Privacy policy

Privacy policy

Advanced Graphene Products S.A. respects the privacy of users and visitors to the Company’s website. This document defines the practices of Advanced Graphene Products S.A. regarding personal information, the methods used to collect it, the purposes for which it may be used and the persons for whom the information is intended.
If it becomes necessary to collect personal data on the Advanced Graphene Products S.A. website, you will be informed on the website.

General Provisions

  1. This Privacy Policy sets out the most important principles of personal data processing on the https://prografen.com/ website [hereinafter referred to as the ‘AGP Website‘].
  2. The Personal Data Controller is Advanced Graphene Products Spółka Akcyjna (joint stock company) with its registered office in Zielona Góra (66-002), Nowy Kisielin, ul. Antoniego Wysockiego 4, entered in the Register of Entrepreneurs kept by the District Court in Zielona Góra, VIII Commercial Department of the National Court Register, under the KRS number (Polish Company Register): 0000878626, NIP (VAT no.): 9291847897, REGON (National Business Registry Number): 081062890 [hereinafter referred to as the ‘Data Controller‘].
  3. The Privacy Policy contains information related to the Data Controller’s processing of personal data of:
    1. Customers, including Consumers, within the meaning of the Regulations of the Online Shop, and Individual Customers [hereinafter jointly referred to as the ‘Customer‘];
    2. suppliers and contractors;
    3. other persons using AGP Website whose personal data is processed by the Data Controller.
  4. Personal data collected by the Data Controller via the AGP Website is processed under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [hereinafter referred to as ‘GDPR‘].
  5. The Data Controller shall take particular care to protect the privacy of all data subjects.
  6. The Data Controller shall not retain personal data longer than necessary to achieve the purposes for which the data was collected or longer than is required by law.
  7. The Data Controller shall take all appropriate technical and organisational measures to protect personal data; in particular, to prevent unauthorised access to and modification of personal data.

Personal Data of Customers

  1. The Customer’s personal data is processed for the following purposes and on the following legal bases:
    1. conclusion and performance of the agreement for maintaining an account – Article 6(1)(b) of the GDPR, and in the case of natural persons representing Customers who are legal entities – Article 6(1)(f) of the GDPR;
    2. conclusion and performance of a Sales Agreement – Article 6(1)(b) of the GDPR, and in the case of natural persons representing Customers who are legal entities – Article 6(1)(f) of the GDPR;
    3. handling complaints or withdrawal from the Sales Agreement – Article 6(1)(b) of the GDPR;
    4. fulfilment of tax and accounting obligations – Article 6(1)(c) of the GDPR;
    5. defence, investigation or establishment of claims related to the Sales Agreement, which is a legitimate interest pursued by Advanced Graphene Products S.A. as a Seller – Article 6(1)(f) of the GDPR;
    6. handling enquiries sent by the Customer not yet leading to the conclusion of a Sales Agreement, which is a legitimate interest pursued by Advanced Graphene Products S.A. as a Seller – Article 6(1)(f) of the GDPR;
    7. sending e-mails containing advertising and promotional materials, including newsletters, upon previously expressed consent – Article 6(1)(a) of the GDPR.
  2. Providing personal data by the Customer is voluntary but necessary for receiving a response from Advanced Graphene Products S.A. to the Customer’s enquiry, setting up an account, placing an order and concluding a Sales Agreement or, upon consent, receiving e-mails containing advertising and promotional materials, including newsletters.
  3. In the case where the processing of personal data is based on consent, the Customer has the right to withdraw such consent, which will not affect the legitimacy of personal data processing which has been carried out based on consent before its withdrawal.
  4. While maintaining a full guarantee of personal data security, personal data provided may be transferred to entities that cooperate with the Data Controller; in particular, to third-party entities such as suppliers of goods and services, including express delivery companies, postal operators, banks, hosting providers or accounting offices.
  5. Personal data can be transferred beyond the European Economic Area [hereinafter referred to as the ‘EEA‘] when using tools that support the Data Controller’s business activity or maintaining tools for processing personal data in cooperation with the Data Controller. Such possible transfer will only take place to a country that the European Commission has recognised as providing an adequate level of data protection. In the case of transfers to countries outside the EEA whose level of data protection is not considered adequate by the European Commission, the Data Controller shall ensure appropriate personal data security measures compliant with the legislation by using standard contractual clauses approved by the European Commission.

