MyRoof orange logo

Privacy & Cookies Policy

PRIVACY POLICY

I. Preliminary provisions

(1) This Privacy Policy (hereinafter referred to as the "Policy") governs the processing of personal data on the website www.myroof.pl, hereinafter referred to as the Website.

(2) The Administrator of the Personal Data is mdmNT Sp. z o.o., 143 Bestwińska Street, 43-346 Bielsko-Biała, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Bielsko-Biała, VIII Economic Department of the National Court Register, under KRS number: 0000354101, hereinafter referred to as the Administrator.

(3) The Administrator may be contacted by directing correspondence to the following address: mdm NT Sp. z o.o., 143 Bestwinska Street, 43-346 Bielsko-Biala.

4 A Data Protection Officer has been appointed at the Company, who can be contacted on all data protection issues via e-mail address: iod@mdmnt.com.

(5) Personal data collected by the Administrator shall be processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as "RODO" and the Act of May 10, 2018 on the Protection of Personal Data (i.e. Journal of Laws of 2019, item 1781).


II. Newsletter

(1) Personal data in the form of e-mail address will be processed by the Administrator for the purpose of sending the newsletter, based on the legitimate interest of direct marketing of the Administrator's products and services (legal basis for processing: Article 6(1)(f) RODO).

(2) Personal data will be processed for the period of time necessary to provide the service of sending the newsletter. The administrator will stop processing your personal data processed on the basis of the administrator's legitimate interest earlier if you object to the processing.

(3) Provision of data is voluntary, but necessary in order to send the newsletter.


III. Contact forms

a) "Contact Us" tab

(1) Personal data provided in the contact form in the "Contact Us" tab will be processed by the Administrator based on the Administrator's legitimate interest in being able to respond to an inquiry (legal basis for processing: Article 6(1)(f) RODO).

(2) Personal data will be processed during the period of maintaining ongoing relations related to the submitted inquiry. The administrator will stop processing your personal data processed on the basis of the administrator's legitimate interest earlier if you object to the processing.

(3) Provision of data is voluntary, but necessary in order to respond to the inquiry.


(b) "Request a quote" tab

(1) Personal data provided in the contact form in the "Rent a roof" tab will be processed by the Administrator for the following purposes:

  • on the basis of the Administrator's legitimate interest in operating the form for the purpose of providing a quote by the Administrator (legal basis for processing: Article 6(1)(f) RODO); or
  • based on the Administrator's legitimate interest in handling the form and forwarding it to a separate Administrator for the purpose of providing a quote (legal basis for processing: Article 6(1)(f) RODO). In this case, we will transfer your data to our business partner, i.e. a building materials wholesaler, in order to provide a quote for a product with the specifications you provided in the content of the form. The aforementioned entity will act as a separate data controller.

(2) Your personal data will be processed during the period of maintaining an ongoing relationship related to the submitted quote request. The administrator will stop processing your personal data processed on the basis of the administrator's legitimate interest earlier if you object to the processing.

(3) Provision of data is voluntary, but necessary in order to receive a quote.

IV. Data sharing

(1) Personal data shall be transferred to service providers whose assistance is used by the Administrator in the operation of the Website, in particular in the field of technical, IT and hosting services. These entities process your data on the basis of concluded entrustment agreements. 

(2) Personal data may also be shared with authorities and institutions authorized to receive data under the law.


V. Rights of data subjects

(1) Right of access, rectification, restriction, erasure or portability - the data subject has the right to request from the Controller access to his/her personal data, rectification, erasure ("right to be forgotten") or restriction of processing, and has the right to portability of his/her data. The detailed conditions for exercising the rights indicated above are indicated in Articles 15-21 of the RODO Regulation.

(2) Right to object - The data subject has the right to object at any time - on grounds relating to his or her particular situation - to the processing of personal data concerning him or her based on Article 6(1)(f) (legitimate interest of the controller). In such a case, the controller shall no longer be allowed to process the personal data in question, unless the controller demonstrates the existence of compelling legitimate grounds for the processing overriding the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims.

(3) The right to lodge a complaint to the supervisory authority - the person whose data is processed by the Administrator has the right to lodge a complaint to the supervisory authority in the manner and mode specified in the provisions of the RODO Regulation and Polish law, in particular the Personal Data Protection Act. The supervisory authority in Poland is the President of the Office for Personal Data Protection.


VI. Transfer of data to third countries and international organizations

(1) Your personal data will be transferred to third countries, in particular to the USA, in connection with the use of tools that store personal data on servers located outside the European Union and the European Economic Area.

(2) The storage of personal data on servers located in third countries occurs under the following tools:

The hosting system, whose provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103 - in terms of your IP address and statistical information. Information about Webflow's data processing policies is available at the following link: https://webflow.com/legal/eu-privacy-policy.  

3 On July 16, 2020. Court of Justice of the European Union (CJEU) issued a ruling (Schrems II case) that cloud services hosted in the United States are incompatible with RODO and applicable EU regulations. However, at this point there is no decision from the Polish supervisory authority regarding the legality of using US cloud tools. As of the date of implementation of this Privacy Policy, this issue is debatable, however, the Administrator is constantly monitoring the PUODO's position in this regard to ensure the compliance of the transfer of your data to third countries.


VII. Social networks

(1) The Website uses plug-ins of the following social networks: 

  • Youtube,
  • Facebook, 
  • Linkedin, 
  • Tik Tok, 
  • Pinterest, 
  • Instagram, 
  • Twitter.

(2) Plug-ins allow you, among other things, to share content published on the Website with a social network of your choice.

(3) The use of the plug-in causes the respective social network to receive information about your use of the Website and may assign it to your profile created in the respective social network.

(4) By using a social networking application, you provide your personal data to the administrator of such application. The administrator is not responsible for the way data is processed by the application provider, which has the status of a separate personal data controller. The rules for the processing of personal data by the application provider are available on the pages of the application provider.


VIII. Cookies

1 To make the Website more attractive, we use so-called cookies. This serves to protect our legitimate interest of optimal presentation of the Website. The data contained in cookies do not allow direct identification of an individual. They only allow you to identify the device you are using.

(2) Cookies are small text files that are automatically stored on your terminal device. When you visit our site for the first time, you are shown information about the use of cookies.

(3) Some cookies we use are deleted when your browser session ends, i.e. when you close it (so-called session cookies). Other cookies are retained on your terminal device and allow us to recognize your browser the next time you visit the site (persistent cookies).

(4) If you do not want any cookies to be stored on your device, you can change this in your browser settings. You can also delete the data stored in the form of cookies altogether.

(5) The storage period is specified in the cookie settings of your browser. You can configure your browser to receive information about the use of cookies and be able to decide whether to accept or reject them in certain cases or completely.

6 The user has the ability to disable or restore the option of collecting cookies at any time by changing the settings in the web browser. Instructions for managing cookies are available at http://www.allaboutcookies.org/manage-cookies.


IX. Final Provisions

1 The policy is reviewed on an ongoing basis and updated as necessary.

2 The current version of the Policy has been adopted and is effective as of 02.09.2022.