Privacy Policy - GLAZE Group - We design light and comfort for years

Privacy Policy

1. General Information and Data Controller

This Privacy Policy explains how personal data is processed on the website
https://glazegroup.eu
operated by:

OKNA KRAWCÓW Sp. z o.o.
ul. Wrocławska 2
67-100 Nowa Sól, Poland
KRS: 0001142282
REGON: 540349960
NIP: 9252148020

Email: office@glazegroup.eu
Website: https://glazegroup.eu

We process personal data in accordance with the European General Data Protection Regulation (GDPR/RODO), the German Federal Data Protection Act (BDSG), and the Telecommunications and Telemedia Data Protection Act (TTDSG), as well as applicable privacy laws in the United States, including the California Consumer Privacy Act (CCPA).

2. Collection and Purposes of Personal Data

We process personal data for the following purposes:

  1. Contact via contact form, email, or phone
  2. Preparation and execution of offers, orders, and contracts
  3. Direct marketing, only with explicit consent
  4. Compliance with legal obligations
  5. Technical operation, security, and optimization of the website, including hosting, log files, and error analysis
  6. Use of plugins and scripts (e.g., Google Fonts, Swiper.js)
  7. Management of contacts and leads through the Zoho CRM system

3. Legal Basis for Processing

Your data is processed on the following legal bases:

  • Art. 6(1)(a) GDPR – Consent
  • Art. 6(1)(b) GDPR – Performance of a contract or pre-contractual measures
  • Art. 6(1)(c) GDPR – Legal obligation
  • Art. 6(1)(f) GDPR – Legitimate interest, e.g., website operation, security, and lawful direct marketing

For California residents, data processing is disclosed under CCPA/CPRA, and you have the right to opt-out of the sale or sharing of personal information.

4. Data Retention

Personal data is stored only as long as necessary for the respective purposes or required by law. After the purpose has expired or consent is withdrawn, the data will be deleted unless legal obligations require further retention.

5. Recipients of Data

Data may be shared with the following categories of recipients:

  • IT and hosting service providers
  • Providers of newsletter or communication tools
  • External service providers (e.g., accounting, logistics, courier services)
  • Authorities, if legally required

Transfers outside the EU/EEA occur only if permitted by law and with appropriate safeguards, such as Standard Contractual Clauses (SCCs) or Privacy Shield compliance where applicable.

6. Your Rights

Under GDPR and applicable laws, you have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Rectify incorrect data (Art. 16 GDPR)
  • Request deletion (“right to be forgotten”, Art. 17 GDPR)
  • Restrict processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Withdraw consent at any time for future processing
  • Lodge a complaint with a supervisory authority (e.g., BfDI in Germany)

California residents additionally have the right to:

  • Request disclosure of categories of personal data collected
  • Request deletion of personal data
  • Opt-out of the sale or sharing of personal data

7. Cookies & Tracking (TTDSG / CCPA)

Our website uses cookies and similar technologies:

  • Technically necessary cookies (Art. 6(1)(f) GDPR / §25(2) TTDSG)
  • Functional and analytics cookies – only with consent (§25(1) TTDSG)

You can adjust your cookie preferences at any time via the cookie banner. For California residents, cookies that are “sold” or shared for marketing purposes can be opted out of.

8. Server Log Files

The following data is automatically collected when visiting the website:

  • IP address
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL
  • Pages visited

Legal basis: Art. 6(1)(f) GDPR – legitimate interest in technical security.

9. External Hosting

The website is hosted by an external service provider. Legal basis: Art. 6(1)(f) GDPR – efficient and secure website operation. A Data Processing Agreement (DPA / AVV) is in place.

10. WordPress

The website uses WordPress CMS. WordPress processes technically necessary data such as session cookies and login data. Plugins may process additional personal data.

11. Google Fonts

We use Google Fonts to display fonts consistently. If hosted locally, no data is transmitted to Google. If loaded from Google servers, your browser may transmit:

  • IP address
  • Browser information
  • Timestamp of request

Legal basis: Art. 6(1)(a) GDPR – consent. Transfers to the USA are protected by Standard Contractual Clauses (SCCs).

12. Swiper.js

We use Swiper.js for interactive sliders. Technical data such as IP address and browser information may be processed. Legal basis: Art. 6(1)(f) GDPR – legitimate interest in user experience.

13. Contact Form

When using the contact form, the following personal data is collected:

  • First name and last name
  • Phone number
  • Email address
  • Message content

Legal basis: Art. 6(1)(b) GDPR – pre-contractual communication, and Art. 6(1)(a) GDPR – consent provided in the form.

14. CRM Zoho

We use Zoho CRM to manage customer inquiries. The following data is transmitted to Zoho:

  • First name and last name
  • Phone number
  • Email address

Zoho acts solely as a data processor on behalf of OKNA KRAWCÓW Sp. z o.o. A Data Processing Agreement (DPA) is in place.
Purpose: Processing and responding to inquiries, managing contacts and leads.
Legal basis: Art. 6(1)(a) GDPR – consent, and Art. 6(1)(b) GDPR – pre-contractual measures.
International data transfer: Zoho may store data on servers in the USA, with transfers protected by Standard Contractual Clauses (SCCs).

15. Data Security

We implement technical and organizational measures to protect personal data against loss, misuse, unauthorized access, or destruction, including SSL/TLS encryption, firewalls, regular updates, and access restrictions.

16. Changes to the Privacy Policy

We reserve the right to update this Privacy Policy. The current version is always available at https://glazegroup.eu.