The principles of personal data processing by DUON Dystrybucja sp. z o. o.

At DUON Dystrybucja Sp. z o. o. we take your privacy very seriously and will never disclose, share or sell your data without your consent, unless required to do so by law. Therefore, we have established the following basic principles to ensure the lawfulness of processing and the proper level of security.

As the Controller:

  • We process your personal information to meet our legal, statutory and contractual obligations and to pursue our legitimate interests, to provide you with our products and services. Personal data are processed for one or more purposes that are specified in the Privacy Policy, e.g. users of the website and available means of electronic communication.
  • We always inform you about the processing at the time when personal data are obtained, specifying the purpose and legal basis for processing. This information can be provided in many layers, and its goal is to limit the scope of information given all at once, enabling you to return to information at any time and limiting the costs of distributing it in a printout form.
  • We will never collect any unnecessary personal data from you and do not process your information in any way, other than specified in this notice or in the Privacy Policy. We only retain your data for as long as is necessary and for the purposes specified in this notice.
  • Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw consent at any time. 
  • We take your privacy seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place.
  • We ensure the security and confidentiality of personal data. We carry out regular security audits, based on which we assess the risk of violating the security of your personal data processed by us, and when the risk assessment is high, we take all the necessary steps to minimize it.
  • We ensure the implementation of the rights of a natural person under the provisions of the GDPR whose data we process. Here you can read more about your rights and here how to exercise any of your rights.
  • In the case of a personal data breach, without undue delay, we will inform you about it in the form of:
    • Text message to your phone number
    • E-mail to your e-mail address
    • A letter to your address of residence
    • An information posted on our website
  • In the notification, we will always inform you about the violation, its possible consequences, and we will provide information on steps that should be taken to minimize the risk of the indicated consequences.