We attach great importance to the protection of your personal data and handle it in accordance with the relevant legal provisions, in particular in accordance with the General Data Protection Regulation of 27 April 2016 (“GDPR”). Our goal is to provide you with access to information as well as give you control over the processing of your data by us, as well as to provide you with the tools that allow you to exercise your rights under current laws.
Information on how we process your personal data, how we care for its security and who we share it with can be found below. If you have additional questions about how we use your personal data, please feel free to contact us at the following email address: email@example.com
1. HOW WE ACQUIRE YOUR DATA
We use your personal data because you have either decided to make purchases in our online shop (“Shop”), make a wholesale order with our production house, or have agreed to receive commercial information on offers via e-mail to the e-mail address provided to the Shop, or have otherwise provided us with your data when using the website. The shop operates as delineated within the Terms and Conditions, which you can read here, and wholesale Terms and Conditions you can find here.
2. WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?
The administrator of personal data is the business, FPHU Natura Zenon Mizerek.
Contact our Data Protection Officer:
Postal address: ul. Boh. Westerplatte 64, 76-200 Słupsk. Poland
3. HOW DO WE PROCESS YOUR PERSONAL DATA?
If you use our Shop, we will process your personal data for the following purposes:
a) In order to implement the sales agreement entered into with you for the purchase of goods from the Shop – your data shall be processed pursuant to the implementation of the sales agreement entered into with the Administrator by accepting the terms and conditions of the Shop. In this regard, we shall require the largest amount of data from you, but only to the extent in which it is necessary to implement the sales agreement and deliver the purchased goods to you; providing your personal data for this purpose is not mandatory, but necessary to implement the agreement,
b) In order to keep your account on the Shop’s website – the basis for processing your data in this case shall be the agreement entered into with the Administrator by creating an account and accepting the shop’s terms and conditions. Creating an account in the Shop shall also allow you to access the data you have provided, including your purchase history, and to exercise certain rights related to data processing; providing your personal data for this purpose is not mandatory, but necessary to perform the agreement,
c) In order to process complaints and returns claims – in this instance, the basis for processing your data is the Administrator’s obligation arising from the laws on warranties for defects of sold goods. Providing data in the complaint form is mandatory for proper consideration of your complaint,
d) If you give separate consent, we shall send commercial information regarding the goods offered from wholesale or that are on for sale in the Shop, including promotional offers – your personal data is processed subject to your consent, which is not mandatory and can be withdrawn at any time by contacting the above-mentioned Administrator, or in your user account in the “Your data” tab, or by clicking the link that we send in every e-mail containing commercial information. Withdrawal of consent does not affect the legality of data processing that took place in the period before your withdrawal.
e) If you give your separate consent, we shall send commercial information regarding goods on offer for sale in the Shop to your mobile phone number, including promotional offers – here, your personal data is processed subject to your consent, which is not mandatory, and can be withdrawn at any given time by contacting us, e.g. at the above address or via your user account in the “Your data” tab. Withdrawal of consent does not affect the legality of data processing that took place in the period before your withdrawal.
f) For statistical purposes for the Administrator’s internal needs – in this case, your personal data shall be processed pursuant to the legitimate interests of the Administrator, consisting of the collection of information that enable the development of their business and for the adaptation of services to the needs of the Shop’s users.
g) In order to confirm the performance of our duties and to assert claims or defend against claims that may be directed towards us, and, to prevent or detect fraud – your data shall be processed in this instance pursuant to the Administrator’s legitimate interests, namely, protecting their rights, confirming the performance of obligations and obtaining due remuneration from the Administrator’s customers.
Our transparency on how your personal data is processed by us is key. If you have any questions about the process or the rules for its processing, please contact us. We process your data in accordance with current laws, ensuring that it remains current and correct. Therefore, from time to time we will remind you to update your data by sending a message to the e-mail address you have provided. Your personal data shall not be processed for the purpose of automated decision making without your consent.
4. ARE YOU OBLIGATED TO PROVIDE YOUR PERSONAL DATA?
It is up to you to decide if and what data you provide to us, but remember that when making purchases in the Shop, providing specific data will be necessary and mandatory to implement the sales agreement, because without it we shall not be able to process your order. Failure to provide the data we require shall result in the lack of a confirmed purchase order. You are not obliged to agree to receiving commercial information to the e-mail address or phone number you have provided for the implementation of the sales agreement. If you have given such consent, you may withdraw it at any time.
