Privacy Policy


This document sets out the rules for the processing of Personal Data of persons using the Website available at www.bm-rent.pl. If the User provides us, Bergerat Monnoyeur spółka z ograniczoną odpowiedzialnością with its registered office in Izabelin-Dziekanówek, with any Personal Data, then the provisions of the Privacy and Cookie Policy shall apply to their processing.

I. Personal Data Controller

II. Definitions

III. Where does the Controller obtain your Personal Data?

IV. Types of collected Personal Data

V. For what purpose, on what basis and how long are personal data processed?

VI. Rights of Users

VII. Recipients of personal data

VIII. Processing of children’s data

IX. Transfer of data outside the EEA

X. Automated decision-making

XI. Other websites

XII. Security of personal data

XIII. Cookies

XIV. Changes to the Privacy and Cookie Policy

I. PERSONAL DATA CONTROLLER

The Controller of your personal data shall be Bergerat Monnoyeur spółka z ograniczoną odpowiedzialnością with its registered office in Izabelin-Dziekanówek, ul. Modlińska 11, 05 092 Łomianki, Poland, entered into the National Register of Entrepreneurs by the District Court for the Capital City of Warsaw in Warsaw, 21st Commercial Division of the National Court Register, under KRS number 0000021439, NIP (Tax Identification Number): 7780022310, REGON: 012022794

email: bm-rent@bm-rent.pl

II. DEFINITIONS

1) Personal Data – information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;


2) GDPR – Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

3) Privacy and Cookie File Policy – this document, hereinafter referred to as the “Policy”;

4) Website – the website operated by the Controller which is available at www.bm-rent.pl.

5) User – any natural person using the services offered by the Controller as part of operation of the Website who has provided the Controller with Personal Data through the Website.

III. WHERE DOES THE CONTROLLER OBTAIN YOUR PERSONAL DATA?

The Controller receives the Users’ Personal Data directly from them (or from persons/employees authorised by the Controller), e.g. when the User creates an account with the Website/ places an order / uses the Newsletter service / contacts the Controller via the contact form or when they take other actions which entail the need to provide us with the User’s Personal Data.

Personal Data are collected by the Controller in accordance with the rules set out in the GDPR, only to the extent necessary for the Controller to provide services related to the use of the Website.

IV. TYPES OF COLLECTED PERSONAL DATA

The type of Personal Data processed by the Controller depends on the service offered by the Controller which is being used by the User.

V. FOR WHAT PURPOSE, ON WHAT BASIS AND HOW LONG ARE PERSONAL DATA PROCESSED?

Personal Data are processed by the Controller in accordance with the GDPR and the Polish national legislation.

The types of the Users’ personal data collected by the Controller, as well as the purpose, the basis for their processing and the duration of processing depend on the manner in which the User uses the Website.

CREATING AN ACCOUNT WITH THE WEBSITE (REGISTRATION)

Persons who create an account with the Website are requested to provide the Personal Data necessary to create and operate an account: full name, email address, password, telephone number, and in the case of accounts created for entrepreneurs also the company name, organisational form and NIP (Tax Identification Number). Provision of Data marked as mandatory is voluntary, but necessary to create an account. Failure to provide them results in inability to create an account. In addition, when creating an account, the User may provide such Personal Data as additional phone number, type of pursued activity, additional information on the location. Users who create an account for an entrepreneur may additionally provide a fax number and size of the enterprise, which will be processed in order to facilitate use of the account. The provision of these Personal Data is not mandatory. The Personal Data provided by the User when creating an account shall be processed for the purpose of creating an account, as well as to maintain, use and operate the account, solve technical problems, contact the User for the purpose of providing services.

After creating an account with the Website, the User shall also have the ability to provide additional data, e.g. payment card data: its number, full name of the holder, the expiry date and the card verification code. In this case, the provided Personal Data shall be processed in order to facilitate use of the account and facilitate the process of placing orders with the account.

The legal basis for the processing of the Personal Data of Users who register with the Website and create an account, as well as their Personal Data provided at a later time during the use of the account, is the necessity of the processing for performance of a contract for services provided by electronic means (Article 6(1)(b) of the GDPR);

Moreover, the above-mentioned Personal Data shall be processed in order to establish and exercise claims or defend against them – the legal basis for the processing shall be the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), which consists in establishment or exercise of claims or defence against them.

The Personal Data provided when creating an account with the Website and at a later time during the use of the account shall be processed until their erasure, provided that the provision thereof was voluntary, or until termination of the contract for services provided by electronic means (e.g. deletion of the account by the User or compliance with the request for deletion thereof by the Controller). After these periods, the above-mentioned Personal Data may be processed for a period necessary to exercise claims or defend against them, no longer than until the expiry of the limitation period for claims.

PLACEMENT OF ORDERS BY USERS

If the Website User places an order to purchase goods, it shall entail the processing of their Personal Data. Provision of the data specified in the order form is voluntary, but necessary for acceptance and execution of the order, whereas failure to provide them shall results in inability to accept and execute the order. In addition, when placing an order, the User may provide additional personal data which will facilitate execution of the order. The provision of these data is not mandatory.

The User’s Personal Data obtained via the order placement form are processed:

• in order to execute a placed order, including delivery of goods, contact in connection with the need to execute the order – the legal basis for the processing is the necessity of processing in order to perform the contract (Article 6(1)(b) of the GDPR),

• in order to fulfil the statutory obligations imposed on the Controller, resulting in particular from tax and accounting regulations, e.g. issuing a VAT invoice or other accounting documents – the legal basis for the processing is the legal obligation imposed on the Controller (Article 6(1)(c) of the GDPR);

• in order to fulfil the legal obligations imposed on the Controller in connection with its concluded contracts, such as handling complaints, reporting physical defects in goods, returning goods – the legal basis for the processing is the legal obligation imposed on the Controller (Article 6(1)(c) of the GDPR);

• in order to establish and exercise claims or defend against them – the legal basis for the processing being the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), which consists in establishment or exercise of claims or defence against them.

Personal data processed for the purpose of performance of a contract and execution of an order shall be processed by the Controller until the contract has been performed. Personal data processed for the purpose of fulfilment of the legal obligations imposed on the Controller, e.g. handling complaints, fulfilment of obligations arising from tax and accounting regulations, shall be processed as long as provided for by the law. After expiry of the above-mentioned processing periods, Personal Data may also be processed for a period necessary to establish or exercise claims or defend against them, but no longer than until the expiry of the limitation period for claims.

NEWSLETTER

The User may provide the Controller with their email address in order to sign up for the Newsletter service, which shall include the periodical sending of commercial information concerning the Controller’s products and services, promotions and offers. In such a case, provision of the email address shall be voluntary, but necessary to receive the Newsletter on a periodic basis.

Personal Data are then processed:

• in order to receive the Newsletter, in which commercial information concerning products and services, promotions and offers will be sent, by electronic means at the email address indicated by the User – on the basis of voluntary consent (Article 6(1)(a) of the GDPR)

• in order to establish and exercise claims or defend against them – the legal basis for the processing being the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), which consists in establishment or exercise of claims or defence against them.

Personal Data shall be processed until the User has withdrawn their consent for their processing, and may subsequently be processed for a period necessary to establish or exercise claims or defend against them, but no longer than until the expiry of the limitation period for claims.

VI. USER RIGHTS

We inform that the Users have the following rights:

a) the right to access their data and obtain a copy thereof

b) the right to rectify (correct) their data

c) the right to erasure of data.

If the User should believe that there are no grounds for the Controller to process their data, the User may demand that the Controller erase them,

d) the right to restrict the processing of data

The User may request that the Controller restrict the processing of the User’s personal data only to their storage or performance of actions agreed upon with the User if the User should believe that the Controller has incorrect data on the User or processes them unduly; or the User does not want the Controller to erase them because they are necessary to establish or exercise claims or defend against claims; or for the time of the objection against the processing of data raised by the User.

e) the right to object to the processing of data:

f) the right to data portability:

g) the right to lodge a complaint with the supervisory authority

If the User believes that the Controller processes their personal data contrary to the law, they may lodge a complaint with the President of the Personal Data Protection Office.

h) the right to withdraw their consent to the processing of personal data

The User shall have the right to withdraw their consent to the processing of the personal data processed by the Controller on the basis of their consent at any given time. Withdrawal of consent shall not affect the lawfulness of processing performed on the basis of the consent before its withdrawal.

In the event of desire to exercise the above-mentioned rights, the Controller asks for personal contact by post or email at:

Bergerat Monnoyeur spółka z ograniczoną odpowiedzialnością with its registered office in Izabelin-Dziekanówek, ul. Modlińska 11, 05 092 Łomianki, Poland

email: bm-rent@bm-rent.pl

Where possible, the application concerning the Website User’s desire to exercise their rights should include elements such as:

a) indication of the right which the data subject wishes to exercise;

b) the purposes of the processing which the request concerns (e.g. receiving the newsletter, performance of a contract),

c) how they expect the application to be handled.

VII. DATA RECIPIENTS

The Controller shall transmit the obtained Personal Data to entities with which it cooperates in their processing to the extent necessary to perform a specific service or make a functionality available, i.e., among others, to suppliers responsible for operation of IT systems, entities such as banks and payment operators, law and accounting firms, courier and transport companies, marketing agencies, IT and hosting companies. If the User places an order, their data shall be transmitted to the insurance company.

The Controller shall also transmit data to other entities when it has the legal obligation to do so.

VIII. PROCESSING OF CHILDREN’S DATA

Services offered by the Controller as part of the Website are intended for persons aged 18 and over. Therefore, the Controller shall not process children’s personal data knowingly.

IX. TRANSFER OF DATA OUTSIDE THE EEA

The Controller’s partners have their registered offices mainly in the countries of the European Economic Area (EEA) or Switzerland, which is deemed a country that offers an adequate level of personal data protection.

X. AUTOMATED DECISION-MAKING

The Controller shall not make decisions in respect of the Users in an automated manner, which includes profiling of the Users.

XI. OTHER WEBSITES

The Website features links to other websites. When such links are clicked, the User will be redirected to another website. In such a case, the User’s Personal Data may be processed by the administrator of the website to which the User was redirected, which is why the Controller encourages the Users to read the Privacy Policies of websites to which they are redirected.

XII. SECURITY OF PERSONAL DATA

The Controller shall carry out risk analysis on an ongoing basis in order to ensure that Personal Data are processed in a secure manner – ensuring, first of all, that only authorised persons have access to the data and only to the extent necessary to perform their tasks. The Controller shall ensure that all operations on personal data are recorded and performed only by its authorised employees and associates.

The Controller takes all necessary measures to ensure that its subcontractors and other cooperating entities guarantee that appropriate security measures are applied whenever they process personal data at the Controller’s request.


QUALITY EQUIPMENT

Choose from premium brands!

24/7

bm-rent.pl is always open!

Different, fast and simple way of renting

Try it – you will like it!

Across Poland

We are where you are!
 
BM-RENT Alternate youtube BM-RENT Alternate facebook