General provisions

1. The protection of privacy and the security of personal data are important values for us. Therefore, we take care of appropriate personal data protection of people visiting the website of LIBERTIST YACHTS Sp. z o.o. (hereinafter: the “Service”) and clearly define the terms and conditions of our use of this data. A person visiting the Website shall hereinafter be referred to as the “User”.
2. This Privacy Policy (hereinafter: “Privacy Policy”) constitutes the implementation of information obligations imposed on a controller of personal data by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: ”GDPR”) and by Polish regulations issued in connection with the GDPR, including the Act of 10 May 2018 on the protection of personal data.
3. The Controller keeps personal data confidential and protects them against unauthorized access by third parties on the terms set out in the above-mentioned legal acts, as well as in the Privacy Policy.

The Controller of personal data

1. The Controller of personal data is LIBERTIST YACHTS Sp. z o.o. with its registered office in Lewiczyn 24B, 05-622 Belsk Duży, entered into the Register of Entrepreneurs of the National Court Register under the number KRS 0000940403, the registration files of which are kept by the District Court Lublin Wschód in Lublin with its registered office in Świdnik, 6th Commercial Division of the National Court Register, NIP: 7972077991, REGON: 520751940 (hereinabove and hereinafter: the “Controller”).
2. The Controller is responsible among others, for:
   1. organization of security and protection of personal data in accordance with the requirements of the GDPR and the Personal Data Protection Act and other provisions governing the principles of security and protection of personal data;
   2. ensuring the processing of personal data in accordance with the regulations contained in the Privacy Policy;
   3. issuing and revoking authorizations to process personal data and keeping records of persons authorized to process personal data at the Controller’s;
   4. conducting investigation proceedings in the event of a breach of personal data protection;
   5. monitoring the activities of the Controller’s employees/associates in terms of compliance of data processing with the provisions of law;
   6. initiating and undertaking projects in the field of improving the protection of personal data;
   7. ongoing monitoring and ensuring the continuity of the Website.
3. The Controller has not appointed a personal data protection supervisor. If you have any questions or concerns regarding the manner, form or scope of personal data processing, please contact us by e-mail: office@libertist.eu and by post at the following correspondence address: Libertist Yachts, Lewiczyn 24B, 05-622 Belsk Duży.

Method and purpose of data processing

1. The Controller collects and processes data that were provided through the Website, the contact form available on the website (name and surname, e-mail address, phone number), as well as data that was left while navigating the Website, contained in cookies and Website user’s IP device address. “Data Processing” in accordance with this Privacy Policy shall mean any operation performed on Personal Data, such as collection, recording, storage, development, alteration, sharing and deletion.
2. Personal data are processed by the Controller for the following purposes and reasons:
   1. in order to perform the contract for the provision of services/sales contract of products by the Controller – in accordance with the principles listed in Article 6 (1) (a) and (b) of the GDPR and on the basis of the consent of the data subject, as well as at his/her request before the conclusion of the contract. Data may be processed until the expiration of the service contract/sales contract by the Controller, and after its expiration only if it is allowed under applicable law, e.g. for the purpose of pursuing claims;
   2. for the purposes of marketing with regard to the Controller’s products and services, including analysing and profiling data for marketing purposes, sending a newsletter, ensuring ICT security related to the website – in accordance with the principles listed in Article 6 (1) (f) of the GDPR, to the extent it is necessary for the purpose resulting from legitimate interests pursued by the Controller; Data may be processed until a User submits an objection;
   3. for marketing purposes regarding products and services offered by third parties, including analysing and profiling data for marketing purposes – in accordance with the principles listed in Article 6 (1) (a) of the GDPR, on the basis of the data subject’s consent. Data may be processed until a User’s consent is withdrawn;
   4. in order to fulfil the Controller’s legal obligations, including those arising from tax regulations, accounting regulations (Article 6 (1) (c) of the GDPR);
3. Providing personal data is voluntary, but failure to provide data marked as necessary for the provision of services/sales makes it impossible to provide/sell them.
4. Personal data processed by the Controller may be subject to profiling as one of the forms of automated processing of personal data.
5. Personal data will not be transferred to third countries, i.e. outside the European Economic Area. In the case of transfers of personal data to third countries located outside the EEA, the Controller shall apply appropriate instruments to ensure the security of such data.

Data recipients

1. The Controller may entrust the processing of personal data to entities processing personal data on behalf of the Controller, such as: authorized dealers of products offered by the Controller, a list of authorized dealers can be found in the footer of the website of www.libertis.eu, an entity providing hosting of the website on which the Website is run, external entities providing and supporting the Controller’s ICT systems, entities providing marketing services, including marketing agencies, e-mail provider, courier and postal companies, payment transaction operators. 
2. Personal data processed by the Controller may also be made available in cases provided for by law to relevant state authorities at their request on the basis of relevant provisions of law or to other persons and entities.
3. The Website may contain links to other websites, including authorized dealers of products offered by the Controller. When accessing a third party’s website, Users will be subject to a separate Privacy Policy, which they should get acquainted with.
4. The Controller may, in some cases, transfer data to recipients from third countries, i.e. from countries outside the European Economic Area, e.g. if it is necessary to provide services/sell the Controller’s product to the User. In this case, appropriate safeguards will be applied.
5. Disclosure of personal data to entities unauthorized under this Privacy Policy may only take place with the voluntary consent of the data subject.