5. WHO SHALL WE SHARE YOUR PERSONAL DATA WITH?
We shall give your data to entities that work with us to implement the sales agreement for the goods that you have purchased:
a) Depending on your chosen delivery method, we shall provide part of your data that is necessary for the delivery of goods to one of the following entities:
GLS Poland Sp. z o. o.
Poczta Polska SA,
Other entities that shall, in the future, provide services for the delivery of goods purchased in the Shop.
b) Depending on your chosen payment method for the purchased goods, we shall provide your data that is necessary to collect or make payment for the purchased goods to the following entities:
Przelewy24 Sp. z o. o. – if you chose the Przelewy24 payment system as a payment method
PayPal Europe Sarl & Cie, SCA (RCS Luxembourg B 118 349) – if you chose the PayPal payment system as the payment method,
Other payment operators with whom we shall cooperate in order to receive monies for purchased goods.
c) If you have agreed to receive commercial information to the e-mail address or telephone number you have provided, we shall share your data with entities providing the service of sending commercial information on our behalf.
d) In addition, your data shall be forwarded to entities that process our clients’ personal data on our behalf, to the extent necessary for hosting the Shop’s website: Dhosting.pl Sp. z o. o.
e) We may also share your personal data with other entities from the above categories with whom we shall establish cooperation.
6. HOW LONG WILL WE PROCESS YOU PERSONAL DATA?
We shall process personal data provided by you for the following durations:
a) As long as is necessary to implement the sales agreement, as well as your returns claims or complaints, as well as pending confirmation of the performance of our obligations and the pursuit of claims or defense against claims that may be directed against us – but for no longer than 10 years from the date on which you provide us with your data,
b) If you submit a request for the deletion your account in the shop, we may process your data for the time period necessary to confirm that the performance of our obligations and for the time during which we may pursue claims or defend against claims that may be directed against us – – however, this shall be for no longer than 10 years from the date on which you provided us with your data.
7. HOW DO WE KEEP YOUR DATA SECURE?
We use a number of IT and organizational security measures to minimize the risk of data leakage, destruction, disintegration, such as: a firewall system, anti-virus and anti-spam security systems, internal access procedures, data processing and emergency recovery, as well as a multi-level backup system. Our Shop provides a very high level of security thanks to cooperation with a carefully selected hosting service provider. Remember, however, that using the Internet always carries the risk of certain security incidents. We assure you, however, that thanks to the implemented procedures of regular IT system reviews and updates, and active monitoring of critical system points, we work to reduce this risk as much as possible.
8. WHAT RIGHTS DO YOU HAVE IN REGARDS TO OUR PROCESSING OF YOUR DATA?
Pursuant to the GDPR, you have a number of rights in connection with providing us with your personal data, such as:
a) The right to receive information as to how your personal data is processed – if you have questions about whether and how we process your data, please contact us at firstname.lastname@example.org, we will be happy to answer any questions,
b) The right to access and update your data – you always have access to your personal data on your account in the Shop. You can edit the data provided to us and update it there. If you have not created an account in the Shop, contact our Data Protection Officer with a request to access your data – we shall provide you with the information pertaining to your personal data that we process and shall update it at your request,
c) In accordance with the rules set out in the GDPR, you also have the right to:
Delete data – if you want us to stop processing your data, you can delete your account in the Shop or inform us of such a request. Remember, however, that this is not an absolute right and we may refuse to delete elements of your data, for which we have a legal basis for further processing (e.g. fulfillment of a legal obligation or to facilitate exercising of claims or defence against claims that may be directed against us),
Requesting restrictions for the processing of your data,
Objections to the processing of your data if the basis for processing is the Administrator’s legitimate interests or performing tasks in the public interest,
Withdrawal of consent if the data is processed pursuant to your consent,
Transfer of data if the processing is pursuant to your agreement or consent.
You can exercise all of the above rights by contacting our Data Protection Officer (email address: email@example.com).
9. WHEN WILL YOU RECEIVE A REPLY?
We will try to process your requests as soon as possible and answer the questions we receive regarding your data. In all instances, you should receive a message from us no later than 30 days from the date of receipt of your request. Within this period, we shall give you an answer or inform you about any required time extensions and provide reasons for such. If we have doubts as to your request, we may ask a few additional questions to verify your identity.
10. INFORMATION ON THE COMPETENT AUTHORITIES FOR COMPLAINTS
If you feel that we are processing your data unlawfully, you can submit a complaint to the President of the Office of Personal Data Protection.
If you have any questions related to the processing of your personal data by us or you want to exercise your rights as indicated within the provisions of the GDPR, please write directly to our Data Protection Officer: firstname.lastname@example.org.
