Privacy Policy

Table of Contents:

  1. General Information
  2. Personal Data Processing
  3. Rights of the Data Subject
  4. Cookies and Analytics in the Online Store
  5. Final Provisions

1. General Information

1.1. Using the Online Store and making purchases therein is voluntary. Providing personal data by the Service Recipient or Customer is also voluntary, with certain exceptions: (1) concluding contracts with the Controller – failure to provide data necessary for the conclusion and performance of the Sales Agreement or the agreement on the provision of the Electronic Service, in the manner and scope indicated on the Online Store’s website and in its Terms and Conditions, results in the impossibility to conclude such an agreement. In such cases, providing data is a contractual requirement. (2) statutory obligations of the Controller – providing data is a statutory requirement arising from generally applicable laws imposing on the Controller the obligation to process data (e.g., for tax or accounting purposes), and failure to provide it will prevent the Controller from fulfilling these obligations.

1.2. The Controller takes special care to protect the interests of data subjects, ensuring that data are: (1) processed lawfully; (2) collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes; (3) factually correct and adequate in relation to the purposes for which they are processed; (4) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes of processing; (5) processed with appropriate security measures, protecting data against unauthorized access, unlawful processing, accidental loss, destruction, or damage, using adequate technical and organizational measures.

1.3. Considering the nature, scope, context, and purposes of processing, as well as the risk of violation of the rights or freedoms of natural persons, the Controller implements appropriate technical and organizational measures ensuring compliance with data protection regulations. These measures are periodically reviewed and updated if necessary. The Controller uses technical solutions preventing unauthorized acquisition and modification of personal data transmitted electronically.

1.4. All terms, expressions, and acronyms starting with a capital letter in this Privacy Policy (e.g., Seller, Online Store, Electronic Service) have the meaning ascribed to them in the Online Store’s Terms and Conditions available on its pages.

2. Personal Data Processing
2.1. The Controller is entitled to process personal data when at least one of the following conditions is met and to the extent resulting therefrom: (1) the data subject has consented to the processing of their data for one or more specific purposes; (2) processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary for compliance with a legal obligation to which the Controller is subject; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

2.2. The processing of personal data by the Controller is always based on one of the legal grounds indicated in point 2.1. Specific grounds for processing data of Service Recipients and Customers are detailed further in the context of each processing purpose.

3. Rights of the Data Subject
3.1. Right of Access, Rectification, Restriction, Erasure, and Data Portability – The data subject has the right to request from the Controller information about the processing of their data, as well as the right to rectification, completion, restriction of processing, erasure (“right to be forgotten”), or data portability to another controller. Procedures are described in Articles 15-21 of the GDPR.

3.2. Right to Withdraw Consent at Any Time – If processing is based on consent, the data subject has the right to withdraw it at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

3.3. Right to Lodge a Complaint with a Supervisory Authority – The data subject has the right to lodge a complaint with the data protection supervisory authority, in Poland – to the President of the Personal Data Protection Office.

3.4. Right to Object – The data subject has the right to object, on grounds relating to their particular situation, at any time to processing based on the legitimate interest of the Controller or performance of a task carried out in the public interest. The Controller may then continue processing only if demonstrating compelling legitimate grounds.

3.5. Right to Object to Direct Marketing – If data are processed for direct marketing purposes, the data subject has the right to object at any time to such processing.

3.6. To exercise these rights, contact the Controller via the postal or email address provided at the beginning of the Policy or via the contact form on the Online Store’s website. The Controller is obliged to provide information and take action in response to a request in accordance with the law.

4. Cookies and Analytics in the Online Store
4.1. Cookies are small text files sent by a server and stored on the visitor’s device.

4.2. Categories of Cookies:

  • By provider: First-party (from the Online Store) and third-party.
  • By storage period: Session (until browser close) and persistent.
  • By purpose: Necessary (for website operation), functional/preference (for user adaptation), analytical and performance, marketing/advertising/social.

4.3. Purposes of Processing Data in Cookies:

  • Identifying logged-in users.
  • Remembering products in the shopping cart.
  • Remembering data from forms.
  • Adapting the website’s appearance to user preferences.
  • Conducting anonymous usage statistics.
  • Remarketing, displaying personalized ads, measuring ad effectiveness (including via Google and Facebook networks).

4.4. How to Check Cookies in Your Browser: In settings or via the privacy menu in the address bar (instructions vary for Chrome, Firefox, Safari, Edge, etc.).

4.5. Managing Consent via Browser Settings: Most browsers accept cookies by default. The user can restrict or completely disable their storage in browser settings. Complete disabling may limit website functionality (e.g., the checkout process).

4.6. Importance of Browser Settings: Under the law, consent to the use of cookies can be expressed through browser settings. Links to instructions for popular browsers: Chrome, Firefox, Internet Explorer, Opera, Safari, Microsoft Edge.

4.7. Use of Google Analytics/Universal Analytics: The Controller may use these services provided by Google Ireland Limited to collect aggregated anonymous statistics about traffic and user behavior on the website for analysis and optimization purposes.

4.8. Blocking Google Analytics: Visitors can install a browser add-on to block data collection, available at: https://tools.google.com/dlpage/gaoptout?hl=en.

4.9. Google’s Privacy Policy: Detailed principles of Google’s data processing are available at: https://policies.google.com/technologies/partner-sites.

4.10. Use of Facebook Pixel: The Controller may use the Facebook Pixel (Meta Platforms Ireland Limited) to measure ad effectiveness, track user actions, and show them relevant ads on the Facebook social network.

5. Final Provisions
5.1. Links to Other Websites: Our Online Store may contain links to other websites. This Privacy Policy applies solely to our website. When clicking a link to another resource, we recommend reviewing its own privacy policy, as data processing and security practices are independent for each site.

5.2. Recommendation for Users: The Controller emphasizes that each external website operates under its own autonomous principles regarding privacy and information security. To avoid doubts about the processing of your data on third-party resources, always review the relevant documents published on those sites.