TerGoPedia:Privacy policy: Difference between revisions

From TerGoPedia

No edit summary
No edit summary
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
Privacy and cookies policy


TABLE OF CONTENTS:
<h5>§ 1. GENERAL PROVISIONS</h5>
GENERAL PROVISIONS
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
BASIS FOR THE PROCESSING OF DATA
<li style="margin-bottom: 15px;"><strong>1.1.</strong><br />
PURPOSE, BASIS AND PERIOD OF PROCESSING DATA IN THE ONLINE SHOP
This Privacy Policy of the website and the Online Shop is of informative nature, which means that it is not a source of obligations for Service Recipients or Customers of the Online Shop. <br />The Privacy Policy contains, above all, the principles concerning the processing of data by the Controller on the website and in the Online Shop, including the basis, purpose and period of personal data processing and the rights of data subjects as well as information regarding the use of cookies and analytical tools in the Online Shop.</li>
DATA RECIPIENTS IN THE ONLINE SHOP
<li style="margin-bottom: 15px;"><strong>1.2.</strong><br />
PROFILING IN THE ONLINE SHOP
The Controller of the personal data collected via the websites: tergo.io and pl.tergo.io and the Online Shop shall be the limited liability company TERRA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ based in Poland (the office address and correspondence address: Piastowska 7/120, 80-332 Gdańsk, Poland), registered in the register of entrepreneurs of National Court Registry under the number: 0000857732; register court which holds the company’s documentation: District Court Gdańsk – Północ in Gdańsk, VIII Commercial Department of National Court Registry; share capital in the amount of: 500 000,00 PLN; tax ID no. NIP: 5862359150, National Economy Register No. REGON 386466110, e-mail address: [email protected] – here in after referred to as “Controller” and being simultaneously the Service Provider of the Online Shop and the Seller. In any matters related to the processing of personal data, you can contact the Administrator by writing to the following address: [email protected].</li>
THE RIGHTS OF THE DATA SUBJECT
<li style="margin-bottom: 15px;"><strong>1.3.</strong> Personal data on the website and in the Online Shop shall be processed by the<br />
COOKIES IN THE ONLINE SHOP AND ANALYTICS
Controller in accordance with the binding legal regulations, in particular the Regulation (EU) 2016/679 of the<br />
FINAL PROVISIONS
European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the<br />
processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data<br />
Protection Regulation) ­ hereinafter referred to as <strong>“GDPR”</strong> or <strong>“GDPR Regulation”</strong>.<br />
The official text of the GDPR<br />
Regulation:<br />
http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679</li>
<li style="margin-bottom: 15px;"><strong>1.4.</strong> Using the website and the Online Shop, including shopping, is voluntary.<br />
Similarly, providing personal data by the Service Recipient or the Customer using the website and the Online Shop is voluntary,<br />
subject to two exceptions: (1) <strong>into contracts with the Controller</strong> – failure to provide the personal<br />
data<br />
necessary for the conclusion and performance of the Sales Contract or a contract for the provision of an Electronic<br />
Service with the Controller in the cases and within the scope indicated on the website of the Online Shop and the<br />
Regulations of the Online Shop and this Privacy Policy shall result in no possibility to enter into the contract.<br />
Providing personal data is a contractual requirement in such a case and if the data subject is willing to enter into<br />
the contract with the Controller, they shall be obligated to provide the required data. The scope of the data<br />
required to enter into the contract is each time specified in advance on the website of the Online Shop and in the<br />
Regulations of the Online Shop; (2) <strong>statutory obligations of the Controller</strong> – specifying the<br />
personal data is a<br />
statutory requirement resulting from the commonly binding legal regulations obligating the Controller to process the<br />
personal data (e.g. processing data to keep ledgers) and failure to specify the data will render it impossible for<br />
the Controller to perform the obligations.</li>
<li style="margin-bottom: 15px;"><strong>1.5.</strong> The Controller assures due diligence to protect the<br />
interest of persons being data subjects, in particular being responsible and liable for and assuring that the data<br />
collected are: (1) processed in accordance with the Act; (2) collected for specific, legal purposes and not subject<br />
to further processing inconsistent with the purposes; (3) correct as regards the subject matter and adequate as<br />
regards the purpose of the processing; (4) stored in a form making it possible to identify the people they apply to,<br />
no longer than it proves necessary to attain the purpose of processing and (5) processed in a manner ensuring<br />
security of the personal data, including the protection against illicit or illegal processing or accidental loss,<br />
damage or destruction, with the use of appropriate technical and organisational measures.</li>
<li style="margin-bottom: 15px;"><strong>1.6.</strong> Taking into account the nature, scope, context and purpose<br />
of processing as well as the risk of breaching the rights or freedoms of natural persons with varied likelihood and<br />
degree of threat, the Controller is implementing appropriate technical and organisational measures so that the<br />
processing takes place pursuant to the GDPR Regulation and it is possible to show it. The measures are reviewed and<br />
updated, as necessary. The Controller applies technical measures preventing the acquisition and modification of<br />
personal data sent electronically by unauthorised persons.</li>
<li style="margin-bottom: 15px;"><strong>1.7.</strong> Any words, phrases and acronyms used in this privacy<br />
policy starting with a capital letter (e.g. <strong>Seller, Online Shop, Electronic Service</strong>) shall be<br />
understood in<br />
accordance with the definition contained in the Regulations of the Online Shop available on the websites of the<br />
Online Shop.</li>
</ul>
<h5>§ 2. BASIS FOR THE PROCESSING OF DATA</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>2.1.</strong> The Controller is authorised to process the personal data<br />
in cases, and to the extent, when at least one of the following conditions is met: (1) the data subject consented to<br />
the processing of their data to one or more specified ends; (2) processing is necessary for contract performance the<br />
data subject is a party to, or to take actions to the request of the data subject, prior to contract conclusion; (3)<br />
processing is necessary to meet the legal obligation of the Controller; or (4) processing is necessary for the needs<br />
resulting from the legally justified interests of the Controller or third party, except for situations when the<br />
interests or basic rights and freedoms of the data subject override such interests and they require personal data<br />
protection, especially when the data subject is a child.</li>
<li style="margin-bottom: 15px;"><strong>2.2.</strong> The processing of personal data by the Controller each<br />
time requires having at least one basis indicated in item 2.1 of the privacy policy. Specific bases for processing<br />
personal data of the Service Recipients or the Customers of the website and the Online Shop by the Controller are specified in the<br />
following point of the privacy policy – as regards the specific goal of processing personal data by the Controller.</li>
</ul>
<h5>§ 3. PURPOSE, BASIS AND PERIOD OF PROCESSING DATA IN THE ONLINE SHOP</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="list-style-type: none;">
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>3.1.</strong> Each time, the purpose, basis and period as well as the<br />
recipients of personal data being processed by the Controller result from actions undertaken by a given Service<br />
Recipient or Customer on the website and in the Online Shop.</li>
<li style="margin-bottom: 15px;"><strong>3.2.</strong>The Controller may process the personal data in the Online Shop<br />
for the purposes, on the bases and within the periods as follows:</li>
</ul>
</li>
</ul>
<div class="table-container">
<div class="table-wrapper">
<table style="margin-left: 40.85pt; border-collapse: collapse; border: none;">


