Privacy policy

The Privacy policy forms an integral part of the Terms & conditions.

§1. Data Controller

The controller of the personal data of users of the Intername – world domains service (hereinafter: the “Service”) is:

BPtech.pl – usługi informatyczne Boryszek Pawel
ul. Sadowa 12, 72-100 Goleniów, Poland
Tax Identification Number (VAT): PL8561638135
E-mail: info@interna.me

The Service has not appointed a Data Protection Officer. For matters concerning data protection, please contact the Data Controller directly.

§2. Purpose and Scope of Processing

Personal data of users are processed in accordance with the applicable legal bases and for the following purposes:

  • conclusion and performance of a contract, including account management within the Service, domain registration, payments, and invoicing;
  • compliance with legal obligations, such as tax and accounting duties;
  • legitimate interests of the Controller, including protection against claims, statistical analysis, and ensuring the security of IT services;
  • on the basis of consent, e.g. sending commercial information by e-mail/SMS, use of analytical and marketing cookies (in line with the Polish Act on the Provision of Electronic Services and the Telecommunications Law).

§3. Scope of Data Processed

The following categories of data may be processed: identification data (first name, surname, VAT number, national identification number, passport number or other identification number, address), contact details (telephone, e-mail), payment data, as well as data relating to the use of the Service (logs, IP address, cookies).

Identification data, including the national identification number or its equivalent for consumers, are provided voluntarily by the User, but are required for the proper provision of the service and for issuing an invoice.

§4. Data Retention Period

Personal data are retained:

  • for the duration of the contract and the necessary period thereafter, e.g. for handling complaints and pursuing/defending claims, until the expiry of the limitation period (usually up to 6 years);
  • accounting and tax records – for the period required by law (e.g. 5 years from the end of the tax year);
  • data processed on the basis of consent – until such consent is withdrawn.

§5. Data Recipients

Personal data may be disclosed to:

  • entities cooperating in the field of domain registration, hosting services, SSL certificates, and payment processing;
  • IT service providers, payment operators, accounting firms, law firms – strictly to the necessary extent;
  • public authorities, where required by law or by a court order.

In justified cases, where such transfer is necessary for the performance of a contract between the User and the Service, data may be transferred outside the European Economic Area (EEA), subject to adequate safeguards in line with the GDPR. The User will be informed of such transfer when placing an order.

§6. User Rights

The User has the right to:

  • access their data and obtain a copy thereof,
  • rectify their data,
  • erase their data (“right to be forgotten”),
  • restrict processing,
  • transfer their data to another service provider,
  • object to data processing (in particular for marketing purposes),
  • withdraw consent at any time (without affecting the lawfulness of processing carried out before its withdrawal).

In connection with the processing of data, the User has the right to lodge a complaint with the President of the Polish Data Protection Authority (PUODO).

§7. Data Security and NIS2

The Controller applies technical and organisational measures required under the GDPR and the NIS2 Directive, in particular:

  • encryption of data transmission (SSL/TLS),
  • access control and authentication systems,
  • IT system monitoring and logging,
  • regular data backups,
  • testing and updating of security measures,
  • incident reporting and handling procedures.

In the event of a security incident affecting data or services that may pose a high risk to the User’s rights, the User will be informed without undue delay.

§8. Verification of Domain Registration Data (NIS2)

In connection with the obligations imposed by the NIS2 Directive (Article 28) and the provisions of the Polish Act on the National Cybersecurity System, the Controller, as an entity providing domain registration services, has implemented the Domain Registration Data Verification Policy.

The purpose of the verification is to ensure that the registrant data of each registered domain is accurate, complete, and up to date.

The scope of verification includes in particular:

  • first name and surname or the full company name,
  • e-mail address,
  • telephone number,
  • correspondence address.

Verification is carried out in the following cases:

  • upon every new domain registration,
  • upon any change of the registrant’s or domain owner’s data,
  • upon domain transfer involving a change of owner,
  • periodically – at least once every 12 months,
  • in the event of detected risk of inaccurate data (risk-based approach).

Methods of verification:

  • confirmation of the e-mail address by clicking an activation link,
  • verification of the telephone number via SMS code or voice call,
  • in justified cases (high risk, request from the registry) – enhanced verification (KYC), including submission of a scan of an identity document or an extract from the business register.

Failure to successfully verify the data may result in the inability to activate the domain, suspension of its delegation, or, in extreme cases, deletion of the domain after prior notification to the User.

All activities related to the verification of domain registration data are carried out while maintaining the highest standards of personal data protection resulting from the GDPR.

§9. Automated Decisions

No automated decision-making, including profiling within the meaning of the GDPR, is carried out on the basis of the User’s personal data.

§10. Cookies

The Service uses cookies to ensure proper operation and to improve the quality of services provided.

Types of cookies:

  • Essential (session and configuration cookies) – e.g. PHPSESSID, i_cookie, i_language, i_settings, wordpress_, wf, stripe – enabling the use of the Service and order placement;
  • Analytical – e.g. i_stats_* – enabling analysis of how the Service is used and improving its performance (active only with the User’s consent, opt-in mechanism).

Each User may manage cookies independently in their browser settings, including blocking or deleting them.

§11. Amendments to the Privacy Policy

The Controller reserves the right to amend this Policy in the event of changes to the law, technology, or the way the Service operates. The User will be notified of significant changes via the Service or by e-mail no later than 14 days before such changes come into effect.



We have detected the use of an automatic page translation toolThe use of such tools may have a negative affect on the usage of our services. Please ensure that it is only turned on when reading the content in your language and that the automatic translation is disabled when performing any action on the site. Our website is available in English, German, French, Italian, Spanish, Portuguese, Romanian and Polish language. Close this window

Cookies

By browsing intername.uk, you acknowledge that we use cookies. Read our cookies & privacy policy

AcceptCookies