Personal Data of Suppliers and Contractors

  1. The personal data of suppliers and contractors, as well as employees, is processed for the following purposes and on the following legal bases:
    1. performance of all obligations under the agreement concluded between Advanced Graphene Products S.A. and the supplier or contractor, including for day-to-day contact and possible assertion of claims after the agreement expiration or the completion of service – Article 6(1)(b) of the GDPR, and in the case of natural persons representing Customers who are legal entities – Article 6(1)(f) of the GDPR;
    2. to the remaining extent (i.e., based on and within the limits of consent for processing personal data granted by a supplier or a contractor – Article 6(1)(a) of the GDPR).
  2. Providing personal data by a supplier or contractor is voluntary but necessary for the performance of the agreement concluded between Advanced Graphene Products S.A. and a supplier or a contractor.
  3. In the case where the processing of personal data is based on consent, a supplier or a contractor has the right to withdraw such consent, which will not affect the legitimacy of personal data processing, which has been carried out based on consent before its withdrawal.
  4. While maintaining a full guarantee of personal data security, personal data provided may be transferred to entities that cooperate with the Data Controller; in particular, to third-party entities such as suppliers of goods and services, including express delivery companies, postal operators, banks, hosting providers or accounting offices.
  5. Personal data can be transferred beyond the European Economic Area [hereinafter referred to as the ‘EEA‘] when using tools that support the Data Controller’s business activity or maintaining tools for processing personal data in cooperation with the Data Controller. Such possible transfer will only take place to a country that the European Commission has recognised as providing an adequate level of data protection. In the case of transfers to countries outside the EEA whose level of data protection is not considered adequate by the European Commission, the Data Controller shall ensure appropriate personal data security measures compliant with the legislation by using standard contractual clauses approved by the European Commission.

Personal Data of Other Persons

  1. The AGP website contains interactive features (i.e., contact forms). To use these interactive features, registration is required – which entails filling in a form with mandatory personal data.
  2. Personal data is collected to improve the interactive services and meet the expectations of visitors to the AGP website who are not customers or suppliers or contractors.
  3. The personal data of the persons referred to in Clause 2 above is processed for the following purposes and on the following legal bases:
    1. handling enquiries sent by the person, which is a legitimate interest pursued by Advanced Graphene Products S.A. – Article 6(1)(f) of the GDPR.
  4. Providing personal data is voluntary but necessary for Advanced Graphene Products S.A. response to an enquiry.
  5. In the case where the processing of personal data is based on consent, the persons referred to in Clause 2 above have the right to withdraw such consent, which will not affect the legitimacy of personal data processing, which has been carried out based on consent before its withdrawal.
  6. While maintaining a full guarantee of personal data security, personal data provided may be transferred to entities that cooperate with the Data Controller; in particular, to third-party entities, such as suppliers of goods and services, including express delivery companies, postal operators, banks, hosting providers or accounting offices.
  7. Personal data can be transferred beyond the European Economic Area [hereinafter referred to as the ‘EEA‘] when using tools that support the Data Controller’s business activity or maintaining tools for processing personal data in cooperation with the Data Controller. Such possible transfer will only take place to a country that the European Commission has recognised as providing an adequate level of data protection. In the case of transfers to countries outside the EEA whose level of data protection is not considered adequate by the European Commission, the Data Controller shall ensure appropriate personal data security measures compliant with the legislation by using standard contractual clauses approved by the European Commission.

