Last updated: 1.12.2022

WEBSITE PRIVACY POLICY AND COOKIES https://fastwhitecat.com (hereinafter referred to as the Website)

The Privacy Policy defines the terms of the processing and protection of users’ personal data and that of other entities using the Website. The document also defines the terms for using cookie files.
The Website Privacy Policy is for information purposes only.

Table of contents:

1. Glossary

  1. Personal Data Administrator
  2. Addressees of the Privacy Policy
  3. Contact form – information obligation
  4. account – information obligation
  5. Newsletter, trade information – information obligation
  6. Blog and comments system – information obligation
  7. Social media – information obligation
  8. Personal data recipients
  9. Data subject rights
  10. Profiling and transfer of data to third party countries and international organizations
  11. Technical information and tracking technologies
  12. Cookies policy
  13. Changes in the Privacy Policy
  1. Glossary
    1. Personal data (data): indicates all information about an identified or identifiable natural person (“the data subject”); an identifiable natural person is a person whom can be directly or indirectly identified, especially on the basis of an identifier such as a name and surname, ID number, location information, online identifier, or one or a few specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity of a natural person.
    2. Registration form: an interactive form available on the Website, e.g., enabling the creation of a customer account.
    3. Trade information: any information designed to directly or indirectly promote goods, services, or image of an entrepreneur or person practicing a profession, whose right to practice the profession is dependent on meeting the requirements laid down by separate laws, excluding information excluding information enabling communication by electronic means with a specific person, and information about services which does not serve to achieve a commercial effect desired by the entity contracting the communication, especially without no remuneration or other benefits from producers, retailers, or service providers.
    4. Customer:
      1. natural person with full legal capacity, and in instances provided for by applicable provisions of law, also a natural person with limited legal capacity,
      2. a legal person,
      3. an organizational unity without legal personality, granted legal capacity, which has concluded or intends to conclude a sales agreement with the Service Provider, as well as one which uses or intends to use the Website.
    5. Customer account (account): An electronic service marked with an individual name (login) and password provided by the customer, a collection of data in the Service Provider’s ICT system which collects the data provided by the customer, including address information and order history.
    6. Counterparty:
      1. a natural person with full legal capacity, and in instances provided for by applicable provisions of law, also a natural person with limited legal capacity,
      2. a legal person,
      3. an organizational unity without legal personality, granted legal capacity, which uses the services and products offered by the Administrator, as well as supplier, subcontractor.
    7. Newsletter: An electronic service provided by the Service Provider by means of email, which enables all the people using it to subscribe and automatically receive cyclical, free information, including about news, promotions, as well as trade information.
    8. Person establishing contact: a person who establishes contact with the Administrator by phone, SMS, email, the contact form available on the given Website or by other means of electronic communication, also by traditional post.
    9. Supervisory authority: The President of the Personal Data Protection Office (PPDPO).
    10. Processing: indicates an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, including collection, recording, organizing, storing, adapting or modifying, downloading, browsing, using, disclosure by sharing, dissemination or otherwise making available, adapting or combining, limiting, deleting, or destroying.
    11. GDPR: Regulation of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in regard to the processing of personal data and free movement of such data and repeal of Directive 95/46/WE (General Data Protection Regulation) of 27 April 2016 (Journal of Laws EU L 119, page 1).
    12. Website: the service to which this Privacy Policy applies.
    13. Electronic service: a service provided by electronic means by the Service Provider to the customer by means of the Website.
    14. Service Provider: personal data Administrator defined in chapter 2.
    15. User: person who uses the Website, including customer, person establishing contact.
  2. Personal data Administrator The personal data Administrator, as defined in Regulation (EU) No. 2016/679 of 27 April 2016 on the protection of natural persons in regard to the processing of personal data and free movement of such data and repeal of Directive 95/46/WE (General Data Protection Regulation) of 27 April 2016 (Journal of Laws EU L 119, page 1), hereinafter referred to as GDPR, is Fast White Cat S.A. with its registered office in Wroclaw (50-123) at ul. Fabryczna 6, KRS 0000401249, NIP 8971779243, REGON 021761553, hereinafter referred to as the Administrator and which is also the Website Service Provider. The Administrator appointed a data protection officer whom can be contacted by sending an email to the address: iod@fastwhitecat.com or by means of traditional post: Fast White Cat S.A., ul. Fabryczna 6, 53-609 Wrocław.