Administrator – the company, FPHU Natura Zenon Mizerek, which provides services electronically and stores and gains access to information in the User’s devices,
Website – means the website or application under which the Administrator runs a website operating in the domain: https://natura.slupsk.pl/.
Cookies – means computer data, in particular, small text files saved and stored on the User’s devices on which the User accesses the websites of the Service.
Administrator Cookies – Cookies that are published by the Administrator in association with the provision of electronic services by the Administrator via the Service.
External Cookies – Cookies that are published by the Administrator’s partners, through the website of the Service.
Device – an electronic device through which the user accesses the Website.
User – the entity to whom services may be provided electronically, or with whom an Agreement for the provision of electronic services may be entered into and concluded, in accordance with the Terms and Conditions and current legal provisions.
2. TYPES OF COOKIES IN USE
Cookies used by the Administrator are safe for the user’s device. In particular, it is impossible to transfer viruses to User’s Device via this channel, or other unwanted or malicious software. These files allow for the identification of software used by the User and adapting the Website to his/her individual needs. Cookies usually contain the name of the domain they come from, the time of storing them in the device and an ascribed value.
The administrator uses two types of cookies:a) SESSION COOKIES: these are stored on the User’s Device and remain there until the end of the browser session. The stored information is then deleted from the Device. The working mechanism of session cookies does not allow for the downloading of any personal data or any confidential information from the User’s Device,
b) PERMANENT COOKIES: these are stored on the User’s Device and remain there until they are deleted. Ending a browser session or turning the Device off does not delete them from the User’s Device. The mechanisms of permanent cookies do not allow for the downloading any personal or confidential data from the User’s Device.
The User can restrict or turn off cookie files’ access to their Device. If such is the case, using the Website shall still be possible with the exception of functions requiring cookies.
3. THE PURPOSES OF COOKIES
THE ADMINISTRATOR USES THEIR OWN COOKIES FOR THE FOLLOWING PURPOSES: a) CONFIGURATION OF THE SERVICE
(i) adapting the content of the Website pages to the User’s preferences and optimizing the use of Website pages,
(ii) recognizing the Website User’s device, its location and displaying the website according to individual needs.
b) AUTHORIZING THE USER ON THE WEBSITE AND PROVIDING USER SESSIONS ON THE WEBSITE
(i) maintaining the Website User’s session (after logging in), thanks to which the User does not have to re-enter the login and password on each sub-page of the Website;
(ii) correct configuration of selected Website functions, enabling, in particular, verification of the authenticity of the browser session,
(iii) optimization and increased efficiency of services provided by the Administrator.
c) IMPLEMENTATION OF PROCESSES NECESSARY FOR THE FULL FUNCTIONALITY OF WEBSITES
(i) adapting the content of the Website pages to the User’s preferences and optimizing the use of Website pages. In particular, these files allow for recognition of the basic parameters of the User’s Device and properly display the website, tailored to their individual needs;
(ii) proper handling of the partner program, enabling, in particular, the verification of sources of Users’ redirects to the Website’s websites,
(iii) enabling the use of the “Clipboard” and “Shopping Cart” functions on the Website.
d) ANALYSIS, RESEARCH AND VIEWING AUDIT
(i) creating anonymous statistics that help to understand how Website Users use Website pages, which allow for the improvement of their structure and content. e) SERVICE SAFETY AND RELIABILITY
THE SERVICE ADMINISTRATOR USES EXTERNAL COOKIES FOR THE FOLLOWING PURPOSES:
a) presenting multimedia content on the Website’s pages that are downloaded from an external website, e.g. Youtube,
b) collecting general and anonymous statics data through analytical tools – Google Analytics, HotJar,
c) presenting advertisements tailored to the User’s preferences using online advertising tools, e.g. Google AdSense,
d) using interactive functions to popularize the Website using social networking websites, such as Facebook.com, Pinterest.com,
4. ABILITY TO DEFINE THE STORAGE CONDITIONS AND ATTAINING ACCESS VIA COOKIES
The User can personally change their Cookie file settings at any time, defining the conditions for their storage and access to the User’s Device. The changes to the settings, mentioned in the previous sentence, may be made by the User via their browser settings or service configuration. In particular, these settings can be changed in such a way as to block the automatic handling of cookies in the web browser settings, or to inform the User whenever Cookies are placed on the User’s device. Details on the possibilities and methods of managing cookie files are available in the software settings (of the web browser).
The User can delete Cookies at any time using their browser functions.
Restricting Cookies can affect some functions available on the Website.
In order to manage cookies, select your web browser/system from the list below: