1. Information We Collect

1.1 Information You Provide to Us

We collect information that you voluntarily provide when you:

• Fill out forms: Contact forms, quote requests, job applications, inquiry forms
• Communicate with us: Email, phone calls, live chat, WhatsApp
• Create an account: Username, password, company details
• Place orders: Shipping address, billing information, payment details
• Apply for jobs: Resume/CV, cover letter, work history, references

Personal information may include:

• Full name
• Email address
• Phone number
• Company name and position
• Postal address (shipping/billing)
• Business requirements and specifications
• Any other information you choose to provide

1.2 Information Automatically Collected

When you visit our website, we automatically collect certain information:

• Device information: IP address, browser type, operating system, device type
• Usage data: Pages visited, time spent, click patterns, referring URLs
• Location data: General geographic location based on IP address
• Cookies and tracking technologies: See Section 9 for details

1.3 Information from Third Parties

We may receive information from:

• Business partners: Shipping companies, inspection agencies (SGS, Bureau Veritas)
• Analytics providers: Google Analytics, website performance tools
• Social media platforms: If you interact with us on LinkedIn, Facebook
• Public sources: Company registries, business directories

2. How We Use Your Information

We use your personal information for the following purposes:

2.1 Providing Services

• Process your quote requests and order inquiries
• Arrange shipments and logistics
• Coordinate third-party inspections (SGS, Bureau Veritas, AIM Control)
• Prepare export documentation and compliance certificates
• Process payments and invoices
• Provide customer support and after-sales service

2.2 Communication

• Respond to your inquiries and questions
• Send order confirmations and shipping updates
• Provide product information and specifications
• Send important notices about our services

2.3 Marketing (with your consent)

• Send newsletters about new products and services
• Provide information on industry trends and market updates
• Share promotional offers and special deals
• Invite you to industry events or webinars

2.4 Business Operations

• Improve our website and user experience
• Analyze website traffic and usage patterns
• Prevent fraud and ensure security
• Comply with legal obligations
• Maintain business records and accounting

2.5 Recruitment

• Review job applications and resumes
• Conduct interviews and assessments
• Verify references and work history
• Make hiring decisions

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

3.1 Contractual Necessity

Processing is necessary to fulfill our contract with you, including:

• Processing orders and shipments
• Providing services you requested
• Handling payments and invoicing

3.2 Legitimate Interests

We have a legitimate interest in:

• Improving our products and services
• Analyzing website usage and performance
• Preventing fraud and ensuring security
• Managing our business operations efficiently

3.3 Legal Obligation

We must process certain data to comply with:

• Tax and accounting regulations
• Export and customs requirements
• EU Waste Shipment Regulation (Annex VII)
• Anti-money laundering laws

3.4 Consent

For marketing communications and cookies, we rely on your explicit consent, which you can withdraw at any time.

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

4.1 Service Providers

• Shipping companies: To arrange logistics and deliveries
• Inspection agencies: SGS, Bureau Veritas, AIM Control for quality verification
• Payment processors: To handle transactions securely
• Email service providers: To send communications
• Cloud storage providers: To store data securely
• IT support: For website maintenance and security

4.2 Business Partners

• Suppliers and vendors in our supply chain
• Freight forwarders and customs brokers
• Insurance providers

4.3 Legal Requirements

We may disclose information when required by law:

• In response to court orders or legal processes
• To comply with regulatory requirements
• To protect our rights, property, or safety
• In connection with fraud prevention

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

5. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Customer data: Retained for the duration of the business relationship plus 7 years for accounting and tax purposes
• Quote requests: 3 years from last contact
• Job applications: 1 year from application date (unless you consent to longer retention)
• Marketing data: Until you withdraw consent or unsubscribe
• Website analytics: 26 months (Google Analytics default)
• Legal documents: As required by Polish and EU law

After retention periods expire, we securely delete or anonymize your data.

6. Your Data Protection Rights

Under GDPR and applicable data protection laws, you have the following rights:

6.1 Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies.

6.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

6.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data when:

• The data is no longer necessary for its original purpose
• You withdraw consent (for consent-based processing)
• You object to processing based on legitimate interests
• The data was unlawfully processed

6.4 Right to Restrict Processing

You can request limitation of how we use your data in certain circumstances.

6.5 Right to Data Portability

You can request your data in a structured, commonly used, machine-readable format.

6.6 Right to Object

You can object to:

• Processing based on legitimate interests
• Direct marketing (at any time)
• Profiling and automated decision-making

6.7 Right to Withdraw Consent

Where we rely on consent, you can withdraw it at any time. This won't affect the lawfulness of processing before withdrawal.

6.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority:

• Poland: Urząd Ochrony Danych Osobowych (UODO) - https://uodo.gov.pl
• EU Data Protection Authorities: Find your country's authority at https://edpb.europa.eu

7. International Data Transfers

Metcrop is based in Warsaw, Poland (European Union). Your data is primarily processed within the EU/EEA.

7.1 Transfers Outside the EU

When we transfer data to countries outside the EU/EEA (such as for shipping to Bangladesh, India, Pakistan, UAE), we ensure appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with international partners
• Adequacy decisions by the European Commission (where applicable)

7.2 Third-Party Services

Some third-party services we use may process data outside the EU:

• Google Analytics: EU-US Data Privacy Framework certified
• Email providers: EU data centers with GDPR compliance

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

8.1 Technical Measures

• Encryption: SSL/TLS encryption for data transmission
• Secure servers: Data stored on secure, encrypted servers
• Firewalls: Network security and intrusion detection
• Access controls: Role-based access to personal data
• Regular backups: Encrypted backup systems

8.2 Organizational Measures

• Employee training on data protection
• Confidentiality agreements with staff
• Data protection impact assessments
• Regular security audits and updates
• Incident response procedures

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience.

9.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us remember your preferences and understand how you use our site.

9.2 Types of Cookies We Use

Essential Cookies (Always Active)

• Required for website functionality
• Enable security features
• Remember your cookie preferences

Analytics Cookies (With Consent)

• Google Analytics: Track website usage and performance
• Help us improve user experience
• Anonymized where possible

Marketing Cookies (With Consent)

• Deliver relevant advertisements
• Track campaign effectiveness
• Retargeting on social media

9.3 Managing Cookies

You can control cookies through:

• Cookie banner: Accept or reject when you first visit
• Browser settings: Block or delete cookies
• Opt-out tools: Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout

Note: Blocking essential cookies may affect website functionality.

10. Third-Party Websites

Our website may contain links to third-party websites, including:

• Shipping tracking portals
• Social media platforms (LinkedIn, Facebook)
• Inspection agency websites (SGS, Bureau Veritas)
• Industry resources and partners

We are not responsible for the privacy practices of these third-party sites. Please review their privacy policies before providing personal information.

11. Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal information from children.

If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our business practices
• New legal requirements
• Technology improvements
• Customer feedback

Notification of Changes:

• We will post the updated policy on this page
• The "Last Updated" date at the top will be revised
• For significant changes, we may notify you by email
• Continued use of our services constitutes acceptance of changes

We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Response Time: We aim to respond to all privacy-related inquiries within 30 days as required by GDPR.