Privacy Policy

Privacy Policy

I. Website
This privacy policy applies to the website under the domain flo.eu.com
II. Personal data controller
The administrator of the personal data is PCC Consumer Products Kosmet Sp. z o. o. with its registered office at 4 Sienkiewicza St., 56-120 Brzeg Dolny, registered in the register of entrepreneurs of the National Court Register kept by the District Court for Wroclaw, IX Economic Division of the National Court Register, under the KRS number 0000002277, with the share capital of 76,832,800.00 PLN, NIP 917-11-54-737, REGON 930850566.
You can contact us about your personal data by e-mail:  odo.kosmet@pcc.eu
The Administrator declares that it takes special care to protect the interests of data subjects, and in particular ensures that:

  • processes Personal Data lawfully, fairly and transparently;
  • collects Personal Data for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes;
  • Personal Data is adequate, relevant and limited to what is necessary for the purposes for which it is processed;
  • Personal Information is correct and updated as necessary;
  • shall keep Personal Data in a form that allows the identification of the person to whom it relates for no longer than is necessary for the purposes for which it is processed;
  • Processes Personal Data in a manner that ensures adequate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organizational measures

III. Purpose of processing
Personal data may be processed by the Administrator for, among other purposes:

  • communication and to respond to your message. The basis for the processing of personal data is the legitimate interest of the data controller or a third party, e.g.: return contact with you, our marketing or partners, including the PCC Group
  • To conclude and perform a contract for the provision of services or a sales contract – the basis for processing here is the necessity to conclude a contract;
  • Direct marketing of products and services of the Administrator and PCC Group entities – until you object to the processing of your data for this purpose or withdraw your consent – the basis for processing here is the realization of the Administrator’s or a third party’s legitimate interests or consent;
  • Fulfillment of the Administrator’s legal obligations (e.g. tax, accounting, complaint handling) – for the duration of these obligations or for the period necessary to demonstrate compliance with these obligations to authorities authorized to control in this regard – the basis for processing here is a legal obligation incumbent on the Administrator;
  • Establishing, defending and asserting claims – for the period after which claims (e.g. under contracts) become time-barred or for the duration of possible proceedings – the basis for processing here is the legitimate interest or legal obligation of the controller.

Provision of Personal Data is voluntary, but it may be necessary, for example, to enter into or execute a contract or to respond to an inquiry or for the purpose of correspondence.
If the processing of Personal Data is based on consent, you have the right to revoke it at any time without affecting the legality of the processing carried out on the basis of consent before revocation.

IV. Recipients of personal data
Personal Data may be made available to external entities only within the limits of the law, for the purpose and to the extent necessary, among others, for the proper execution of the Sales Agreement or the Service Agreement.

  • The Administrator may entrust the processing of Personal Data to third parties for the purpose of carrying out activities related to the conduct of business, as well as for the purpose related to the investigation of claims or protection against claims related to the use of services or products. These entities may be:
  • External consulting firms (including legal, audit, tax, marketing and accounting firms);
  • External IT specialists;
  • entities supporting the Administrator in handling correspondence;
  • couriers – in the case of correspondence or courier shipments;
  • Internet payment operators or banks – when conducting financial settlements;
  • entities cooperating with the Administrator within the framework of sales services;
  • and other PCC Group entities that perform some of the above services for the Administrator.

V. Rights of data subjects
In any case, the data subject has the right to:

  • access to Personal Data (including, for example, receiving information on which Personal Data is processed),
  • Request rectification and restriction of processing of Personal Data (e.g., if incorrect);
  • Deletion of Personal Data (e.g., if it was processed unlawfully);
  • transfer Personal Data that he or she has provided to the controller and that is processed by automated means, and the processing is based on consent or on the basis of a contract, e.g. to another controller;
  • object to the processing of Personal Data based on the premise of necessity for the purposes of legitimate interests pursued by the controller or by a third party, including, in particular, processing for marketing purposes;
  • lodge a complaint with the authority competent for the protection of personal data.

VI. Cookies
The Administrator uses cookies (small text files, so called “cookies”), which are stored on the Users’ final device in order to obtain data about the use of the Website by the Users.
Cookies allow, among other things:

  • Maintaining the Users’ session after logging in, so that there is no need for a separate login on each subpage of the Website;
  • Adaptation of the content of the Service to the needs and interests of Users;
  • compiling statistics of visits to the Website;
  • Creating online surveys and securing them against multiple voting by the same people.

Information obtained through cookies includes, but is not limited to, the name of the ISP, the IP address of Users, and the country of origin from which Users connect to the Website.
The Website uses two main types of cookies: “session” (session cookies) and “permanent” (persistent cookies). “Session” cookies are temporary files that are stored on the User’s terminal device until they log off, leave the website or turn off the software (web browser). “Permanent” cookies are stored on the User’s end device for the time specified in the parameters of the cookies or until they are deleted by the User.
In many cases, web browsing software (web browser) allows cookies to be stored on the User’s end device by default. The User may at any time remove the cookies stored on his/her end device or block the possibility of their placement in the settings of his/her web browser (also on a cell phone or other device that allows access to the Internet). More information on cookies is available in the “Help” section of the browser menu.
The Administrator informs that restrictions on the use of cookies may affect some of the functionalities available on the Website.

The administrator on his site uses a service from Google:

1. Google Analytics – a service that allows the collection of data for the analysis of website visit statistics. Detailed information on how Google Analytics processes data can be found at: https://support.google.com/analytics/answer/6004245?hl=pl. The user can prevent the collection of his/her data by installing a browser add-on that blocks the transfer of data to Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=pl.

2. Google reCAPTCHA – a service that allows to check after the User’s behavior whether the data on a page (e.g. a form) was entered by a human or an automaton. The analysis runs in the background automatically when the website is opened without informing the User. As part of the analysis, the mechanism takes into account various types of information (e.g. IP address, mouse movements made, time spent on the site), and the collected data is sent to Google. More information about Google reCAPTCHA can be found at: https://www.google.com/recaptcha/intro/v3.html.

For more information relating to Google’s privacy policy and data collection, please visit: https://policies.google.com/privacy?hl=pl.

VII. Change of privacy policy  
This Privacy Policy may be amended by the Administrator by publishing a new version on the Website.
This version of the Privacy Policy is effective as of 25.05.2018.