§ 1. GENERAL PROVISIONS
<tr>
1.1. This Privacy Policy of the website and the Online Shop is of informative nature, which means that it is not a source of obligations for Service Recipients or Customers of the Online Shop. The Privacy Policy contains, above all, the principles concerning the processing of data by the Controller on the website and in the Online Shop, including the basis, purpose and period of personal data processing and the rights of data subjects as well as information regarding the use of cookies and analytical tools in the Online Shop.
<td style="width: 148.85pt; border: solid windowtext 1.0pt; padding: 0cm 5.4pt 0cm 5.4pt; height: 30.8pt;">
1.2. The Controller of the personal data collected via the websites: tergo.io and pl.tergo.io and the Online Shop shall be the limited liability company TERRA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ based in Poland (the office address and correspondence address: Piastowska 7/120, 80-332 Gdańsk, Poland), registered in the register of entrepreneurs of National Court Registry under the number: 0000857732; register court which holds the company’s documentation: District Court Gdańsk – Północ in Gdańsk, VIII Commercial Department of National Court Registry; share capital in the amount of: 500 000,00 PLN; tax ID no. NIP: 5862359150, National Economy Register No. REGON 386466110, e-mail address: [email protected] – here in after referred to as “Controller” and being simultaneously the Service Provider of the Online Shop and the Seller. In any matters related to the processing of personal data, you can contact the Administrator by writing to the following address: gdpr@tergo.io.
<p style="line-height: normal; text-align: center; margin: 4.8pt 0cm 4.8pt 0cm;"><strong>Purpose of data processing</strong></p>
1.3. Personal data on the website and in the Online Shop shall be processed by the Controller in accordance with the binding legal regulations, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ­ hereinafter referred to as “GDPR” or “GDPR Regulation”. The official text of the GDPR Regulation: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679
</td>
1.4. Using the website and the Online Shop, including shopping, is voluntary. Similarly, providing personal data by the Service Recipient or the Customer using the website and the Online Shop is voluntary, subject to two exceptions: (1) into contracts with the Controller – failure to provide the personal data necessary for the conclusion and performance of the Sales Contract or a contract for the provision of an Electronic Service with the Controller in the cases and within the scope indicated on the website of the Online Shop and the Regulations of the Online Shop and this Privacy Policy shall result in no possibility to enter into the contract. Providing personal data is a contractual requirement in such a case and if the data subject is willing to enter into the contract with the Controller, they shall be obligated to provide the required data. The scope of the data required to enter into the contract is each time specified in advance on the website of the Online Shop and in the Regulations of the Online Shop; (2) statutory obligations of the Controller – specifying the personal data is a statutory requirement resulting from the commonly binding legal regulations obligating the Controller to process the personal data (e.g. processing data to keep ledgers) and failure to specify the data will render it impossible for the Controller to perform the obligations.
<td style="width: 163.0pt; border: solid windowtext 1.0pt; border-left: none; padding: 0cm 5.4pt 0cm 5.4pt; height: 30.8pt;">
1.5. The Controller assures due diligence to protect the interest of persons being data subjects, in particular being responsible and liable for and assuring that the data collected are: (1) processed in accordance with the Act; (2) collected for specific, legal purposes and not subject to further processing inconsistent with the purposes; (3) correct as regards the subject matter and adequate as regards the purpose of the processing; (4) stored in a form making it possible to identify the people they apply to, no longer than it proves necessary to attain the purpose of processing and (5) processed in a manner ensuring security of the personal data, including the protection against illicit or illegal processing or accidental loss, damage or destruction, with the use of appropriate technical and organisational measures.
<p style="line-height: normal; ;text-align: center; margin: 4.8pt 0cm 4.8pt 0cm;"><strong>Legal basis for processing data </strong></p>
1.6. Taking into account the nature, scope, context and purpose of processing as well as the risk of breaching the rights or freedoms of natural persons with varied likelihood and degree of threat, the Controller is implementing appropriate technical and organisational measures so that the processing takes place pursuant to the GDPR Regulation and it is possible to show it. The measures are reviewed and updated, as necessary. The Controller applies technical measures preventing the acquisition and modification of personal data sent electronically by unauthorised persons.
</td>
1.7. Any words, phrases and acronyms used in this privacy policy starting with a capital letter (e.g. Seller, Online Shop, Electronic Service) shall be understood in accordance with the definition contained in the Regulations of the Online Shop available on the websites of the Online Shop.
<td style="width: 164.6pt; border: solid windowtext 1.0pt; border-left: none; padding: 0cm 5.4pt 0cm 5.4pt; height: 30.8pt;">
§ 2. BASIS FOR THE PROCESSING OF DATA
<p style="line-height: normal; ;text-align: center; margin: 4.8pt 0cm 4.8pt 0cm;"><strong>Period of data storage</strong></p>
2.1. The Controller is authorised to process the personal data in cases, and to the extent, when at least one of the following conditions is met: (1) the data subject consented to the processing of their data to one or more specified ends; (2) processing is necessary for contract performance the data subject is a party to, or to take actions to the request of the data subject, prior to contract conclusion; (3) processing is necessary to meet the legal obligation of the Controller; or (4) processing is necessary for the needs resulting from the legally justified interests of the Controller or third party, except for situations when the interests or basic rights and freedoms of the data subject override such interests and they require personal data protection, especially when the data subject is a child.
</td>
2.2. The processing of personal data by the Controller each time requires having at least one basis indicated in item 2.1 of the privacy policy. Specific bases for processing personal data of the Service Recipients or the Customers of the website and the Online Shop by the Controller are specified in the following point of the privacy policy – as regards the specific goal of processing personal data by the Controller.
</tr>
§ 3. PURPOSE, BASIS AND PERIOD OF PROCESSING DATA IN THE ONLINE SHOP
<tr>
3.1. Each time, the purpose, basis and period as well as the recipients of personal data being processed by the Controller result from actions undertaken by a given Service Recipient or Customer on the website and in the Online Shop.
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
3.2.The Controller may process the personal data in the Online Shop for the purposes, on the bases and within the periods as follows:
<p style="font-size: 12px; font-family: 'Arial',sans-serif;">The performance of the Sales Contract or a<br />
Purpose of data processing
contract for the provision of an Electronic Service, or taking actions to the request of the data subject,<br />
prior to entering into the above contracts, including sending offers and analytical data, e.g. information on the carbon footprint</p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point b) of the GDPR<br />
Regulation (contract performance) – the processing is required to perform the Sales Contract of which the<br />
data subject is party or to take action to the request of the data subject, prior to entering into the<br />
contract.</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif; color: red;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif; color: black;">The data shall be stored for the<br />
period necessary for the performance, termination or expiry of a contract entered into in a different<br />
manner, or in the event of an objection to the processing of data from their owner.</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Direct marketing</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point f) of the GDPR<br />
Regulation (legitimate interest of the controller) – the processing is required for achieving the goals<br />
based on the legitimate interest of the Controller which includes upholding interests and strengthening<br />
reputation of the Controller and the website and the Online Shop as well as his commitment for increasing sales of<br />
Products</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data shall be stored for the period of the<br />
legitimate interest of the Controller, however no longer than the period of limitation of claims as<br />
regards the data subject under the business activity of the Controller. The period of limitation shall be<br />
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of<br />
claims related to business activity amounts to three years, and for a Sales Contract two years).</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The Controller may not process the data for the<br />
needs of direct marketing in the case of expressing clear objection in this field by the data<br />
subject.</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Sending Newsletter</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point a) of the GDPR<br />
Regulation (consent) – the data subject expressed the consent to process its personal data for receiving<br />
marketing information from the Controller Article 6 (1) 1 lit. f) GDPR Regulations (legitimate interest of the Administrator) &#8211; a person who is interested in testing the TERbit application and receiving marketing information confirms that he has read the Privacy Policy</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data are stored until the data subject<br />
withdraws the consent to further process their data to that end, or &#8211; in the case of processing personal data on the basis of Article 6 para. 1 lit. f) GDPR Regulations &#8211; receipt of an objection to further data processing.</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Expressing an opinion on the concluded Sales<br />
Contract by the Customer</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point a) of the GDPR<br />
Regulation (consent) – the data subject expressed the consent to process its personal data for purpose of<br />
expressing an opinion</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data are stored until the data subject<br />
withdraws the consent to further process their data to that end.</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Recruiting a new employee</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6 (1) 1 lit. a) GDPR Regulations (consent) &#8211; the data subject has consented to the processing of his personal data for the indicated purpose</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data is processed for the duration of the current recruitment. It can also be stored for the purposes of future recruitments, but not longer than for 1 year</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Keeping ledgers</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point c) of the GDPR<br />
Regulation in relation with Article 74 part 2 of the Accounting Act consolidated text of 30 January 2018<br />
(Journal of Laws of 2018 item 395, as amended) – the processing is required for the Controller due to<br />
their statutory obligations</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data shall be stored for the legally<br />
required period, requesting the Controller to store ledgers (5 years from the beginning of the year<br />
following the financial year to which the data relate).</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Determining, pursuing or defence of claims on<br />
the side of the Controller, or ones that may arise as regards the Controller</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point f) of the GDPR<br />
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting<br />
from the legitimate interests of the Controller which includes determining, pursuing or defence of claims<br />
on the side of the Controller, or ones that may arise as regards the Controller</span></p>
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;"> </span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data shall be stored for the period of the<br />
legitimate interest of the Controller, however no longer than the period of limitation of claims against<br />
the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil<br />
Code (the basic period of limitation in the case of claims against the Controller amounts to six<br />
years).</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Use of the website and the Online Shop website and ensuring their proper functioning including leaving personal data in the contact form</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point f) of the GDPR<br />
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting<br />
from the legitimate interests of the Controller which includes operating and maintenance of the Online<br />
Shop</span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data shall be stored for the period of the<br />
legitimate interest of the Controller, however no longer than the period of limitation of claims as<br />
regards the data subject under the business activity of the Controller. The period of limitation shall be<br />
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of<br />
claims related to business activity amounts to three years, and for a Sales Contract two years).</span></p>
</td>
</tr>
<tr>
<td style="width: 148.85pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Preparing statistics and analysing the manner<br />
of the data subject conduct on the website of the Online Shop</span></p>
</td>
<td style="width: 163pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">Article 6, par. 1, point f) of the GDPR<br />
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting<br />
from the legitimate interests of the Controller which includes preparing statistics and analysing the<br />
manner of the data subject conduct on the website of the Online Shop in order to improve the functioning<br />
of the Online Shop and increase sales of Products</span></p>
</td>
<td style="width: 164.6pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: normal; font-size: 15px; font-family: 'Times New Roman',serif; margin: 4.8pt 0cm 4.8pt 0cm;"><span style="font-size: 12px; font-family: 'Arial',sans-serif;">The data shall be stored for the period of the<br />
legitimate interest of the Controller, however no longer than the period of limitation of claims as<br />
regards the data subject under the business activity of the Controller. The period of limitation shall be<br />
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of<br />
claims related to business activity amounts to three years, and for a Sales Contract two years).</span></p>
</td>
</tr>


