Contact US

Privacy Policy

We would like to inform you that on May 25, 2018, the provisions of the European Parliament and Council Regulation (EU) 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC—hereinafter referred to as “GDPR”—came into force. These regulations require entrepreneurs to increase the level of protection for personal data processing compared to the regulations in force under the Personal Data Protection Act of August 29, 1997 (Journal of Laws 2016, item 922, as amended). In this regard, DRABEST Sp. z o.o. has created a new Privacy Policy, which outlines how customer personal data is processed and how privacy is protected when purchasing from the online store www.drabest.pl or using services provided by DRABEST Sp. z o.o.

Familiarizing yourself with the Privacy Policy provided below will help you understand which personal data is collected, for what purposes, how it is used, to whom it may be disclosed, what rights are granted to individuals whose data is processed, and how to exercise those rights.

  1. The data controller is DRABEST Spółka z o.o., located at Mników 281, 32-084 Morawica, with REGON 120498547 and NIP 9442166624. Personal data is processed solely for the proper handling of sales contracts or the provision of services by the Company. Everyone has the right to access their personal data and the ability to correct it.
    Personal data – information about an identified or identifiable natural person; an identifiable natural person is one who can be directly or indirectly identified, in particular by reference to an identifier such as a name, identification number, location data, or an online identifier.

  2. The terms used in the „Privacy Policy” mean:
    Person – a natural person whose personal data is or may be processed by DRABEST Spółka z o.o. in connection with the use of the website www.drabest.pl, the performance of contracts, or the provision of services.
    Processing – an operation or set of operations performed on personal data or sets of personal data, whether automated or non-automated, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    Administrator – a natural person or legal entity, public authority, agency, or other body that determines the purposes and means of processing personal data, either alone or jointly with others.
    Processor – a natural person or legal entity, public authority, agency, or other body that processes personal data on behalf of the administrator.
    Recipient – a natural person or legal entity, public authority, agency, or other body to whom personal data is disclosed, regardless of whether it is a third party, except for public authorities that may process personal data in the course of a specific legal proceeding in accordance with Union law or the law of a Member State,

  3. DRABEST Spółka z o.o. processes personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable regulations on personal data protection that complement or implement the GDPR. This ensures that all data processing activities are conducted legally, transparently, and with respect for the rights of individuals. The company is committed to safeguarding the privacy and security of personal data while adhering to the principles outlined in these regulations.

  4. Providing personal data is voluntary; however, it is a necessary condition for entering into and executing a contract or using the website www.drabest.pl. Failure to provide personal data prevents the conclusion or execution of the contract. To the extent that DRABEST Spółka z o.o. processes personal data to fulfill its legitimate interests, the provision of data is voluntary.

  5. Personal data is processed, including stored, only for the period necessary to fulfill the contract or as specified by the purposes described in the „Privacy Policy.” The duration of personal data storage depends on the purpose of data processing, the existence of a legal obligation to process them, or the need to protect the interests of DRABEST Spółka z o.o. or the Client. Data is processed solely at the registered office of DRABEST Spółka z o.o. and in other locations where the information systems used for processing are located.

  6. The „Privacy Policy” defines:
    • Purpose of Personal Data Processing: Specifies why personal data is being collected and processed.
    • Categories of Personal Data: Outlines the different types of personal data that may be collected (e.g., identification, contact information).
    • Methods of Personal Data Processing: Describes how personal data is handled, including collection, storage, and use.
    • Principles for Entrusting Personal Data Processing: Details the conditions and regulations governing the sharing or outsourcing of personal data processing.
    • Rights of the Data Subject: Enumerates the rights of individuals whose personal data is being processed, such as the right to access, rectify, or delete their data.

  1. DRABEST Spółka z o.o. may collect the following personal data from individuals or from other sources. Other sources include, for example, specialized information providers or internet media channels. Personal data from these sources allows for the improvement and measurement of the company’s operational efficiency, including marketing activities. During processing, DRABEST Spółka z o.o. may combine personal data collected from individuals, including from the website, with personal data obtained from other sources.

