1. GENERAL PROVISIONS
1.2. The administrator of personal data collected via the Online Store is Grupa Eshop sp. Z o. O. Entered into the National Court Register under KRS number 0000690431, registration court storing the company's documentation: District Court for Wrocław - Fabryczna in Wrocław, 6th Commercial Division of the National Court Register, with: business activity and address for service: ul. Zemska 7/5, 54-438 Wrocław, NIP: 8943111906, REGON: 9367989009, e-mail address: email@example.com, telephone number: 570364508.- hereinafter referred to as the "Administrator" and being at the same time the Service Provider of the Online Store and the Seller.
1.3. The personal data of the Customer and the Customer are processed in accordance with the Personal Data Protection Act of August 29, 1997 (Journal of Laws 1997 No. 133, item 883, as amended) (hereinafter: the Personal Data Protection Act) and the Act on providing services by electronic means of July 18, 2002 (Journal of Laws 2002, No. 144, item 1204, as amended).
1.4. The administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him is processed in accordance with the law; collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing.
1.5. All words, expressions and acronyms appearing on this website and beginning with a capital letter (eg Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Regulations of the Online Store available on the Online Store website.
2. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS
2.1. Each time the purpose, scope and recipients of data processed by the Administrator result from actions taken by the Service User or the Customer in the Online Store. For example, if the Customer chooses personal pickup instead of courier when placing the Order, his personal data will be processed in order to conclude and implement the Sales Agreement, but will no longer be made available to the carrier performing the shipment at the request of the Administrator.
2.2. Possible purposes of collecting personal data of Service Users or Customers by the Administrator:
2.2.1. conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services (eg Account).
2.2.2. direct marketing of the Administrator's own products or services.
2.3. Possible recipients of personal data of the Customers of the Online Store:
2.3.1. In the case of a Customer who uses the Online Store with the method of delivery by post or courier, the Administrator provides the Customer's collected personal data to the selected carrier or intermediary performing the shipment at the request of the Administrator.
2.3.2. In the case of a Customer who uses the Online Store with the method of electronic payments or with a payment card, the Administrator provides the Customer's collected personal data to the selected entity servicing the above payments in the Online Store.
2.4. The administrator may process the following personal data of the Service Users or Customers using the Online Store: name and surname; e-mail address; contact telephone number; delivery address (street, house number, apartment number, zip code, city, country), address of residence / business / seat (if different from the delivery address). In the case of Service Users or Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Service User or Customer.
2.5. Providing personal data referred to in the above point may be necessary to conclude and implement the Sales Agreement or contract for the provision of Electronic Services in the Online Store. Each time, the scope of the data required to conclude a contract is previously indicated on the website of the Online Store and in the Regulations of the Online Store.
3. COOKIES AND PERFORMANCE DATA
3.1. Cookies (cookies) are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (e.g. on the hard drive of the computer, laptop or on the smartphone's memory card - depending on the device used visitors to our Online Store). Detailed information on cookies as well as the history of their creation can be found, among others here: http://pl.wikipedia.org/wiki/Ciasteczko .
3.2. The Administrator may process the data contained in Cookies when visitors use the Online Store website for the following purposes:
3.2.1. identifying the Service Users as logged in to the Online Store and showing that they are logged in;
3.2.2. remembering Products added to the basket in order to place an Order;
3.2.3. remembering data from completed Order Forms, surveys or login details to the Online Store;
3.2.4. adjusting the content of the Online Store website to the individual preferences of the Service Recipient (e.g. regarding colors, font size, page layout) and optimizing the use of the Online Store websites;
3.2.5. keeping anonymous statistics showing how to use the Online Store website.
3.3. By default, most web browsers available on the market accept saving cookies by default. Everyone has the option to define the terms of using cookies using the settings of their own web browser. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the option of saving Cookies - in the latter case, however, it may affect some of the functionalities of the Online Store (for example, it may be impossible to pass the Order path through the Order Form due to for not remembering the Products in the basket during the next steps of placing the Order).
3.5. Detailed information on changing cookie settings and their self-removal in the most popular web browsers is available in the help section of the web browser and on the following pages (just click on the link):
• in Chrome
• in Firefox
• in Internet Explorer
• in the Opera browser
• in the Safari browser
• in the Microsoft Edge
3.6 browser . The administrator also processes anonymised operational data related to the use of the Online Store (IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store website. These data are not disclosed to third parties.
4. BASIS FOR DATA PROCESSING
4.1. Providing personal data by the Service User or the Customer is voluntary, but failure to provide the personal data indicated on the Online Store website and in the Online Store Regulations necessary for the conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services results in the inability to conclude this agreement.
4.2. The basis for the processing of personal data of the Service Recipient or Customer is the need to perform the contract to which he is a party or to take action at his request before its conclusion. In the case of data processing for direct marketing of the Administrator's own products or services, the basis for such processing is (1) the prior consent of the Service Recipient or Customer or (2) the fulfillment of legally justified purposes carried out by the Administrator (in accordance with Article 23 (4) of the Act on the Protection of Personal Data a legitimate goal is, in particular, direct marketing of the Administrator's own products or services).