  3. Privacy Policy addressees This Privacy Policy is addressed to users and other entities using the Website when:
    1. visiting or using the Website, including using the services (also electronic services made available through the Website), such as the possibility of creating an account, signing up to the newsletter/ receiving trade information, possibility of adding a comment on the blog, possibility of sending messages to the Administrator by means of the electronic contact form and other means available on the Website, including those described in the terms and conditions of the Website provided by the Administrator, or when visiting the profile of the Administrator on social media (Facebook, LinkedIn, Twitter, YouTube, Instagram),
    2. being a user (including a customer) who uses the services and products offered by the Administrator, or a counterparty of the Administrator,
    3. representing a counterparty, a natural person acting on behalf of a counterparty, or a contact person for a counterparty, especially an employee or associate,
    4. contacting us by phone or SMS, by email, by the contact form available on the Website, by other means of electronic communication, by traditional post, or if the Administrator makes the contact in one of the above mentioned means.
  4. Contact form – information obligation
    1. The Administrator within the scope of the Website may collect the personal data of users contacting the Administrator, personal data which is necessary to execute a given request from a user and to contact the user I order to provide a reply.
    2. The legal basis for processing data relating to contact with the Administrator, as well as after possible completion of contact will be a legitimate purpose in the form of, e.g., maintaining communication, later archiving its course for the purpose of demonstrating it in the future, as well as the need to determine, assert or defend claims (pursuant to article 6 paragraph 1 (f) GDPR), if the contact will lead to the conclusion of an agreement, data will be processed on the basis of article 6 paragraph 1 (b) GDPR.
    3. The content of the correspondence may be archived. If it will be archived, it will be stored until the expiry of the limitation period for claims, which may potentially appear with reference to the correspondence. The period of limitation is six years, and for claims for periodic benefits and claims related to running a business – three years. However, the final date for expiry of claims falls on the last day of a calendar year unless the limitation is shorter than two years.
    4. Providing data is voluntary but required to establish contact with us. The effect of not providing the data will be the lack of possibility of contacting you.
  5. Account – information obligation
    1. The Administrator within the scope of the Website may collect the personal data of users which is required to ensure a complete support to the user, including the creation and management of a user account/accounts, solving technical problems associated with the account and providing appropriate functions relating to the account (e.g., when registering to the SARE System).
    2. The legal basis for processing data will be the execution of an agreement or procedures preceding this agreement (pursuant to article 6 paragraph 1 (b) GDPR) as well as a legitimate purpose in the form of, e.g., maintaining communication, later archiving its course for the purpose of demonstrating it in the future, as well as the need to determine, assert or defend claims (pursuant to article 6 paragraph 1 (f) GDPR).
    3. Data related to the account will be stored until the account will be deleted, possibly until the expiry of the limitation period for claims which may potentially appear in relation to maintaining the account. The period of limitation is six years, and for claims for periodic benefits and claims related to running a business – three years. However, the final date for expiry of claims falls on the last day of a calendar year unless the limitation is shorter than two years.
    4. Providing data specified during the registration process is required to create an account. The data marked as optional during registration may be added additionally.
  6. Newsletter, trade information – information obligation
    1. The Administrator within the scope of the Website may collect the personal data of users in order to send a newsletter and trade information on the basis of the expressed consent, pursuant to article 6 paragraph 1 (a) GDPR and legitimate interests in accordance with article 6 paragraph 1 (f) GDPR, which in this case is the sending of a newsletter and trade information, as well as defense against possible complaints or charges appearing in relation to the mailing. In regard to information which may also constitute personal data and which was provided directly but was collected automatically by the system used to send the newsletter or trade information (e.g., IP number, location), this data is processed on the basis of legitimate interest (pursuant to article 6 paragraph 1 (f) GDPR), which is stiving to improve our operations and to identify, if needed, the link from the newsletter or trade information which was clicked on. When the basis for the processing is the consent granted for receiving trade information or a newsletter, this consent may be withdrawn at any time on a basis of a request sent by email or by means of a link which appears in every mailing we send out.
    2. When the basis for the processing is legitimate interest, the personal data will be processed an objection is effectively raised, namely referring to your request as sent by email or by means of a link which appears in every mailing we send out.
    3. Data will be processed:
      1.  when the basis is expressed consent: until the consent is withdrawn,
      2. when the basis is legitimate interest: until an objection is effectively raised or the purpose of processing is achieved, e.g., until the expiry of the limitation period for claims which may potentially appear in relation to maintaining the account. The period of limitation is six years, and for claims for periodic benefits and claims related to running a business – three years. However, the final date for expiry of claims falls on the last day of a calendar year unless the limitation is shorter than two years.