Legal basis for processing data
</table>
</div>
</div>
<h5 class="uk-text-left">§ 4. Personal data recipients on the website and in the online store</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>4.1.</strong> For the needs of proper website and the Online Shop functioning, inclusive of<br />
the performance of the Contracts of Sale entered into, it shall be necessary for the Controller to make use of<br />
external companies’ services (e.g. software provider, courier, or payment system provider). The Controller uses<br />
solely the services of such processing entities which ensure sufficient guarantee to implement appropriate technical<br />
and organisational measures so that the processing meets the requirements set out in the GDPR Regulation and<br />
protects the rights of data subjects.</li>
<li style="margin-bottom: 15px;"><strong>4.2.</strong> The Controller may provide personal data to a third country,<br />
while the Controller ensures that it shall only be a third country which is considered to provide adequate level of<br />
protection – in accordance with the GDPR Regulation, and in the case of other countries, the data transfer will<br />
occur on the basis of the standard contractual clauses. The Controller ensures that the data subject has a right to<br />
get a copy of their data. The Controller provides personal data to a third country only in case and scope necessary<br />
to execute a certain purpose of data processing consistent with this privacy policy.</li>
<li style="margin-bottom: 15px;"><strong>4.3.</strong> Providing data by the Controller does not take place in every<br />
case and not to all the recipients or categories of recipients defined in the privacy policy – the Controller<br />
provides the data only in the case it proves necessary to attain a given purpose of personal data processing and<br />
solely within the necessary scope.</li>
<li style="margin-bottom: 15px;"><strong>4.4.</strong> Personal data of the Online Shop Service Recipients or<br />
Customers may be provided to the following recipients or categories of recipients:</p>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;">4.4.1. <strong>e-payments or payment card service providers</strong> – in the case<br />
of a Customer who uses in the Online Shop the option of e-payment or payment card, the Controller makes the<br />
collected Customer’s personal data available to the selected payment service provider in the Online Shop for the<br />
Controller to the extent necessary to perform the payment of the Customer.</li>
<li style="margin-bottom: 15px;">4.4.2. <strong>opinion poll system providers</strong> – in the case of a Customer<br />
who consented to express their opinion on the Sales Contract concluded, the Controller makes the collected<br />
personal data of the Customer available to the selected entity providing the system of opinion polls on Contracts<br />
of Sale concluded in the Online Store to the order of the Controller within a scope necessary for the Customer to<br />
present their opinion by means of an opinion poll system.</li>
<li style="margin-bottom: 15px;">4.4.3. <strong>service providers rendering for the Controller technical, IT or<br />
organisational solutions, making it possible for the Controller to conduct a business, inclusive of the Online<br />
Shop and Electronic Services provided via it</strong> (in particular computer software providers for the Online<br />
Shop, e-mail companies and hosting providers as well as software providers for company management and technical<br />
aid for the Controller) – the Controller makes the collected personal data of the Customer available to the<br />
selected provider operating to their order only in the case and to the extent necessary for attaining a given<br />
purpose of data processing in accordance herewith.</li>
<li style="margin-bottom: 15px;">4.4.4. <strong>accounting, legal and counselling services providers rendering for<br />
the Controller accounting, legal or counselling services</strong> (in particular an accounting agency, law firm<br />
or debt collection company) – the Controller makes the collected personal data of the Customer available to the<br />
selected provider operating to their order only in the case and to the extent necessary for attaining a given<br />
purpose of data processing in accordance herewith.</li>
<li style="margin-bottom: 15px;">4.4.5. <strong>providers of social plugins implemented in the Online Shop, of<br />
scripts and other similar tools enabling a person using the Online Shop to download content from the providers<br />
of the said plugins</strong> (i.e. logging in via social media profile) and for this purpose providing the<br />
providers with the personal data of the visitor, including also:</li>
<li style="margin-bottom: 15px;">4.4.5.1. <strong>Facebook Ireland Ltd.</strong> – the Controller uses Facebook<br />
social plugins in the Online Shop (e.g. “Like it” or “Share” button, logging in via Facebook profile) and<br />
therefore collects and discloses personal data of the Service Recipient using the Online Shop to Facebook Ireland<br />
Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) to the extent and in accordance with the<br />
privacy principles available here: https://www.facebook.com/about/privacy/ (this data may include information<br />
about activities in the Online Shop &#8211; including information about the device, the visited websites, purchases,<br />
displayed ads and how to use the services &#8211; regardless of whether the Service Recipient has a Facebook account and<br />
is logged in to Facebook).</li>
</ul>
</li>
</ul>
<h5 class="uk-text-left">§ 5. PROFILING IN THE ONLINE SHOP</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>5.1.</strong> The GDPR Regulation obligates the Controller to inform about<br />
the automated decision-making process, including profiling referred to in Article 22, par. 1 and 4 of the GDPR<br />
Regulation, and – at least in those cases – the vital information concerning the decision-making process as well as<br />
the meaning and foreseeable consequences of processing for the person being the data subject. Bearing in mind the<br />
above, the Controller specifies in this point of the privacy policy the information concerning the possible<br />
profiling.</li>
<li style="margin-bottom: 15px;"><strong>5.2.</strong> The Controller may use profiling in the Online Shop for direct<br />
marketing purposes, yet the decisions made on its basis by the Controller do not concern the conclusion or rejection<br />
to conclude the Sales Contract, or the possibility to make use of Electronic Services in the Online Shop. The result<br />
of profiling in the Online Shop may be e.g. discount for a given person, sending a discount code, reminding about<br />
unfinished purchase process, sending Product offers, which may be related to the interests or preferences of the<br />
person, or offering better conditions as compared with the standard offer of the Online Shop. Regardless of<br />
profiling, the person makes decisions freely, whether they want to use the discount given, or better conditions and<br />
buy a Product in the Online Shop.</li>
<li style="margin-bottom: 15px;"><strong>5.3.</strong> Profiling in the Online Shop consists in automatic analysis or<br />
forecast of the conduct of a given person on the website of the Online Shop, e.g. by adding a given Product to the<br />
cart, browsing the page of a given Product in the Online Shop, or the analysis of the history of purchase in the<br />
Online Shop. The condition for such profiling is for the Controller to have the personal data of the person, so that<br />
they can later send them e.g. a discount code.</li>
<li style="margin-bottom: 15px;"><strong>5.4.</strong> The data subject shall have the right not to depend on the<br />
decision which is only based on automated processing, including profiling, and has some legal effects on the person<br />
or similarly affects them.</li>
</ul>
<h5 class="uk-text-left">§ 6. THE RIGHTS OF THE DATA SUBJECT</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>6.1. </strong><strong>The right to access, rectify, restrict, erase or<br />
transmit</strong> – the data subject shall have the right to demand the Controller to have access to their<br />
personal data, rectify, erase (“the right to be forgotten”) or restrict the processing and shall have the right to<br />
object to the processing and transmit their data. Detailed conditions of the above rights shall be indicated in<br />
Articles 15­22 of the GDPR Regulation.</li>
<li style="margin-bottom: 15px;"><strong>6.2. </strong><strong>The right to withdraw the consent at any time</strong> –<br />
the person whose data are being processed by the Controller on the basis of the consent given (pursuant to Article<br />
6, par. 1, point a) or Article 9, par. 2, point a) of the GDPR Regulation), they shall have the right to withdraw<br />
their consent at any time without any impact on the compatibility with the right to process made based on the<br />
consent prior to the withdrawal.</li>
<li style="margin-bottom: 15px;"><strong>6.3. </strong><strong>The right to lodge a complaint with a supervisory<br />
body</strong> – the person whose data are being processed by the Controller shall have the right to lodge a<br />
complaint with a supervisory body in a manner and mode specified in the provisions of the GDPR Regulation and the<br />
Polish law, in particular the Personal Data Protection Act. The supervisory body in Poland shall be the President of<br />
the Office for Personal Data Protection.</li>
<li style="margin-bottom: 15px;"><strong>6.4. </strong><strong>The right to object</strong> – the data subject shall<br />
have the right, at any time, to lodge a complaint – for reasons related to their particular situation – as regards<br />
the processing of their personal data based on Article 6, par. 1, point e) (public interest or official authority)<br />
or f) (legitimate interest of the controller) in the case of profiling based on the provisions. The Controller in<br />
such a case must stop processing the personal data, unless they show the existence of legally significant and<br />
justified bases for the processing, overriding the interests, rights and freedoms of the data subject, or the bases<br />
for determining, pursuing or defending the claims.</li>
<li style="margin-bottom: 15px;"><strong>6.5. </strong><strong>The right to object as regards direct marketing</strong><br />
– in the case the personal data are being processed for the needs of direct marketing, the data subject shall have<br />
the right, at any time, to lodge a complaint as regards the processing of their personal data for the needs of such<br />
marketing, including profiling, to the extent to which the processing is related to direct marketing.</li>
<li style="margin-bottom: 15px;"><strong>6.6. </strong>The right to lodge a complaint to the supervisory body &#8211; if the owner of personal data or a third party decides that the method of processing personal data by the Administrator is not compliant with the provisions of the GDPR, he has the right to lodge a complaint with the Office for Personal Data Protection, based in Warsaw, at ul. Rates 2.</li>
<li style="margin-bottom: 15px;"><strong>6.7 </strong>To perform the rights mentioned in this point of the privacy policy, one may contact the Controller by sending them an appropriate message in writing or via e-mail to the address of the Controller indicated at the beginning of the privacy policy or via contact form available on the Online Shop website.</li>
<li style="margin-bottom: 15px;"><strong>6.8 </strong>Each person who leaves his data in order to make contact, receive an offer or analytical information / data, i.e. his carbon footprint, accepts receiving a reply to the e-mail address provided earlier, which does not contradict art. 172 of the Telecommunications Law.</li>
</ul>
<h5 class="uk-text-left">§ 7. COOKIES IN THE ONLINE SHOP AND ANALYTICS</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="list-style-type: none;">
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>7.1.</strong> Cookies are small pieces of text files sent by the server<br />
and saved at the visitor’s of the Online Shop (e.g. on the hard disk of a computer, laptop, or smartphone’s memory<br />
card – depending on the type of device used by the Online Shop’s visitor). Detailed information on Cookies as well<br />
as the history of their origin can be found e.g. at:<br />
https://en.wikipedia.org/wiki/HTTP_cookie</li>
<li style="margin-bottom: 15px;"><strong>7.2.</strong> Cookies, which can be sent via the Online Shop website, can be divided into various types, according to the following criteria:</li>
</ul>
</li>
</ul>
<div class="table-container">
<div class="table-wrapper">
<table style="margin-left: 40.85pt; border-collapse: collapse; border: none;">


Period of data storage
<tr>
<td style="width: 153.85pt; border: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 7.2pt 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">With regard to the provider:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">: </span></p>
<div style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;">
<ol style="margin-bottom: 0cm; list-style-type: undefined; margin-left: 4.4px;">
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">own (created by the Controller’s Online Shop website) and</span></li>
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">belonging to other persons/third parties (other than the Controller)</span></li>
</ol>
</div>
</td>
<td style="width: 159.25pt; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 7.2pt 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">With regard to the period of their retention on the appliance of the Online Shop’s visitor:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">: </span></p>
<div style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;">
<ol style="margin-bottom: 0cm; list-style-type: undefined; margin-left: 5.1px;">
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">session cookies (stored till the moment of logging out or closing of the website or a browser) and</span></li>
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">persistent cookies (having some expiration period, defined by parameters of each file or until they are removed by hand)</span></li>
</ol>
</div>
</td>
<td style="width: 167.15pt; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 7.2pt 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">With regard to the purpose of their usage:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">: </span></p>
<div style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;">
<ol style="margin-bottom: 0cm; list-style-type: undefined; margin-left: 5.050000000000001px;">
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">strictly necessary cookies (enabling proper functioning of the Online Shop website),</span></li>
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">functional/preferential cookies (enabling adjustment of the Online Shop website to the visitor’s preferences),</span></li>
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">analytical and performance cookies (collecting information on the use of the Online Shop website),</span></li>
<li style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 10.0pt 0cm;"><span style="line-height: 115%; font-family: 'Arial',sans-serif; font-size: 12px;">targeting, advertising or social cookies (collecting information on the visitor of the Online Shop website in order to display advertisements, personalization and measuring the effectiveness of advertisements and for other marketing activities, including those performed on sites different from the Online Shop website, such as social medias and other websites belonging to the same advertising networks as the Online Shop).</span></li>
</ol>
</div>
</td>
</tr>


