Privacy Policy

Data Privacy Policy

This document (hereinafter referred to as the Privacy Policy) defines the rules for the processing of personal data obtained from Users when using websites / websites (hereinafter referred to as the Website) belonging to GMP Plan Sp. z o.o. located in Szczecin, Poland, who is the Administrator of personal data (hereinafter referred to as "Administrator" or "We").

Contact with the Administrator is possible via email at

A "user" within the meaning of this document is any natural person using the Website.

The legal basis of the Policy is the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC. The Policy fulfills the duties of the Administrator towards Users, hereinafter referred to as "RODO"

Using the website is tantamount to acceptance by the User of the provisions of this Policy.

What data we process and what is the legal basis for this processing.

In the course of your use of the Website, we collect data, some of which may be personal data in accordance with the RODO. We collect data in a few cases:

1. The basic group of data collected are diagnostic information, statistics and other to analyze the quality of the Website's services, detect failures, test product popularity and for security reasons to detect and prevent fraud, crimes, etc. The data includes, for example, the User's IP address. The legal basis for the processing of these data is art. 6 point 1 point j) RODO or the Administrator processes these data in pursuing its legitimate interest.

2. If the User uses the contact forms, order forms or contact via e-mail box, the Administrator processes the following data set: IP Address, E-mail Address, Telephone Number, First Name and Last Name, and others specified by the User in the request. The legal basis for the processing of these data is art. 6 point 1 subsection b) RODO or Administrator processes these data because they are necessary to take action at the request of the person to whom the data pertains prior to the conclusion of the contract. The IP address is processed as in point 1.

3. In case of concluding a sales agreement with the User, we process the following data: IP address, E-mail address, Telephone number, First and last name, Correspondence / delivery address, and other information provided by the User, for example in the order comment. We process the data using art. 6 point 1 item b) OF THE REDO, because they are necessary for the performance of the contract to which the data subject is a party and pursuant to art. 6 point 1 item c) OF THE REDO, ie fulfilling the legal obligation of the Administrator, for example in connection with the necessity to document sales for tax purposes and pursuant to art. 6 point 1 item j) RODO means realizing the legitimate interest of the Administrator, for example for the purpose of pursuing claims, handling guarantees and warranties, etc

4. The Administrator may also process personal data with the consent of the User pursuant to art. 6 point 1 point a) RODO. In this case, the Administrator's content of the consent granted by the User remains in force.

Recipients of data.

In the course of activities related to the maintenance of the Website and the implementation of contracts with Users, the Administrator entrusts data to the following entities:

Telecommunications undertakings, debt collection companies, banks, payment system and installment system operators, postal operators, carriers, business information offices, companies archiving or destroying documents and data carriers, partners providing technical services (eg development and maintenance of IT systems and websites), hosting companies.

Data are entrusted to the extent necessary to achieve the purpose of the processing and concluded contracts and protected in accordance with the RODO by each entity to whom the data have been entrusted.

The rights of the person to whom the personal data relates.

1. The right of access to the content of your personal data, i.e. the right to obtain confirmation that the Administrator processes data and information regarding such processing,

2. The right to rectify data if the data processed by the Administrator is incorrect or incomplete,

3. The right to request the Administrator to delete data,

4. The right to request the Administrator to limit the processing of data,

5. The right to data transfer, i.e. the right to receive personal data provided to the Administrator and to send it to another administrator,

6. The right to object to the processing of data based on the justified interest of the Administrator or to the processing for the purpose of direct marketing,

7. The right to lodge a complaint to the Polish supervisory body or supervisory body of another European Union Member State, competent for the place of habitual residence or work of the data subject or due to the place of alleged violation of the PED,

8. The right to withdraw consent at any time (without affecting the legality of the processing, which was made on the basis of consent before its withdrawal),

9. The right to obtain human intervention from the Administrator, express their own position and challenge the decision based on automated data processing.

The rights mentioned in points 1) -6) and points 8) -9) above may be implemented, among others by contacting the Administrator (address given at the beginning).


In order to secure the User's personal data against unauthorised access, collection by an unauthorised person, processing in violation of applicable provisions and change, loss, damage or destruction, technical and organizational measures are applied to ensure that personal data being processed is protected according to the risks and categories of data protected .

In particular, the Administrator uses technical means to prevent unauthorised persons from acquiring or modifying data. The administrator protects the data sets against unauthorised access. In addition, the data provided by the User when filling out and submitting internet forms is encrypted by the use of SSL certificates.

Change of policy.

The Administrator reserves the right to make changes to the Privacy Policy and at the same time ensures that the User's rights resulting from this document will not be limited without his consent. All changes regarding the Privacy Policy will be published on the Website.

Contact with the supervisory body.

In all matters related to the processing of personal data of the User and the application and implementation of this Privacy Policy, the User has the right to file a complaint to the President of the Office for the Protection of Personal Data.