    Registration on www.drabest.pl or using the website

    – Personal data identifying an individual, including postal address, email addresses, and phone numbers.

    – Client account login data, including username and password, IP address.

    Making purchases on the www.drabest.pl website, browsing the website, using mobile applications – data obtained from the Client or other sources.

    Personal data identifying the Client, including VAT ID (NIP), postal address, email addresses, phone numbers; bank account number, billing address; login data for the Client’s account, including username and password, IP address; data on the Client’s orders and purchases (e.g., type of goods, price, payment method); data on the Client’s online behavior while browsing the website; data on any devices used to access the www.drabest.pl service (including device type, operating system, IP address, browser type, and mobile device identifiers, date and time of access to services, the website address from which the Client was redirected, other data transmitted through standard HTTP(s) request headers, data used to maintain an online session after logging in).

    Exercise of the right to withdraw from the contract – obtained from the Client.

    Personal data identifying the Client, including NIP (Tax Identification Number), postal address, email addresses, phone numbers; bank account number, address for invoicing; login data for the Client’s account, including username and password, IP address;

    Implementation of the complaint procedure – collected from the Client.

    Personal data identifying the Client, including tax identification number (NIP), postal address, email addresses, phone numbers; bank account number, address for invoicing; login data for the Client’s account, including username and password, IP address;

    Correspondence with DRABEST Spółka z o.o. or other forms of mutual contact with the company, participation in promotions, contests, surveys – collected from the individual or from other sources.

    Personal data provided during each contact (e.g., name and surname, username, and contact details), including telephone, email, or postal correspondence; data related to emails and other electronic messages sent by DRABEST Spółka z o.o., including any links contained within them (e.g., enabling the determination of whether and when the message was opened); information provided in the context of given responses.
  2. Personal data is processed by DRABEST Spółka z o.o. solely for the following purposes:
  • To the extent necessary to enable the conclusion and performance of the contract (Article 6(1)(b) of the GDPR).
  • To fulfill a legal obligation imposed on the Administrator under the provisions of law (Article 6(1)(c) of the GDPR).
  • To establish, pursue, enforce, defend, or protect claims or rights related to the performance of the contract, which constitutes a legitimate interest of the Company (Article 6(1)(f) of the GDPR).
  • Based on consent for processing (Article 6(1)(a) of the GDPR).

The scope of the purposes for data processing is outlined below.

Purpose of personal data processing Legal basis for personal data processing
Providing the opportunity to purchase goods offered by DRABEST Spółka z o.o. or services provided by it through: managing customer accounts; managing orders, contract fulfillment, deliveries, returns, complaints, and withdrawals; collecting data regarding purchases and transactions, contact information, and delivery/pickup locations. Executing the contract – without providing this data, it is not possible to provide services;
Exercising a right or fulfilling an obligation arising from a legal provision;
Legitimate interest of DRABEST Spółka z o.o.
Managing and improving the website www.drabest.pl using cookies and similar technologies to enhance efficiency and ensure convenience when using the site. Some cookies are essential for enabling access to all the features offered by the website. Other cookies can be disabled, but this may affect the standard and comfort level of using the site. – Legitimate interest of DRABEST Spółka z o.o.
Providing assistance in developing and improving the offerings in terms of services, information systems, know-how, and communication by utilizing personal data for conducting market analyses and development work. – Legitimate interest of DRABEST Spółka z o.o.
Detecting and preventing financial fraud, scams, and other crimes by monitoring the usage of the www.baulich.pl service, which ensures safe access to the provided services in accordance with applicable regulations and company policies. – Legitimate interest of DRABEST Spółka z o.o.
Using personal data and online activities of the Customer while using the network, including purchases made in the Online Store, to personalize offers and services and to adapt them to the Customer’s needs. – Legitimate interest of DRABEST Spółka z o.o.
Ensuring proper communication with the Client (including via email, SMS, mail, online advertising, and social media) regarding the offerings and operations of DRABEST Spółka z o.o. by utilizing personal data to assess the effectiveness of marketing efforts or Client preferences, providing clarifications or assistance, and informing about changes in the offerings or services provided that affect the rights and obligations of the individual (e.g., changes in the „Privacy Policy” or terms of service).