The performance of the Sales Contract or a contract for the provision of an Electronic Service, or taking actions to the request of the data subject, prior to entering into the above contracts, including sending offers and analytical data, e.g. information on the carbon footprint
</table>
</div>
</div>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="list-style-type: none;">
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>7.3.</strong> The Controller may process information contained in Cookies during visiting of the Online Shop website for the following particular reasons:</li>
</ul>
</li>
</ul>
<div class="table-container">
<div class="table-wrapper">
<table style="margin-left: 40.85pt; border-collapse: collapse; border: none;">


Article 6, par. 1, point b) of the GDPR Regulation (contract performance) the processing is required to perform the Sales Contract of which the data subject is party or to take action to the request of the data subject, prior to entering into the contract.
<tr>
<td style="width: 155.95pt; border: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;" rowspan="6">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Purposes of using Cookies on the Controller’s Online Shop website</span></strong></p>
</td>
<td style="width: 324.3pt; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Identification of the Service Recipients as logged in to the Online Shop and showing them that they are actually logged in (strictly necessary Cookies)</span></p>
</td>
</tr>
<tr>
<td style="width: 324.3pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Saving Products added to the cart to place an Order (strictly necessary Cookies)</span></p>
</td>
</tr>
<tr>
<td style="width: 324.3pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Saving data from the filled-in forms, questionnaires or login data for the Online Shop (strictly necessary Cookies and/or functional/preferential Cookies)</span></p>
</td>
</tr>
<tr>
<td style="width: 324.3pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Adjustment of the Online Shop website contents to individual preferences of the Service Recipient (e.g. colours, font size, layout) and optimisation of the use of the website (functional/preferential Cookies)</span></p>
</td>
</tr>
<tr>
<td style="width: 324.3pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Keeping anonymous statistics presenting the visitor’s behaviours on the Online Shop website (analytical and performance Cookies)</span></p>
</td>
</tr>
<tr>
<td style="width: 324.3pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Displaying and rendering the advertisements, limiting the number of ads display, ignoring ads which the Service Recipient wish not to see, measuring their effectiveness and also ads personalization, namely evaluating the conduct of visitors of the Online Shop through anonymous analysis of their activities (e.g. repeated visits on particular pages, key words etc.) to create their profile and provide them with adverts matching their interests, also when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. (marketing, advertising and social Cookies)</span></p>
</td>
</tr>


</table>
</div>
</div>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="list-style-type: none;">
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>7.4.</strong> Checking in the most popular internet browsers, which Cookie files (including the expiry period of Cookies and their provider) are being sent in a given moment by the Online Shop website can be done, as follows:</li>
</ul>
</li>
</ul>
<div class="table-container">
<div class="table-wrapper">
<table style="margin-left: 40.85pt; border-collapse: collapse; border: none;">


The data shall be stored for the period necessary for the performance, termination or expiry of a contract entered into in a different manner, or in the event of an objection to the processing of data from their owner.
<tr>
<td style="width: 152.25pt; border: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">In Chrome browser: </span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">:<br />
(1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.</span></p>
</td>
<td style="width: 161.05pt; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">In Firefox browser: </span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">:<br />
(1) in the address bar, click the ’shield’ icon on the left, (2) go to the benchmark „Allowed” or „Blocked”, (3) click the button „Tracking cookies between websites”, „Tracing elements of social networks or „Content with tracing elements”</span></p>
</td>
<td style="width: 166.95pt; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">In Internet Explorer browser: </span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">:<br />
(1) Click „Tools” menu, (2) go to „Internet options” benchmark, (3) go to „General” benchmark, (4) then go to „Settings”, (5) click the button „Display files”</span></p>
</td>
</tr>
<tr>
<td style="width: 152.25pt; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">In Opera browser:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">:<br />
(1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.</span></p>
</td>
<td style="width: 161.05pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">In Safari browser:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">:<br />
(1) click menu „Preferences”, (2) go to „Privacy” benchmark, (3) click the button „Manage website data”</span></p>
</td>
<td style="width: 166.95pt; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0cm 5.4pt; vertical-align: top;">
<p style="line-height: 115%; font-size: 15px; font-family: 'Times New Roman',serif; margin: 0cm 0cm 7.2pt 0cm;"><strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">Independent of the browser used, you can apply tools available e.g. at:</span></strong><span style="font-size: 12px; line-height: 115%; font-family: 'Arial',sans-serif;">: https://www.cookiemetrix.com/<br />
lub:    https://www.cookie-checker.com/</span></p>
</td>
</tr>


Direct marketing
</table>
 
</div>
Article 6, par. 1, point f) of the GDPR Regulation (legitimate interest of the controller) – the processing is required for achieving the goals based on the legitimate interest of the Controller which includes upholding interests and strengthening reputation of the Controller and the website and the Online Shop as well as his commitment for increasing sales of Products
</div>
 
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
<li style="margin-bottom: 15px;"><strong>7.5.</strong> As a standard, most internet browsers on the market accept saving Cookies by default. Every person has the possibility to specify the conditions of using Cookies in the browser settings. It means that one may, e.g. partially restrict (e.g. temporarily) or fully disable saving Cookies – in the latter case it may have an impact on some functionalities of the Online Shop (for instance it may prove impossible to go through the Order using the Order Form owing to failure to save the Products in the cart in the course of subsequent stages of Order placement).</li>
 
<li style="margin-bottom: 15px;"><strong>7.6.</strong> The browser settings concerning Cookies are essential as regards the consent to use Cookies by our Online Shop – in accordance with the law, such consent may also be expressed in the browser settings. In view of lack of such consent, change the browser setting accordingly as regards Cookies. Detailed information concerning the change in Cookies settings and their individual removal in the most common browsers is available in the help section of the browser and the following websites (click the link):<br />
The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims as regards the data subject under the business activity of the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims related to business activity amounts to three years, and for a Sales Contract two years).
[https://support.google.com/chrome/answer/95647?hl=pl Chrome]<br />
 
[https://support.mozilla.org/pl/kb/wzmocniona-ochrona-przed-sledzeniem-firefox-desktopredirectslug=W%C5%82%C4%85czanie+i+wy%C5%82%C4%85czanie+obs%C5%82ugi+ciasteczek&amp;redirectlocale=pl Firefox]<br />
The Controller may not process the data for the needs of direct marketing in the case of expressing clear objection in this field by the data subject.
[https://support.microsoft.com/pl-pl/windows/usuwanie-plik%C3%B3w-cookie-i-zarz%C4%85dzanie-nimi-168dab11-0753-043d-7c16-ede5947fc64d Internet Explorer]<br />
 
[https://help.opera.com/pl/latest/web-preferences/#cookies Opera]<br />
Sending Newsletter
[https://support.apple.com/pl-pl/guide/safari/sfri11471/11.0/mac/10.13 Safari]<br />
 
[https://support.microsoft.com/pl-pl/windows/program-microsoft-edge-i-przegl%C4%85danie-danych-a-prywatno%C5%9B%C4%87-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd Microsoft Edge]</li>
Article 6, par. 1, point a) of the GDPR Regulation (consent) – the data subject expressed the consent to process its personal data for receiving marketing information from the Controller Article 6 (1) 1 lit. f) GDPR Regulations (legitimate interest of the Administrator) – a person who is interested in testing the TERbit application and receiving marketing information confirms that he has read the Privacy Policy
<li style="margin-bottom: 15px;"><strong>7.7.</strong> The Controller may use Google Analytics and Universal Analytics services in the Online Shop, which are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The services help the Controller to analyse the frequency of visits in the Online Shop. The data collected are processed under the above services to generate statistics helpful while administering the Online Shop and analysing the frequency of visits in the Online Shop. The data are of collective nature. Using the above services in the Online Shop, the Controller collects such data as the sources and medium of acquiring visitors of the Online Shop and the manner of their conduct on the website of the Online Shop, information concerning their devices and browsers used to visit the website, IP and domain, geographical data and demographic data (age, sex) and interests.</li>
 
<li style="margin-bottom: 15px;"><strong>7.8.</strong> It is possible to easily block sharing information with Google Analytics as regards the activity on the website of the Online Shop – install to that end an opt-out add-on made available by Google Ireland Ltd. available at: https://tools.google.com/dlpage/gaoptout?hl=pl.</li>
<li style="margin-bottom: 15px;"><strong>7.9.</strong> Due to the use of advertising and analytical services in the Online Shop provided by Google Ireland Ltd., the Administrator indicates that detailed information on the rules of processing the data of visitors to the Online Shop (including information stored in Cookie files) by Google Ireland Ltd. is made available in the privacy policy of Google services available at:<br />
 
https://policies.google.com/technologies/partner-sites.</li>
The data are stored until the data subject withdraws the consent to further process their data to that end, or – in the case of processing personal data on the basis of Article 6 para. 1 lit. f) GDPR Regulations – receipt of an objection to further data processing.
<li style="margin-bottom: 15px;"><strong>7.10.</strong> The Controller may use Facebook Pixel service, which is provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). The service helps the Controller to measure an effectiveness of adverts and to find out what actions do users of the Online Shop undertake and to show them matching adverts. Detailed information about Facebook Pixel you can find at:<br />
 
https://www.facebook.com/business/help/742478679120153?helpref=page_content.</li>
Expressing an opinion on the concluded Sales Contract by the Customer
<li style="margin-bottom: 15px;"><strong>7.11.</strong> Managing Facebook Pixel is possible through ads’ settings on a Facebook user’s account:<br />
 
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.</li>
Article 6, par. 1, point a) of the GDPR Regulation (consent) – the data subject expressed the consent to process its personal data for purpose of expressing an opinion
</ul>
 
<h5 class="uk-text-left">§ 8. FINAL PROVISIONS</h5>
<ul style="list-style: none; text-align: justify; text-justify: inter-word;">
 
<li>8.1. The Online Shop may contain links to other websites. The Controller encourages that at the time of being transferred to other websites, become familiar with the privacy policy. This privacy policy shall apply only to the Online Shop of the Controller.</li>
The data are stored until the data subject withdraws the consent to further process their data to that end.
</ul>
 
Recruiting a new employee
 
Article 6 (1) 1 lit. a) GDPR Regulations (consent) – the data subject has consented to the processing of his personal data for the indicated purpose
 
 
The data is processed for the duration of the current recruitment. It can also be stored for the purposes of future recruitments, but not longer than for 1 year
 
Keeping ledgers
 
Article 6, par. 1, point c) of the GDPR Regulation in relation with Article 74 part 2 of the Accounting Act consolidated text of 30 January 2018 (Journal of Laws of 2018 item 395, as amended) – the processing is required for the Controller due to their statutory obligations
 
 
The data shall be stored for the legally required period, requesting the Controller to store ledgers (5 years from the beginning of the year following the financial year to which the data relate).
 
