• Polski
    • English
    • Deutsch

Polityka prywatności

PRIVACY POLICY
OF THE WWW.LUMINES.COM WEBSITE

1. Who we are and how to contact us

The controller of your personal data collected via the website www.lumines.com (hereinafter: the “Website”) is LED Labs Spółka Akcyjna, with its registered office in Kraków (address: ul. Zakopiańska 2C, 30-418 Kraków, Poland), entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000988995, REGON: 360837680, NIP: 6793108450 (hereinafter: the “Controller”).

In all matters concerning the protection of personal data, you may contact the Controller by e-mail at: info@led-labs.pl

2. How and why we process your personal data

CONTACT WITH THE CONTROLLER

When contacting us (e.g. via contact forms, e-mail, product enquiry functionality or other contact details provided on the Website), you may provide us with your personal data, including information provided during a telephone conversation or contained in correspondence and materials sent to us.

The legal basis for processing personal data provided when contacting us is Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), i.e. processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.

The legitimate interest consists in responding to enquiries, including those concerning the Controller’s activity, offer and possibilities of cooperation.

OPERATIONAL DATA

We may process data of each Website user characterising the manner in which the Website is used (so-called operational data, mostly anonymous). Such processing may include in particular:

– automatic reading of a unique identifier identifying the telecommunications network termination or IT system used,
– server date and time,
– information on technical parameters of the software and device used (e.g. whether the Website is accessed via a computer or a mobile device),
– the location from which the user connects to our server.

These data may be used for marketing purposes, market research and improving the functioning of the Website. Data recorded in server logs are not associated with specific persons using the Website and constitute solely auxiliary material for Website administration.

The legal basis for processing operational data is Article 6(1)(f) GDPR. The legitimate interest is enabling error diagnostics and improving the quality of the Website.

NEWSLETTER

If you are a subscriber to our newsletter, we process your personal data in order to send it to you, based on your consent. The newsletter may contain paid promotions, commercial offers, industry information and advertising.

The legal basis for processing your personal data is Article 6(1)(a) GDPR, i.e. consent.

You may withdraw your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

MARKETING OF THE CONTROLLER’S OWN SERVICES

Upon obtaining separate consent, we may process your personal data for marketing purposes, including sending you commercial, promotional, advertising, informational and marketing content.

The legal basis for processing your personal data for these purposes is, as a rule, Article 6(1)(a) GDPR. You may withdraw your consent at any time, without affecting the lawfulness of processing carried out before its withdrawal.

In certain cases, the legal basis for processing personal data for direct marketing purposes may be the legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR, in conjunction with Recital 47 GDPR, which states that the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest.

In accordance with Recital 47 GDPR, such a legitimate interest may exist where there is a relevant and appropriate relationship between the data subject and the Controller.
However, you always have the right to object, at any time and free of charge, to such processing, including profiling, insofar as it is related to direct marketing. After an objection has been lodged, the Controller may no longer process your personal data for such purposes.

HANDLING REQUESTS AND CLAIMS

The content of correspondence conducted with you and other interactions with the Controller may be archived. You have the right to request access to the history of correspondence conducted with us (if archived) and to request its deletion, unless archiving is justified by overriding interests of the Controller.

The legal basis for processing your personal data after the end of contact is the legitimate interest of the Controller in ensuring the possibility of establishing, asserting or defending claims in the future, pursuant to Article 6(1)(f) GDPR.

COOKIES

Like almost all websites, we use cookies. Cookies are small text files stored on your end device (e.g. computer, tablet, smartphone) that may be read by our IT system.

Cookies allow us to:

1) ensure the proper functioning of the Website,

2) improve the speed and security of using the Website,

3) use analytical tools,

use marketing tools.

Cookies are used on the basis of your consent, except where cookies are necessary for the proper provision of electronic services.

In the cases referred to in points 1, 2 and 3 above, data contained in cookies are processed on the basis of Article 6(1)(f) GDPR. The legitimate interest is ensuring the proper functioning of the Website, monitoring and analysing traffic, and compiling visit statistics.