5. THE RIGHT TO CONTROL, ACCESS TO THEIR DATA AND THEIR CORRECTION
5.1. The Service Recipient or the Customer has the right to access their personal data and correct them.
5.2. Each person has the right to control the processing of data relating to him, contained in the Administrator's data set, in particular the right to: request supplementing, updating, rectifying personal data, temporarily or permanently suspending their processing or deleting them if they are incomplete or out of date, untrue or have been collected in violation of the Act or are no longer necessary for the purpose for which they were collected.
5.3. If the Service User or the Customer grants consent to the processing of data for direct marketing of the Administrator's own products or services, the consent may be revoked at any time.
5.4. In the event that the Administrator intends to process or processes the data of the Service Recipient or Customer for the purpose of direct marketing of the Administrator's own products or services, the data subject is also entitled to (1) submit a written, motivated request to stop processing his data due to his special situation or to (2) object to the processing of its data.
6. FINAL PROVISIONS
6.2. The administrator uses technical and organizational measures to ensure the protection of the processed personal data appropriate to the threats and categories of data protected, in particular, protects the data against unauthorized disclosure, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.
6.3. The administrator provides the following technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons:
6.3.1. Securing the data set against unauthorized access.
6.3.2. Access to the Account only after providing an individual login and password.
6.3.3. SSL certificate.
I. PURPOSE AND SCOPE OF DATA COLLECTION AND THE LEGAL BASIS FOR THESE ACTIVITIES:
- Your personal data is processed for three purposes, depending on your consent:
- responding to your inquiries sent via the contact form - the legal basis for these activities is the principle that data processing is necessary to take action at the request of the data subject,
- sending offers, newsletter - the legal basis for these activities is your consent to the processing of personal data for one or more specific purposes,
- for recruitment purposes - the legal basis for these activities is your consent to the processing of personal data for one or more specific purposes.
- We process the following scope of your data:
- First name and last name,
- e-mail adress,
- Phone number,
- any other data provided by you in the content of the inquiry sent via the contact form, or sent to us in the files attached to the correspondence,
- We do not collect additional information about you from other sources.
- We do not sell personal data, we do not share it with other entities. In particular, your data is not transferred outside the European Economic Area or transferred to international organizations.
II. STORAGE AND DELETION OF DATA
- We try to limit the period of storage of personal data that is no longer used as much as possible. Please be advised, however, that such a situation may take place for operational and technological reasons. By this we mean the time needed to decide whether further contact is advisable, as well as the time needed to delete data from the backup.
- Your data processed for the purpose of handling the inquiry will be processed with us for the duration of the correspondence, and then, depending on the results, or will be added to our customer base and will be further processed in order to perform the contract, or will be deleted if not there will be an opportunity to establish cooperation.
- In the event of a clear closure of conversations on your part, the data will be deleted immediately from the working system databases, and from the backup copies, within thirty days.
- In the event of no answer and unclear situation, the data will be stored for a period of 6 months from the date of sending the last message.
- Data processed on the basis of consent, i.e. data used to send marketing information, will be processed until the consent is withdrawn. You should also add a period of 30 days needed to remove them from the backup.
III. RIGHT TO WITHDRAW CONSENT, RIGHT TO INSPECT, ACCESS AND CORRECT YOUR DATA, RIGHT TO DATA TRANSFER, RIGHT TO OBJECT TO FURTHER PROCESSING AND APPLICATION RIGHT
- We inform you that we process your data for marketing purposes based on your voluntary consent. We inform you that this consent may be withdrawn at any time. For this purpose, we suggest that you send us a message from the same e-mail address or telephone number to which you receive marketing content. The sole consequence of withdrawing your consent will be the fact that you will no longer be able to receive information from us about our offer and other marketing content. We also inform you that the withdrawal of consent does not affect the legality of our processing of data that took place before the withdrawal.
- You have the right to access your personal data and the right to request immediate rectification of incorrect personal data. In addition, you have the right to request that incomplete personal data be supplemented.
- You have the right to object at any time to the processing of your personal data for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing.
- You have the right to demand that we limit the processing of your personal data for the time of checking the correctness of data or pursuing claims.
- You also have the right to ask us to send your data to you or directly to another controller in a commonly used machine-readable format. Please be advised that this right applies only to the data we have received from you. Considering the fact that only data about you is processed in text form, the transfer of data consists in generating by us text documents in docx format containing the history of your inquiries. These documents will not contain our answers, and therefore in particular our advice or any other type of expert knowledge because it is not subject to your right (it is not transferable).
- All the above matters should be sent to our office at firstname.lastname@example.org
- We would like to inform you that you also have the right to lodge a complaint with the supervisory body, which is the President of the Data Protection Office.