Determining, pursuing or defence of claims on the side of the Controller, or ones that may arise as regards the Controller
 
Article 6, par. 1, point f) of the GDPR Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting from the legitimate interests of the Controller which includes determining, pursuing or defence of claims on the side of the Controller, or ones that may arise as regards the Controller
 
 
The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims against the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims against the Controller amounts to six years).
 
Use of the website and the Online Shop website and ensuring their proper functioning including leaving personal data in the contact form
 
Article 6, par. 1, point f) of the GDPR Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting from the legitimate interests of the Controller which includes operating and maintenance of the Online Shop
 
The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims as regards the data subject under the business activity of the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims related to business activity amounts to three years, and for a Sales Contract two years).
 
Preparing statistics and analysing the manner of the data subject conduct on the website of the Online Shop
 
Article 6, par. 1, point f) of the GDPR Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting from the legitimate interests of the Controller which includes preparing statistics and analysing the manner of the data subject conduct on the website of the Online Shop in order to improve the functioning of the Online Shop and increase sales of Products
 
The data shall be stored for the period of the legitimate interest of the Controller, however no longer than the period of limitation of claims as regards the data subject under the business activity of the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of claims related to business activity amounts to three years, and for a Sales Contract two years).
 
§ 4. Personal data recipients on the website and in the online store
4.1. For the needs of proper website and the Online Shop functioning, inclusive of the performance of the Contracts of Sale entered into, it shall be necessary for the Controller to make use of external companies’ services (e.g. software provider, courier, or payment system provider). The Controller uses solely the services of such processing entities which ensure sufficient guarantee to implement appropriate technical and organisational measures so that the processing meets the requirements set out in the GDPR Regulation and protects the rights of data subjects.
4.2. The Controller may provide personal data to a third country, while the Controller ensures that it shall only be a third country which is considered to provide adequate level of protection – in accordance with the GDPR Regulation, and in the case of other countries, the data transfer will occur on the basis of the standard contractual clauses. The Controller ensures that the data subject has a right to get a copy of their data. The Controller provides personal data to a third country only in case and scope necessary to execute a certain purpose of data processing consistent with this privacy policy.
4.3. Providing data by the Controller does not take place in every case and not to all the recipients or categories of recipients defined in the privacy policy – the Controller provides the data only in the case it proves necessary to attain a given purpose of personal data processing and solely within the necessary scope.
4.4. Personal data of the Online Shop Service Recipients or Customers may be provided to the following recipients or categories of recipients:
4.4.1. e-payments or payment card service providers – in the case of a Customer who uses in the Online Shop the option of e-payment or payment card, the Controller makes the collected Customer’s personal data available to the selected payment service provider in the Online Shop for the Controller to the extent necessary to perform the payment of the Customer.
4.4.2. opinion poll system providers – in the case of a Customer who consented to express their opinion on the Sales Contract concluded, the Controller makes the collected personal data of the Customer available to the selected entity providing the system of opinion polls on Contracts of Sale concluded in the Online Store to the order of the Controller within a scope necessary for the Customer to present their opinion by means of an opinion poll system.
4.4.3. service providers rendering for the Controller technical, IT or organisational solutions, making it possible for the Controller to conduct a business, inclusive of the Online Shop and Electronic Services provided via it (in particular computer software providers for the Online Shop, e-mail companies and hosting providers as well as software providers for company management and technical aid for the Controller) – the Controller makes the collected personal data of the Customer available to the selected provider operating to their order only in the case and to the extent necessary for attaining a given purpose of data processing in accordance herewith.
4.4.4. accounting, legal and counselling services providers rendering for the Controller accounting, legal or counselling services (in particular an accounting agency, law firm or debt collection company) – the Controller makes the collected personal data of the Customer available to the selected provider operating to their order only in the case and to the extent necessary for attaining a given purpose of data processing in accordance herewith.
4.4.5. providers of social plugins implemented in the Online Shop, of scripts and other similar tools enabling a person using the Online Shop to download content from the providers of the said plugins (i.e. logging in via social media profile) and for this purpose providing the providers with the personal data of the visitor, including also:
4.4.5.1. Facebook Ireland Ltd. – the Controller uses Facebook social plugins in the Online Shop (e.g. “Like it” or “Share” button, logging in via Facebook profile) and therefore collects and discloses personal data of the Service Recipient using the Online Shop to Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) to the extent and in accordance with the privacy principles available here: https://www.facebook.com/about/privacy/ (this data may include information about activities in the Online Shop – including information about the device, the visited websites, purchases, displayed ads and how to use the services – regardless of whether the Service Recipient has a Facebook account and is logged in to Facebook).
§ 5. PROFILING IN THE ONLINE SHOP
5.1. The GDPR Regulation obligates the Controller to inform about the automated decision-making process, including profiling referred to in Article 22, par. 1 and 4 of the GDPR Regulation, and – at least in those cases – the vital information concerning the decision-making process as well as the meaning and foreseeable consequences of processing for the person being the data subject. Bearing in mind the above, the Controller specifies in this point of the privacy policy the information concerning the possible profiling.
5.2. The Controller may use profiling in the Online Shop for direct marketing purposes, yet the decisions made on its basis by the Controller do not concern the conclusion or rejection to conclude the Sales Contract, or the possibility to make use of Electronic Services in the Online Shop. The result of profiling in the Online Shop may be e.g. discount for a given person, sending a discount code, reminding about unfinished purchase process, sending Product offers, which may be related to the interests or preferences of the person, or offering better conditions as compared with the standard offer of the Online Shop. Regardless of profiling, the person makes decisions freely, whether they want to use the discount given, or better conditions and buy a Product in the Online Shop.
5.3. Profiling in the Online Shop consists in automatic analysis or forecast of the conduct of a given person on the website of the Online Shop, e.g. by adding a given Product to the cart, browsing the page of a given Product in the Online Shop, or the analysis of the history of purchase in the Online Shop. The condition for such profiling is for the Controller to have the personal data of the person, so that they can later send them e.g. a discount code.
5.4. The data subject shall have the right not to depend on the decision which is only based on automated processing, including profiling, and has some legal effects on the person or similarly affects them.
§ 6. THE RIGHTS OF THE DATA SUBJECT
6.1. The right to access, rectify, restrict, erase or transmit – the data subject shall have the right to demand the Controller to have access to their personal data, rectify, erase (“the right to be forgotten”) or restrict the processing and shall have the right to object to the processing and transmit their data. Detailed conditions of the above rights shall be indicated in Articles 15­22 of the GDPR Regulation.
6.2. The right to withdraw the consent at any time – the person whose data are being processed by the Controller on the basis of the consent given (pursuant to Article 6, par. 1, point a) or Article 9, par. 2, point a) of the GDPR Regulation), they shall have the right to withdraw their consent at any time without any impact on the compatibility with the right to process made based on the consent prior to the withdrawal.
6.3. The right to lodge a complaint with a supervisory body – the person whose data are being processed by the Controller shall have the right to lodge a complaint with a supervisory body in a manner and mode specified in the provisions of the GDPR Regulation and the Polish law, in particular the Personal Data Protection Act. The supervisory body in Poland shall be the President of the Office for Personal Data Protection.
6.4. The right to object – the data subject shall have the right, at any time, to lodge a complaint – for reasons related to their particular situation – as regards the processing of their personal data based on Article 6, par. 1, point e) (public interest or official authority) or f) (legitimate interest of the controller) in the case of profiling based on the provisions. The Controller in such a case must stop processing the personal data, unless they show the existence of legally significant and justified bases for the processing, overriding the interests, rights and freedoms of the data subject, or the bases for determining, pursuing or defending the claims.
6.5. The right to object as regards direct marketing – in the case the personal data are being processed for the needs of direct marketing, the data subject shall have the right, at any time, to lodge a complaint as regards the processing of their personal data for the needs of such marketing, including profiling, to the extent to which the processing is related to direct marketing.
6.6. The right to lodge a complaint to the supervisory body – if the owner of personal data or a third party decides that the method of processing personal data by the Administrator is not compliant with the provisions of the GDPR, he has the right to lodge a complaint with the Office for Personal Data Protection, based in Warsaw, at ul. Rates 2.
6.7 To perform the rights mentioned in this point of the privacy policy, one may contact the Controller by sending them an appropriate message in writing or via e-mail to the address of the Controller indicated at the beginning of the privacy policy or via contact form available on the Online Shop website.
6.8 Each person who leaves his data in order to make contact, receive an offer or analytical information / data, i.e. his carbon footprint, accepts receiving a reply to the e-mail address provided earlier, which does not contradict art. 172 of the Telecommunications Law.
§ 7. COOKIES IN THE ONLINE SHOP AND ANALYTICS
7.1. Cookies are small pieces of text files sent by the server and saved at the visitor’s of the Online Shop (e.g. on the hard disk of a computer, laptop, or smartphone’s memory card – depending on the type of device used by the Online Shop’s visitor). Detailed information on Cookies as well as the history of their origin can be found e.g. at: https://en.wikipedia.org/wiki/HTTP_cookie
7.2. Cookies, which can be sent via the Online Shop website, can be divided into various types, according to the following criteria:
With regard to the provider::
 
own (created by the Controller’s Online Shop website) and
belonging to other persons/third parties (other than the Controller)
With regard to the period of their retention on the appliance of the Online Shop’s visitor::
 
session cookies (stored till the moment of logging out or closing of the website or a browser) and
persistent cookies (having some expiration period, defined by parameters of each file or until they are removed by hand)
With regard to the purpose of their usage::
 
strictly necessary cookies (enabling proper functioning of the Online Shop website),
functional/preferential cookies (enabling adjustment of the Online Shop website to the visitor’s preferences),
analytical and performance cookies (collecting information on the use of the Online Shop website),
targeting, advertising or social cookies (collecting information on the visitor of the Online Shop website in order to display advertisements, personalization and measuring the effectiveness of advertisements and for other marketing activities, including those performed on sites different from the Online Shop website, such as social medias and other websites belonging to the same advertising networks as the Online Shop).
7.3. The Controller may process information contained in Cookies during visiting of the Online Shop website for the following particular reasons:
Purposes of using Cookies on the Controller’s Online Shop website
 
