Privacy Policy

This Privacy Policy outlines the rules for storing and accessing data on User Devices for users of the Service, to provide electronic services by the Administrator, as well as the rules for collecting and processing Users’ personal data provided personally and voluntarily by them through tools available in the Service.

This Privacy Policy is an integral part of the Terms of Service, which outlines the rights, rules, and obligations of Users of the Service.

§1 Definitions

• Service – the “mikplastics.com” online service operating at https://mikplastics.com
• External Service – websites of partners, service providers, or contractors cooperating with the Administrator
• Service/Data Administrator – the Administrator of the Service and Data (hereinafter “Administrator”) is the company “MIK Sp. z o.o.”, operating at Melioracyjna 6, 57-200 Ząbkowice Śląskie, with NIP number: 8871650604, KRS number: 0000061943, providing electronic services via the Service
• User – a natural person for whom the Administrator provides electronic services through the Service
• Device – an electronic device along with software, through which the User gains access to the Service
• Cookies – text data collected in the form of files placed on the User’s Device
• GDPR – the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation)
• Personal Data – information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified directly or indirectly, especially by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person
• Processing – an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction
• Restriction of Processing – the marking of stored personal data to restrict their future processing
• Profiling – any form of automated processing of personal data involving the use of personal data to evaluate certain personal aspects of a natural person, particularly to analyze or predict aspects concerning that person’s performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements
• Consent – the data subject’s voluntary, specific, informed, and unambiguous indication of their wishes by which they signify agreement to the processing of personal data related to them
• Personal Data Breach – a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed
• Pseudonymization – processing personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person
• Anonymization – an irreversible process that destroys or modifies “personal data” so that it is no longer possible to identify or link the record to an individual

§2 Data Protection Officer

The Administrator has appointed a Data Protection Officer, Anna Basarab.

The Data Protection Officer can be contacted via email: iod@mikplastics.com, by phone at +48 608 311 275, or by post at Melioracyjna 6, 57-200 Ząbkowice Śląskie.

The Data Protection Officer can be contacted for any matters related to the processing of personal data.

§3 Types of Cookies

• Internal Cookies – files placed and read from the User’s Device by the Service’s teleinformation system
• External Cookies – files placed and read from the User’s Device by teleinformation systems of external services. Scripts of external services that may place Cookies on the User’s Device were consciously placed in the Service through scripts and services provided and installed on the Service
• Session Cookies – files placed and read from the User’s Device by the Service during a single session of a given Device. After the session ends, the files are deleted from the User’s Device
• Persistent Cookies – files placed and read from the User’s Device by the Service until they are manually deleted. These files are not automatically deleted after the end of the Device session unless the User’s Device is configured to delete Cookies at the end of the Device session

§4 Data Storage Security

• Cookie Storage and Reading Mechanisms – Cookie storage, reading, and data exchange mechanisms between Cookies stored on the User’s Device and the Service are implemented through built-in web browser mechanisms and do not allow the extraction of other data from the User’s Device or data from other websites visited by the User, including personal or confidential data. Transferring viruses, trojans, and other worms to the User’s Device is also practically impossible
• Internal Cookies – Cookies used by the Administrator are safe for the Users’ Devices and do not contain scripts, content, or information that could threaten the security of the User’s data or the Device they are using
• External Cookies – The Administrator undertakes all possible efforts to verify and select the Service’s partners concerning User security. The Administrator selects well-known, reputable partners with global social trust for cooperation. However, the Administrator does not have complete control over the content of Cookies originating from external partners. To the extent permitted by law, the Administrator is not responsible for the security of Cookies, their content, or their licensed use by scripts from external services installed on the Service. The list of partners is provided further in this Privacy Policy
• Cookie Control
  • The User can independently change the settings for saving, deleting, and accessing Cookies data at any time
  • Information on disabling Cookies in the most popular desktop browsers is available on the site: how to disable cookies or from the providers below:
    • Managing Cookies in Chrome
    • Managing Cookies in Opera
    • Managing Cookies in Firefox
    • Managing Cookies in Edge
    • Managing Cookies in Safari
    • Managing Cookies in Internet Explorer 11
  • The User can delete all stored Cookies using the Device tools through which they access the Service at any time
• User-Side Risks – The Administrator takes all possible technical measures to ensure the security of data placed in Cookies. However, it should be noted that ensuring the security of these data depends on both parties, including the User’s activity. The Administrator is not responsible for data interception, impersonation of the User session, or deletion resulting from the User’s conscious or unconscious actions, viruses, trojans, and other spyware that may or may have infected the User’s Device. To protect themselves from these risks, Users should maintain Cybersecurity while using the internet
• Personal Data Storage – The Administrator ensures that all efforts are made to secure the personal data voluntarily provided by Users, restrict access to it, and ensure that it is processed following its purpose and intended use. The Administrator also ensures all efforts are made to protect stored data against loss through appropriate physical and organizational safeguards

