Privacy Policy
Privacy Policy
1. General Information
1.1. As of 25 May 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (referred to as “GDPR” or “General Data Protection Regulation”), applies.
1.2. We respect your rights and privacy, and therefore inform you that we have updated our Privacy Policy. To provide clear and transparent information on how we process your personal data, the Policy has been divided into chapters depending on the purpose and legal basis for processing.
2. Data Controller
2.1. The data controller is Marespol Sp. z o.o., Mikołaja Kopernika 60G/2, 81-411 Gdynia, Poland.
3. Profiling
3.1. If you have given consent, your data may be processed for marketing purposes, including:
3.1.1. Presenting offers and promotions,
3.1.2. Sending information promoting the MARESPOL brand and our products,
3.1.3. Adapting website and newsletter content to your interests (profiling).
3.2. Profiling is not used for automated decision-making that affects access to services.
4. Access to Your Data
4.1. Your personal data may be shared with:
4.1.1. Trusted partners acting as subcontractors (e.g., companies analyzing website traffic, content personalization services),
4.1.2. Partners involved in sales processes (employees, associates, managers, couriers),
4.1.3. Authorities entitled by law (e.g., courts, police).
4.2. Third parties may use cookies and similar technologies on our websites (e.g., Google LLC, Meta Platforms, TikTok Technology Limited) to:
4.2.1. Personalize ads and services,
4.2.2. Analyze the effectiveness of ads and services.
4.3. Your data is not transferred, sold, or exchanged for marketing purposes outside of MARESPOL.
4.4. Data may be transferred outside the EEA only as necessary for service provision, with appropriate safeguards (such as Privacy Shield, or adequacy decisions by the European Commission).
5. Legal Basis for Data Processing
5.1. Data processing is based on:
5.1.1. Necessity for contract performance or conclusion (e.g., as per the online store’s terms),
5.1.2. Voluntary consent (e.g., marketing, profiling, recruitment),
5.1.3. Legitimate interest of the controller (e.g., analytics, fraud prevention).
5.2. Detailed purposes, legal bases, and scope of data processing:
|
Purpose of Data Processing |
Legal Basis and Retention Period |
Scope of Data Processed |
|
Contract performance or pre-contractual actions |
Art. 6(1)(b) GDPR; data retained for the duration of the contract |
name, email, phone, address, company name, VAT number |
|
Direct marketing |
Art. 6(1)(f) GDPR; until legitimate interest ceases or claims expire |
email, phone |
|
Marketing |
Art. 6(1)(a) GDPR; until consent is withdrawn |
name, email, phone, address |
|
Opinion submission |
Art. 6(1)(a) GDPR; until consent is withdrawn |
name, email, phone |
|
Bookkeeping |
Art. 6(1)(c) GDPR; for the period required by law |
name, email, phone, address, VAT number, company name |
|
Establishment, exercise, or defense of claims |
Art. 6(1)(f) GDPR; until legitimate interest ceases or claims expire |
name, email, phone, address, VAT number, company name |
6. Your Rights
6.1. To exercise your rights, send a request to: sklep@koraba.eu or iod@koraba.eu.
6.2. You have the following rights:
6.2.1. Access, rectification, restriction, erasure, or data portability (Art. 15-21 GDPR),
6.2.2. Withdrawal of consent at any time,
6.2.3. Lodging a complaint with the supervisory authority (President of the Personal Data Protection Office in Warsaw),
6.2.4. Objection to processing,
6.2.5. Objection to direct marketing.
7. Data Protection Officer
7.1. To ensure transparency and legal compliance, a Data Protection Officer has been appointed.
7.2. Contact: iod@koraba.eu