Identification of the Service Recipients as logged in to the Online Shop and showing them that they are actually logged in (strictly necessary Cookies)
 
Saving Products added to the cart to place an Order (strictly necessary Cookies)
 
Saving data from the filled-in forms, questionnaires or login data for the Online Shop (strictly necessary Cookies and/or functional/preferential Cookies)
 
Adjustment of the Online Shop website contents to individual preferences of the Service Recipient (e.g. colours, font size, layout) and optimisation of the use of the website (functional/preferential Cookies)
 
Keeping anonymous statistics presenting the visitor’s behaviours on the Online Shop website (analytical and performance Cookies)
 
Displaying and rendering the advertisements, limiting the number of ads display, ignoring ads which the Service Recipient wish not to see, measuring their effectiveness and also ads personalization, namely evaluating the conduct of visitors of the Online Shop through anonymous analysis of their activities (e.g. repeated visits on particular pages, key words etc.) to create their profile and provide them with adverts matching their interests, also when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. (marketing, advertising and social Cookies)
 
7.4. Checking in the most popular internet browsers, which Cookie files (including the expiry period of Cookies and their provider) are being sent in a given moment by the Online Shop website can be done, as follows:
In Chrome browser: : (1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.
 
In Firefox browser: : (1) in the address bar, click the ’shield’ icon on the left, (2) go to the benchmark „Allowed” or „Blocked”, (3) click the button „Tracking cookies between websites”, „Tracing elements of social networks or „Content with tracing elements”
 
In Internet Explorer browser: : (1) Click „Tools” menu, (2) go to „Internet options” benchmark, (3) go to „General” benchmark, (4) then go to „Settings”, (5) click the button „Display files”
 
In Opera browser:: (1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.
 
In Safari browser:: (1) click menu „Preferences”, (2) go to „Privacy” benchmark, (3) click the button „Manage website data”
 
Independent of the browser used, you can apply tools available e.g. at:: https://www.cookiemetrix.com/ lub:    https://www.cookie-checker.com/
 
7.5. As a standard, most internet browsers on the market accept saving Cookies by default. Every person has the possibility to specify the conditions of using Cookies in the browser settings. It means that one may, e.g. partially restrict (e.g. temporarily) or fully disable saving Cookies – in the latter case it may have an impact on some functionalities of the Online Shop (for instance it may prove impossible to go through the Order using the Order Form owing to failure to save the Products in the cart in the course of subsequent stages of Order placement).
7.6. The browser settings concerning Cookies are essential as regards the consent to use Cookies by our Online Shop – in accordance with the law, such consent may also be expressed in the browser settings. In view of lack of such consent, change the browser setting accordingly as regards Cookies. Detailed information concerning the change in Cookies settings and their individual removal in the most common browsers is available in the help section of the browser and the following websites (click the link): Chrome Firefox Internet Explorer Opera Safari Microsoft Edge
7.7. The Controller may use Google Analytics and Universal Analytics services in the Online Shop, which are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The services help the Controller to analyse the frequency of visits in the Online Shop. The data collected are processed under the above services to generate statistics helpful while administering the Online Shop and analysing the frequency of visits in the Online Shop. The data are of collective nature. Using the above services in the Online Shop, the Controller collects such data as the sources and medium of acquiring visitors of the Online Shop and the manner of their conduct on the website of the Online Shop, information concerning their devices and browsers used to visit the website, IP and domain, geographical data and demographic data (age, sex) and interests.
7.8. It is possible to easily block sharing information with Google Analytics as regards the activity on the website of the Online Shop – install to that end an opt-out add-on made available by Google Ireland Ltd. available at: https://tools.google.com/dlpage/gaoptout?hl=pl.
7.9. Due to the use of advertising and analytical services in the Online Shop provided by Google Ireland Ltd., the Administrator indicates that detailed information on the rules of processing the data of visitors to the Online Shop (including information stored in Cookie files) by Google Ireland Ltd. is made available in the privacy policy of Google services available at: https://policies.google.com/technologies/partner-sites.
7.10. The Controller may use Facebook Pixel service, which is provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). The service helps the Controller to measure an effectiveness of adverts and to find out what actions do users of the Online Shop undertake and to show them matching adverts. Detailed information about Facebook Pixel you can find at: https://www.facebook.com/business/help/742478679120153?helpref=page_content.
7.11. Managing Facebook Pixel is possible through ads’ settings on a Facebook user’s account: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
§ 8. FINAL PROVISIONS
8.1. The Online Shop may contain links to other websites. The Controller encourages that at the time of being transferred to other websites, become familiar with the privacy policy. This privacy policy shall apply only to the Online Shop of the Controller.

Latest revision as of 12:11, 1 July 2022

§ 1. GENERAL PROVISIONS
  • 1.1.
    This Privacy Policy of the website and the Online Shop is of informative nature, which means that it is not a source of obligations for Service Recipients or Customers of the Online Shop.
    The Privacy Policy contains, above all, the principles concerning the processing of data by the Controller on the website and in the Online Shop, including the basis, purpose and period of personal data processing and the rights of data subjects as well as information regarding the use of cookies and analytical tools in the Online Shop.
  • 1.2.
    The Controller of the personal data collected via the websites: tergo.io and pl.tergo.io and the Online Shop shall be the limited liability company TERRA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ based in Poland (the office address and correspondence address: Piastowska 7/120, 80-332 Gdańsk, Poland), registered in the register of entrepreneurs of National Court Registry under the number: 0000857732; register court which holds the company’s documentation: District Court Gdańsk – Północ in Gdańsk, VIII Commercial Department of National Court Registry; share capital in the amount of: 500 000,00 PLN; tax ID no. NIP: 5862359150, National Economy Register No. REGON 386466110, e-mail address: [email protected] – here in after referred to as “Controller” and being simultaneously the Service Provider of the Online Shop and the Seller. In any matters related to the processing of personal data, you can contact the Administrator by writing to the following address: [email protected].
  • 1.3. Personal data on the website and in the Online Shop shall be processed by the
    Controller in accordance with the binding legal regulations, in particular the Regulation (EU) 2016/679 of the
    European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the
    processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data
    Protection Regulation) ­ hereinafter referred to as “GDPR” or “GDPR Regulation”.
    The official text of the GDPR
    Regulation:
    http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679
  • 1.4. Using the website and the Online Shop, including shopping, is voluntary.
    Similarly, providing personal data by the Service Recipient or the Customer using the website and the Online Shop is voluntary,
    subject to two exceptions: (1) into contracts with the Controller – failure to provide the personal
    data
    necessary for the conclusion and performance of the Sales Contract or a contract for the provision of an Electronic
    Service with the Controller in the cases and within the scope indicated on the website of the Online Shop and the
    Regulations of the Online Shop and this Privacy Policy shall result in no possibility to enter into the contract.
    Providing personal data is a contractual requirement in such a case and if the data subject is willing to enter into
    the contract with the Controller, they shall be obligated to provide the required data. The scope of the data
    required to enter into the contract is each time specified in advance on the website of the Online Shop and in the
    Regulations of the Online Shop; (2) statutory obligations of the Controller – specifying the
    personal data is a
    statutory requirement resulting from the commonly binding legal regulations obligating the Controller to process the
    personal data (e.g. processing data to keep ledgers) and failure to specify the data will render it impossible for
    the Controller to perform the obligations.
  • 1.5. The Controller assures due diligence to protect the
    interest of persons being data subjects, in particular being responsible and liable for and assuring that the data
    collected are: (1) processed in accordance with the Act; (2) collected for specific, legal purposes and not subject
    to further processing inconsistent with the purposes; (3) correct as regards the subject matter and adequate as
    regards the purpose of the processing; (4) stored in a form making it possible to identify the people they apply to,
    no longer than it proves necessary to attain the purpose of processing and (5) processed in a manner ensuring
    security of the personal data, including the protection against illicit or illegal processing or accidental loss,
    damage or destruction, with the use of appropriate technical and organisational measures.
  • 1.6. Taking into account the nature, scope, context and purpose
    of processing as well as the risk of breaching the rights or freedoms of natural persons with varied likelihood and
    degree of threat, the Controller is implementing appropriate technical and organisational measures so that the
    processing takes place pursuant to the GDPR Regulation and it is possible to show it. The measures are reviewed and
    updated, as necessary. The Controller applies technical measures preventing the acquisition and modification of
    personal data sent electronically by unauthorised persons.
  • 1.7. Any words, phrases and acronyms used in this privacy
    policy starting with a capital letter (e.g. Seller, Online Shop, Electronic Service) shall be
    understood in
    accordance with the definition contained in the Regulations of the Online Shop available on the websites of the
    Online Shop.
§ 2. BASIS FOR THE PROCESSING OF DATA
  • 2.1. The Controller is authorised to process the personal data
    in cases, and to the extent, when at least one of the following conditions is met: (1) the data subject consented to
    the processing of their data to one or more specified ends; (2) processing is necessary for contract performance the
    data subject is a party to, or to take actions to the request of the data subject, prior to contract conclusion; (3)
    processing is necessary to meet the legal obligation of the Controller; or (4) processing is necessary for the needs
    resulting from the legally justified interests of the Controller or third party, except for situations when the
    interests or basic rights and freedoms of the data subject override such interests and they require personal data
    protection, especially when the data subject is a child.
  • 2.2. The processing of personal data by the Controller each
    time requires having at least one basis indicated in item 2.1 of the privacy policy. Specific bases for processing
    personal data of the Service Recipients or the Customers of the website and the Online Shop by the Controller are specified in the
    following point of the privacy policy – as regards the specific goal of processing personal data by the Controller.
§ 3. PURPOSE, BASIS AND PERIOD OF PROCESSING DATA IN THE ONLINE SHOP
    • 3.1. Each time, the purpose, basis and period as well as the
      recipients of personal data being processed by the Controller result from actions undertaken by a given Service
      Recipient or Customer on the website and in the Online Shop.
    • 3.2.The Controller may process the personal data in the Online Shop
      for the purposes, on the bases and within the periods as follows:

