§1 General provisions
1. This document is an information clause in accordance with Article 13 (paragraph 1 and 2) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) for persons (Customers) using data administrator services.
2. The administrator of personal data within the meaning of Article 4 (4) GDPR is Dariusz Branny doing business under the name MEGAT Dariusz Branny at ul. Grabowa 3, 43-440 Goleszów, NIP: 5481281095, REGON: 070741874; e-mail address: firstname.lastname@example.org, telephone: +48 664 084 585.
3. The Administrator in accordance with Article 32 paragraph 1 GDPR adheres to the principle of personal data protection and applies appropriate technical and organizational measures to prevent accidental or unlawful destruction, loss, modification, unauthorized disclosure or unauthorized access to personal data processed in connection with its operations.
4. Providing personal data by the customer is voluntary, but is a condition for the conclusion of a contract whose subject matter are services provided by the administrator or products offered by him. The customer is obliged to provide personal data, and the consequence of not providing data is the inability to use the administrator's offer.
§2 The purpose and grounds for processing personal data
1. The administrator processes personal data for the following purposes:
a) concluding and implementing contracts the subject of which are services or products offered by the data administrator in his online store;
b) electronic provision of services available on the data administrator's website, including the possibility of placing orders using the forms available on the website and maintaining the customer account of the online store;
c) sending marketing information regarding the products or services offered by the data administrator;
d) providing answers to questions addressed to the administrator by means of the contact form available on his website.
2. The basis for the processing of personal data is:
a) taking actions to conclude and implement the contract (Article 6 paragraph 1b GDPR) for the purposes mentioned in paragraph 1a-b;
b) the legitimate interest of the data administrator and, in addition, the consent of the data subject, if it is required by applicable law (Article 6 paragraph 1a and f GDPR) for the purpose referred to in paragraph 1c;
c) the legitimate interest of the controller (Article 6 paragraph 1f GDPR) for the objective referred to in paragraph 1d.
§3 Recipients of data. Transmission of data to third countries
1. Recipients of personal data processed by the administrator may be entities acting as intermediaries in deliveries or performing deliveries to persons purchasing data administrator's products and electronic payment operators.
2. The data administrator may transfer personal data by way of an agreement to entrust the processing of personal data to entities that perform on his behalf and for his part tasks related to the processing of personal data, among others accounting offices, law offices, hosting providers.
3. Personal data may be transferred to entities located outside the European Economic Area, ie. to Google LLC and Facebook Inc., based on appropriate legal safeguards, which are standard clauses of personal data protection approved by the European Commission.
§4 The period of storage of personal data
The data administrator shall store personal data for a period of time related to the term of the contract, the processing of which is associated with the implementation of the contract, and in case of termination of the contract no longer than:
a) for the duration of the contract concluded with the Customer and after its termination for purposes related to the pursuit of claims related to the contract, performance of obligations resulting from the applicable provisions of law, but for no more than 10 years;
b) for a period of 5 years for personal data included in the settlement documents (invoices) in accordance with the Accounting Act;
c) until withdrawal of consent for the processing of personal data.
§5 The rights of the data subject
1. Any person whose personal data is processed by an administrator has the right to access their data, the right to rectify it, delete it ("the right to be forgotten"), processing restrictions, the right to data transfer, the right to object and the right to withdraw consent to process data at any time.
2. Anyone who has signed up to the Newletter and would like to withdraw his consent has the possibility by clicking on the link to unsubscribe from the newsletter (Unsubscribe) visible at the bottom of the newsletter or contacting the store administrator.
3. Any person who considers that his or her personal data are processed by the administrator in violation of the provisions of the GDPR, has the right to lodge a complaint to the President of the Office for Personal Data Protection.
Personal data obtained by the data administrator can be processed automatically - including in the form of profiling. Profiling of personal data carried out by the data administrator is based on the assessment of selected information about the personal data for the purpose of analysis and forecast of personal preferences and interests, in particular for the possibility of providing the person, whose data is related to, personalized offer.
The automatic data processing carried out by the data administrator does not give rise to any legal consequences for the data subject. The data subject may at any time object to the automated processing of her/his data.
§7 "Cookies" policy
2. Cookies allow the Administrator to customize and optimize the Online Store for the needs of customers, create statistics of the Online Store views and ensure the security of the Online Store. Cookies are also used to maintain the Customer's session after leaving the website in order to allow returning to the contents of the basket. Cookies also allow to remember the settings and parameters of the page selected by the Customer.
3. The Customer can delete cookies from the Online Store or completely block their collection on the Customer's device using her/his web browser at any time.
4. Blocking by the Customer the possibility of collecting cookies on her/his device may make it difficult or impossible for the Customer to use certain functionalities of the Online Store.
§8 Contact with the Administrator