1- GENERAL PROVISIONS
2- BASIS OF DATA PROCESSING
3- PURPOSE, BASIS, PERIOD AND SCOPE OF DATA PROCESSING IN THE ONLINE STORE
4- DATA RECIPIENTS IN THE ONLINE STORE
5- INFORMATION ABOUT THE CUSTOMER'S RIGHT TO VIEW, CORRECT, DELETE PERSONAL DATA
6- PROFILING IN THE ONLINE STORE
7- THE RIGHTS OF THE PERSON WHO THE DATA CONCERNS
8- POLICY REGARDING COOKIES AND WHAT ARE COOKIES?
9- FINAL PROVISIONS
The administrator of personal data collected via the Online Store is Ahmet Kuşçu entered into the Central Register and Information on Economic Activity of the Republic of Poland kept by the minister responsible for economy, having: address of the place of business and address for service: al. Krakowska 70, 05-090 Raszyn NIP: 5223168383 REGON: 384408083, e-mail address: [email protected], phone number: 516-555-703 - hereinafter referred to as the "Administrator" and being at the same time the Service Provider of the Online Store and the Seller.
Personal data in the Online Store are processed by the Administrator in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (General Data Protection Regulation) - hereinafter referred to as
„RODO” lOficial Text RODO: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679
The administrator takes special care to protect the interests of persons to whom the personal data processed by him is concerned, and in particular is responsible and ensures that the data collected by him are: (1) processed in accordance with the law; (2) collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes; (3) factually correct and adequate in relation to the purposes for which they are processed; (4) stored in a form that permits the identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing, and (5) processed in a manner ensuring adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage by appropriate technical or organizational measures.
Taking into account the nature, scope, context and purposes of processing as well as the risk of violating the rights or freedoms of natural persons with different probability and severity of the threat, the Administrator implements appropriate technical and organizational measures so that the processing takes place in accordance with this regulation and to be able to prove it. These measures are reviewed and updated as necessary. The administrator uses technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.
BASIS OF DATA PROCESSING
The administrator is entitled to process personal data in cases where - and to the extent that - at least one of the following conditions is met: (1) the data subject has consented to the processing of his personal data in one or more specific goals; (2) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary to fulfill the legal obligation incumbent on the Administrator; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject that require protection personal data, in particular when the data subject is a child.
PURPOSE, BASIS, PERIOD AND SCOPE OF DATA PROCESSING IN THE ONLINE STORE
Each time the purpose, basis, period and scope as well as the recipients of personal data processed by the Administrator result from actions taken by a given Service User or Customer in the Online Store. For example, if the Customer decides to make purchases in the Online Store and chooses to collect the purchased Product in person instead of a courier delivery, his personal data will be processed in order to perform the concluded Sales Agreement, but will no longer be made available to the carrier performing the shipment at the request of the Administrator.
DATA RECIPIENTS IN THE ONLINE STORE
For the proper functioning of the Online Store, including the implementation of the concluded Sales Agreements, it is necessary for the Administrator to use the services of external entities (such as, for example, a software supplier, courier or payment processor). The administrator uses only the services of such processors who provide sufficient guarantees to implement appropriate technical and organizational measures, so that the processing meets the requirements of the GDPR Regulation and protects the rights of data subjects.
INFORMATION ABOUT THE CUSTOMER'S RIGHT TO VIEW, CORRECT, DELETE PERSONAL DATA
In accordance with the provisions of the Act on the Protection of Personal Data of August 29, 1997 (uniform text: Journal of Laws of 2002, No. 101, item 926, as amended), the Seller provides free access to personal data, their change and correction and removal.
The customer has the right to access their personal data and correct them via the Online Store or by telephone contact.
The customer may independently change the data provided in the Online Store system.
Access, changes, correction and deletion of personal data can be made by the Customer at any time through his account in the Online Store, after prior registration and logging in.
The customer has the option of direct e-mail contact with the employees of the Online Store via e-mail.
A customer who has set up an account in the Online Store may delete the account at any time via the Online Store or by telephone.
Account deletion is irreversible and means the deletion of all customer data. It will not be possible to restore such an account.
PROFILING IN THE ONLINE STORE
According to Art. 4 point 4 of the GDPR, profiling is: "any form of automated processing of personal data, which consists in the use of personal data to evaluate certain personal factors of a natural person, in particular to analyze or forecast aspects related to the effects of work of that natural person, their economic situation, health, personal preferences, interests, reliability, behavior, location or movement. Detailed information on this subject is included in the SHOP RULES.