Purpose of data processing

Legal basis for processing data

Period of data storage

The performance of the Sales Contract or a
contract for the provision of an Electronic Service, or taking actions to the request of the data subject,
prior to entering into the above contracts, including sending offers and analytical data, e.g. information on the carbon footprint

Article 6, par. 1, point b) of the GDPR
Regulation (contract performance) – the processing is required to perform the Sales Contract of which the
data subject is party or to take action to the request of the data subject, prior to entering into the
contract.

The data shall be stored for the
period necessary for the performance, termination or expiry of a contract entered into in a different
manner, or in the event of an objection to the processing of data from their owner.

Direct marketing

Article 6, par. 1, point f) of the GDPR
Regulation (legitimate interest of the controller) – the processing is required for achieving the goals
based on the legitimate interest of the Controller which includes upholding interests and strengthening
reputation of the Controller and the website and the Online Shop as well as his commitment for increasing sales of
Products

The data shall be stored for the period of the
legitimate interest of the Controller, however no longer than the period of limitation of claims as
regards the data subject under the business activity of the Controller. The period of limitation shall be
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of
claims related to business activity amounts to three years, and for a Sales Contract two years).

The Controller may not process the data for the
needs of direct marketing in the case of expressing clear objection in this field by the data
subject.

Sending Newsletter

Article 6, par. 1, point a) of the GDPR
Regulation (consent) – the data subject expressed the consent to process its personal data for receiving
marketing information from the Controller Article 6 (1) 1 lit. f) GDPR Regulations (legitimate interest of the Administrator) – a person who is interested in testing the TERbit application and receiving marketing information confirms that he has read the Privacy Policy

The data are stored until the data subject
withdraws the consent to further process their data to that end, or – in the case of processing personal data on the basis of Article 6 para. 1 lit. f) GDPR Regulations – receipt of an objection to further data processing.

Expressing an opinion on the concluded Sales
Contract by the Customer

Article 6, par. 1, point a) of the GDPR
Regulation (consent) – the data subject expressed the consent to process its personal data for purpose of
expressing an opinion

The data are stored until the data subject
withdraws the consent to further process their data to that end.

Recruiting a new employee

Article 6 (1) 1 lit. a) GDPR Regulations (consent) – the data subject has consented to the processing of his personal data for the indicated purpose

The data is processed for the duration of the current recruitment. It can also be stored for the purposes of future recruitments, but not longer than for 1 year

Keeping ledgers

Article 6, par. 1, point c) of the GDPR
Regulation in relation with Article 74 part 2 of the Accounting Act consolidated text of 30 January 2018
(Journal of Laws of 2018 item 395, as amended) – the processing is required for the Controller due to
their statutory obligations

The data shall be stored for the legally
required period, requesting the Controller to store ledgers (5 years from the beginning of the year
following the financial year to which the data relate).

Determining, pursuing or defence of claims on
the side of the Controller, or ones that may arise as regards the Controller

Article 6, par. 1, point f) of the GDPR
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting
from the legitimate interests of the Controller which includes determining, pursuing or defence of claims
on the side of the Controller, or ones that may arise as regards the Controller

The data shall be stored for the period of the
legitimate interest of the Controller, however no longer than the period of limitation of claims against
the Controller. The period of limitation shall be specified by legal provisions, in particular the Civil
Code (the basic period of limitation in the case of claims against the Controller amounts to six
years).

Use of the website and the Online Shop website and ensuring their proper functioning including leaving personal data in the contact form

Article 6, par. 1, point f) of the GDPR
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting
from the legitimate interests of the Controller which includes operating and maintenance of the Online
Shop

The data shall be stored for the period of the
legitimate interest of the Controller, however no longer than the period of limitation of claims as
regards the data subject under the business activity of the Controller. The period of limitation shall be
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of
claims related to business activity amounts to three years, and for a Sales Contract two years).

Preparing statistics and analysing the manner
of the data subject conduct on the website of the Online Shop

Article 6, par. 1, point f) of the GDPR
Regulation (legitimate interest of the controller) – the processing is required for the purposes resulting
from the legitimate interests of the Controller which includes preparing statistics and analysing the
manner of the data subject conduct on the website of the Online Shop in order to improve the functioning
of the Online Shop and increase sales of Products

The data shall be stored for the period of the
legitimate interest of the Controller, however no longer than the period of limitation of claims as
regards the data subject under the business activity of the Controller. The period of limitation shall be
specified by legal provisions, in particular the Civil Code (the basic period of limitation in the case of
claims related to business activity amounts to three years, and for a Sales Contract two years).

§ 4. Personal data recipients on the website and in the online store
  • 4.1. For the needs of proper website and the Online Shop functioning, inclusive of
    the performance of the Contracts of Sale entered into, it shall be necessary for the Controller to make use of
    external companies’ services (e.g. software provider, courier, or payment system provider). The Controller uses
    solely the services of such processing entities which ensure sufficient guarantee to implement appropriate technical
    and organisational measures so that the processing meets the requirements set out in the GDPR Regulation and
    protects the rights of data subjects.
  • 4.2. The Controller may provide personal data to a third country,
    while the Controller ensures that it shall only be a third country which is considered to provide adequate level of
    protection – in accordance with the GDPR Regulation, and in the case of other countries, the data transfer will
    occur on the basis of the standard contractual clauses. The Controller ensures that the data subject has a right to
    get a copy of their data. The Controller provides personal data to a third country only in case and scope necessary
    to execute a certain purpose of data processing consistent with this privacy policy.
  • 4.3. Providing data by the Controller does not take place in every
    case and not to all the recipients or categories of recipients defined in the privacy policy – the Controller
    provides the data only in the case it proves necessary to attain a given purpose of personal data processing and
    solely within the necessary scope.
  • 4.4. Personal data of the Online Shop Service Recipients or
    Customers may be provided to the following recipients or categories of recipients:

