This Policy is of informative nature and is a fulfilment of information obligations imposed on the Controller by the GDPR, i.e. by the Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
(hereinafter individually or jointly referred to as the “Website”) and our Users.
- DATA CONTROLLER
- The Controller of the Users’ personal data is the Seller, that is————
- You can contact the Controller especially via e-mail: —–
- You can also write to us to the following address:—–
- PURPOSE AND SCOPE OF DATA PROCESSING
- The purpose and scope of data processing is defined by the scope of permissions and data supplemented and sent via proper form.
- Normally, we process personal data in the following scope:
- If you give us your personal data by filling out the registration form in order to create an Account or to contact us we collect the following personal data: e-mail address, first name, last name, computer IP address;
- If you give your personal data to have your Order executed we collect the following personal data: e-mail address, computer IP address, first name, last name, company name, country, NIP number, address, post code, city, voivodeship;
- If you contact our customer service staff you can also give us your other personal data that we collect;
- We also process personal data collected by Google Analytics.
- The nature of our services makes it impossible to perform them anonymously.
- Your personal data will be processed for the purposes of: (a) following legal provisions, (b) executing Orders and Sales Contracts, creating an Account and performing other contracts for the provision of services by electronic means, in particular providing the Newsletter service, including dealing with complaints received and optimisation of the Seller’s services, (c) marketing and commercial activities of the Seller.
- Providing your personal data is voluntary but if you chose not to provide information marked as obligatory we will not be able to provide you services by electronic means or execute Sales Contracts and Orders.
- LEGAL BASIS FOR THE PROCESSING
- The legal basis for the processing of personal data in the case referred to in section 2.4. letter (a) above is the authorisation to process data necessary for conducting lawful activity, while in the case referred to in section 2.4. letter (b) and (c) above it is the performance of a contract to which data subject is a party or to undertake actions upon data subject’s request before entering into a contract, as well as the authorisation to process data when it is necessary for the purposes arising from legitimate interests pursued by us or by third party, or your consent.
- A legitimate interest of the Seller is, among other things, answering the Users’ queries.
- If we learn that you have used our services contrary to the Regulations or applicable legal provisions (prohibited use), we may process your personal data in the scope required to establish your responsibility.
- Profiling of the Website is carried out through the recording of sessions, making analyses via “clickmap” and analytics based on events (Segment) which will involve creating dynamic and automated: (a) messages and advertising content, (b) post-sale communication forms, (c) methods of contacts segmentation and sending e-mails, (d) reminders about discarded baskets, (d) methods of selecting communication channels, (e) methods of managing the contacts.
- The effect of profiling will include generating personalised marketing activities and creating analyses and sales forecasts.
- You may file objection to profiling of your person by writing to the e-mail address —-
- DURATION OF DATA PROCESSING
- Your personal data will be processed: (a) for the period adequate to demonstrate proper responding to your query or to demonstrate that we have properly performed the service by electronic means (this time corresponds to the period of limitation of claims), or (b) for 5 years of your placing the last Order (whichever date is later).
- After this time your personal data will be erased, unless their processing is necessary under any other legal basis.
- DATA RECIPIENTS
- We can entrust your personal data processing to third parties so that they can perform activities specified in the Regulations and provide services to you. In this case the recipients of your personal data may be: the supplier of hosting for the Website, firm technically assisting the Website, the supplier of invoice management system, the supplier of CRM system and other IT systems to streamline Orders execution and provide services by electronic means, the firm providing technical assistance of the Newsletter, the Seller’s accounting office, our legal or financial advisors and the carrier.
- We use external suppliers of payment services – Dotpay, PayPal and Playlane to process payments on account of Sales Contracts and services made through the Website. All internet payments will be carried out according to safety standards of data and billing information (that are used by these suppliers of payment services solely to secure them against frauds) and are coded before being forwarded to the suppliers. Subject to exceptions specified below, payment details are forwarded directly from the browser to the suppliers of payment services. This means that the payment is either made outside our Website or is displayed in a box on the payment site.
- Personal data that we collect may also be provided to: relevant state authorities at their request based on relevant legal provisions or other persons and entities – in the cases provided for in legal provisions, in particular we may forward payment details in accordance with the Act on Preventing and Fighting Money Laundering and Financing Terrorism.
- Each entity to which we entrusts the processing of your personal data based on data processing contract (hereinafter “Data Processing Contract”) guarantees an adequate level of safety and confidentiality of personal data processing. The Processor that will process personal data based on Data Processing Contract may process the User’s personal data through another entity solely on the basis of our prior written consent.
- We forward your data to third countries, that is outside the EEA: to the United States based on the European Commission Implementing Decision of 12 July 2016 introducing the so-called Privacy Shield (under this decision data will be forwarded only to certified entities, which obliges them to adequately secure my personal data), as well as to other countries solely under standard contractual clauses that will oblige relevant entities to adequately secure personal data.
- You can have copies of personal data forwarded to third countries at any time.
- DATA SUBJECT’S RIGHTS
- Each User has the right to: (a) have data collected about them erased, both from the Seller’s system and from data bases of entities that we cooperate or have cooperated with, (b) limit data processing, (c) transfer personal data that we collect about you, including the right to receive it in a structured form, (d) demand from us the access to your personal data and to rectify it, (e) object to processing, (f) withdraw consent from the Seller, at any time and without affecting the lawfulness of the processing that has been made based on the consent before it was withdrawn, (g) filing a complaint against us to a supervisory authority.
