{{ result.label }}

{{ result.excerpt | striphtml }}

No search results for the given phrase

An error occurred while searching. Please try again

Privacy Policy

The company under the business name “CANPOL spółka z ograniczoną odpowiedzialnością” with its registered seat in Warsaw, Puławska 430, 02-884 Warsaw, entered into the register of entrepreneurs kept by the District Court for Warsaw, in XII Business Division of the National Court Register, under KRS: 0000732574 number, NIP: 118-00-28-608, REGON: 015495694, hereinafter referred to as: Controller informs that on its websites technologies such as cookies are used to collect and process personal data in order to personalise content and ads and analyse traffic on websites and on the Internet.

In connection with the provisions of Regulation of the European Parliament and of the European Council (EU) No. 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and repealing Directive 95/46/EC, hereafter: “GDPR”, please read the following information. By visiting our website, you are accepting the privacy policy of the Controller.

Personal Data

Personal data means any information relating to an identified or identifiable natural person. If you use the website canpolbabies.pl, such data includes, for example, an e-mail address, IP address or the data in the service offered by the Controller. Personal data may be stored in cookies or similar technologies that are used when you use the website.

Basis for and Purpose of Processing

The Controller stores and processes data for the following purposes:

  • to conclude or perform a contract, which in this case are the terms of use of a given service. If such contract is concluded, a natural person is entitled to familiarise himself/herself with the websites of the Controller who at the same time may process data to the extent necessary to perform the contract (GDPR Article 6(1)(b));
  • to sell the products and services offered by the Controller (GDPR Article 6(1)(b)),
  • to perform the contracts for the sale of products and services, including the performance of a contract, pursuit of or defence against potential claims (GDPR Article 6(1)(b) in conjunction with Article 6(1)(f));
  • for marketing purposes with the use of end devices used by the Customer, if a separate consent was given by the Customer (GDPR Article 6(1)(a));
  • for the purposes of sending commercial information of the Controller by e-mail, if a separate consent was given by the Customer (GDPR Article 6(1)(a));
  • for the purposes of sending newsletters, if a separate consent was given by the Customer (GDPR Article 6(1)(a));
  • to perform the obligations arising under legal regulations, including tax and accounting regulations (GDPR Article 6(1)(c));
  • for statistical and archival purposes (GDPR Article 6(1)(c) in conjunction with Article 6(1)(f));
  • to prevent abuse and fraud (GDPR Article 6(1)(c) in conjunction with Article 6(1)(f));
  • to process the data for the purposes of the legitimate interests pursued by the Controller or by a third party. This basis for data processing refers to cases where the processing is justified due to the Controller's needs, including, but not limited to, the need to ensure the security of the service, to perform statistical measurement, to improve the services and adapt them to the needs and convenience of users (e.g. personalised services) as well as for the purposes of marketing and promotion of the Controller's own services on the website of that Controller (GDPR Article 6(1)(f)).

As part of the services provided by the Controller, the data will be processed only if one of the admissible legal grounds is available and only for a purpose adapted to the given basis, as described above. The data will be processed until the basis for its processing is available, that is, if the consent is granted until it is withdrawn, limited or other actions restricting the consent are performed, if the data is necessary for the performance of the contract - for the duration of the contract, and if the basis for data processing is the justified interest of the Controller - until such justified interest exists.

Data Transfer

Data is transferred in the case of cooperation with a subcontractor (e.g. a marketing agency) or a service provider (e.g. a data storage provider). In any such case, the transfer of data does not entitle its recipient to any use of it, but only to use it for the purposes explicitly indicated by the Controller and on a appropriate legal basis. In any case, the transfer of data does not release the transferor from the responsibility for its processing. Data may also be transferred to public authorities, provided that they are authorised by applicable law and submit an adequate request.

User Rights

The Website User has the following rights with respect to the data and its processing:

  • consent to data processing may be withdrawn at any time;
  • the right to access his/her personal data and receive a copy of the personal data being processed;
  • the right to have inaccurate personal data rectified;
  • the right to request the deletion of data (the right to be forgotten) in the event of circumstances provided for in GDPR Article 17;
  • the right to request restriction of data processing in the cases referred to in GDPR Article 18;
  • the right to object to data processing in the cases indicated in GDPR Article 21;
  • the right to data portability, relates to data processed in an automated manner,
  • the right to lodge a complaint with the supervisory body (UODO, Stawki 2, Warsaw) if he/she believes that his/her personal data is being processed unlawfully by the Controller.

Obtaining additional information related to the protection of personal data, as well as the possibility of exercising their rights regarding personal data shall take place by contacting the Data Protection Inspector at the email address: [email protected]

Security of Personal Data

The Controller conducts risk analysis on an ongoing basis to ensure that Personal Data is processed by him in a secure manner, ensuring, above all, that only authorized persons have access to the data and only to the extent that it is necessary due to the tasks they perform. The Controller ensures that all operations on Personal Data are recorded and carried out only by authorized employees and associates.

The Controller takes all necessary actions so that its subcontractors and other cooperating entities guarantee the use of appropriate security measures whenever they process Personal Data on behalf of the Controller.