AB S.A. Dystrybutor produktów IT, AGD, RTV, GSM i zabawek

PRIVACY POLICY

INTELLECTUAL PROPERTY PROTECTION

The publisher of the website: www.ab.pl (“the Website”) is AB S.A. (“the Company”), with its
registered office in Magnice (55-040), ul. Europejska 4.

All rights to the Website, including to its text and graphics components, Website pages’ layout
and other components are reserved, unless otherwise explicitly specified. Using the contents
included in the Website does not mean acquiring by the users any rights on intangible goods to
works or databases included therein. The User can use works and databases solely in the scope
of permitted use, stipulated in the provisions of the Act of 4 February 1994 on Copyright and
Related Rights (Journal of Laws no. 24, item 83, as amended), the Act of 27 July 2001 on the
Protection of Databases (Journal of Laws no. 128, item 1402) and the Act of 16 April 1993 on
Combating Unfair Competition (Journal of Laws no. 93.47.211, as amended). In particular,
besides cases stipulated therein, it is forbidden to copy, modify, electronically or in any other
manner transmit any part of the Website in full or in part for commercial purposes and without
prior written consent of the Company.

PERSONAL DATA PROTECTION

Given personal data is administered by AB S.A. with its registered office in Magnice (55-040), ul.
Europejska 4.

Personal data is processed in compliance with the provisions of the Regulation of the European
Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural
persons with regard to the processing of personal data and on the free movement of such data,
and repealing Directive 95/46/EC (hereinafter: GDPR) and other binding provisions.

The Company processes personal data provided by the User in the contact form to identify the
sender and handle their inquiry submitted via the available form, based on Article 6(1)(b) of the
GDPR, and with regard to optional data, based on the User’s consent (Article 6(1)(a) of the
GDPR).

Using the Company’s forms requires the User to provide personal data necessary to establish
contact and respond to their inquiry. The User may also provide additional data to facilitate
contact or inquiry handling. Providing the data marked as mandatory is required to accept and
handle the inquiry; failure to provide such data will result in the inability to process the inquiry.
Providing other data is optional.

In the case of correspondence sent to the Company unrelated to the services provided to the
User or any agreement entered into with the User, personal data included in such
correspondence will be processed solely for communication purposes and to address the
matter raised in the correspondence. The legal basis for processing is the Company’s legitimate
interest (Article 6(1)(f) of the GDPR) in managing correspondence directed to it in connection
with its business operations.

As a manufacturer and importer, the Company has obligations under the General Product Safety
Regulation (Regulation (EU) No. 988/2023, also referred to as GPSR). Fulfilling these obligations
involves processing personal data of individuals reporting incidents related to product safety. In
cases where information concerning product safety is submitted to the Company via the contact
form or other means, the data will be processed under Article 6(1)(c) and (f) of the GDPR. Only personal data necessary for reporting an unsafe product will be processed, for a period not
exceeding five years from the entry of such data, in accordance with EU data protection laws
and national regulations.

When contacting the Company by phone regarding matters unrelated to a concluded agreement
or provided services, the Company may request personal data only if necessary to address the
issue raised. The legal basis for such processing is the Company’s legitimate interest (Article
6(1)(f) of the GDPR) in resolving the reported issue related to its business activities.

If the User provides consent for direct marketing via the form available on the website, personal
data will be processed based on the legitimate interest of the controller (Article 6(1)(f) of the
GDPR) for marketing activities related to the Company and/or entities belonging to the AB group.
This includes the transmission of commercial information, such as marketing, based on the
User’s consent for specified communication channels (e.g., telecommunication end devices,
such as phone numbers or email addresses). Optional personal data provided by the User in the
form will also be processed for analytical purposes, building relationships with interested
parties, and optimizing marketing content directed at interested individuals, under the same
legal basis.

The User may withdraw their consent to receive commercial information at any time by using the
form available at https://zgody.ab.pl/ or by sending a request to: rodo@ab.pl. Withdrawal of
consent to receive marketing information does not affect the lawfulness of processing carried
out before such withdrawal. Without providing the required personal data, the User will not be
able to subscribe.

The data may also be processed to fulfill the Company’s legal obligations (Article 6(1)(c) of the
GDPR) and to protect the Company’s rights, including but not limited to pursuing claims
(legitimate interest of the controller – Article 6(1)(f) of the GDPR).

The Company processes the User’s personal data solely for the period necessary to achieve
aims of processing thereof indicated in the Policy or fulfilling the Company’s obligations
imposed by the law and, if the period of limitation of claims resulting from those purposes is
longer – until the lapse of the period of limitation, at maximum.

Personal data recipients can be entities providing services to the benefit of the Company related
with answers to the User’s questions or subscription, including IT services providers, as well as
entities providing accounting, counselling and marketing services to the benefit of the
Administrator, as well as national product safety supervisory authorities.

Personal data may be transferred by the Controller outside the EEA. Such transfer may only
occur to a country subject to a European Commission decision on adequate personal data
protection, and for other countries – only to an entity that ensures appropriate safeguards for
such data, particularly in the form of standard contractual clauses.

In accordance with the regulations governing personal data protection, the User has the right to
request access to the provided data, its rectification, restriction of its processing, deletion, data
portability, as well as the right to file a complaint with the President of the Personal Data
Protection Office (PUODO).

In cases where processing is based on the Controller’s legitimate interest (Article 6(1)(f) of the
GDPR), the User has the right to object to the processing of personal data if justified by the User’s particular situation or if the personal data is being processed for direct marketing
purposes.

The aforementioned rights (except for the right to file a complaint with the supervisory authority)
can be exercised by the User by submitting a relevant request to: rodo@ab.pl.

OTHER INFORMATION

The Company is not liable for the privacy protection policy of other websites both, the ones
available for the users via links posted on the Website’s pages as well as the ones that include
links to the Website.

COOKIES AND OTHER TECHNOLOGIES

No information except included in cookie files is being collected by automated ways by the
Service. This policy constitutes rules regarded to data processing while using Service’s cookies.

Cookies which are being stored on User’s end device may be used also by Company contractors
like for example advertisers, research companies or IT application providers.

Cookie files and their types

Cookie files (hereinafter „cookies”) constitute IT data, in particular text files, which are stored in
the User’s end device and are designed to enable User to walk through the Service in a sufficient
and comfortable way. Cookies usually contain origin website’s name, information about
retention periods and last but not least an unique number.

Website is using two main types of cookies: „session cookies” and „persistent cookies”.

„Session cookies” are temporary files, which are stored in User’s end device until logging out, leaving website or switching off the application (web browser).

„Persistent cookies” are stored in User’s end device until the end of retention period described in cookie parameters or until deletion by the User.

How the Service uses cookies

Due to the purpose of cookies, the following types can be distinguished in Service:

„Strictly necessary” cookies used primarily to provide Users with services and functionalities of the Website. Strictly necessary cookies also help the Service ensure the safety and reliability of the Website.
„Functional” cookies used to facilitate the use of the Website, remembering and adapting the Website to the User’s choices, including in terms of language preferences.
„Analytical” cookies, enabling the acquisition of information such as the number of visits or traffic sources on the Website. These are used to determine which pages are more and which are less popular. They help to determine how users navigate the Website by creating statistics on traffic on the Website. Such analyzes are carried out to constantly improve the structure and content of the Website. The information collected by analytical cookies is aggregated, so it is not intended to determine the User’s identity.
„Targeting” cookies allow for the customization of displayed advertising content to
match the interests of Users within and outside the Service. These cookies are used to
build a profile of the User’s interests. Advertising cookies from the Administrator and its partners may be installed via the Service. Advertising cookies are also used if the User
consents to receiving marketing information from the Company. This enables the User to
receive messages containing product recommendations that the Company believes may
interest them.

User’s consent

The Company cannot process personal data in regards to functional, analytic and targeting cookies unless User provides a consent for (separately) targeting, functional and analytic cookies. Consent form is available on the bottom of our website. Consent can be withdrawn any time by this form.

Company informs that switching off cookies may affect some functionalities available on the Website.

Third-party cookies

As part of the Website, external cookies are used to:

collect information on the behavior of users on the Website’s pages and create statistics on this basis, eg. Google Analytics;
display advertisements tailored to the User’s preferences – Facebook Pixel.

Cookie	Duration	Description
CONSENT	20 years	To store cookie consent preferences.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the default user consent. It is not collecting data.
PREF	2 years	To store user preferences.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
VISITOR_INFO1_LIVE	6 months	To provide bandwidth estimations.
YSC	session	To store and track interaction.
yt-remote-device-id yt-player-headers-readable yt.innertube::requests yt.innertube::nextId yt-remote-connected-devices yt-player-bandwidth	YT player closed	Stores the user's video player preferences using embedded YouTube video. This uses HTML Local Storage.
yt-remote-session-app yt-remote-cast-installed yt-remote-session-name yt-remote-cast-available yt-remote-fast-check-period	session/YT player closed	Stores the user's video player preferences using embedded YouTube video. This uses HTML Session Storage.

Cookie	Duration	Description
_dc_gtm_UA-*	1 minute	To store number of service requests.
_ga	2 years	To store and count pageviews.
_gid	1 day	To store and count pageviews.