    4. Providing data is voluntary although required in order to receive trade information / a newsletter.
  7. Blog and comments system – information obligation
    1. Data provided when adding a comment is used in order to publish the comment on the blog while the legal basis for its processing is the expressed consent (article 6 paragraph 1 (a) GDPR) resulting from adding the comment.
    2. Data will be processed for the time the comments are present on the blog. It is possible to place a request with the Administrator to delete the comment by writing a request and sending it to the email address provided in the Website credits. Deleting the comment will simultaneously delete the data from the Service.
    3. Providing data is voluntary although it is required to add a comment.
  8. Social media – information obligation
    1. When observing our profiles, accounts on social media, such as Facebook, LinkedIn, YouTube, Twitter, Instagram or when interacting with our profiles and accounts (e.g., writing a comment, sharing, liking a post), we can view your data as provided on social media. The data is processed on the basis of legitimized interest (article 6 paragraph 1 (f) GDPR) in order to manage social media, maintain correspondence, analyze statistics, create user groups in the case of setting advertising, e.g., on Facebook, promoting our own brand, or improving the quality of the services provided, and if needed – pursuing claims and defense against claims.
    2. The personal data processed for the above mentioned purposed is processed exclusively in regard to our use of our profile/ account on a given service, and in regard to remaining use of your social media, your personal data is processed by the owner of the given service (e.g., in the case of Facebook and Instagram, it is processed by Meta Platforms Ireland Limited: https://pl-pl.facebook.com/privacy/explanation, for LinkedIn, by LinkedIn Ireland Unlimited Company: https://pl.linkedin.com/legal/privacy-policy, for YouTube, by Google LLC: https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/) on the basis of their own terms and conditions and privacy policies.
    3. The Administrator will process the above mentioned personal data until an objection is effectively raised or the purpose of processing is achieved.
    4. Providing data is voluntary although it is necessary for you to be able to view and interact with our profiles and accounts.
    5. In the case of our profile on Facebook, we declare that we are co-controller of your personal data as users of the Website or group on Facebook together with Meta Platforms Ireland Limited (under CJEU law, namely the Court of Justice of the European Union, the creator of a page on Facebook is the co-controller of personal data together with Meta Platforms Ireland Limited). We therefore recommend also becoming familiar with the privacy policy of Facebook: https://pl-pl.facebook.com/privacy/explanation.
  9. Personal data recipients The Administrator informs Website users that the recipients of your personal data are:
    1. the Internet domain supplier,
    2. the hosting provider which stores the personal data on the server which the Service is installed on,
    3. the provider of the cloud service which stores the files which may contain your personal data,
    4. entities providing tools used for the analysis of activity on the Website,
    5. the entity providing services related to the technical and IT support for the Website,
    6. other suppliers of services associated with the functioning of the Website, as well as if a need occurs for to provide your data to other entities, then it may also be supplied to them if such an obligation will be a result of generally applicable provisions of law or a legally valid court decision/ ruling, such entities including, e.g., courts, prosecutors’ offices, tax authorities.
  10. Rights You have:
    1. the right of access to your personal data (i.e., you can receive confirmation from the Administrator about whether your personal data is being processed by us or not; if so, you have the right to demand access to it, as well as information associated with its processing, including about the purpose of the processing, receivers or categories of receivers of the data, the planned retention period for the data or criteria of establishing this period, etc., as well as receiving a copy of the data),
    2. the right to rectify the data (e.g., supplement, amend, update),
    3. the right to raise an objection to the processing of your data (when the Administrator Processes your personal data, when this processing is required for purposes resulting from legitimate interests pursued by the Administrator, at any time, for reasons associated with your specific situation, you have the right to raise an objection to the processing of personal data which the objection relates to, with consideration of profiling, in such a situation, the Administrator will discontinue processing your personal data, unless they will be able to present legitimate grounds for the processing which will override your interests, rights, and freedoms, or if the processing of this data will be required to establish, exercise or defend legal claims, also at any time you have the right to raise an objection to the processing of your personal data for direct marketing purposes which includes profiling in the scope related to such direct marketing),
    4. the right to limit the processing of your personal data (this is possible in each of the following cases: you are contesting the correctness of your personal data, the processing is illegal, and you demand to limit instead of deleting the data, the Administrator no longer requires your personal data but you need it to use defense or legal claims or if you are opposing the processing of your personal data and the Administrator is verifying the validity of your objection),
    5. the right to transfer your personal data (if as a result of contact an agreement was concluded or in the case of the basis for the processing is your consent and when the processing of the data is taking place in an automated manner, you have the right to obtain the personal data you provided from the Administrator in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another administrator, as long as it is technically possible),
    6. the right to delete your data (but only in situations specified in the provisions of GDPR, e.g., when your personal data is not required for purposes which it was collected for, or otherwise processed, or was processed illegally),
    7. the right to withdraw your consent (it can be withdrawn at any time, without providing a reason, however, this will not have an influence on the legality of the processing which was carried out on the bases of the consent prior to it being withdrawn),
    8. the right to lodge a complaint to a supervisory authority (namely the Inspector General for the Protection of Personal Data, at the address: Urząd Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warszawa, email: iod@uodo.gov.pl).
  11. Profiling and transmission of data to third party countries and international organizations
    1. The Administrator can use profiling within the scope of the Website for the purposes of direct marketing, although decisions made by the Administrator on the basis of such profiling do not concern the conclusion or refusal to conclude a sales agreement, or the possibility of using the electronic services. The Administrator does not apply an automatic decision making mechanism to the data, including profiling.
    2. An effect of profiling may be, e.g., awarding a discount to a given user, sending a discount code, reminder relating to the Administrator’s service, sensing a proposition to purchase a service which may be applicable, e.g., to the interests of a given person. Finally, however, it is the user who makes a decision freely about whether they will want to, e.g., use the received discount, conclude an agreement. Profiling for the Service may be based on an automatic analysis or prognosis of the behavior of a given user on the Website, e.g., by browsing a specific tab on our Website. A condition of such profiling is the Administrator having the personal data of such a user in order to be able to send them the discount code, e.g., by email.
    3. The person whom the data relates to has the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal affects concerning them or similarly significant affects for them (right of objection).
    4. Data will not be transferred to third party countries or international organizations.
  12. Technical information and tracking technologiese
    1. The Administrator obtains information about users, including by collecting server logs via the hosting server.
    2. Data stored in the server logs is not associated with any specific persons using the Website and is not used for the purpose of identifying the persons using the Service.
    3. Server logs are only supportive material used to administer the Service and their content is not disclosed to anyone other than those authorized to administer the server.
    4. The Administrator reserves the tight to filter and block messages sent by means of the internal system of messages, particularly if they are spam, contain illegal content, or otherwise threaten the security of the Website users.
    5. The Administrator automatically registers data transmitted to the server by Internet browsers or devices of the users, e.g., IP address, software and equipment parameters, viewed sites, mobile device identification number, or other data relating to devices and use of systems. The above mentioned information will be collected in the case of using the Website.
    6. The Administrator informs that they may use the following technologies tracking the actions taken by the user within the scope of the Website:
      1. Google Analytics tracking code – used to analyze the Website statistics and as support for Google Ads; information associated with Google Analytics can be found at: https://support.google.com/analytics/answer/6004245,
      2. Facebook conversion pixel (JavaScript code snippet) – usen for the purpose of monitoring activity on the Website and to manage advertising on Facebook; information processed as part of the Facebook pixel is anonymous – do not enable the Administrator to identify a given person. More information associated with the use of data collected by Facebook pixel can be found at: https://www.facebook.com/privacy/explanation,
      3. LinkedIn pixel – used for the purpose of advanced analytics in LinkedIn Recruiter, related to what is observed and to reactions to actions on the company site on LinkedIn. All data is encrypted. The cookie file of the LinkedIn browser is stored in the user’s browser until the user deletes the cookie file or until the cookie file expires (there is a gradual expiry from the time the conversion pixel is uploaded by the user’s browser). Users can at any time block or delete the cookie files. More information associated with the use by LinkedIn of data collected by the pixel can be found here: https://www.linkedin.com/help/linkedin/answer/a412139,
      4. Hotjar analytical tool – provided by Hotjar Limited, Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, with its registered office in Malta – used for the purpose of analyzing behavior on the website, e.g., time spent on specific pages, buttons clicked by the user, links used by the user, in order to optimize the user experience,
      5. Adform pixel – a tool provided by Adform A/S, Silkegade 3B, ST. & 1., 1113 Copenhagen (Denmark), collecting data about users, data which is then used in order to present users with advertising adapted to their preferences, to create offers and recommendations on the basis of user activity,
      6. The Website uses plugins and other tools provided by social media, such as Facebook or LinkedIn. When viewing a website containing such a plugin, the user’s browser establishes a direct connection with the administrator servers of the above mentioned social media. The content of a plugin is directly transmitted to the user’s browser and integrated with the site. If the user is logged in to a social media site, the service provider of this site will be able to directly assign the visit to the Website to a given profile on a given social networking service. If the user clicks on, e.g., the “Like” button, appropriate information will also be sent directly to the server of the given service provider and stored there. Also, this information will be published on the given social networking service and will appear, e.g., on the board on Facebook. The purpose and scope of collecting data and its further processing and use by service providers, as well as the possibility to contact and user rights in this regard, and the possibility of selecting settings ensuring personal privacy protection have been defined in the privacy policies of the given service providers.
    7. The Service may contain links to websites belonging to or administered by third parties. The Administrator is not responsible for the policies for processing personal data by these third parties in regard to other websites, including the privacy policy, information clauses, and other such documents located on these websites.
  13. Cookies policy
    1. The Administrator automatically collects information contained in cookie files with the purpose of collecting data associated with the use of the Website by the user. Cookie files are a small fragment of text which the Internet service sends to the user’s browser and which the browser then sends back the next time the site is accessed. They are mainly used to maintain the session, e.g., by generating and sending a temporary identifier after logging in.
    2. The Administrator uses “session” cookie files stored on the user’s end device until the user logs out, the website is switched off, or until the browser is switched off, as well as “permanent” cookie files stored on the user’s end device for a period defined in the parameters of the cookie files or until they are deleted by the user.
    3. The Administrator within the scope of the Website uses the following types of cookie files:
      1.  “essential” cookie files, enabling the use of services available on the Website,
      2. cookie files used to ensure security,
      3. “performance” cookie files, used to obtain information about the manner of using the Website by users,
      4. “advertising” cookie files, enabling the delivery of advertising content better adapted to the interests of users,
      5. “functional” cookie files, allowing the settings chosen by the user to be “remembered” and allowing the Website to be adapted to the user.
    4. The service Administrator uses external cookies for the following purposes:
      1. to collect general and anonymous statistical data by means of analytical tools: Google Analytics (administrator cookies jest Google Ireland Ltd),
      2. to promote the Website by means of social media (the administrator of the external cookies is, among others: Meta Platforms Ireland with its registered office in Ireland).
      3. to collect general and anonymous data by means of the Adform tool, used in order to present advertising and messages to users which are adapted to their preferences (the administrator of the cookies Adform A/S, Silkegade 3B, ST. & 1., 1113 Copenhagen, Denmark).
    5. The Administrator ensures the possibility of using a social function, such as subscription (observation) of a social profile. The use of such a function may be associated with the use of cookie files from administrators of social media such as Facebook.
    6. Cookie files adapt and optimize the Website and its offer to the needs of users through such actions as creating statistics of Website views and ensuring the safety of its users.
    7. Cookie files are also required to maintain the user’s session after they leave the Website.
    8. With the use of their browser, the user can at any time change the setting related to cookie files, including blocking the possibility of collecting cookie files.
    9. Blocking the possibility of collecting cookie files or the introduction of other changes in the settings relating to cookie files in the user’s device may hinder or prevent the use of services and tools on the Website.
    10. A user who does not want the use of cookie files for the above mentioned purposes can manually delete them at any time. For detailed instructions please visit the website of the producer of the browser currently used by the user. More information about cookies is available in the help menu of every browser. Examples of browsers supporting the mentioned cookie files include Mozilla Firefox, Google Chrome.
    11. The Administrator may enable third parties, e.g., advertising providers or providers of analytical solutions, to collect information with the use of the above mentioned technologies directly on the Website. Data collected in this manner is subject to the privacy policies of these third parties.
  14. Changes in the Privacy Policy
    1. In the future, there may appear the necessity to introduce changes or updates to the Privacy Policy. Specifically, this may prove necessary due to changes in the applicable legal regulations relating to personal data protection, guidelines relating to personal data protection issued by a supervisory authority (Inspector General for the Protection of Personal Data), as well as, e.g., due to possible changes related to the Administrator managing the Website or counterparty servicing processes.
    2. The Administrator guarantees that any changes to the Privacy Policy which may possibly appear in the future will remain fully compliant with any and all applicable data protection provisions in force, as well as that they will respect the need to ensure the security of your personal data processed by the Administrator.
    3. Information about changes to the Privacy Policy will be published on the Website no later than within seven days before the updated version of the Privacy Policy comes into effect.