PRIVACY POLICY

 

PRIVACY POLICY
Article 1. General

  1. This document is attached to Rules and Regulations. By using our services, you provide your information to us. This Privacy Policy is to be used only as aid in understanding what information and data is collected, for what purpose and what it is to be used for. The data is very important to us, so please read this document carefully as it specifies the rules and methods of personal data processing and protection. The document also specifies the rules of using Cookie files.
  2. We hereby declare that we observe personal data protection rules and all legal provisions given in the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  3. A data subject may contact us in order to obtain exhaustive information on the way we use their personal data. We always aim at providing clear information on the data we collect, the method the data is used, the purposes of using it and entities to whom the data is transferred, the protection of the data we use when transferring the data to third parties. We also inform about institutions which should be contacted in case of doubts.
  4. The Seller uses the following technical measures: physical protection measures applied to personal data, IT and telecommunications infrastructure equipment measures, protection measures such as software tools and databases, and organisational measures which ensure proper protection of personal data processing, in particular secure personal data against being made available to unauthorised third parties, being obtained by an unauthorised person and used for an unknown purpose, accidental or deliberate change, loss, damage or destruction of such data.
  5. We have exclusive access to data upon the principles specified in the Rules and Regulations and in this document. Access to personal data may also be entrusted to other entities which intermediate in payments and collect, process and store personal data in accordance with their Rules and Regulations, and to entities contracted to perform the order. Access to personal data is granted to these entities to the extent necessary for service performance.
  6. Personal data is processed only for the purposes to which you have consented by clicking on the relevant fields in the form given on the Website or in any other distinct manner. The legal basis of the processing of your personal data is the consent to data processing or the requirement for the performance of service (e.g. Product order) you have ordered from us (in accordance with Article 6(1a) and (1b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - GDPR.

Article 2. Privacy Rules

  1. We approach privacy seriously. We are characterised by respect for privacy and the fullest guaranteed comfort of using our services.
  2. We appreciate trust our Users put in us by entrusting their personal data for the purpose of order performance. We always use personal data fairly, in a way which will not compromise their trust, only in the scope necessary for the performance of the order, including its processing.
  3. The user has a right to obtain clear and full information on the way we use their personal data and the purposes for which the data is needed. We always clearly inform about the data we collect, about the method and entities to which the data is transferred, and provide information on entities which should be contacted in case of doubts, questions or remarks.
  4. If you have any doubts as to the use of User's personal data by us, we will immediately take action to explain and dispel such doubts, and will answer all related questions in a full and exhaustive manner.
  5. We take all justified actions to protect Users' data from improper and uncontrolled use and to secure it in a comprehensive manner.
  6. The controller of your personal data is 201 Respect Sp. z o.o., 30-222 Kraków, ul. Morelowa 1/3, NIP (tax identification number): PL6772438805, REGON (statistical number): 381444204, KRS (National Court Register) No.: 0000750721, e-mail: sklep@201respect.pl
  7. The legal basis of the processing of your personal data is Article 6(1b) of GDPR. The provision of data is not obligatory but it is necessary for taking appropriate action prior to the conclusion of the agreement and its performance. Your personal data will be transferred to other recipients contracted to process personal data on our behalf and for us. Your data will be transferred pursuant to Article 6(1f) of GDPR, where the legitimate interest is the proper performance of agreements/orders. Furthermore, your personal data will be made available to other commercial partners. The collected personal data will be kept within the European Economic Area ("EEA") but it may also be sent to a country outside EEA and processed there. Each operation of personal data transfer is performed in accordance with mandatory law. If data is transferred outside EEA, we use standard contractual clauses and the privacy shield as protective measures with reference to countries in case of which the European Commission has not detected the relevant data protection level.
  8. Your personal data related to the conclusion and performance of the agreement concerning the performance of contracts will be processed for the period of contract performance and for the period not exceeding stipulations in legal provisions, including the provisions of the Polish Civil Code and the Accounting Act, i.e. no longer than 10 years, counted from the end of the calendar year during which the last contract was performed.
  9. Your personal data processed for the purpose of the conclusion and performance of future contracts will be processed until objection is made.
  10. You have a right to access your personal data and obtain a copy of the processed personal data, to rectify incorrect data, to request that the data be removed (right to be forgotten) in case of circumstances provided for in Article 17 of GDPR, the right to restrict the processing of data in cases provided for in Article 18 of GDPR, to object to the processing of data in the cases specified in Article 21 of GDPR, to transfer the furnished data which is processed in an automated manner.
  11. If you find that personal data is processed against the law, you may complain to a supervisory authority (Personal Data Protection Office [Urząd Ochrony Danych Osobowych], ul. Stawki 2, Warszawa). Should you need any additional information related to personal data protection or if you want to exercise your rights, please contact us by post at the given mailing address.
  12. We make every effort to protect information which is in our possession from unauthorised access, unauthorised modification, disclosure and destruction. In particular:
    1. We control methods of information collection, storage and processing, including physical safety measures, in order to protect us from unauthorised access to the system.
    2. Access to personal data is only given to employees, business partners and representatives who need to have access to it. What is more, pursuant to an agreement, they are obliged to keep strict confidentiality, to enable our control and verification of whether they perform their duties; if they fail to fulfil these obligations, they may bear consequences.
  13. We will comply with all applicable legal provisions and regulations concerning data protection and will cooperate with authorities responsible for data protection and entitled law enforcement. In the absence of personal data protection provisions, we will act in accordance with generally adopted personal data rules, principles of community life and established customs.
  14. The details of personal data protection are included in the personal data protection policy (Personal Data Protection: security policy, rules and regulations of personal data protection, IT system management instructions). For security reasons, due to the descriptions of procedures included therein, the instructions are only available for inspection to state inspection authorities.
  15. In case of any questions as to the method of personal data handling, you are encouraged to contact us via the website from which the user has been redirected to the Privacy Policy. The request for contact has been promptly transferred to the appropriate authorised person.
  16. The user always has a right to notify us if:
    1. they do not want to receive information or messages from us in any form;
    2. they want to receive our copy of their personal data;
    3. they want to rectify, update or remove their personal data from our records;
    4. they want to report breach, improper use or processing of their personal data.
  17. In order to make it easier for us to reply or take a position on the provided information, please give your first and last name, and further details.

Article 3. Scope and Purpose of Data Processing

  1. Only the following necessary personal data is processed for the purpose of performing services and for accounting purposes:
    1. to place an order,
    2. to conclude an agreement, to make a complaint or to withdraw from the agreement,
    3. to issue an invoice or a receipt.
    4. to monitor traffic on our websites;
    5. to collect anonymous statistics in order to determine how users use our website;
    6. to determine the number of anonymous users of our websites;
    7. to control how often the selected content is shown to users and which content is shown most frequently;
    8. to control how often users choose a given service or from the level of which service contact is most frequent;
    9. to use the system of personalised recommendations for e-commerce;
    10. to use the tool for both e-mail and post-telephone communication;
    11. for integration with social media;
    12. for potential online payments.
  2. We collect, process and store the following users' data:
    1. first and last name,
    2. address of residence,
    3. mailing address (if it differs from the address of residence),
    4. tax identification number (NIP),
    5. e-mail address,
    6. telephone number (mobile or landline),
    7. date of birth,
    8. PESEL (personal identification number),
    9. Web browser used,
    10. other personal data given voluntarily.
  3. The provision of the above data is completely voluntary but also necessary for the complete service performance.
  4. The purpose for which data is collected, processed or used:
    1. direct marketing, archival purposes of advertising campaigns;
    2. performance of obligations imposed by legal provisions by collecting information on undesired activities.
  5. Personal data may be sent to servers outside the user's country of residence or to related entities, third parties based in other countries, including EEA countries (European Economic Area – free trade zone and Single Market, including European Union member states and EFTA [European Free Trade Association] members) for the purpose of personal data processing by these entities on our behalf, in accordance with the provisions of the Privacy Policy and applicable provisions of law, customs and regulations concerning data protection.
  6. Your personal data will not be stored longer than necessary for the proper service quality and depending on the method and purpose of obtaining it will be stored for service duration and upon completion thereof for the purposes of:
    1. fulfilment of obligations arising out of legal provisions, tax and accounting regulations;
    2. prevention of fraud or crime;
    3. statistical and archiving purposes.
    4. marketing activities – for the term of the agreement, grant of a separate consent to the processing of such data – until the completion of activities related to transaction service, your making an objection to such processing or withdrawal of consent.
    5. sales and promotional activities – e.g. competitions, promotional campaigns – for the term and accounting of such campaigns.
    6. operating activities – until the expiry of obligations imposed under GDPR and relevant domestic provisions for the purpose of proving reliability in personal data processing.
    7. pursuing all claims in relation to the performed agreement;