Consent of the individual – lack of consent does not affect the ability to use the services provided by DRABEST Spółka z o.o.

Legitimate interest of DRABEST Spółka z o.o.
Resolving disputes, addressing complaints or claims, including complaints, legal claims, or disputes involving the Client or DRABEST Spółka z o.o. regarding the services provided. The realization of a right or the fulfillment of an obligation arising from a legal provision, the legitimate interest of DRABEST Spółka z o.o., a specific legal provision that allows the processing of personal data to fulfill a legal obligation.
The purpose of using video surveillance in the physical store is to ensure the safety of people and property.– – Legitimate interest of DRABEST Spółka z o.o.

The legitimate interest of DRABEST Spółka z o.o. in using personal data is:

  • Satisfying customer needs, including the sale of goods and services offered by the company;
  • Promoting and marketing new goods and services by DRABEST Spółka z o.o.;
  • Managing and maintaining customer accounts, handling complaints, and resolving any disputes;
  • Identifying customer needs and behaviors in order to tailor DRABEST Spółka z o.o.’s offerings to their needs;
  • Protecting and supporting the activities of DRABEST Spółka z o.o., its employees, and customers;
  • Detecting and preventing financial fraud, scams, and other crimes, including those harmful to DRABEST Spółka z o.o.;
  • Developing the range of goods and services provided by DRABEST Spółka z o.o.

  1. DRABEST Spółka z o.o. may share personal data with other entities – i.e., recipients – only in the following cases:
    • If generally applicable laws or public authorities stipulate that the company is required to share personal data or for the purposes of justice;
    • The necessity of sharing personal data to establish, execute, or defend the rights of DRABEST Spółka z o.o.;
    • The necessity of sharing personal data with service providers who perform specific tasks on behalf of and for the benefit of DRABEST Spółka z o.o. based on cooperation agreements.
    • Service providers offer services in areas such as:
    • Information technology (website management, BAULICH IT system, and other business systems used by DRABEST Spółka z o.o.);
    • Data storage and analysis;
    • Payment processing;
    • Postal and courier services;
    • Legal assistance and other specialized services.

  1. DRABEST Spółka z o.o. shares with service providers only the personal data necessary for them to provide services on behalf of the company and is obliged to ensure that the entrusted personal data is processed by these recipients in a secure manner and in accordance with generally applicable regulations regarding personal data protection, as well as preventing its use for their own marketing purposes, unless the Client has provided separate consent for such use.

  1. DRABEST Spółka z o.o. ensures an adequate level of protection for processed personal data by implementing technical, organizational, and informational measures. The IT security measures include access controls to computer terminals, firewalls, anti-spam software, and data encryption. The technical and organizational safeguards involve restricting access to areas or rooms where personal data is processed, ensuring that only authorized employees who require access to perform their job duties are permitted entry.

Although DRABEST Spółka z o.o. implements appropriate technical, organizational, or informational safeguards to protect personal data, it cannot guarantee the complete security of personal data transmitted via the Internet.

  1. DRABEST Spółka z o.o. may process personal data for the purposes related to marketing the goods and services it offers, as well as conducting market research, provided that prior consent has been obtained to receive these marketing communications or to participate in market research. Refusal to grant consent to receive these marketing communications or to participate in market research does not affect the ability to use the services provided by the company.

  1. DRABEST Spółka z o.o. and its service providers use cookies and similar technologies, such as tags and pixels—collectively referred to as “cookies”—to personalize and improve the quality of service while using the website.

Cookies are small text files containing a unique identifier that are stored on a computer or mobile device, allowing the device to be recognized when visiting a specific website. They may be used only for the duration of a visit to the website or may be used to measure interactions with services and content over a certain period. Cookies help ensure important functions and functionalities of websites and mobile applications and improve the overall user experience.

Most browsers are set to allow cookies by default. Through browser settings, users can accept or reject new cookies, delete existing ones, or configure the browser to notify them each time a new cookie is placed on their computer or other device. If you do not consent to the storage of cookies on your device, you should adjust your browser settings accordingly. Changes may involve not allowing cookies to be stored on your device or receiving notifications each time a cookie is saved. Detailed information on managing cookies can be found in the settings and “Help” section of the web browser.