§5 Purposes of Using Cookies

• Improving and facilitating access to the Service
• Personalizing the Service for Users
• Enabling Login to the Service
• Marketing, Remarketing on external services
• Ad services
• Affiliate services
• Providing statistics (users, number of visits, device types, etc.)
• Providing multimedia services
• Providing social networking services

§6 Purposes of Processing Personal Data

Personal data voluntarily provided by Users is processed for one of the following purposes:

• Provision of electronic services:
  • Account registration and maintenance in the Service and associated functionalities
  • Newsletter services (including sending advertising content with consent)
  • Sharing information about content in the Service on social media or other websites
• Administrator-User communication regarding the Service and data protection
• Ensuring the Administrator’s legitimate interest

Anonymously and automatically collected User data is processed for one of the following purposes:

• Statistics
• Remarketing
• Serving ads tailored to User preferences
• Managing affiliate programs
• Ensuring the Administrator’s legitimate interest

§7 Cookies from External Services

The Administrator uses javascript scripts and web components from partners who may place their own Cookies on the User’s Device. Note that you can decide on permitted Cookies for each website in your browser settings. Below is a list of partners or services implemented in the Service that may place Cookies:

• Multimedia services:
  • YouTube
• Social/Integrated Services: (Registration, Login, sharing content, communication, etc.)
  • Facebook
  • LinkedIn
• Statistics:
  • Google Analytics
• Other services:
  • Google Maps

Services provided by third parties are beyond the Administrator’s control. These entities may change their terms of service, privacy policies, data processing purposes, and methods of using Cookies at any time.

§8 Types of Collected Data

The Service collects data about Users. Some data is collected automatically and anonymously, while other data is personal data provided voluntarily by Users when subscribing to specific services offered by the Service.

Automatically collected anonymous data:

• IP address
• Browser type
• Screen resolution
• Approximate location
• Visited subpages
• Time spent on specific subpages
• Operating system
• Previous subpage address
• Referring page address
• Browser language
• Internet connection speed
• Internet Service Provider
• Demographic data (age, gender)

Data collected during registration:

• First name / Last name / Nickname
• Email address
• IP address (collected automatically)

Data collected when subscribing to the Newsletter service

• First name / Last name / Nickname
• Email address
• IP address (collected automatically)

Data collected when adding a comment

• First name and last name / Nickname
• Email address
• Website address
• IP address (collected automatically)

Some data (excluding identifying data) may be stored in Cookies. Some data (excluding identifying data) may be transmitted to the service provider for statistics.

§9 Access to Personal Data by Third Parties

Generally, the only recipient of personal data provided by Users is the Administrator. Data collected within the provided services are not shared or resold to third parties.

Access to data (usually based on a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary to operate the Service:

• Hosting companies providing hosting or related services for the Administrator
• Companies through which the Newsletter service is provided

Entrustment of Personal Data Processing – Hosting, VPS, or Dedicated Server Services

The Administrator uses the services of an external provider of hosting, VPS, or Dedicated Servers – <a rel=”nofollow external” href=”https://www.ibc.pl/privacy.pdf”>IBC.PL POLSKA. All data collected and processed on the Service is stored and processed within the infrastructure of the service provider located in Poland. Access to this data may occur due to maintenance work by the service provider’s personnel. Access to this data is regulated by an agreement between the Administrator and the Service Provider.