Article 4. Cookies Policy

  1. Information included in cookie files is collected automatically for the purpose of collecting user data. Cookies are small text files sent to User's browser and sent back from the browser in case of subsequent website visits. They are mainly used for keeping the session, e.g. by generating and sending temporary ID after login. "Session" cookies are stored on the User's end device until the user has logged out, the website or the Web browser have been closed. "Permanent" cookies are stored on the User's end device for the time determined in Cookie parameters or until removed by the User.
  2. Cookies adapt and optimise the website and its offering to Users' needs through such activities as creation of view statistics and ensuring security. Cookies are also necessary for keeping the session upon leaving the website.
  3. The controller processes data included in Cookies each time the website is visited by users for the following purposes:
    1. website use optimisation;
    2. identification of Service Users logged on at a given time;
    3. adaptation of graphic design, selection options and all other website content to Service User's individual preferences;
    4. remembering data from Order Forms or logging data given by the user which is filled in automatically or manually;
    5. collecting and analysing anonymous statistics presenting the method of using the website in the operation panel and Google Analytics;
    6. creating remarketing lists based on information on preferences, behaviour, method of using the Website and collecting demographic data, and then making these lists available in AdWords and AdSense, Facebook Ads;
    7. Google Adsense cookies are used for displaying the right advertising to you. Adsense Cookies contain no personal data. If you would like to find out more about Google AdSense cookies and ways of controlling it, please go to http://www.google.co.uk/policies/privacy/ads/;
    8. creation of data segments based on demographic information, interests, preferences as to the choice of viewed products/service;
    9. use of demographic data and data on interests in Analytics reports;
    10. due to the need to prevent the use of certain functions on our trade platforms by Web crawlers, we use Google reCAPTCHA mechanism for occasional testing whether users' behaviours do not bear the features of crawler behaviour. In such situation, we may be obliged to disclose your IP to Google LLC.
  4. The user may completely block and disable the collection of cookie files at any time through their browser.
  5. The blocking of the possibility of collecting Cookies by the User on their device may hinder or disable the use of certain website functions. The User is fully authorised to such blocking but must be aware of the restricted functionalities.
  6. RECAPTCHA V2

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

CONSENT

Permanent

For occasional testing whether user behaviours do not bear the features of crawler behaviour.

2 years (from the last update)

NID

Permanent

For occasional testing whether user behaviours do not bear the features of crawler behaviour.

2 years (from the last update)

  1. GOOGLE ADWORDS

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

PREF

Permanent

They help personalise advertising in services (e.g. in the browser), especially when the user is not logged on to their Google account.

2 years (from the last update)

id

Permanent

Used for advertising purposes outside Google website from doubleclick.net

2 years (from the last update)

drt_, FLC, NID

Permanent

Advertising server cookie .googleads.g.doubleclick.net. It gathers information on user's activity upon clicking on Google Adwords ad and sends back information on conversions.