THE RIGHTS OF THE PERSON WHO THE DATA CONCERNS
The right to lodge a complaint with PUODO is one of the elements that, pursuant to art. 13 sec. 2 lit. d GDPR, the administrator is obliged to inform the person when collecting data from him - in the so-called information clause. What does this right actually mean and how can it be used in practice by a person who considers that his or her rights in the field of personal data protection have been violated?
The right to bring a complaint as one of the legal remedies is regulated in Art. 77 GDPR. Pursuant to the provision of Art. 77 paragraph. 1, each data subject has the right to lodge a complaint with the supervisory authority if he or she believes that the processing of personal data concerning him violates the provisions of the GDPR. The action should be brought in particular in the Member State of the person's habitual residence, place of work or place of the alleged infringement. Importantly, the data subject may exercise the right to file a complaint without prejudice to other administrative measures and other legal remedies before a court. This means that there is nothing to prevent a person from both lodging a complaint to PUODO and bringing a civil action to the court against the controller or processor that has violated the lawful data processing in the event of a single breach.
Under Art. 77 paragraph. 2 GDPR, the supervisory authority is obliged to inform the person who lodged the complaint about the progress and results of the complaint examination. The authority should also instruct the person about the possibility of using a judicial remedy pursuant to Art. 78 of the GDPR, i.e. complaints to the administrative court. The indicated provision of the GDPR gives the data subject the opportunity to appeal to the court against a legally binding decision of the authority regarding the person. The second envisaged measure of judicial protection covers the authority's failure to meet the 3-month deadline for examining the complaint, and at least informing the person about the progress and results of the complaint examination.
As a rule, lodging a complaint should initiate PUODO proceedings in the case in question. If the authority determines that there has been a breach of the provisions - it will order, by way of an administrative decision, the restoration of the legal status in accordance with art. 58 sec. 2 GDPR.
The Online Store generates cookies that remember information about the Customer and allow the server to recognize it later.
Cookies do not damage the computer system in any way, and any web browser can disable them.
Cookies are small files saved and stored on a computer, tablet or smartphone when visiting various pages in the Online Store.
A cookie usually contains the name of the website it comes from, the expiry date of the cookie (its lifetime) and a randomly generated unique number used to identify the browser from which the website is connected.
Usually cookies are very useful. Thanks to them, individual settings are remembered and thanks to them you can log in to an individual account.
If the Customer believes that the presence of cookies violates privacy, they can be turned off at any time either for a specific website or for all connections from a given browser.
1. Agreements concluded through the Online Store are concluded in Polish.
2. The Seller reserves the right to amend the Regulations for important reasons, that is: changes in the law, changes in payment and delivery methods - to the extent to which these changes affect the implementation of the provisions of these Regulations. The Seller will inform the Customer about each change at least 7 days in advance.
3. In matters not covered by these Regulations, generally applicable provisions of Polish law shall apply, in particular: the Civil Code; the act on the provision of electronic services; the act on consumer rights, the act on the protection of personal data.
4. The customer has the right to use extrajudicial means of dealing with complaints and redress. To this end, he can file a complaint through the EU
the ODR internet platform available at: http://ec.europa.eu/consumers/odr/.
5. In matters not covered by these regulations, the provisions of the Civil Code and relevant acts of Polish law, as well as European Union law, in particular the GDPR shall apply.
6. In matters not covered by these Regulations, generally applicable provisions of Polish law shall apply, in particular: the Civil Code; the Act on the provision of electronic services of July 18, 2002 (Journal of Laws 2002, No. 144, item 1204, as amended); for Sales Agreements concluded until December 24, 2014 with Customers who are consumers - the provisions of the Act on the protection of certain consumer rights and liability for damage caused by a dangerous product of March 2, 2000 (Journal of Laws of 2000 No. 22, item 271, as amended) and the Act on special terms of consumer sales and amending the Civil Code of July 27, 2002 (Journal of Laws of 2002, No. 141, item 1176, as amended); for Sales Agreements concluded from December 25, 2014 with Customers who are consumers - the provisions of the Act on consumer rights of May 30, 2014 (Journal of Laws of 2014, item 827, as amended); and other relevant provisions of generally applicable law.