top of page

Privacy policy

The privacy policy is a document that should be published on every website. It contains certain data e.g. on who is the personal data controller, what types of website users' data are collected, what is the purpose of data processing and for what period of time these data will be processed. The privacy policy sets out the rules by which we process information about you, including personal data and the so-called cookie files.

1.   General information

  1. This policy applies to the Website, operating at the following url address: metallab.pl

  2. The website operator and the personal data controller is: PROFLO Rafał Wiśniewski ul. Łąkowa 11 62-025 Siekierki Wielkie

  3. The operator's e-mail address: proflo.biuro@gmail.com / biuro@metallab.pl

  4. The Operator is the Controller of your personal with respect to the data provided on the Website voluntarily.

  5. The Website uses personal data for the following purposes:

    • Newsletter administration

    • Online chatting

    • Handling of enquiries sent via an online form

    • Preparation, packaging and shipment of the ordered artwork

    • Execution of the ordered services

    • Debt collection

    • Presentation of the offered products or information

  6. The Website gathers information about users and their behaviour in the following ways: 

    • Through data voluntarily entered in forms that are entered into the Operator's systems.

    • By storing the so called cookies on user's terminal devices.

2. Selected methods of data protection used by the Operator

  1. The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user's computer and can be read only on the target server.

  2. The personal data stored in the database is encrypted so that only the Operator having an access key can read the data. Thus, the data are protected in case the database is stolen from the server.

  3. User passwords are stored in a hash form. The hash function works one-way – it is not possible to reverse its operation, which is now a modern standard in terms of storing user passwords.

  4. The Website uses two-factor authentication, which is an additional form of protection while logging into the Website.

  5.  The Operator periodically changes its administrative passwords.

  6.  In order to protect data, the Operator makes backup copies in a regular manner.

  7. An important element of data protection is the regular update of all software used by the Operator to process personal data, which, in particular, involves regular updates of programming components.

3. Hosting

  1. The website is hosted (technically maintained) on operator's servers: cyberFolks.pl

4. Your rights and additional information regarding the ways in which your data is used

  1. In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfil the Administrator's obligations. This applies to groups of recipients such as:

    • othe hosting company on an entrustment basis

    • ocouriers

    • opostal operators

    • oinsurers

    • olaw firms and debt collectors

    • obanks

    • opayment operators

    • opublic authorities

    • ocomment system operators

    • oonline chat operators

    • oauthorized employees and associates who use data to achieve the purpose of the Website

    • ocompanies providing marketing services for the Data Controller

  2. Your personal data is processed by the Controller for no longer than necessary in order to perform the activities involving such data, as specified in separate laws (e.g. accounting laws). With regard to marketing data, such data will not be processed for more than 3 years.

  3. You have the right to request the Data Controller to do the following:

    • oaccess to personal data concerning you,

    • orectify your personal data,

    • odelete your personal data,

    • olimit the scope of processing,

    • oand transfer the data.

  4. You have the right to object to the processing indicated in point 3.3 c) as regards the processing of personal data for the purpose of exercising legally justified interests pursued by the Administrator, including profiling, however, the right to object cannot be exercised if there are valid legitimate grounds for the processing of interests, rights and freedoms overriding you, in particular the establishment, exercise or defense of claims.

  5. The Administrator's actions may be appealed to the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, Poland.

  6. Providing personal data is voluntary, but necessary to operate the Website.

  7.  Actions may be taken in relation to you, which involve automated decision making, including profiling, to provide services under the concluded contract and for direct marketing by the Administrator.

  8. Personal data is not transferred from third countries within the meaning of the provisions on the protection of personal data. This means that we do not transfer them outside the European Union.

5. Information provided in online forms

  1. The Website collects information provided voluntarily by the user, including the User’s personal data, if provided by the User.

  2. The website can also store information concerning the connection parameters (time, IP address)

  3. In some cases, the website may save information that makes it easier to link data in the form to the email address of the user completing the form. In this case, the user's email address appears inside the url of the page containing the form.

  4. The data provided in the form are processed in the order being the result of the function performed by a particular form, for example in order to  process a service request or a business contact. Each time the context and description of the form clearly indicates what the data are used for.

6. Administrator logs

  1. The information on user behavior on the website may be subject to logging. This data are used to administer the website.

7. Important marketing techniques

  1. The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc. with its registered office in the USA). The operator does not transfer personal data to the operator of this service, but only anonymized information. The service is based on the use of cookies at the user's end device. As for the information on the user's preferences stored by the Google advertising network, the user can browse and edit the data from the cookie files via the following tool: https://www.google.com/ads/preferences/

  2. The Operator uses remarketing techniques allowing for the adjustment of advertising messages to the User's behaviour, which may cause an illusion that the User's personal data are being used to spy on him or her; however, in practice, no personal data is being transferred from the Operator to advertisers. Enabling cookies is the technological requirement for such activities.

  3. The operator uses the Facebook pixel. The technology informs Facebook (Facebook Inc. with its registered office in the USA) that a given person registered on Facebook uses the Application or the Website. In such case, Facebook relies upon the data which it itself controls; the Operator as such does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user's end device.

  4. The operator uses a solution that studies user behavior by creating heat maps and recording user behaviour on the website. The information is anonymised prior to its transfer to the service Operator so that the Operator does not know which individual this information pertains to. In particular, no passwords or personal data entered are being recorded.

  5. The Operator uses a solution which automates the operation of the Application and the Website in relation to Users, e.g. that may send an e-mail to the User if the User visits a certain website, provided that he or she has consented to the receipt of commercial communication from the Operator.

8. Information about cookie files

  1. The Website uses cookie files.

  2. The so-called cookies are IT data, in particular text files, which are stored on the Website User’s terminal device and are designed to use the pages offered by the Website. Cookies usually contain the name of the website from which they originate, the time for which they will be stored on end-devices and a unique number.

  3. The Website Operator is the entity that uploads the cookies on the Website User’s end device as well as the one that has access to it.

  4.  Cookies are used for the following purposes:

    1. maintenance of the Website User's session (after logging in) to allow the user to use the Website without re-typing his/her login and password;

    2. achieving the objectives set out above in the section 'Important marketing techniques';

  5. The Website makes use of two basic types of cookie files: "session" and "persistent" cookies. "Session" cookies are temporary files which are stored on the User's terminal device until logging out, leaving the website, or turning off the software (the web browser). Persistent cookies are stored in the User's terminal device for a period defined in the cookie file parameters, or until they are deleted by the User.

  6. Software for browsing websites (internet browser) usually allows for storing cookies on the User's terminal device by default. Users of the Website may change the settings in this area. The web browser allows the user to delete cookies. It is also possible to block cookies automatically. Detailed information on this topic can be found in the help section or in the internet browser documentation.

  7.  Restricting the use of cookies may influence some of the functions available on the Website pages.

  8. Cookies placed on the Website User's end device may also be used by entities cooperating with the Website operator, in particular the companies: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA), Twitter (Twitter Inc. with its registered office in the USA).

9. Cookies management – how to grant and withdraw consent in practice?

  1. If the user does not wish to receive cookies, they may change browser settings. We stipulate that disabling cookie file support for authentication, safety processes, and processes maintaining the user's preferences may make it more difficult, or, in extreme cases, even make it impossible to use the websites.

  2. To manage cookie settings, select the web browser you use from the list below and follow the instructions:

    • oEdge

    • oInternet Explorer

    • oChrome

    • oSafari

    • oFirefox

    • oOpera

  3. Mobile devices:

    • oAndroid

    • oSafari (iOS)

    • oWindows Phone

bottom of page