In the case referred to in point 4 (processing personal data for marketing purposes, including advertising, market research and analysis of user behaviour and preferences), data contained in cookies are processed on the basis of Article 6(1)(a) GDPR.

During your first visit to the Website, you are informed about the use of cookies. Acceptance of this information means that you consent to the use of cookies in accordance with this Privacy Policy.

You may withdraw your consent at any time by deleting cookies and changing cookie settings in your browser.
You are not required to provide information contained in cookies. However, disabling cookies may cause difficulties in using the Website and other websites that use cookies.

3. What personal data we may process

We may process the following categories of personal data:

1) data of persons contacting the Controller:

– first and last name,
– telephone number,
– e-mail address,
– company with which the person contacting the Controller is associated,
– job position,
– other data contained in the message content, attachments or provided during a telephone conversation.

2) operational data of Website users:

– IP address of the device,
– server date and time,
– location of the end device,
– technical parameters of the device and software,
– data concerning content viewed on the Website (navigation paths, viewing time, visit frequency),
– source of the visit,
– geographical location (country),
– preferred language (device interface language),
– mouse movements, locations and clicks, keystrokes,
– URL reference code and domain,
– screen resolution,
– online identifiers, IP addresses and device identifiers.

3) newsletter subscribers’ data:

– e-mail address,
– information on interaction with newsletters (e.g. whether and when a newsletter e-mail was opened).

4. Who may receive your personal data

In the course of our activities, we may use the support of specialised external entities which may have access to some of your data, including providers of legal, accounting, IT, hosting services, mailing systems, analytical and marketing tools, as well as trusted partners and collaborators.

Website user data may be disclosed to external entities providing cookie-related services.
Personal data are processed in IT systems located partly in public cloud infrastructure provided by third parties.

Access to data related to your use of the Website may also be granted to recipients authorised by law (e.g. public authorities upon request).

Some data processing operations may involve the transfer of personal data to third countries (outside the European Economic Area). Such transfers are always carried out in accordance with GDPR safeguards, including standard contractual clauses, binding corporate rules or exceptions under Article 49 GDPR.

Please note that in the absence of an adequacy decision or appropriate safeguards, there may be a risk that authorities in a third country (e.g. intelligence services) gain access to the transferred data and that enforcement of data subject rights may not be guaranteed.

5. How long we process your personal data

Personal data provided via selected communication channels are processed no longer than necessary to respond to enquiries and may thereafter be stored only in justified cases for the period required by applicable limitation rules.

Personal data related to your use of the Website are processed for the duration of such use and, where justified, also afterwards for limitation periods.

Personal data processed via cookies are processed until cookies are disabled.

Personal data of newsletter subscribers are processed until consent is withdrawn by unsubscribing. Other data processed on the basis of consent are processed until consent is withdrawn.

6. How you can exercise your rights

You have the following rights:

– right of access to personal data (Article 15 GDPR),
– right to rectification (Article 16 GDPR),
– right to erasure (“right to be forgotten”) (Article 17 GDPR),
– right to restriction of processing (Article 18 GDPR),
– right to data portability (Article 20 GDPR),
– right to object to processing (Article 21 GDPR).

To exercise any of the above rights, please contact us by e-mail at: info@led-labs.pl

7. Complaint to a supervisory authority

Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.

In Poland, the supervisory authority is the President of the Personal Data Protection Office (UODO).
More information is available at: https://uodo.gov.pl/

Information on other EU supervisory authorities is available at:
https://edpb.europa.eu/about-edpb/about-edpb/members_pl

8. Is providing data necessary to conclude a contract with us

Providing personal data when contacting us is voluntary, but in most cases necessary to respond to your enquiry.
Providing personal data for newsletter subscription is voluntary but necessary to receive information electronically.

You may disable cookies via your browser settings; however, this may result in difficulties when using the Website and other websites.

9. Source of personal data

Personal data of Website users, persons contacting the Controller and newsletter subscribers are obtained directly from them.

Other data, including anonymous operational data and cookie-related data, are collected automatically and usually do not constitute personal data within the meaning of the GDPR.

10. Automated decision-making and profiling

We do not make decisions based solely on automated processing of personal data, including profiling, within the meaning of the GDPR.