12 hour (from the last update)

  1. GOOGLE ANALYTICS

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

_UTMA

Permanent

Used for distinguishing users and sessions. Cookie is updated and data is each time sent to Google Analytics.

2 years (from the last update)

_UTMB

Permanent

Responsible for storing information on a given visit

30 minutes (from the last update)

_UMTC

Session cookies

_utmc cookie cooperates with _utmb cookie and it is supposed to determine whether the tracking of a new visit should begin or whether the collected data should be classified as a new visit. It contains information only on the unique website identifier and expires upon closing the browser window.

Until the session ends

_UMTZ

Permanent

It contains information on the sources of visit. It allows for counting visits from search engines and data from marketing campaigns.

6 months (from the last update)

_UMTV

Permanent

Stores ID identifier. Necessary for keeping information on being logged on the website.

2 years (from the last update)

  1. YOUTUBE

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

PREF

Permanent

This cookie file is used by Google for storing user preferences and information important for the functioning of Google Maps.

10 years (from the last update)

Visitor_info1_Live

Permanent

This cookie file is used by Youtube for storing user preferences on websites containing video content.

8 months (from the last update)

Use_Hitbox

Permanent

This cookie file is used by Youtube for storing user preferences on websites containing video content.

Until the session ends

  1. GOOGLE MAPS

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

PREF

Permanent

This cookie file is used by Google for storing user preferences and information important for the functioning of Google Maps.

2 years (from the last update)

  1. FACEBOOK

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

datr

Permanent

This cookie file is saved when the Web browser gains access to facebook.com. The file enables identification of suspicious login attempts, and thus guarantees greater safety of users. For example, it is used to signal unsuccessful login attempts or creation of multiple accounts used to send spam.

2 years (from the last update)

  1. Instagram

Name of Cookies

Type of Cookies

Purpose of saving Cookies

Validity of Cookies

PREF

Permanent

This cookie file is used by Google for storing user preferences and information important for the functioning of the website.

2 years (from the last update)

  1. The user who does not want to use cookie files for the purpose described above may remove them manually at any time. If you are interested in the detailed instructions, please visit the website of the producer of the Web browser you are currently using.
  2. More information on Cookies can be found in the help menu of each Web browser. Examples of Web browsers using cookie files described above:
    1. Settings of cookie files Internet Explorer
    2. Settings of cookie files Chrome
    3. Settings of cookie filesFirefox
    4. Settings of cookie filesOpera
    5. Settings of cookie filesSafari
    6. Cookies in Android
    7. Cookies inBlackberry
    8. Cookies iniOS (Safari)
    9. Cookies in Windows Phone

Article 5. Rights and Obligations

  1. We have a right and, in certain cases specified in law, a statutory obligation to transfer selected or all information concerning personal data to public administration authorities or third parties which submit a request to furnish information in accordance with applicable provisions of Polish law.
  2. The user has a right to access their personal data they have made available. The user may rectify the data, supplement it at any time, and to request that the data be removed from the databases or its processing be discontinued, without reason. In order to exercise their rights, the User may send the relevant message at any time via e-mail or furnish such a request in any other way.
  3. The processing of personal data of natural persons who are our clients is based on:
    1. legitimate interest of the data controller (e.g. in the scope of database creation, analytical and profiling activities, including activities concerning the analysis of product use, direct marketing of own products, securing documentation for the purpose of exercising or defending claims)
    2. consent (including in particular consent to e-mail marketing or telemarketing)
    3. performance of the concluded agreement
    4. obligations arising out of law (e.g. tax law or accounting provisions).
  4. The processing of personal data of natural persons who are potential clients is based on:
    1. legitimate interest of data controller (e.g. in the scope of databased creation, direct marketing of own products)
    2. consent (including, in particular, consent to e-mail marketing or telemarketing)
  5. The User's request to remove personal data or to discontinue its processing may result in complete impossibility to perform service or its serious restriction.  
  6. Particular attention is attached to profiling and it is indicated that:
    1. for the purpose of profiling we usually process data which has been ssl encrypted beforehand;
    2. typical data is used for this purpose: e-mail address, IP or cookies;
    3. profiling is performed for the purpose of analysing or forecasting personal preferences and interests of Website users or users of products or services and adaptation of content on our Websites or products to these preferences;
    4. profiling for marketing purposes, e.g. adaptation of marketing offering to the above preferences.
  7. We are obliged to act in accordance with applicable legal provisions and principles of community life.
  8. Information on out-of-court settlement of consumer disputes. Within the meaning of the Act on Out-of-court Settlement of Consumer Disputes, the authorised entity is the Financial Ombudsman (Rzecznik Finansowy) - website: www.rf.gov.pl.

