1. GENERAL PROVISIONS
1.2. The administrator of personal data collected via the Online Store is Klaudia Wcisło, who runs a business under the name Klaudia Wcisło Moi Mili, entered in the Central Register and Information on Economic Activity of the Republic of Poland kept by the minister competent for economy, having: address of place of business and address for delivery: ul. Gizów 3 / 41 01-249 Warsaw, NIP 9930439924, REGON 146627846, e-mail address: firstname.lastname@example.org- hereinafter referred to as "Administrator" and being at the same time the Online Store Service Provider and the Seller.
1.3. The personal data of the Service Recipient and the Customer are processed in accordance with the Personal Data Protection Act of 29 August 1997 (Journal of Laws 1997 No. 133, item 883, as amended) (hereinafter: the Act on Personal Data Protection) and the Act on providing services by electronic means of 18 July 2002 (Journal of Laws 2002 No. 144, item 1204, as amended).
1.4. The Administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are processed in accordance with the law; collected for specified, legitimate purposes and not subjected to further processing incompatible with those purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows identification of the persons to whom they relate, no longer than necessary to achieve the purpose of processing.
1.5. All words, expressions and acronyms appearing on this website and beginning with a capital letter (e.g. Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Online Store Regulations available on the Online Store website.
2. PURPOSE AND SCOPE OF DATA COLLECTION AND RECIPIENTS OF DATA
2.1. Each time the purpose, scope and recipients of data processed by the Administrator result from actions taken by the Service User or Customer in the Online Store. For example, if the Customer chooses personal collection instead of courier when placing the Order, then his personal data will be processed for the conclusion and implementation of the Sales Agreement, but will no longer be made available to the carrier performing the shipment at the request of the Administrator.
2.2. Possible purposes of collecting personal data of Service Recipients or Customers by the Administrator:
a) Conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services (e.g. Account).
b) Direct marketing of the Administrator's own products or services.
c) Possible recipients of personal data of Online Store Customers:
- In the case of a Customer who uses the Online Store with the method of delivery by post or courier, the Administrator provides the Customer's collected personal data to the selected carrier or intermediary performing the shipment at the request of the Administrator.
- In the case of a Customer who uses the Online Store with the method of electronic payment or a payment card, the Administrator provides the Customer's personal data collected to the selected entity servicing the above payments in the Online Store.
2.3. The Administrator may process the following personal data of Service Recipients or Customers using the Online Store: name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, zip code, city, country), residence / business address / registered address (if different from the delivery address). In the case of Service Recipients or Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Service Recipient or Customer.
2.4. Providing personal data referred to in the point above may be necessary for the conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services in the Online Store. Each time the scope of data required to conclude a contract is indicated previously on the Online Store website and in the Online Store Regulations.
3. COOKIES AND OPERATING DATA
3.1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the Online Store website (e.g. on the hard disk of a computer, laptop or on the smartphone's memory card - depending on which device it uses visiting our Online Store). Detailed information about Cookies as well as the history of their creation can be found, among others here: http://pl.wikipedia.org/wiki/Ciasteczko.
3.2. The Administrator may process data contained in Cookies when users use the Online Store for the following purposes:
a) identify the Service Users as logged in to the Online Store and show that they are logged in;
b) remembering Products added to the basket to place an Order;
c) remembering data from completed Order Forms, surveys or login data to the Online Store;
d) adapting the content of the Online Store website to the individual preferences of the Service Recipient (e.g. regarding colors, font size, page layout) and optimizing the use of Online Store pages;
e) keeping anonymous statistics showing how to use the Online Store website.
3.4 Detailed information on changing the settings for cookies and their independent deletion in the most popular web browsers are available in the help section of the web browser.
3.5 Administrator also processes anonymized operational data related to the use of the Online Store (IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store. These data are not disclosed to third parties.
4. BASIS FOR DATA PROCESSING
4.1. Providing personal data by the Service Recipient or Customer is voluntary, but failure to provide the personal data indicated on the Online Store website and the Regulations of the Online Store necessary for the conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services results in the inability to conclude this contract.
4. 2. The basis for processing personal data of the Service Recipient or Customer is the need to perform the contract to which he is a party or take action at his request before its conclusion. In the case of data processing for the purpose of direct marketing of the Administrator's own products or services, the basis for such processing is (1) prior consent of the Service Recipient or Customer or (2) fulfillment of legally justified purposes pursued by the Administrator (in accordance with Article 23, paragraph 4 of the Personal Data Protection Act the direct marketing of the Administrator's own products or services is considered a legitimate purpose).
5. THE RIGHT OF CONTROL, ACCESS AND CONTENT OF YOUR DATA
5.1. The Service Recipient or Customer has the right to access their personal data and correct it.
5.2. Each person has the right to control the processing of data concerning them contained in the Administrator's data set, and in particular the right to: request supplementing, updating, rectifying personal data, temporarily or permanently suspending their processing or removing them, if they are incomplete, outdated, false or have been collected in violation of the Act or are no longer needed to achieve the purpose for which they were collected.
5.3. If the Customer or the Customer gives consent to the processing of data for the purpose of direct marketing of the Administrator's own products or services, the consent may be revoked at any time.
5.4. If the Administrator intends to process or processes the Service Recipient's or Client's data for the purpose of direct marketing of the Administrator's own products or services, the data subject is also entitled to (1) submit a written, motivated request to cease processing his data due to its special situation or to (2) object to the processing of its data.
6. FINAL PROVISIONS
6.2. The administrator applies technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data protected, and in particular protects the data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of applicable laws and change, loss, damage or destruction.
6.3. The administrator provides the following technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons:
a) Securing the data set against unauthorized access.
b) Access to the Account only after providing the individual login and password.