Respecting your right to privacy and caring for the security of your personal data, Avrii Limited Liability Company, located at 8 Mroźna Street, 33-102 Tarnów, registered in the National Court Register kept by the District Court for Krakow – Śródmieście in Krakow, XII Economic Department of the National Court Register under the KRS number: 0000783431, NIP: 9930672075, REGON: 383167000, (hereinafter also referred to as „AVRII” or „Company”), as the owner and administrator of the website located at https://avrii.eu and its subpages (hereinafter referred to as the „Service”) and the administrator of data collected and processed in the operation of the Service, applies appropriate solutions outlined in the internal Security Policy to ensure them.
We collect your personal data transmitted during the use of the Service with the utmost care and in accordance with applicable legal regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR);
- the Act of 16 July 2004 – Telecommunications Law, consolidated text of 14 September 2018 (Journal of Laws of 2018, item 1954);
- the Act of 18 July 2002 on the provision of electronic services, consolidated text of 13 December 2018 (Journal of Laws of 2019, item 123).
Respecting the right to privacy, we guarantee that the data provided will be properly protected against unauthorized access by third parties.
We take special care to protect your interests, ensuring that your data is collected for specific, lawful purposes and is not subject to further processing incompatible with these purposes. We ensure that your data is factually correct and adequate for the purposes for which it is processed and stored no longer than necessary to achieve the purpose of processing. We ensure the accuracy and correctness of your personal data and promptly respond to any requests for correction or update of data. We implement the right to access personal data and their correction. We also implement the rights to erase personal data, withdraw consent, limit processing, data portability, the right to object to data processing, and the right not to be subject to a decision based solely on automated processing, including profiling.
Who administers your personal data?
The administrator of your personal data is AVRII. Our company has not appointed a Data Protection Officer.
What data do we collect?
The user remains anonymous until they create an account, subscribe to the newsletter, or fill out the contact form. In these cases, it is necessary to provide (electronically or in any other way) the data indicated in the appropriate form. Automatically collected information is used to manage the Service, identify potential security threats, analyze user traffic within the Service, and for statistical purposes. The scope of information collected automatically depends on the user’s web browser settings. The user should check their browser settings to find out what information is automatically provided by the browser or to make changes to these settings.
Providing personal data is voluntary but necessary for:
- preparing and presenting a commercial offer,
- responding to your correspondence to provide information about products produced by our company, technical and design support,
- sending marketing information (promotional and advertising) about our products and services,
- using the Service.
Additionally, we may also record your data when you contact us by phone, email, or traditional mail by writing or calling the numbers and addresses provided on our website.
Your personal data may be processed in an automated way (including profiling), but this will not have any legal effects on you or significantly affect your situation. Profiling is carried out for the analysis or forecasting of personal preferences and interests, and the appropriate adaptation of the content in the Service to these preferences, as well as for matching marketing offers to these preferences.
The company does not intentionally collect „sensitive” personal data (personal data of a special category within the meaning of the GDPR), unless such an obligation arises from applicable legal regulations.
Why and on what legal basis do we use the collected data?
We use the data collected to contact you by email or phone and provide you with technical, product, and design support, to prepare a commercial offer in response to your inquiry, and to determine your product preferences (Art. 6 (1) (f) GDPR).
In the case of processing data for the sale of a photovoltaic installation and valuation of a submitted inquiry and the presentation of an offer, the legal basis for data processing is the performance of actions to conclude a contract (Art. 6 (1) (b) GDPR).
In the case of processing data to respond to your correspondence and provide information about products produced by our company, as well as technical support, the legal basis for data processing is our legitimate interest (Art. 6 (1) (f) GDPR).
The company also processes data to use services available on the sales platform after creating an individual user account (Art. 6 (1) (b) GDPR).
By collecting your personal data for marketing purposes (marketing of our products), we do so based on our legitimate interest (Art. 6 (1) (f) GDPR).
We also collect your data to conduct promotions, including announcing promotion results, issuing prizes, and handling any complaints related to participation in the promotion, as well as sending marketing messages, including newsletters, and contacting for marketing purposes – based on your consent (Art. 6 (1) (a) GDPR).
If it is necessary for you to provide personal data of a third party (investor in whose place your investment consisting of the installation of photovoltaic modules purchased on the Service is to be carried out), we process the data of this person to the extent necessary to achieve the goals of data acquisition (Art. 6 (1) (f) GDPR – the necessity of obtaining data from a third party to conclude an agreement with you). In this case, we ask you to inform this third party about the transfer of their personal data by providing this Policy.
By processing your personal data in the form of cookies and other similar technologies for marketing purposes (in the case of marketing our products), sending you advertisements tailored to your preferences, analyzing your activity, improving relevant functionalities, and for statistical purposes, we do so based on our legitimate interest (Art. 6 (1) (f) GDPR) or consent (Art. 6 (1) (a) GDPR).
Your data may also be processed for the purpose of asserting claims and defending against claims, including third parties, to ensure the security of the IT system and manage it, as well as for analytical and statistical purposes (Art. 6 (1) (f) GDPR), and to fulfill legal obligations arising from regulations, especially in the case of paid agreements (Art. 6 (1) (c) GDPR).
How long do we keep your data?
Your personal data is processed and stored for the time necessary to achieve the purposes for which it was collected, and after this period for the purposes and for the time and scope required by legal regulations or to secure any claims or until the withdrawal of consent – if the basis of processing was the consent given by you. The data processing period may be extended if the processing is necessary to establish, assert, or defend against any claims, as well as at the request of competent public authorities, and after this period, only to the extent and within the scope required by law. After the processing period expires, the data is irreversibly deleted or irreversibly anonymized.
What are your rights regarding your personal data?
You have the right to access the content of the data and request their correction, deletion, processing restrictions, the right to data portability, and the right to object to data processing, to the extent that we process your data based on consent, also the right to withdraw the given consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal.
In case of doubts related to the processing of personal data, you can contact us for information. Regardless of this, you have the right to lodge a complaint with the supervisory authority – the President of the Office for Personal Data Protection.
Whom do we disclose your data to?
In connection with the provision of services available on the Service, we transfer the collected personal data to companies that provide us with teleinformatics services and carry out marketing activities for us.
AVRII reserves the right that based on generally applicable legal regulations, authorized authorities may require the administrator of the Service to disclose user data, including the IP address.
Your personal data, in specific situations related to cooperation with global corporations such as Google Inc. or Facebook Inc., may be transferred outside the European Economic Area. In the case of Google Inc., our company uses systems such as Google Analytics, Google Adwords, Google My Business, and Google Search Console, and in the case of Facebook Inc., an analytical tool in the form of the Facebook Pixel. All processed data is transferred based on Standard Contractual Clauses published by the European Commission.
Security and confidentiality
We use all technical and organizational methods to ensure the security of your personal data and protect it from accidental or deliberate destruction, accidental loss, alteration, unauthorized disclosure, or access. Information is stored and processed on servers with a high level of security, in compliance with the relevant security measures required by Polish law.
We regularly conduct a risk analysis to ensure that personal data is processed by us in a secure manner, primarily ensuring that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. We ensure that all operations on personal data are recorded and carried out only by authorized employees and collaborators.
The company provides technical measures to prevent the acquisition and modification of electronically transmitted personal data by unauthorized persons, including:
- securing the data set against unauthorized access;
- SSL certificate on Service pages where personal data is provided;
- encryption of data used to authorize the person using the Service functionality;
- access to the user account only after entering an individual login and password.
We also take all necessary actions to ensure that our subcontractors and other cooperating entities also guarantee the application of appropriate security measures whenever they process personal data on our behalf.
Our contact details
You can contact us by writing to the address:
Avrii Sp. z o.o.
Mroźna 8, 33-102 Tarnów