    • 4.4.1. e-payments or payment card service providers – in the case
      of a Customer who uses in the Online Shop the option of e-payment or payment card, the Controller makes the
      collected Customer’s personal data available to the selected payment service provider in the Online Shop for the
      Controller to the extent necessary to perform the payment of the Customer.
    • 4.4.2. opinion poll system providers – in the case of a Customer
      who consented to express their opinion on the Sales Contract concluded, the Controller makes the collected
      personal data of the Customer available to the selected entity providing the system of opinion polls on Contracts
      of Sale concluded in the Online Store to the order of the Controller within a scope necessary for the Customer to
      present their opinion by means of an opinion poll system.
    • 4.4.3. service providers rendering for the Controller technical, IT or
      organisational solutions, making it possible for the Controller to conduct a business, inclusive of the Online
      Shop and Electronic Services provided via it
      (in particular computer software providers for the Online
      Shop, e-mail companies and hosting providers as well as software providers for company management and technical
      aid for the Controller) – the Controller makes the collected personal data of the Customer available to the
      selected provider operating to their order only in the case and to the extent necessary for attaining a given
      purpose of data processing in accordance herewith.
    • 4.4.4. accounting, legal and counselling services providers rendering for
      the Controller accounting, legal or counselling services
      (in particular an accounting agency, law firm
      or debt collection company) – the Controller makes the collected personal data of the Customer available to the
      selected provider operating to their order only in the case and to the extent necessary for attaining a given
      purpose of data processing in accordance herewith.
    • 4.4.5. providers of social plugins implemented in the Online Shop, of
      scripts and other similar tools enabling a person using the Online Shop to download content from the providers
      of the said plugins
      (i.e. logging in via social media profile) and for this purpose providing the
      providers with the personal data of the visitor, including also:
    • 4.4.5.1. Facebook Ireland Ltd. – the Controller uses Facebook
      social plugins in the Online Shop (e.g. “Like it” or “Share” button, logging in via Facebook profile) and
      therefore collects and discloses personal data of the Service Recipient using the Online Shop to Facebook Ireland
      Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) to the extent and in accordance with the
      privacy principles available here: https://www.facebook.com/about/privacy/ (this data may include information
      about activities in the Online Shop – including information about the device, the visited websites, purchases,
      displayed ads and how to use the services – regardless of whether the Service Recipient has a Facebook account and
      is logged in to Facebook).
§ 5. PROFILING IN THE ONLINE SHOP
  • 5.1. The GDPR Regulation obligates the Controller to inform about
    the automated decision-making process, including profiling referred to in Article 22, par. 1 and 4 of the GDPR
    Regulation, and – at least in those cases – the vital information concerning the decision-making process as well as
    the meaning and foreseeable consequences of processing for the person being the data subject. Bearing in mind the
    above, the Controller specifies in this point of the privacy policy the information concerning the possible
    profiling.
  • 5.2. The Controller may use profiling in the Online Shop for direct
    marketing purposes, yet the decisions made on its basis by the Controller do not concern the conclusion or rejection
    to conclude the Sales Contract, or the possibility to make use of Electronic Services in the Online Shop. The result
    of profiling in the Online Shop may be e.g. discount for a given person, sending a discount code, reminding about
    unfinished purchase process, sending Product offers, which may be related to the interests or preferences of the
    person, or offering better conditions as compared with the standard offer of the Online Shop. Regardless of
    profiling, the person makes decisions freely, whether they want to use the discount given, or better conditions and
    buy a Product in the Online Shop.
  • 5.3. Profiling in the Online Shop consists in automatic analysis or
    forecast of the conduct of a given person on the website of the Online Shop, e.g. by adding a given Product to the
    cart, browsing the page of a given Product in the Online Shop, or the analysis of the history of purchase in the
    Online Shop. The condition for such profiling is for the Controller to have the personal data of the person, so that
    they can later send them e.g. a discount code.
  • 5.4. The data subject shall have the right not to depend on the
    decision which is only based on automated processing, including profiling, and has some legal effects on the person
    or similarly affects them.
§ 6. THE RIGHTS OF THE DATA SUBJECT
  • 6.1. The right to access, rectify, restrict, erase or
    transmit
    – the data subject shall have the right to demand the Controller to have access to their
    personal data, rectify, erase (“the right to be forgotten”) or restrict the processing and shall have the right to
    object to the processing and transmit their data. Detailed conditions of the above rights shall be indicated in
    Articles 15­22 of the GDPR Regulation.
  • 6.2. The right to withdraw the consent at any time
    the person whose data are being processed by the Controller on the basis of the consent given (pursuant to Article
    6, par. 1, point a) or Article 9, par. 2, point a) of the GDPR Regulation), they shall have the right to withdraw
    their consent at any time without any impact on the compatibility with the right to process made based on the
    consent prior to the withdrawal.
  • 6.3. The right to lodge a complaint with a supervisory
    body
    – the person whose data are being processed by the Controller shall have the right to lodge a
    complaint with a supervisory body in a manner and mode specified in the provisions of the GDPR Regulation and the
    Polish law, in particular the Personal Data Protection Act. The supervisory body in Poland shall be the President of
    the Office for Personal Data Protection.
  • 6.4. The right to object – the data subject shall
    have the right, at any time, to lodge a complaint – for reasons related to their particular situation – as regards
    the processing of their personal data based on Article 6, par. 1, point e) (public interest or official authority)
    or f) (legitimate interest of the controller) in the case of profiling based on the provisions. The Controller in
    such a case must stop processing the personal data, unless they show the existence of legally significant and
    justified bases for the processing, overriding the interests, rights and freedoms of the data subject, or the bases
    for determining, pursuing or defending the claims.
  • 6.5. The right to object as regards direct marketing
    – in the case the personal data are being processed for the needs of direct marketing, the data subject shall have
    the right, at any time, to lodge a complaint as regards the processing of their personal data for the needs of such
    marketing, including profiling, to the extent to which the processing is related to direct marketing.
  • 6.6. The right to lodge a complaint to the supervisory body – if the owner of personal data or a third party decides that the method of processing personal data by the Administrator is not compliant with the provisions of the GDPR, he has the right to lodge a complaint with the Office for Personal Data Protection, based in Warsaw, at ul. Rates 2.
  • 6.7 To perform the rights mentioned in this point of the privacy policy, one may contact the Controller by sending them an appropriate message in writing or via e-mail to the address of the Controller indicated at the beginning of the privacy policy or via contact form available on the Online Shop website.
  • 6.8 Each person who leaves his data in order to make contact, receive an offer or analytical information / data, i.e. his carbon footprint, accepts receiving a reply to the e-mail address provided earlier, which does not contradict art. 172 of the Telecommunications Law.
§ 7. COOKIES IN THE ONLINE SHOP AND ANALYTICS
    • 7.1. Cookies are small pieces of text files sent by the server
      and saved at the visitor’s of the Online Shop (e.g. on the hard disk of a computer, laptop, or smartphone’s memory
      card – depending on the type of device used by the Online Shop’s visitor). Detailed information on Cookies as well
      as the history of their origin can be found e.g. at:
      https://en.wikipedia.org/wiki/HTTP_cookie
    • 7.2. Cookies, which can be sent via the Online Shop website, can be divided into various types, according to the following criteria:

With regard to the provider::

  1. own (created by the Controller’s Online Shop website) and
  2. belonging to other persons/third parties (other than the Controller)

With regard to the period of their retention on the appliance of the Online Shop’s visitor::

  1. session cookies (stored till the moment of logging out or closing of the website or a browser) and
  2. persistent cookies (having some expiration period, defined by parameters of each file or until they are removed by hand)

With regard to the purpose of their usage::

  1. strictly necessary cookies (enabling proper functioning of the Online Shop website),
  2. functional/preferential cookies (enabling adjustment of the Online Shop website to the visitor’s preferences),
  3. analytical and performance cookies (collecting information on the use of the Online Shop website),
  4. targeting, advertising or social cookies (collecting information on the visitor of the Online Shop website in order to display advertisements, personalization and measuring the effectiveness of advertisements and for other marketing activities, including those performed on sites different from the Online Shop website, such as social medias and other websites belonging to the same advertising networks as the Online Shop).
    • 7.3. The Controller may process information contained in Cookies during visiting of the Online Shop website for the following particular reasons:

Purposes of using Cookies on the Controller’s Online Shop website

Identification of the Service Recipients as logged in to the Online Shop and showing them that they are actually logged in (strictly necessary Cookies)

Saving Products added to the cart to place an Order (strictly necessary Cookies)

Saving data from the filled-in forms, questionnaires or login data for the Online Shop (strictly necessary Cookies and/or functional/preferential Cookies)

Adjustment of the Online Shop website contents to individual preferences of the Service Recipient (e.g. colours, font size, layout) and optimisation of the use of the website (functional/preferential Cookies)

Keeping anonymous statistics presenting the visitor’s behaviours on the Online Shop website (analytical and performance Cookies)

Displaying and rendering the advertisements, limiting the number of ads display, ignoring ads which the Service Recipient wish not to see, measuring their effectiveness and also ads personalization, namely evaluating the conduct of visitors of the Online Shop through anonymous analysis of their activities (e.g. repeated visits on particular pages, key words etc.) to create their profile and provide them with adverts matching their interests, also when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. (marketing, advertising and social Cookies)

    • 7.4. Checking in the most popular internet browsers, which Cookie files (including the expiry period of Cookies and their provider) are being sent in a given moment by the Online Shop website can be done, as follows:

In Chrome browser: :
(1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.

In Firefox browser: :
(1) in the address bar, click the ’shield’ icon on the left, (2) go to the benchmark „Allowed” or „Blocked”, (3) click the button „Tracking cookies between websites”, „Tracing elements of social networks or „Content with tracing elements”

In Internet Explorer browser: :
(1) Click „Tools” menu, (2) go to „Internet options” benchmark, (3) go to „General” benchmark, (4) then go to „Settings”, (5) click the button „Display files”

In Opera browser::
(1) in the address bar, click the ’locked’ icon on the left, (2) go to the benchmark „Cookie files”.

In Safari browser::
(1) click menu „Preferences”, (2) go to „Privacy” benchmark, (3) click the button „Manage website data”

Independent of the browser used, you can apply tools available e.g. at:: https://www.cookiemetrix.com/
lub: https://www.cookie-checker.com/

  • 7.5. As a standard, most internet browsers on the market accept saving Cookies by default. Every person has the possibility to specify the conditions of using Cookies in the browser settings. It means that one may, e.g. partially restrict (e.g. temporarily) or fully disable saving Cookies – in the latter case it may have an impact on some functionalities of the Online Shop (for instance it may prove impossible to go through the Order using the Order Form owing to failure to save the Products in the cart in the course of subsequent stages of Order placement).
  • 7.6. The browser settings concerning Cookies are essential as regards the consent to use Cookies by our Online Shop – in accordance with the law, such consent may also be expressed in the browser settings. In view of lack of such consent, change the browser setting accordingly as regards Cookies. Detailed information concerning the change in Cookies settings and their individual removal in the most common browsers is available in the help section of the browser and the following websites (click the link):
    Chrome
    Firefox
    Internet Explorer
    Opera
    Safari
    Microsoft Edge
  • 7.7. The Controller may use Google Analytics and Universal Analytics services in the Online Shop, which are provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The services help the Controller to analyse the frequency of visits in the Online Shop. The data collected are processed under the above services to generate statistics helpful while administering the Online Shop and analysing the frequency of visits in the Online Shop. The data are of collective nature. Using the above services in the Online Shop, the Controller collects such data as the sources and medium of acquiring visitors of the Online Shop and the manner of their conduct on the website of the Online Shop, information concerning their devices and browsers used to visit the website, IP and domain, geographical data and demographic data (age, sex) and interests.
  • 7.8. It is possible to easily block sharing information with Google Analytics as regards the activity on the website of the Online Shop – install to that end an opt-out add-on made available by Google Ireland Ltd. available at: https://tools.google.com/dlpage/gaoptout?hl=pl.
  • 7.9. Due to the use of advertising and analytical services in the Online Shop provided by Google Ireland Ltd., the Administrator indicates that detailed information on the rules of processing the data of visitors to the Online Shop (including information stored in Cookie files) by Google Ireland Ltd. is made available in the privacy policy of Google services available at:
    https://policies.google.com/technologies/partner-sites.
  • 7.10. The Controller may use Facebook Pixel service, which is provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). The service helps the Controller to measure an effectiveness of adverts and to find out what actions do users of the Online Shop undertake and to show them matching adverts. Detailed information about Facebook Pixel you can find at:
    https://www.facebook.com/business/help/742478679120153?helpref=page_content.
  • 7.11. Managing Facebook Pixel is possible through ads’ settings on a Facebook user’s account:
    https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
§ 8. FINAL PROVISIONS
  • 8.1. The Online Shop may contain links to other websites. The Controller encourages that at the time of being transferred to other websites, become familiar with the privacy policy. This privacy policy shall apply only to the Online Shop of the Controller.
Cookies help us deliver our services. By using our services, you agree to our use of cookies.