1. General provisions
1.1. This Privacy Policy is addressed to Buyers and other users of the online store at odplyw.pl.
1.2. The policy defines the rules for the collection and processing of personal data obtained by the Administrator both when registering an account on the Website, using the website, as well as when making purchases without creating an account and when subscribing to the newsletter.
2. Personal data administrator
The administrator of personal data is Sponcom Marek Krzesak, ul. Market Square Powstańców 1863 No. 21, 42-160 Krzepice, NIP: 574-191-19-09, REGON: 240845964, e-mail: info@odplyw.pl, phone: +48 790 556 585.
3. Legal basis for the processing of personal data
3.1. Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR).
3.2. The legal basis for the processing of your personal data by the Administrator is:
a) the need to perform contracts concluded by you with the Administrator, as well as to take action before concluding the contracts at your request (Article 6 (1) (b) of the GDPR);
b) processing is necessary to fulfill the legal obligation incumbent on the Administrator (Article 6 (1) (c) of the GDPR),
c) consent of the data subject to the processing of data for marketing purposes, including sending commercial information via e.g. a newsletter (Article 6 (1) (a) of the GDPR),
3.3. Providing your personal data on the basis of the above-mentioned point a) and b) is voluntary, however, refusal to provide data will prevent you from using the Store and the services provided electronically by the Administrator.
3.4. The user may at any time withdraw consent to the processing of personal data in one or more cells.
3.5. You can unsubscribe from the newsletter at any time by clicking on the deactivation link in the newsletter or by appropriate statements submitted to the Administrator via e-mail.
4. Purposes and scope of personal data processing
4.1. The personal data provided by you will be processed for the purpose and to the extent necessary in connection with the conclusion and performance of the contract and for direct marketing of the Administrator's goods and services.
4.2. In order to perform the contract, the Administrator will process the following data provided by you: name, surname, address, e-mail address, telephone number, tax identification number, company name, delivery address.
4.3. In order to send you information and commercial materials in the form of a newsletter, the Administrator will process the e-mail address provided by you.
5. Providing personal data
5.1. Your personal data will be made available to competent state authorities or third parties if such an obligation results from generally applicable law.
5.2. The administrator provides your personal data to the selected carrier or intermediary performing shipments at the request of the Administrator for the purpose of delivery, to the entity handling electronic payments or payment by credit card in order to make these payments and to the entity providing the Administrator with services in the form of sending SMS messages with the status of the order, as well as entities providing hosting services and entities from the IT industry maintaining the online store.
5.3. In the event of consent to the transfer of personal data to ceneo.pl (Ceneo.pl Sp.z o.o.with headquarters in Poznań (60-166), ul. Grunwaldzka 182, KRS: 0000493884). Your personal data will be transferred to the above-mentioned entity in order to be able to express an opinion on the operation of our Store and the quality of service.
6. Data protection
6.1. The Administrator is obliged to protect the Buyers' data collected when making purchases in the Store in accordance with applicable regulations and in accordance with the highest standards of security and data protection.
6.2. The administrator ensures the security of personal data thanks to the implemented appropriate technical and organizational measures aimed at preventing unlawful data processing and their accidental loss, destruction, and damage. The administrator takes all possible measures to ensure that the personal data is:
a) correct and lawfully processed,
b) obtained only for specific purposes and not further processed in a manner inconsistent with these purposes,
c) adequate, relevant, and not excessive,
d) accurate and up-to-date,
e) not kept longer than necessary,
f) processed in accordance with the rights of the persons they relate to, including the right to reserve sharing,
g) safely stored,
h) not transferred without adequate protection.
6.3. Personal data files are protected against access by third parties. Only persons authorized by the Administrator, trained in the protection of personal data and obliged to keep your personal data confidential, are allowed to process your personal data.