Please note that restrictions on the use of cookies, including disabling some or all cookies, may hinder or prevent the use of the website, for example, it may prevent access to services that require login. Browser settings that allow for the storage of cookies indicate consent for these files to be stored on the device.

  1. DRABEST Spółka z o.o. may use cookies in its services for the following purposes:
    • Essential Cookies – These files are necessary for the proper functioning of the service, enabling login and navigation. Without storing these cookies on the Client’s device, it is impossible to use the service.
    • Security Cookies – These cookies ensure the security of actions performed within the service. The absence of these files will prevent secure operation.
    • Statistical Cookies – These allow the service to collect statistical information about how the service is used, including the use of online advertising. This information helps the company assess interest in the content posted on the website and the effectiveness of online advertising campaigns, as well as track which content was displayed and how many times. The cookies are also used to measure the effectiveness of marketing messages by indicating whether the received marketing message was opened.
    • Functional Cookies – These files allow the personalization of the Client’s activities and provide access to various useful features they offer, particularly remembering the Client’s settings and preferences. By saving these cookies on the device, the need to repeatedly enter login credentials is eliminated. They also inform how the website is used, including whether error messages appear during its use. This type of cookies collects data that is mostly aggregated and anonymized.
    • Advertising Cookies – These files enable personalized advertising to be delivered.
    • Social Media Cookies – These allow the integration of social media services (such as Facebook, Google+, Pinterest) that the Client uses with the drabest.pl service.

  1. Everyone has the right to access their personal data stored by DRABEST Spółka z o.o. by submitting a request for data access and information.

Furthermore, everyone has the right to:

  • Request to correct information about oneself or their personal data**—in cases where they believe the information is incomplete, outdated, or false;
  • To object to the processing of their personal data**—including against direct marketing; if an objection is raised, it will be considered by DRABEST Spółka z o.o., which may delete or limit the use of the data or cease using it for direct marketing purposes if the request is justified;
  • Request to limit the processing of their personal data**—DRABEST Spółka z o.o. may limit the use of personal data, particularly if an objection has been successfully raised, the person questions the completeness or accuracy of the stored personal data, or the personal data has been processed unlawfully but the person does not request its deletion;
  • Request to delete their personal data**—DRABEST Spółka z o.o. may delete personal data, particularly if an objection has been successfully raised, there is no need to retain it, consent to its processing has been revoked, or the personal data has been processed unlawfully;
  • Request to transfer their personal data**—which allows for the transfer of data to other entities without additional costs for the purpose of using the services provided by them; the transfer involves the electronic transmission and delivery of personal data in a structured, commonly used, and machine-readable format used by DRABEST Spółka z o.o.;
  • To file a complaint with the supervisory authority**, which is the President of the Office for Personal Data Protection.

  1. Requests to access personal data that is stored or for which a copy is held by DRABEST Spółka z o.o., or to exercise other rights, including the right to information about personal data that is stored or for which a copy is held, as well as how it is collected, processed, or stored, should be submitted by phone at 578 802 900 or via email at sklep@drabest.pl. In the case of a request for data transfer, the data will be sent to the specified individual.

  1. Personal data is not subject to automated decision-making. DRABEST Spółka z o.o. does not transfer, nor does it plan to transfer, processed personal data to third countries or international organizations, except in cases where the data subject changes their place of residence or is located outside the territory of the European Union, and the formalities related to the execution, completion of the contract, or settlement require the transmission of this data.

  1. Detailed information about rights regarding personal data protection can be found on the website of the President of the Personal Data Protection Office.

This „Privacy Policy” is effective as of April 22, 2022.

CONTACT

  • Drabest sp. z o.o.
  • Mników 281, 32-084 Morawica, Poland
  • +48 12 280 54 94
  • export@drabest.pl
  • NIP/TIN: PL9442166624
    REGON: 120498547
  • KRS: 0000282861
    DUNS: 366050999
DOWNLOAD
LADDERS