Privacy Policy
The administrator of the website is
Aurum Swiss Simple Joint-Stock Company
with the registered office in Świnoujście, ul. Stanisława Wyspiańskiego nr 34b, 72-600 Świnoujście,
registered in the Register of Entrepreneurs, kept by
District Court Szczecin - Centrum in Szczecin, XIII
Economic Division of the National Court Register, under KRS number: 0001097898, NIP: 8551608931.
Contact with the Administrator:
● online: office@aurumswiss.com
● traditional mail: ul. Stanisława Wyspiańskiego nr 34b, 72-600 Świnoujście
The Privacy Policy is dedicated to the users of the website www.aurumswiss.com
regardless of whether they act as individuals or entrepreneurs
The purpose of the Controller is to duly inform about matters related to the processing of
personal data, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27
April 2016 on the protection of natural persons with regard to the processing of personal data
and on the free movement of such data and repealing Directive 95/46/EC (‘RODO’)
Aurum Swiss Simple Joint-Stock Company
User rights of the website
The user has the following rights in relation to the processing of his/her personal data
(Articles 12-21 RODO):
● to be informed regarding the data being processed (Articles 12 and 13 RODO)
● to access the content of his/her personal data (pursuant to Article 15 RODO)
● to request the rectification of personal data (Article 16 RODO), i.e. the correction of inaccurate data and the completion of incomplete data
● request the restriction of the processing of your personal data (Article 18 RODO)
● request the transfer of your personal data to another Controller
(Article 20 RODO)
● object to the processing of your data on grounds related to your particular situation
(pursuant to Article 21(1) RODO), however, this right is not absolute - i.e. despite
lodging an objection, the Administrator may still process your personal data if
demonstrates that there are valid, legitimate grounds for the processing overriding
rights and freedoms or grounds for establishing, asserting or defending claims,
● object to the processing of personal data carried out for the purposes of
direct marketing, to the extent that the processing is related to such
direct marketing
● request the erasure of personal data (pursuant to Article 17 of the RODO) - the so-called ‘right to be
forgotten’, this right applies when the Administrator processes data unlawfully,
when you object to the processing of data for marketing purposes and when
data must be erased in order for the Administrator to comply with an obligation under
the law
Furthermore, the user of the website has the right to lodge a complaint with the supervisory authority
, i.e. the President of the Office for Personal Data Protection.
Personal data and their processing
Personal data includes any information that makes it possible to identify an individual
The controller obtains personal data to the minimum extent necessary to fulfil the purposes
set out below.
Data processing does not always take place directly. The specific nature of the website causes that
Administrator also obtains data indirectly using, among others, the so-called cookies. Providing
with personal data is voluntary, however, some of them may be necessary to ensure
proper use of the services provided by the Administrator.
How, on the basis of which legal basis and what type of personal data is
the Administrator processing
?
Account registration
The purpose of data processing may be the provision of free electronic services, i.e.
to create and maintain an account on the website. Data
necessary for registration, i.e. name and surname, data concerning business activity,
contact data (address, e-mail address, telephone number)
are collected from persons creating an account. The legal basis for data processing is
necessity for the performance of the contract for the free provision of services by electronic means or
taking steps to conclude it (Article 6(1)(b) RODO).
The purpose of data processing may be the provision of free services by electronic means, i.e.
setting up and maintaining an account on the website. Data
necessary for registration, i.e. name and surname, data on the business conducted,
contact data (address, e-mail address, telephone number)
are collected from persons creating an account. The legal basis for the processing of data is
the necessity to perform the contract for the free provision of services by electronic means or
taking steps to conclude it
(Article 6(1) (b) RODO).
Commercial information - marketing consent
Only with the user's consent can the Administrator process data for marketing purposes.
Personal data includes data that the user provides in order to receive commercial
and marketing information from the Administrator, i.e. name, surname, e-mail address or
phone number, data on business activities processed. The legal basis
for the processing of the data is consent (Article 6(1)(a) RODO).
Such consent may be withdrawn at any time.
Links to other sites
The site may contain links to other sites. If you click on another site's link, you will be redirected to
. Please note that these external parties are not operated by us. Therefore,
Administrator recommends that you independently - read the privacy policies of these sites. The Administrator does not
have control over and is not responsible for the content, privacy policies or practices of
third parties.
Legitimate interest of the Administrator
The Controller may process the data within the framework of its legitimate interest
(Article 6(1)(f) RODO)
e.g. to pursue possible claims. Whenever the Controller processes
personal data on the basis of a legitimate interest, the Controller endeavours to analyse and balance its interest and the potential impact on the data subject (positive as well as negative) and
the data subject's rights under data protection legislation.
