Privacy Policy

PRIVACY POLICY

DZIANE.PL ONLINE SHOP

SPIS TREŚCI: 

1. GENERAL PROVISIONS

2. GROUNDS FOR DATA PROCESSING

3. THE PURPOSE, BASIS AND DURATION OF THE DATA PROCESSING IN THE ONLINE SHOP

4. RECIPIENTS OF DATA IN THE ONLINE SHOP

5. PROFILING IN AN ONLINE SHOP

6. RIGHTS OF THE DATA SUBJECT

7. WEB SHOP COOKIES AND ANALYSTS

8. FINAL PROVISIONS

1. GENERAL PROVISIONS

   1. This Privacy Policy of the On-line shop is of informative nature, which means that it is not a source of obligations for the Customers or Clients of the On-line shop. The Privacy Policy primarily contains rules concerning the processing of personal data by the Administrator in the On-line shop, including the grounds, purposes and period of personal data processing and the rights of the data subjects, as well as information concerning the use of cookies and analytical tools in the On-line shop.

   2. The administrator of personal data collected via the Internet Shop is PRZEMYSŁAW MATŁOKA, conducting business activity under the company FHU PRZEMYSŁAW MATŁOKA, entered into the Central Register and Information on Business Activity of the Republic of Poland, kept by the minister in charge of economy, having: address of the place of business activity: ul. Władysława Hermana 10, 88-100 Inowrocław and address for delivery: ul. Orłowska 43, 88-100 Inowrocław, NIP 5562553646, REGON 340075552, e-mail address: przemek@4lans.pl and telephone number: (+48) 606 766 495 - hereinafter referred to as the "Administrator" and being at the same time the Online Shop Provider and the Seller.

   3. Contact details of the data protection officer appointed by the Administrator: ADRIAN SOBKOWIAK, having an e-mail address: adrian@4lans.pl and a telephone number: (+48) 661 729 090.

   4. Personal data in the Online Shop shall be processed by the Administrator in accordance with the applicable laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) - hereinafter referred to as the "GDPR" or "GDPR Regulation". The official text of the GDPR Regulation:http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679 

   5. The use of the Online Shop, including making purchases, is voluntary. Similarly, the provision of personal data by the user of the On-line shop to the Customer or the Client is voluntary, subject to two exceptions: (1) entering into agreements with the Administrator - failure to provide, in the cases and to the extent indicated on the website of the Online Shop and in the Rules and Regulations of the Online Shop and this Privacy Policy, personal data necessary to conclude and perform a Sales Agreement or an agreement for provision of the Electronic Service with the Administrator shall result in the impossibility of concluding such an agreement. In such a case, providing personal data is a contractual requirement and if the data subject wishes to conclude a given agreement with the Admin, he/she is obliged to provide the required data. Each time the scope of data required to conclude an agreement is indicated in advance on the website of the On-line shop and in the Rules and Regulations of the On-line shop; (2) Statutory obligations of the Administrator - providing personal data is a statutory requirement resulting from the generally applicable provisions of law imposing on the Administrator the obligation to process personal data (e.g. processing of data for the purpose of keeping tax or accounting books) and failure to provide such data shall prevent the Administrator from performing those obligations.

   6. The Administrator shall take particular care to protect the interests of the persons whose personal data it processes, and in particular shall be responsible for and ensure that the data it collects are accurate: (1) processed lawfully; (2) collected for specified, legitimate purposes and not further processed in a way incompatible with those purposes; (3) substantially accurate and adequate in relation to the purposes for which they are processed; (4) kept in a form which permits identification of data subjects for no longer than is necessary for the purpose of the processing and (5) processed in a way which ensures adequate security of personal data, including protection against unlawful or incompatible processing and accidental loss, destruction or damage, by appropriate technical or organisational means.

   7. Having regard to the nature, scope, context and purposes of the processing and the risk of infringement of the rights or freedoms of natural persons of varying degrees of likelihood and seriousness, the controller shall implement appropriate technical and organisational measures to ensure that the processing is carried out in accordance with this Regulation and to demonstrate this. Those measures shall be reviewed and updated as necessary. The controller shall apply technical measures to prevent the acquisition and modification by unauthorised persons of personal data transmitted electronically.

   8. All words, expressions and acronyms appearing in this privacy policy and beginning with a capital letter (e.g. Seller, Online Shop, Electronic Service) shall be understood as defined in the Online Shop Terms and Conditions available on the Online Shop's website.

2. GROUNDS FOR DATA PROCESSING

   1. The Administrator shall be authorised to process personal data in cases where and to the extent that one or more of the following conditions are fulfilled: (1) the data subject has consented to the processing of his/her personal data for one or more specified purposes; (2) processing is necessary for the performance of a contract to which the data subject is party or to take action at the request of the data subject before the conclusion of the contract; (3) processing is necessary for the fulfilment of a legal obligation incumbent on the Controller; or (4) processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party, except where the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data, in particular where the data subject is a child, take precedence over these interests.