Article 6. Elementary Security Rules

  1. Each user should care about the security of their own data and the security of their devices used for Internet access. The device should obligatorily have antivirus software with a valid and regularly updated database of definitions, types and kinds of viruses, safe version of Web browser and firewall on. The User should check if the operating system and software installed has the latest and compatible updates as errors in the installed software are used in attacks.
  2. Access data to services offered online, e.g. logins, passwords, PINs, electronic certificates, etc., should be secured in a place which is not available to others and which may not be hacked from the network level. You should not disclose it or store it on the device in the form which will enable unauthorised access and reading by unauthorised persons.
  3. Caution should be exercised when opening strange attachments or clicking links in e-mail we have not expected, e.g. from unknown senders or from the spam folder.
  4. It is recommended to enable anti-phishing filters in the Web browser, or tools that check if the displayed website is genuine and is not used for phishing, e.g. by disguising oneself as an authentic person or institution.
  5. Files should be downloaded only from trusted places, servers and websites. We do not recommend installing software from unverified sources, especially from unknown publishers of unverified reputation. This also applies to portable devices. e.g. smartphones or tablets.
  6. When using home Wi-Fi network, the password chosen should be safe and difficult to break, it should not contain any formula or string of works which is easy to guess (e.g. street name, host's name, date of birth, etc.). The use of the highest encryption standards of Wi-Fi wireless networks, which can be launched on the held equipment, is also recommended. 

Article 7. Use of Social Media plugins

  1. Social media plug-ins (facebook.com, Twitter, and others) may be found on our websites. Related services are supplied by Facebook Inc. and Twitter Inc., respectively.
  2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To see Facebook plugins, go to: https://developers.facebook.com/docs/plugins
  3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To see Twitter plugins, go to: https://dev.twitter.com/web/tweet-button
  4. The plugin only sends its provider information on which of our websites you had access to and when. If during the view of or visit on our website the user is logged on to their Facebook or Twitter account, the provider is able to link your interests, information preferences and other data obtained e.g. by clicking Like button or leaving a comment or entering the profile name in the search engine. This information is also sent by the browser directly to the provider.
  5. More detailed information on the collection and use of data by Facebook or Twitter and on the protection of privacy may be found on the following websites:
    1. Data protection/guidance on privacy provided by Facebook: http://www.facebook.com/policy.php
    2. Data protection/guidance on privacy provided by Twitter: https://twitter.com/privacy
  6. In order to avoid the recording of your visit on our website on the selected user account by Facebook or Twitter, you need to log off your account before you start browsing our websites.

Note on Copyrights to Rules and Regulations

The owner of all copyrights to the model of this policy is Kancelaria Prawna LEGATO, which has granted a non-exclusive and non-transferable right to use this document for purposes associated with our online business and extends legal protection of the document for the term of the agreement. The copying and dissemination of the model of this document without the consent of Kancelaria Prawna LEGATO is prohibited and may entail both criminal and civil liability. Online sellers may find out more about the possibility of using the model privacy policy and cookies policy at http://www.kancelaria-legato.pl