Cookies
Virtually every website nowadays uses so-called cookies, i.e. files which
are used to automatically collect personal data from website users. The Administrator's Website is no
different. The information obtained in this manner is stored on
the computer of the user who uses it.
The primary purposes for the use of Cookies are twofold: to maintain the user session and its storage
and to ensure security (e.g. for the detection of abuse). In this respect, the use of
Cookies is essential.
As far as the rest of the website is concerned, cookies may not be essential, but they significantly facilitate the use of
. They are used, among other things, to:
● remembering the user's specific choices regarding the display of a certain message or
displaying it a certain number of times (e.g. within the options: last viewed, shopping cart,
store),
● monitoring user activity on the site,
● collecting anonymous, aggregate statistics to improve the functionality of
website,
● marketing.
In this regard, the Administrator uses the services of external entities, the list of which evolves at
depending on the shape of the market and technical possibilities. These entities include:
● Google Analytics (Google Privacy Policy) - through it, the Administrator
observes traffic and user behaviour on the website.
It should be emphasised that at no stage is the user obliged to accept cookies (with the exception of
technical cookies). It is possible to use the Internet browser
to configure it in such a way as to prevent the storage of cookies on the computer
. It is also possible to delete current cookies. However, failure to accept Cookies may
adversely affect the operation of the website and in some cases even prevent
from using certain functions.
If you want to find out how to manage Cookies, including how to disable them in
browser, you can consult your browser's help file. This information can be consulted at
by pressing the F1 key in your browser. In addition, relevant tips can be found at
on the following subpages, depending on the browser you are using
Using the relevant options of your browser, you can delete cookies
at any time or block the use of cookies in the future.
Access logs
Based on the analysis of access logs, the Administrator collects information on the use of the
website by users and their IP addresses. The purpose of collecting this data is to possibly diagnose
problems related to the operation of the server, assess the risk of possible security breaches and
management of the website.
How long does the Administrator keep the data?
The duration of data storage depends on the legal basis for processing:
● in the case of consent (e.g. to provide commercial information), the period lasts until
the moment of its withdrawal,
● when processing data for the performance of a contract - for the duration of the contract and the period
of the statute of limitations for claims arising therefrom,
● when processing data on the basis of obligations under applicable legislation
the Administrator shall process the data for as long as it is necessary on the basis of such legislation,
● when processing data in pursuit of the legitimate interest of the Administrator,
processing lasts as long as this interest lasts.
The processing period of the above data may be extended if the processing of
data is necessary for the determination and assertion of claims or defence against claims. After
the expiry of the above periods, the data shall be immediately deleted or anonymised.
Recipients of data
Occasionally, the Administrator is entitled to transfer users' data if this is necessary for
performing services, fulfilling obligations and duly complying with applicable
laws.
The Administrator may use the services of external entities for the performance of certain
tasks, e.g. delivery of Goods, accounting services, legal services, marketing services or
IT services. If necessary, data may also be received by authorised authorities.
Your data may be passed on to the following entities:
● the above-mentioned entities processing personal data under contracts of entrustment for the processing of
personal data (so-called processors),
● entities providing services e.g. courier, hosting,
● debt collection companies (whereby personal data is transferred only to the extent that
it is actually necessary for the purpose in question),
● auditors and statutory auditors, legal advisors, tax advisors,
● law enforcement authorities, regulators and other
public authorities.
Outside of the above scope, data is not shared with third parties, except where
the user expressly gives his or her voluntary consent (which can be revoked at any time).
Sharing of data with entities outside the EEA (European Economic Area)
The Administrator may only share the data collected with other entities if the Administrator is permitted
to do so on a legal basis.
Some of the Administrator's service providers may be located outside the European
Economic Area (EEA). When transferring data outside the EEA, the Administrator is
extremely cautious. It verifies that the providers guarantee a high level of protection of the
personal data in accordance with the legal requirements applicable within the EEA. For
transfers of personal data to entities based in the United States, the Administrator
verifies that the entity has joined the EU-US data protection programme and is listed on the
list of certified organisations maintained by the US Department of Commerce
Data protection
The Administrator uses all available physical, technical and organisational measures to
ensure the proper protection of personal data. In particular, he/she protects them against
destruction, accidental loss, disclosure to unauthorised persons, alteration and verifies the scope of
access. The controller shall exercise the rights of data subjects.
Update of the Privacy Policy
The Administrator declares that this Privacy Policy will be updated on an ongoing basis, inter alia in
in case of introduction of new legal requirements or guidelines.
The Administrator shall also take into account
changes in technology used for data processing and data protection,
changes in the purposes of data processing, the categories of data collected and the legal basis for their processing.