- If you want to change the name, e-mail address, password and/or communication preferences after registration, you may get access to your Account in My Account section on the Website. You may also request to make these changes by contacting us by mail or by post.
- OTHER DATA
- The Website may store http queries, that is why in the server log files some information may be recorded, including the IP address of the computer from which the query was received, the User’s station name – identification carried out by http protocol, if possible, date and system time of registration on the Website and reception of the query, the number of bytes sent by the server, URL address of the website previously visited by the User if they entered the Website via a link, information about the User’s browser, information about errors that appeared during the execution of the http transaction. The logs may be collected as a material for proper administration of the Website. Only persons authorised to administer the IT system have access to information. Log files may be analysed to prepare statistics about traffic on the Website and the occurrence of errors. A summary of such information does not identify the User.
- We apply technical and organisational means ensuring safety of the processed personal data which is adequate to threats and categories of data under protection, in particular they secure technical and organisational data from making it available to unauthorised persons, taking it by unauthorised person, processing it with violation of the act as well as changing, losing, damaging or destroying it, here the TLS certificates are used among other things. The file of the Users’ personal data is stored on a secured server, the data collected is also protected by our internal procedures of personal data processing and information security policy.
- In order to log in to the Account it is necessary to give the login and password. To ensure adequate safety level the password to the Account is only in a coded form. Communication between the User’s device and the servers, in particular while making payments, is coded using the TLS protocol.
- We have also implemented proper technical and organisational means, such as pseudonymisation, designed to effectively fulfil the principles of data protection, such as data minimisation and to ensure that the processing is properly secured so that the GDPR requirements are met and subjects’ rights are protected. We apply all necessary technical means specified in Articles 25, 30, 32-34, 35-39 of the GDPR that ensure safety and improve protection of the User’s personal data processing.
- At the same time we point out that using the internet and services provided electronically may be threatened by malicious software (malware) penetrating into the User’s IT system and their device, as well as by unauthorised access of third parties to the User’s data, including personal data. To minimise these threats the User should use adequate technical protection means, e.g. they should use current antivirus programmes or programmes that protect the User’s identification in the internet. To obtain more detailed and professional information about being safe on the internet we recommend that you enquire the entities specialising in this type of IT services.
- As in the case of most internet pages, our Website also uses “cookies” and similar files. Cookies perform many functions, for example they enable to smoothly navigate between the pages, they remember your preferences and generally improve the quality of using the internet. They may also help to ensure that advertisements which appear on the internet are more customised to you and your interests.
- Below is a list of all cookies used on our Website, specified according to categories:
- Necessary cookies: These files are necessary to enable you to navigate through the Website and use its functionalities, such as the access to safe areas of the Website. Without these cookies services you chose, such as purchase basket cannot be provided.
- Performance cookies: These cookies collect information about how the Users use the Website, for example which pages the User visits most frequently and whether they receive error messages from internet pages. These cookies do not collect information that identify the User. All information gathered by these cookies are collective, therefore anonymous. They are used only to improve the functioning of the Website.
- Functional cookies: These cookies allow the Website to remember the choices that you make (such as the user’s name, language or region where you are located) and ensure improved, more personal use. These files may also be used to remember the changes of text size you made and other elements of internet pages that you may customise. They may also be used to ensure services you chose, such as watching video or commenting on a blog.
- Advertising cookies: These cookies collect information about your browsing habits in order to direct advertisement adjusted to you and your interests if you agree to it by choosing appropriate settings in your browser. They are also used to limit the amount of advertisement views and help to check the effectiveness of advertising campaign. They are usually placed by advertising networks upon our consent. They remember that you visited the internet page and this information (collectively and anonymously) is shared with other entities, such as advertisers. Quite often advertising cookies will be combined with the functionality of another entity’s page. If you switch these cookies off you can still use the Website.
- Third party cookies: While using our Website your device or browser may receive cookies from third parties, for example when you use the content placed there and links to social networks if you agree to it by choosing appropriate settings in your browser. It is important to know that we have no access nor control of cookies used by the firms or internet pages belonging to third parties. We advise you to go to third party websites to obtain more information about their cookies and how to manage them. If you switch these cookies off you can still use the Website.
- The Help option on the menu of most browsers will tell you how to switch on or avoid accepting new cookies by your browser, how to make the browser inform you about new cookies coming up and how to completely switch cookies off. You may also switch of or delete similar files that are used by additions to the browsers, such as Flash cookies by change of settings of extensions or visiting your operator’s internet page.
- If you use a computer, click on “Help” at the top of the browser and chose “About us”. If you use a Mackbook, click on menu Apple at the top of the browser and chose “About us”.
- For Flash Cookies (or Local Shared Objects) the Adobe website provides all information on how to remove or switch off Flash cookies – see http://www.adobe.com/security/flashplayer/.
- For third party Cookies – if you want to reject third party cookies use the resignation tool offered by the members of Network Advertising Initiative (NAI) – see http://www.networkadvertising.org/managing/opt_out.asp. Otherwise, we advise you to contact a relevant entity to obtain more information about their cookies and how to manage them.
- FINAL PROVISIONS