§10 Methods of Processing Personal Data

Personal data provided voluntarily by Users:

• Personal data will not be transferred outside the European Union, unless published due to individual User action (e.g., posting a comment or entry), making the data accessible to anyone visiting the Service
• Personal data is used for automated decision-making (profiling). Profiling personal data does not produce legal effects or significantly affect the person subject to automated decision-making
• Personal data will not be resold to third parties

Anonymous data (without personal data) collected automatically:

• Anonymous data (without personal data) will be transferred outside the European Union
• Anonymous data (without personal data) may be used for automated decision-making (profiling). Profiling anonymous data (without personal data) does not produce legal effects or significantly affect the person subject to automated decision-making
• Anonymous data (without personal data) will not be resold to third parties

§11 Legal Grounds for Processing Personal Data

The Service collects and processes User data based on:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Art. 6(1)(a)
    the data subject has given consent to the processing of their personal data for one or more specific purposes
  • Art. 6(1)(b)
    processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject before entering into a contract
  • Art. 6(1)(f)
    processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party
• The Personal Data Protection Act of 10 May 2018 (Dz.U.2018 item 1000)
• The Telecommunications Law of 16 July 2004 (Dz.U. 2004 No. 171 item 1800)
• The Copyright and Related Rights Act of 4 February 1994 (Dz. U. 1994 No. 24 item 83)

§12 Period for Processing Personal Data

Personal data voluntarily provided by Users:

As a rule, the personal data indicated is stored only for the period of Service provision by the Administrator. It is deleted or anonymized within 30 days after the end of the Service (e.g., account deletion, unsubscribing from the Newsletter, etc.)

An exception is a situation that requires securing the legitimate purposes of further processing of this data by the Administrator. In such a situation, the Administrator will retain the data, from the time of deletion request by the User, for a maximum period of 3 years in case of a violation or suspicion of violation of the Service terms by the User

Anonymous data (without personal data) collected automatically:

Anonymous statistical data that is not personal data is stored by the Administrator for the purpose of maintaining Service statistics for an indefinite period

§13 User Rights Related to Personal Data Processing

The Service collects and processes User data based on:

• Right of Access to Personal Data
  Users have the right to access their personal data by requesting it from the Administrator
• Right to Rectify Personal Data
  Users have the right to request the Administrator to immediately correct personal data that is incorrect or incomplete by submitting a request to the Administrator
• Right to Erase Personal Data
  Users have the right to request the Administrator to immediately erase their personal data by submitting a request to the Administrator. For user accounts, data deletion involves anonymizing identifying data. The Administrator reserves the right to withhold the data deletion request to protect the Administrator’s legitimate interest (e.g., in cases of Terms violations or data obtained through correspondence).
  In the case of the Newsletter service, the User can delete their personal data independently using the link provided in each email message.
• Right to Restrict Processing of Personal Data
  Users have the right to restrict the processing of personal data in cases specified in Art. 18 GDPR, including questioning the accuracy of personal data, by submitting a request to the Administrator
• Right to Data Portability
  Users have the right to obtain personal data concerning them from the Administrator in a structured, commonly used, machine-readable format by submitting a request to the Administrator
• Right to Object to Personal Data Processing
  Users have the right to object to the processing of their personal data in cases specified in Art. 21 GDPR, by submitting a request to the Administrator
• Right to File a Complaint
  Users have the right to file a complaint with the supervisory authority dealing with personal data protection

§14 Administrator Contact Information

The Administrator can be contacted in one of the following ways

• Mailing address – MIK Sp. z o.o., Melioracyjna 6, 57-200 Ząbkowice Śląskie
• Email address – contact@mikplastics.com
• Phone call – (74) 816 41 74
• Contact form – available at: /contact

§15 Service Requirements

• Restricting the storage and access of Cookies on the User’s Device may cause certain Service functions to malfunction
• The Administrator is not responsible for malfunctioning Service functions if the User restricts the ability to save and read Cookies in any way

§16 External Links

The Service – in articles, posts, or User comments – may contain links to external sites not affiliated with the Service Owner. These links, and the sites or files they point to, may be unsafe for your Device or pose a security risk to your data. The Administrator is not responsible for content found outside the Service.

§17 Changes to the Privacy Policy

• The Administrator reserves the right to change this Privacy Policy at any time without informing Users about the use of anonymous data or Cookies
• The Administrator reserves the right to make changes to this Privacy Policy concerning the processing of Personal Data, informing Users with accounts or Newsletter subscriptions via email within 7 days of changes. Continued use of the services implies awareness and acceptance of the Privacy Policy changes. If the User does not agree with the changes, they must delete their account from the Service or unsubscribe from the Newsletter
• Changes to the Privacy Policy will be published on this subpage of the Service
• The changes take effect upon publication