I. General Provisions
1 The administrator of the personal data is CERES International Sp. z o.o. with its seat in Pyzdry, entered in the Register of Entrepreneurs of the National Court Register under KRS number 0000131504, whose files are kept by the District Court Poznań ? Nowe Miasto and Wilda in Poznań, IX Economic Department of the National Court Register, NIP: 9720820859 (in the content as Administrator). Contact information for the Administrator: odo@ceres.pl, tel. +48 63 276 83 10
(2) This document (in its content as Privacy Policy) has been adopted so that persons accessing the website www.ceres.pl (in its content as Site) and using it to contact the Administrator can be informed about the processing of personal data and the principles of such processing.
(3) The Privacy Policy is also intended to demonstrate that personal data is processed and secured in accordance with the requirements of the law regarding the rules for processing personal data at HFS, including Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (in its content as RODO).
(4) The Administrator’s website uses cookies that contain information about visitors to the Site, but they allow only to a certain extent to identify the device from which the website was accessed, to learn the preferences of visitors to the Site and their expectations, and to better adapt the Site to the expectations of visitors. Cookies prevent the Administrator from obtaining personal data that would allow the unique identification of a person who accesses the Site.
II. Personal data processed by the Administrator
(1) Persons accessing the Site who do not attempt to contact the Administrator through the forms available on the Site, e-mail address or by telephone will leave only such personal data that generally prevent the unique identification of the person accessing the Site, i.e. in particular, device data, IP number, browser data (Cookies). A person accessing the Site may adjust the preferences relating to cookies in the device settings and independently determine the scope of data processed by the Administrator with respect to cookies.
(2) The Administrator shall process the following data of persons accessing the Site who undertake contact with the Administrator, as well as data of the Administrator’s customers or contractors:
a. name, surname, company, NIP, PESEL, REGON, address, telephone, e-mail address, place of business, type of business, demand, production type of crop, orders placed so far,
b. information provided in the contact form depending on the preference of the person completing it.
III. Purposes of personal data processing and basis for processing
(1) Personal data referred to in Section II, paragraph. 1 are processed in order to learn the preferences of visitors to the Site and their expectations, as well as to adapt the Site to visitors’ expectations and improve the operation of the Site.
(2) Personal data referred to in Section II, paragraph. 2 are processed for the purpose of enabling the Administrator to contact the visitor, to present the Administrator’s commercial offer as tailored to the visitor’s needs as possible, to perform and settle the contract concluded with the Administrator if any, for direct marketing carried out by the Administrator and to inform about the Administrator’s commercial offer in the future.
(3) The basis for the processing of personal data is Art. 6 paragraph. 1 lit. a) ? c), and f) of the RODO, i.e. consent to the processing of personal data, the necessity of processing data to perform a contract or take steps prior to its conclusion, the necessity to fulfill an obligation incumbent on the Administrator under mandatory provisions of law (in particular, in terms of billing and tax obligations), and the necessity for purposes arising from the Administrator’s legitimate interests. The Administrator’s legitimate interest is the possibility of asserting claims or defending the Administrator’s rights in connection with the Administrator’s performance of the contract, and with regard to the personal data referred to in Section II, paragraph. 1 is the desire to operate the Site as tailored as possible to visitors’ expectations and preferences.
(4) By using the Site, the visitor consents to the processing of personal data referred to in Section II, paragraph. 1.
(5) A person undertaking contact with the Administrator consents to the processing of personal data that he provides in the course of contact, the extent of which depends on the form of such contact and the decision of the data subject.
(6) The controller does not plan to process personal data for purposes other than those referred to in this section.
IV. Recipients of personal data and transfer of data to third countries and international organizations
(1) Recipients of personal data will be only entities closely cooperating with the Administrator, including representatives, associates, entities providing IT, accounting, legal, transportation services, with the basis for the transfer of data in each case being the agreement concluded with these entities,
(2) Personal data will not be transferred to a third country or international organization.
V. Protection of personal data
(1) The controller shall provide appropriate technical and organizational measures to ensure that data processing is carried out in accordance with the RODO. These measures will be regularly reviewed and updated as necessary.
(2) Personal data will not be subject to automated decision-making, including profiling, as referred to in Art. 22 para. 1 and 4 of the RODO.
VI. Period of storage of personal data
Personal data will be kept for a period of time, (i) in which the Controller will have the opportunity to make an offer regarding its products or services, as well as to contact the data subject, (ii) the period of performance of the contract entered into with the Administrator, (iii) the retention period for records required by law, (iv) a period of 15 months after the expiration of the statute of limitations for potential claims against the Administrator, (v) in the case of the data referred to in Section II, paragraph. 1 for the period of technological usefulness of such data and the possibility of its IT use.
VII. Rights of data subjects
(1) The data subject has the right to access personal data, to request rectification, erasure or restriction of processing, as well as the right to object to the processing of personal data.
(2) The data subject has the right to lodge a complaint against the processing of personal data with the President of the Office for Personal Data Protection,
(3) Due to the fact that the processing of data by the Administrator also takes place on the basis of consent, the data subject has the right to withdraw consent at any time, however, this shall not affect the legality of the prior processing, and moreover, the withdrawal of consent shall not necessarily result in the Administrator ceasing to process personal data in a situation where another basis for the processing of the data then becomes updated
VIII. Voluntariness of providing personal data
Provision of personal data is completely voluntary, their failure to do so will not give rise to any legal consequences at the same time it will prevent the Administrator from presenting an offer and fulfilling the purposes referred to above, including the conclusion and performance of the contract, as well as will prevent contact with the data subject.