Information clause

Information Clause regarding the processing of personal data by Di-Star.EU Sp. z o.o.

Distributors / Partners / End Customers

Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”, we hereby inform you that:

  1. Personal Data Controller:

DI-STAR.EU Sp. z o.o., registered office: Grunwaldzka 70H, 36-020 Tyczyn, Poland, registered in the Register of Entrepreneurs of the National Court Register under KRS number: 0000823666, NIP: 8133834116, REGON: 385400630, share capital: 700,000 PLN (hereinafter: "Controller"), is the controller of your personal data.

You may contact the Controller:

By mail: Grunwaldzka 70H, 36-020 Tyczyn, Poland
By email: [email protected]

  1. Purpose and legal basis for data processing:

We process your personal data for the following purposes: conclusion and performance of the contract, handling complaints, settlement of the contract, including accounting and tax settlements, establishing contact with the Controller (email, telephone), taking actions at the request of the data subject, securing and pursuing claims, cooperation.

The legal basis for processing personal data is:

  • Article 6(1)(b) GDPR – to take actions at the request of the data subject prior to entering into cooperation and subsequently to perform cooperation,
  • Article 6(1)(f) GDPR – the legitimate interest of the Controller, e.g., protection against claims,
  • Article 6(1)(c) GDPR – compliance with a legal obligation incumbent on the Controller, particularly concerning accounting, financial, and tax obligations.
  1. Scope of processed data:

The scope of processed personal data includes: first name and last name, email address, phone number, mailing address, job position, data contained in the complaint form, data provided in the contract form.

  1. Voluntary nature of data provision:

Providing personal data is voluntary but necessary to establish and perform cooperation.

  1. Recipients of personal data:

Personal data may be shared with the following recipients:

  • Providers of logistics, transportation, and courier services – to ensure delivery and shipment handling,
  • Providers of IT, hosting, programming, and maintenance services – to ensure proper functioning of IT systems, data storage, software maintenance, development, and repair used by the Controller,
  • Entities providing legal, tax, and audit support – for legal and tax consultancy and financial audits,
  • Public authorities if required by law.
  1. Transfer of data outside the EEA:

In some cases, if necessary for the provision of services, personal data may be transferred to countries outside the European Economic Area (EEA). In such cases, the Controller applies appropriate safeguards in accordance with applicable regulations, including contractual provisions ensuring an adequate level of protection. Any data transfer is made only to the extent necessary for the processing purpose and in compliance with the GDPR.

  1. Personal data retention period:

Personal data is stored for the period necessary to properly fulfill the Controller’s obligations arising from legal regulations.

Data processed for the purpose of cooperation is stored for the duration of the cooperation and then until the expiration of any claims arising from the contract, in accordance with applicable law, including the Civil Code. Data processed for accounting purposes (e.g., invoicing, accounting records, taxes) is stored for the period required by law, including 5 years from the end of the tax year in which the tax obligation arose, in accordance with the Accounting Act and the Tax Ordinance.

After the indicated periods, the data is deleted or anonymized unless further storage is required by law or justified by the Controller’s legitimate interest.

  1. Automated decision-making and profiling:

The Controller does not make decisions in an automated manner and does not use profiling within the meaning of Article 22 of the GDPR.

  1. Your rights regarding data processing:

You have the right to:

  • Access your personal data (Article 15 GDPR),
  • Rectify your personal data (Article 16 GDPR),
  • Erase your personal data (Article 17 GDPR),
  • Restrict the processing of your data (Article 18 GDPR),
  • Data portability (Article 20 GDPR),
  • Object to the processing of your data (Article 21 GDPR).

These rights may be subject to limitations resulting from generally applicable laws, including GDPR provisions.

You have the right to lodge a complaint with the supervisory authority if you believe that the processing of your data violates the provisions of Regulation (EU) 2016/679 (GDPR). In Poland, the supervisory authority is: the President of the Personal Data Protection Office (PUODO), Address: ul. Stawki 2, 00-193 Warsaw.

To exercise the above rights, please submit your statement to the Controller at: [email protected]

Error during saving!
Data saved successfully!
Product added to cart
Product added to favorites
Product added to comparison