Rights of Data Subjects

  1. The data subject may exercise the following rights against the Data Controller:
    1. right to request access to their personal data and to obtain information about its processing, and if it is incorrect, the right to request its rectification (pursuant to Articles 15 and 16 of the GDPR);
    2. the right to request the restriction of the processing of their data in situations and on the terms set out in Article 18 of the GDPR (the data subject may request the restriction of the processing of their personal data for the period of verifying their accuracy or until the time of considering their objection to the processing. The data subject shall also have this right in the situation when, in their opinion, the processing of their data is unlawful, but they do not want the data to be immediately deleted or in the case when they need the data for a longer period than initially assumed period of processing in order to establish or defend their claims);
    3. right to request the erasure of their personal data pursuant to Article 17 of the GDPR (the so-called ‘right to be forgotten’);
    4. right to object at any time to the processing of their personal data on grounds relating to their special situation (pursuant to Article 21(1) of the GDPR).
  2. The Data Controller can be contacted in matters related to the processing of personal data and the exercise of the rights of data subjects (contact at: rodo@agp-corp.com). A person who has submitted a request or a demand concerning the processing of their personal data, in the exercise of their rights, may be asked to answer a number of questions which will allow for the verification of their identity. The Data Controller has appointed a Data Protection Officer, who can be contacted by e-mail at: rodo@agp-corp.com. The Data Protection Officer may be contacted in all matters concerning the processing of personal data.
  3. The data subject has the right to lodge a complaint against the processing of their personal data by the Data Controller to the Chairman of the Personal Data Protection Office (address: ul. Stawki 2, 00-193 Warsaw).
  4. In order to facilitate the exercise of rights resulting from the processing of personal data by the Data Controller, the Data Controller provides a form that constitutes the Appendix No. 1 to the Privacy Policy, which a person may fill in and send to the following e-mail address of the Data Controller: rodo@agp-corp.com.

Cookies Policy

  1. This Cookies Policy is related to cookies and similar technologies and applies to websites operated by the Data Controller [hereinafter referred to as the ‘Operator‘], including the AGP Website.
  2. The Operator uses cookies or similar technologies [hereinafter referred to as ‘cookies’], which are understood to be computer data; in particular text files intended for use on the Operator’s websites and stored in the end devices of Users browsing the sites.
  3. Information collected by cookies allow s to customise services and content to individual needs and preferences of Users and compile general statistics on using the sites by Users.
  4. Data collected using cookies is collected only to perform specific functions for Users and is encrypted in a manner preventing access by any unauthorised persons.
  5. In principle, the Operator uses two types of cookies – ‘session’ and ‘persistent’. Session cookies are temporary files that remain on the User’s device until logging off, leaving the website or switching off the software (web browser). Persistent cookies are files that remain on the User’s device for the time specified in the parameters of cookies or until they are manually deleted by the User.
  6. The following types of cookies are used on the Operator’s websites which are necessary for providing the services:
    1. cookies necessary to enable the use of services available at the Operator’s websites (e.g., authentication cookies used for services requiring authentication);
    2. cookies used to ensure security (e.g., used to detect abuse related to authentication);
    3. performance cookies, enabling the collection of information about how websites are used;
    4. functional cookies that make it possible to ‘remember’ the User’s selected settings and customise the user interface;
    5. advertising cookies, making it possible to provide Users with advertising content tailored to their interests.
  7. Web browsing software (web browser), usually by default, allows the storage of cookies on the end device. The User may change their cookie settings yourself and at any time, specifying the conditions for storing and accessing cookies on their device. The User can change the settings referred to in the previous sentence by changing the settings of their Internet browser. These settings can be changed to block the automatic processing of cookies in the web browser’s settings or inform about their storage on the User’s device each time. Detailed information on the options and methods of handling cookies is available in the software settings (web browser).
  8. Using the Operator’s website without changing the cookie settings means that the User consents to the storage of cookies. The User may always withdraw their consent by changing the cookie settings.
  9. Information on how to configure the cookie settings in sample web browsers can be found here:
    1. in the Internet Explorer browser:
      https://support.microsoft.com/pl-pl/help/278835/how-to-delete-cookie-files-in-internet-explorer
    2. in the Chrome browser:
      https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=pl
    3. in the Opera browser:
      https://www.opera.com/help/tutorials/security/cookies/
    4. in the Mozilla Firefox browser:
      https://support.mozilla.org/pl/kb/blokowanie-ciasteczek
    5. in the Safari browser:
      https://support.apple.com/pl-pl/HT201265
  10. The Operator uses Google Analytics tools provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics tools collect anonymous information about website visits and are used to create analyses and reports on using and activities on the website. Information on User’s activity is also collected in order to improve the experience of using the Operator’s websites. The Operator’s activities in this regard are based on its legitimate interest in generating statistics and analysing them to optimise the website.
    Terms and Conditions of Google Analytics Service:
    https://www.google.com/analytics/terms/gb.html
    General overview of Google Analytics security and privacy principles
    https://support.google.com/analytics/answer/6004245?hl=en
    Google Privacy Policy:
    https://policies.google.com/privacy?hl=en
    To unsubscribe, click:
    https://tools.google.com/dlpage/gaoptout?hl=en-GB

Appendix No. 1 to the Privacy Policy – Rights excercise form