Personal data protection

1. The protection of personal data is implemented through the use of safeguards in the form of appropriate organizational measures, physical protection measures and technical measures.
2. Maintaining the security of personal data processed by the Controller is understood as ensuring their confidentiality, integrity, accountability and availability at an appropriate level.
3. The safeguards applied are intended to ensure:
   1. data confidentiality – ensuring that information is not made available or disclosed to unauthorised persons, entities or processes;
   2. data integrity – ensuring that the data have not been altered or destroyed in an unauthorised manner;
   3. availability of data – ensuring the availability of data and the possibility of their use on request, in the assumed time, by an authorized entity;
   4. accountability of data – ensuring that the entity’s activities can be assigned unambiguously only to that entity;
   5. data authenticity – ensuring that the identity of the entity or a resource is as declared.

Rights of data subjects

1. The data subject shall have the right to:
   1. access his/her data and receive a copy thereof;
   2. rectify (amend) his/her data;
   3. delete, limit or raise objections to the processing or his/her data;
   4. transfer of data;
   5. lodge a complaint with the supervisory authority, i.e. the President of the Office for the Protection of Personal Data. ul. Stawki 2, 00 – 193 Warsaw);
   6. withdraw his/ her consent from the Controller at any time without affecting the compliance with law of the processing that was carried out on the basis of the consent before its withdrawal.

COOKIES POLICY

1. The Controller informs Users that when running the Website, it uses the mechanism of cookies (hereinafter referred to as „Cookies”). Cookies are text files that are stored on the User’s end electronic device. Cookies may include in particular: the IP address assigned to the User’s computer or the external IP address of the Internet provider, domain name, browser type, access time, operating system type. Cookies used by the Controller are safe for the User and allow to adapt the Website individually to the User’s requirements.
2. The Controller uses the following types of Cookies:
   1. internal cookies – files uploaded and read from the User’s end device by the Website ICT system
   2. external cookies – files posted and read from the User’s end device by the ICT systems of the websites of the Controllers’ partners, service providers or service recipients;
   3. temporary cookies – files uploaded and read from the User’s end device by a website or external websites during one session of a given end device (after the session, files are deleted from the User’s device);
   4. permanent cookies – cookies posted and read from the User’s end device by the website or external websites until they are manually deleted (files are not deleted automatically after the end of the device session, unless the User’s configuration is set to the mode of deleting cookies after the end of the device session).
3. Cookies and other similar technologies are classified in the following way:
   1. necessary for the operation of the service – enabling the use of our services, e.g. authentication cookies used for services requiring authentication;
   2. files used to ensure security, for example: to detect fraud during authentication process;
   3. efficiency files – enabling the collection of information about the use of the websites and applications,
   4. functional files– enabling the storage of settings selected by the User and personalization of the User’s interface, for example: User’s language or region, font size, website and application appearance, etc.
   5. advertising files – enabling the provision of advertising content to Users more tailored to their interests;
   6. statistical files – used for counting statistics on the Website.
4. The Controller cooperates with the following external websites that may place cookie files on User’s devices: Meta Platforms Ireland Ltd., 4 GRAND CANAL SQUARE, GRAND CANAL HARBOUR 462129 Dublin IRELAND, Google Ireland Ltd., – advertising and analytical cookies, Google Building Gordon House, Barrow St, Dublin 4, Ireland – advertising and analytical cookies.
5. The Controller is not responsible for the security of cookies from external websites.
6. The Controller has the right to use cookies to improve and facilitate access to the website. The Controller may store information about the User’s preferences and settings in cookies in order to facilitate, improve and speed up the operation of the website. The Controller and external websites use Cookies to collect and process statistical data, such as statistics related to User’s visits, User’s devices or User’s behaviour.
7. Users can restrict or turn off the access of Cookies to their device. Changes to the settings mentioned above may be made by the User via their browser settings or service configuration. Restricting the use of Cookies may affect some of the functionalities available on the Website. The User can delete Cookies at any time using the functions available in the used browser. Data may be processed until User’s consent is withdrawn.
8. Detailed information about the possibility and methods of using Cookies is available in the settings of your software (web browser), e.g.:
   • Internet Explorer http://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
   • Chrome http://support.google.com/chrome/answer/95647?hl=en-GB
   • Mozilla Firefox http://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Final provisions

The Privacy Policy enters into force upon its publication. The Privacy Policy is constantly reviewed and, if necessary, updated. The Controller reserves the right to change this Privacy Policy at any time.