6.4. Personal data collected in order to conclude or perform the contract and fulfill the legal obligation by the Seller are stored for the period necessary to: (1) secure or pursue any claims arising from the contract, (2) after-sales service for the Buyer (consideration of complaints), (3) fulfillment of from the legal obligation imposed on the Seller (resulting, for example, from accounting regulations and tax regulations). Personal data processed for marketing purposes (e.g. newsletter) and other purposes are processed until the consent to their processing is withdrawn or an objection is raised. Personal data related to a subscription to the newsletter are processed, in the absence of withdrawal of consent to their processing, for the period of subscription to the newsletter.
6.5. The data of people who set up an account in the online store are processed until the account is deleted from the portal.
7. Powers
7.1. You are entitled to request the administrator to access personal data, rectify it, delete or limit processing, the right to transfer data and object to processing, as well as the right to transfer data. You have the right to withdraw your prior consent to the processing of personal data at any time.
7.2. You have the right to obtain the following information from the Administrator:
a) about the purpose, scope, and method of processing your personal data,
b) from when your data is processed,
c) about the source from which your data comes,
d) about the recipients or categories of recipients to whom the data is shared.
7.3. In addition, at your request, the Administrator will complete, update and correct your personal data, as well as suspend (temporarily or permanently) their processing or delete them if your data turns out to be incomplete, out of date, untrue, or has been collected in violation of the Act or is no longer necessary to achieve the purpose for which they were collected.
7.4. In addition, in the case of processing your data by the Administrator for the purpose of direct marketing, you have the right to object at any time to the processing of personal data for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing. In order to use the rights referred to in this paragraph, an appropriate request must be submitted to the Administrator by e-mail.
7.5. You have the right to lodge a complaint with the supervisory authority if you believe that the processing of personal data violates the provisions of the GDPR.
8. Change of data
In the event that your personal data changes, please update them yourself in the user account, if it has been established, or notify the Administrator of this fact by phone, letter to the company's address, or by e-mail to the Administrator's e-mail address.
9. Cookies
9.1. The administrator declares that he uses "cookies".
9.2. Cookies are information that is sent by the server and saved on your device (e.g. computer or telephone hard drive).
9.3. The data obtained using cookies do not allow you to be identified, but allow the Administrator to determine whether the Store was visited using a given computer (which is not tantamount to information about who visited the Store) and what its user preferences had at that time (what interested him the most) in the shop).
9.4. The administrator uses internal cookies for the purpose of:
a) ensure the proper functioning of the Store and the Application,
b) statistical,
c) adapting the Store to your preferences.
9.5. The administrator may place both permanent and temporary files on your device.
9.6. Temporary files are usually deleted when the browser is closed, but in relation to persistent files, closing the browser does not delete them.
9.7. Temporary files are used to identify the User as logged in.
9.8. Persistent files are files that provide specific functions not only during a given session but throughout the period of their storage on the computer. Persistent files are used to: collect information on how to use the Store and the Application, including data on the subpages visited by the User and any errors, check the effectiveness of Store and Application advertisements, improve the operation of the Store and Application by registering errors, testing various Design options of the Store and the Application, remembering Users' settings regarding their preferences, showing customers that they are logged in to the Store or Application.
9.9. The store uses Google Analytics, which uses cookies on your device to compile statistics on the volume of traffic in the Store and the method of using the Store.
9.10. In order to advertise the Store and its services, the Administrator uses Google AdWords, which uses cookies placed on your device.
9.11. You can delete cookies left by the Store from your device at any time in accordance with the instructions of the manufacturer of your web browser.
9.12. It is also possible to block the access of cookies to your device by appropriately configuring your browser, however, then the Store may not function properly.
9.13. The administrator uses a server that automatically saves in the server logs in order to analyze the operation of the IT system, information about the device you use when connecting to the Store, i.e. the type of device and browser you use, your computer's IP, date and time of entry, text description of the event, qualification of the event.
9.14. Only persons authorized to administer the IT system have access to log files. Files with logs can be used to compile statistics on the assessment of traffic in the Store and the occurrence of errors that make it impossible to identify you.
10. Final provisions
10.1. The Administrator reserves the right to change the Policy at any time by posting the changed Policy at odplyw.pl.
10.2. The new wording of the policy will be effective from the date of its publication at the address indicated in point 10.1.