes, sending a newsletter, ensuring ICT security related to the website – in accordance with the principles listed in Article 6 (1) (f) of the GDPR, to the extent it is necessary for the purpose resulting from legitimate interests pursued by the Controller; Data may be processed until a User submits an objection;
- for marketing purposes regarding products and services offered by third parties, including analysing and profiling data for marketing purposes – in accordance with the principles listed in Article 6 (1) (a) of the GDPR, on the basis of the data subject’s consent. Data may be processed until a User’s consent is withdrawn;
- in order to fulfil the Controller’s legal obligations, including those arising from tax regulations, accounting regulations (Article 6 (1) (c) of the GDPR);
- Providing personal data is voluntary, but failure to provide data marked as necessary for the provision of services/sales makes it impossible to provide/sell them.
- Personal data processed by the Controller may be subject to profiling as one of the forms of automated processing of personal data.
- Personal data will not be transferred to third countries, i.e. outside the European Economic Area. In the case of transfers of personal data to third countries located outside the EEA, the Controller shall apply appropriate instruments to ensure the security of such data.
- The Controller may entrust the processing of personal data to entities processing personal data on behalf of the Controller, such as: authorized dealers of products offered by the Controller, a list of authorized dealers can be found in the footer of the website of www.libertis.eu, an entity providing hosting of the website on which the Website is run, external entities providing and supporting the Controller’s ICT systems, entities providing marketing services, including marketing agencies, e-mail provider, courier and postal companies, payment transaction operators.
- Personal data processed by the Controller may also be made available in cases provided for by law to relevant state authorities at their request on the basis of relevant provisions of law or to other persons and entities.
- The Controller may, in some cases, transfer data to recipients from third countries, i.e. from countries outside the European Economic Area, e.g. if it is necessary to provide services/sell the Controller’s product to the User. In this case, appropriate safeguards will be applied.
Personal data protection
- The protection of personal data is implemented through the use of safeguards in the form of appropriate organizational measures, physical protection measures and technical measures.
- Maintaining the security of personal data processed by the Controller is understood as ensuring their confidentiality, integrity, accountability and availability at an appropriate level.
- The safeguards applied are intended to ensure:
- data confidentiality – ensuring that information is not made available or disclosed to unauthorised persons, entities or processes;
- data integrity – ensuring that the data have not been altered or destroyed in an unauthorised manner;
- availability of data – ensuring the availability of data and the possibility of their use on request, in the assumed time, by an authorized entity;
- accountability of data – ensuring that the entity’s activities can be assigned unambiguously only to that entity;
- data authenticity – ensuring that the identity of the entity or a resource is as declared.
Rights of data subjects
- The data subject shall have the right to:
- access his/her data and receive a copy thereof;
- rectify (amend) his/her data;
- delete, limit or raise objections to the processing or his/her data;
- transfer of data;
- lodge a complaint with the supervisory authority, i.e. the President of the Office for the Protection of Personal Data. ul. Stawki 2, 00 – 193 Warsaw);
- withdraw his/ her consent from the Controller at any time without affecting the compliance with law of the processing that was carried out on the basis of the consent before its withdrawal.
- The Controller informs Users that when running the Website, it uses the mechanism of cookies (hereinafter referred to as ). Cookies are text files that are stored on the User’s end electronic device. Cookies may include in particular: the IP address assigned to the User’s computer or the external IP address of the Internet provider, domain name, browser type, access time, operating system type. Cookies used by the Controller are safe for the User and allow to adapt the Website individually to the User’s requirements.
- The Controller uses the following types of Cookies:
- internal cookies – files uploaded and read from the User’s end device by the Website ICT system
- external cookies – files posted and read from the User’s end device by the ICT systems of the websites of the Controllers’ partners, service providers or service recipients;
- temporary cookies – files uploaded and read from the User’s end device by a website or external websites during one session of a given end device (after the session, files are deleted from the User’s device);
- permanent cookies – cookies posted and read from the User’s end device by the website or external websites until they are manually deleted (files are not deleted automatically after the end of the device session, unless the User’s configuration is set to the mode of deleting cookies after the end of the device session).
- Cookies and other similar technologies are classified in the following way:
- necessary for the operation of the service – enabling the use of our services, e.g. authentication cookies used for services requiring authentication;
- files used to ensure security, for example: to detect fraud during authentication process;
- efficiency files – enabling the collection of information about the use of the websites and applications,
- functional files– enabling the storage of settings selected by the User and personalization of the User’s interface, for example: User’s language or region, font size, website and application appearance, etc.
- advertising files – enabling the provision of advertising content to Users more tailored to their interests;
- statistical files – used for counting statistics on the Website.
- The Controller cooperates with the following external websites that may place cookie files on User’s devices: Meta Platforms Ireland Ltd., 4 GRAND CANAL SQUARE, GRAND CANAL HARBOUR 462129 Dublin IRELAND, Google Ireland Ltd., – advertising and analytical cookies, Google Building Gordon House, Barrow St, Dublin 4, Ireland – advertising and analytical cookies.
- The Controller is not responsible for the security of cookies from external websites.
- Detailed information about the possibility and methods of using Cookies is available in the settings of your software (web browser), e.g.: