Privacy Policy of SumiRiko Poland Sp. z o.o. (hereinafter: “SumiRiko”)
Your data controller shall be Sumiriko Poland sp. z o.o. with its registered office in Wolbrom (32-340) address: ul. 1 maja 100, entered in the Register of Entrepreneurs of the National Court Register held by District Court for Kraków – Śródmieście in Krakow, 12th Commercial Department of the National Court Register as number 0000099563, VAT number (NIP): 6371873808, REGON 357045888.
If you have any questions or doubts regarding processing of your data by the Data Controller, please contact us by e-mail at: This email address is being protected from spambots. You need JavaScript enabled to view it. or by regular mail by writing at the address of SumiRiko headquarters.
To assure security of personal data entrusted to us, we have implemented procedures aimed at preventing any data security breach. The procedures conform with the applicable laws, in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).
I. Personal Data Processing
Upon receiving personal data, SumiRiko becomes the Data Controller with respect to such data.
Personal data are processed exclusively to the extent made available, and exclusively to pursue the purpose of data provision, including:
- to answer inquiries sent via e-mail correspondence (legal basis: Article 6(1)(f) of GDPR);
- to presentation commercial offer – pursuant to a consent (legal basis: Article 6(1)(a) of GDPR);
- to provide website services – for this purpose, we process such information as: your IP address, information about cookies, your web browser data, data regarding activities on our website, data related to the session (legal basis: Article 6(1)(f) of GDPR);
- to enter into and perform the contract and perform other activities on your request before entering into contract (legal basis: Article 6(1)(b) of GDPR);
- to correctly perform the contract, including making payments and necessary contact with the Client or Client’s employees (legal basis: Article 6(1)(b) of GDPR);
- to fulfil legal duties of the Data Controller, including financial-accountancy and archiving duties (legal basis: Article 6(1)(c) of GDPR);
- to pursue any claims or defend against claims (legal basis: Article 6(1)(f) of GDPR);
- if necessary to pursue the purposes resulting from legitimate interests of the Data Controller.
Personal data may be processed pursuant to:
- Your voluntary consent (legal basis: Article 6(1)(a) of GDPR);
- contract entered into, service rendered, or for the purpose of taking action anticipating or related to entering into contract (legal basis: Article 6(1)(b) of GDPR);
- Data Controller’s legitimate interest (legal basis: Article 6(1)(f) of GDPR), in particular to assure security of the services and IT networks, including for the Company to pursue, establish, or defend its claims.
Provision of personal data is always voluntary, but necessary to obtain an offer or answer to inquiries. Provision of personal data is also necessary for entering into and performing a contract with us. The consent can be withdrawn at any time, whereas such withdrawal shall not affect the legality of processing pursued under such a consent.
Your personal data shall be processed:
- throughout the term of correspondence, and can be deleted by the Data Controller at any time after prior request to erase such data,
- throughout the term of contract, followed by archiving period of 5 (five) years,
- until the consent is withdrawn.
Your personal data may be received by:
- authorised employees of the Data Controller, entities processing data on the Data Controller’s behalf,
- entities collaborating or affiliated with SumiRiko,
- third parties for the purpose of meeting the statutory obligations, fulfilling the orders of governmental authorities,
- third parties providing services for the Data Controller.
Data outsourcing always occurs pursuant to a relevant agreement, and the entity receiving the data must secure them appropriately. Employees of SumiRiko have been adequately authorised to process personal data and observe strict confidentiality in this respect.
Processing of personal data is accompanied with the application of relevant mechanisms to appropriately secure the data and prevent unauthorised third-party access.
Personal data will not be processed in an automating manner, including profiling, and will not be transferred to international organisations. Your data may be transferred to recipients located in countries outside the European Economic Area, in particular to entities affiliated with the Company, located in Japan. In such a case, the Company shall make the transfer pursuant to a decision determining adequate degree of protection, as issued by the European Commission. In the event of data transfer to a recipient located in a third country with respect to which no such decision has been issued, the Company shall apply adequate security measures, including Standard Contractual Clauses prepared by the European Commission.
II. Rights of Data Subjects
Data Controller accounts for decisions of the data subjects with respect to the extent and purpose of data processing. You can contact the Data Controller any time to obtain information regarding the manner and purpose of personal data processing.
In the event of data processing pursuant to a consent, such a consent can be withdrawn at any time. This shall, however, result in no further possibility of SumiRiko’s rendering services and establishing contact. A request to erase personal data addressed to SumiRiko shall have analogical consequences. Immediate data erasure is not always possible (this, particularly, refers to situations where separate regulations impose the duty on the Data Controller to store personal data for a specific term).
You can update, rectify, or change the provided personal data at any time. In specific cases (e.g. where the data are processed for the purposes of direct marketing of services rendered by the data controller), you can object to processing of your personal data.
In the event of suspected data security breach, contact us immediately. This will allow us to take steps to assure effective data security and prevent further security breaches in the future. You also have the right to place a complaint at the President of Personal Data Protection Office if you have a justified suspicion that your personal data are processed by the Data Controller in violation of GDPR.
III. Cookies Policy
Cookies are IT data, in particular text files, stored in the Service User’s end device, intended for using the Service websites. Cookies usually contain the name of the website they come from, time of storage at the end device, and the unique number.
Cookies are used to adapt the contents of the Service websites to User preferences and to optimise the use of websites; in particular, the files allow to recognise the Service User’s device and appropriately display the website adapted to one’s individual needs, also with respect to the language version.
Two types of cookies are used by the Service: “session cookies” and “persistent cookies”. “Session cookies” are temporary files stored at the User’s end device until logging out, leaving the website, or turning off the software (web browser). “Persistent cookies” remain at the User’s end device for the time specified in cookie parameters, or until deleted by the User.
Cookies used by the Service do not save any personal data.
In many cases, software for browsing the Internet (web browser) permits cookies storage at the User’s end device by default. Website Users, however, may change the cookie settings at any time. Such settings can be changed, in particular, in such a way as to block automatic support of cookies, or inform the Service User about each and every placement of cookies at the device. Detailed information about the options and methods of supporting cookies is available in the web browser settings.
We reserve the right to amend this Privacy Policy due to development of Internet technology, any changes to the laws governing personal data protection, as well as development of our web service. We shall keep you inform about any changes in a visible and understandable manner.
If you have any questions, do not hesitate to contact us.
SumiRiko Poland Sp. z o.o.
ul. 1 Maja 100, 32-340 Wolbrom, Poland
phone: +48 32 647 2500
e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.