   2. Processing of personal data by the Administrator requires each time at least one of the grounds indicated in point 1.1. 2.1 of the privacy policy. The specific grounds for the processing of personal data of the Customers and Clients of the On-line shop by the Administrator are indicated in the next point of the Privacy Policy - in relation to the given purpose of personal data processing by the Administrator.

3. THE PURPOSE, BASIS AND DURATION OF THE DATA PROCESSING IN THE ONLINE SHOP

   1. Each time the purpose, basis and period as well as the recipients of personal data processed by the Administrator result from actions taken by a given Service Recipient or Client in the Online Shop or by the Administrator. For example, if the Client decides to make purchases in the Online Shop and chooses personal collection of the purchased Product instead of courier service, his or her personal data will be processed in order to perform the concluded Sales Agreement, but will no longer be made available to the carrier carrying out shipments on the Administrator's order.

   2. The Administrator may process personal data within the framework of the On-line shop for the following purposes, on the grounds and during the periods indicated in the table below:

4. RECIPIENTS OF DATA IN THE ONLINE SHOP

   1. For the proper functioning of the Online Store, including the performance of concluded Sales Agreements, it is necessary for the Administrator to use the services of external entities (such as a software supplier, courier or payment service provider). The Administrator uses only the services of such processing entities which provide sufficient guarantees of implementation of appropriate technical and organisational measures, so that the processing meets the requirements of the GDPR Regulation and protects the rights of the data subjects.

   2. Data transfer by the Administrator does not take place in every case and not to all recipients or categories of recipients indicated in the privacy policy - the Administrator transfers the data only if it is necessary for the realization of a given purpose of personal data processing and only to the extent necessary for its realization. For example, if the Customer uses personal collection, his/her data shall not be transferred to the carrier cooperating with the Administrator.

   3. Personal data of the Customers and Clients of the On-line shop may be transferred to the following recipients or categories of recipients:

      1. carriers / freight forwarders / courier brokers / entities operating the warehouse and/or the shipping process - in the case of a Customer who uses the method of delivery of the Product in the Online Store by mail or courier, the Administrator shall make the collected personal data of the Customer available to a selected carrier, freight forwarder or intermediary carrying out shipments upon the Administrator's order, and if the shipment is made from an external warehouse - to the entity operating the warehouse and/or the shipping process - to the extent necessary to complete the delivery of the Product to the Customer.

      2. entities handling electronic payments or a payment card - in the case of a Customer who uses an electronic payment method or a payment card in the Online Shop, the Administrator shall make the collected personal data of the Customer available to a selected entity handling the above payments in the Online Shop upon the Administrator's order to the extent necessary to handle the payment made by the Customer.

      3. service providers providing the Administrator with technical, IT and organisational solutions enabling the Administrator to conduct business activity, including the Online Shop and the Electronic Services provided by it (in particular, computer software providers for running the Online Shop, e-mail and hosting providers, as well as software providers for managing the company and providing technical assistance to the Administrator) - the Administrator shall make the collected personal data of the Client available to a selected provider acting on its behalf only in the case and to the extent necessary to achieve the given purpose of data processing in accordance with this privacy policy.

      4. providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (in particular an accounting office, a law firm or a debt collection company) - the Administrator shall make the collected personal data of the Client available to a selected provider acting on his behalf only in the case and to the extent necessary to achieve a given data processing purpose in accordance with this privacy policy.

5. PROFILING IN AN ONLINE SHOP

   1. The RBD Regulation imposes an obligation on the controller to inform about automated decision making, including profiling referred to in Article 22 (1) and (4) of the RBD Regulation, and - at least in these cases - relevant information about the rules of making such decisions, as well as about the significance and expected consequences of such processing for the data subject. With this in mind, the Administrator provides in this point of the privacy policy information on possible profiling.

   2. The Administrator may use profiling in the Internet Shop for direct marketing purposes, but the decisions taken by the Administrator on its basis shall not concern the conclusion or refusal to conclude a Sales Agreement or the possibility to use Electronic Services in the Internet Shop. The effect of using profiling in the Online Shop may be, for example, granting a discount to a given person, sending him/her a discount code, a reminder of unfinished purchases, sending a product proposal that may correspond to the person's interests or preferences or offering better conditions compared to the standard offer of the Online Shop. Despite profiling, it is a person who decides freely whether he or she will want to take advantage of the resulting discount or better conditions and make a purchase in the Online Shop.

   3. Profiling in the Online Shop consists in automatic analysis or forecasting of a person's behaviour on the Online Shop's website, e.g. by adding a particular Product to the basket, browsing the website of a particular Product in the Online Shop or by analysing the history of purchases made in the Online Shop to date. The condition for such profiling is that the Administrator has the personal data of a given person so that he or she can then send them e.g. a discount code.

   4. The data subject shall have the right not to be subject to a decision which is based solely on automated processing, including profiling, and which produces legal effects on him or her or significantly affects him or her in a similar manner.

6. RIGHTS OF THE DATA SUBJECT

   1. Right of access, rectification, restriction, erasure or transfer - the data subject has the right to demand from the controller access, rectification, erasure ("right to be forgotten") or restriction of the processing and has the right to object to the processing and to transfer his data. The detailed conditions for exercising the aforementioned rights are specified in Articles 15-21 of the GDPR Regulation.

   2. The right to withdraw consent at any time - a person whose data are processed by the controller on the basis of his/her consent (pursuant to Article 6(1)(a) or 9(2)(a) of the GDPR Regulation) is entitled to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.

   3. The right to lodge a complaint to the supervisory authority - a person whose data are processed by the Administrator has the right to lodge a complaint to the supervisory authority in the manner and procedure specified in the provisions of the GAC Regulation and Polish law, in particular the Personal Data Protection Act. The supervisory authority in Poland is the President of the Office for Personal Data Protection.

   4. The right to object - the data subject has the right to object at any time, on grounds relating to his particular situation, to the processing of personal data relating to him based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the controller), including profiling on the basis of those provisions. The controller shall in such a case no longer process the personal data unless the controller demonstrates that there are compelling legitimate grounds for processing overriding the interests, rights and freedoms of the data subject or grounds for establishing, pursuing or defending claims.

   5. Right to object to the processing of personal data relating to him/her for the purposes of direct marketing - where personal data are processed for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data relating to him/her for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing.

   6. In order to exercise the rights referred to in this section of the privacy policy, the Administrator may be contacted by sending an appropriate message in writing or by e-mail to the Administrator's address indicated at the beginning of the privacy policy or using the contact form available on the Online Shop website.

7. WEB SHOP COOKIES AND ANALYSTS

   1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Internet Shop (e.g. on the hard drive of a computer, laptop or on the memory card of a smartphone - depending on which device the visitor to our Internet Shop uses). Detailed information about the cookies, as well as the history of their creation, can be found here: http://pl.wikipedia.org/wiki/Ciasteczko.

   2. The Administrator may process the data contained in the Cookies files when visitors use the Website of the Online Shop for the following purposes:

      1. identify Customers as logged in to the Online Store and show that they are logged in;

      2. remembering the Products added to the basket in order to place an Order;

      3. remembering data from completed Order Forms, surveys or login data to the Online Shop;

      4. adjusting the content of the On-line shop's website to the Customer's individual preferences (e.g. concerning colours, font size, page layout) and optimising the use of the On-line shop's pages;

      5. keep anonymous statistics showing how the website of the On-line shop is used;

      6. Remarketing, i.e. researching the behavioural characteristics of shoppers through an anonymous analysis of their activities (e.g. repeated visits to specific sites, keywords, etc.) in order to create their profile and provide them with advertisements tailored to their anticipated interests, including when they visit other sites on the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd.

   3. By default, most web browsers on the market accept to save cookies by default. Everyone has the possibility to determine the conditions of use of cookies by means of their own web browser settings. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the possibility of saving cookies - in the latter case, however, this may affect some of the functionalities of the Online Shop (for example, it may not be possible to pass the Order path through the Order Form due to not remembering the Products in the shopping cart during the subsequent steps of placing an Order).

   4. The settings of your web browser regarding cookies are relevant to your consent to the use of cookies by our Webshop - according to the regulations, such consent may also be given by your web browser settings. In the absence of such consent, it is necessary to change the settings of your Internet browser in the scope of cookies accordingly.

   5. Detailed information on changing the settings for cookies and removing them yourself in the most popular web browsers is available in the help section of your web browser and on the following pages (just click on the link):

in the browser Chrome 

in a Firefox browser

in Internet Explorer 

in the Opera browser 

in the Safari browser

in the Microsoft Edge browser

6. 6. The Administrator may use Google Analytics, Universal Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). These services help the Administrator to keep statistics and analyse traffic in the Webshop. The data collected is processed by the above services to generate statistics to help the Administrator administer the Webshop and analyse the traffic in the Webshop. These data are of an aggregate nature. The Administrator using the above services in the On-line shop collects such data as the sources and medium of obtaining visitors to the On-line shop and the manner of their behaviour on the website of the On-line shop, information on devices and browsers from which they visit the site, IP and domain, geographical data and demographic data (age, gender) and interests.

   7. It is possible for an individual to easily block the sharing of information about his or her activities on the Online Shop website with Google Analytics - for example, you can install the browser add-on provided by Google Ireland Ltd. available here: https://tools.google.com/dlpage/gaoptout?hl=pl.

7. FINAL PROVISIONS

   1. The Internet shop may contain links to other websites. The Administrator encourages you to read the privacy policy set out there when you go to other sites. This privacy policy applies only to the Administrator's Webshop.