1. The administrator of the personal data collected by means of the online shop www.workgloves.world is Katarzyna Szklanko-Pawlic running the business activity under the name 3KAMIDO KATARZYNA SZKLANKO-PAWLIC registered in the Central Business Register and Information on Business Activity of the Republic of Poland conducted by the minister competent for economy, the place of running the activity and the address for delivery: ul. Kaliska 54, 62-700 Turek, NIP: 5681066817, REGON: 130344380, electronic mail address (e-mail): email@example.com, phone number: +48 506 227 020, hereinafter referred to as “Administrator” and being at the same time “Service Provider”.
2. Personal data collected by the Administrator through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “RODO”.
TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION
1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Administrator processes personal data of the Customers of the Shop www.workgloves.world in case of:
1.1. registering an Account in the Shop, in order to create an individual account and manage this Account, on the basis of Article 6(1)(b) of the RODO (performance of a contract for the provision of electronic services in accordance with the Rules of the Shop),
1.2. placing an order in the Store, in order to perform a sales agreement, pursuant to Article 6(1)(b) of the RODO (performance of a sales agreement),
1.3. use of Feedback System, in order to learn the Customer’s opinion on the Sales Agreement concluded with the Administrator, pursuant to Article 6(1)(f) of the RODO (legitimate business interest),
1.4. use of the Contact Form, in order to send a message to the Administrator, on the basis of Article 6(1)(f) of the RODO (legitimate interest of the trader).
2. TYPE OF PERSONAL DATA PROCESSED. The Customer provides, in the case of:
2.1. Account: first and last name, login, address, e-mail address,
2.2 Order: name, address, VAT number, e-mail address, telephone number,
2.3. Rating system: first name and last name, login,
2.4. Contact Form: name, e-mail address.
3. ARCHIVING PERIOD OF PERSONAL DATA. Service Recipients’ personal data is stored by the Administrator:
3.1. where the basis of data processing is the performance of a contract, for as long as it is necessary for the performance of the contract, and thereafter for a period corresponding to the period of limitation of claims. Unless otherwise stipulated by a specific provision, the period of limitation shall be six years, and for periodic performance claims and claims related to the conduct of business activity – three years.
3.2. where the basis for data processing is consent, for as long as the consent is not revoked, and after the revocation of consent for a period of time corresponding to the period of limitation of claims which the Administrator may assert and which may be asserted against him. Unless a specific provision of law provides otherwise, the period of limitation is six years, and for claims for periodic performance and claims related to the conduct of business activity – three years.
4. When using the Shop additional information may be collected, in particular: the IP address assigned to Customer’s computer or an external IP address of the Internet provider, domain name, browser type, access time, operating system type.
5. After giving separate consent, under Article 6(1)(a) of the RODO, data may also be processed to send commercial information by electronic means or make telephone calls for direct marketing – respectively, in connection with Article 10(2) of the Act of 18 July 2002 on electronic services or Article 172(1) of the Act of 16 July 2004 – Telecommunications Law, including those directed by profiling, if the Customer has given the appropriate consent.
6. Navigation data may also be collected from Customers, including information about links and references they choose to click on or other actions taken in the Store. The legal basis for such activities is the Administrator’s legitimate interest (Article 6(1)(f) of the RODO) in facilitating the use of services provided electronically and in improving the functionality of these services.
7. Providing personal data by the Customer is voluntary.
8. The Administrator shall exercise particular care to protect the interests of data subjects, and in particular shall ensure that the data collected by it are:
8.1. processed in accordance with the law,
8.2. collected for specified and legitimate purposes and not subjected to further processing incompatible with those purposes,
8.3. substantively correct and adequate in relation to the purposes for which they are processed and stored in a form which permits identification of data subjects for no longer than it is necessary to achieve the purpose of processing.
SHARING OF PERSONAL DATA
1. Customers’ personal data is transferred to providers of services used by the Administrator to operate the Shop, in particular to:
1.1. entities performing the delivery of Products,
1.2. providers of payment systems,
1.3. accounting office,
1.4. hosting provider,
1.5. provider of software to enable operation of the business,
1.6. mailing system providers,
1.7. provider of software needed to operate the online shop.
2. The providers of services referred to in point 1 of this paragraph, to whom the personal data are transferred, depending on the contractual arrangements and circumstances, shall either be subject to the instructions of the Administrator as to the purposes and means of processing such data (processors) or shall themselves determine the purposes and means of processing (controllers).
RIGHT OF CONTROL, ACCESS TO AND CORRECTION OF OWN DATA.
1. The data subject shall have the right to access the content of their personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
2 Legal grounds for the Service Recipient’s request:
2.1 Access to data – Article 15 of the RODO.
2.2 Rectification of data – Article 16 of the RODO.
2.3 Deletion of data (so-called right to be forgotten) – Article 17 of the RODO.
2.4 Restriction of processing – Article 18 RODO.
2.5 Data portability – Article 20 RODO.
2.6 Objection – Article 21 RODO
2.7 Withdrawal of consent – Article 7(3) RODO.
3. In order to exercise the rights referred to in point 2 you can send an appropriate e-mail to the address: firstname.lastname@example.org.
4. In the event of the Customer’s assertion of rights arising from the above rights, the Administrator shall comply with the request or refuse to comply with it immediately, but no later than within one month of receipt. If, however, due to the complexity of the request or the number of requests, the Administrator is unable to comply with the request within one month, he shall comply within a further two months by informing the Service Recipient in advance, within one month of receipt of the request, of the intended extension of the deadline and the reasons for it.
5. If it is determined that the processing of personal data violates the provisions of RODO, the data subject shall have the right to lodge a complaint with the President of the Office for Personal Data Protection.
1. The Administrator’s website uses “cookies”.
2. Installation of “cookies” is necessary for proper provision of services in the Shop website. Cookies” files contain information necessary for the proper functioning of the site, and they also give the possibility to develop general statistics about visits to the website.
3. The website uses two types of “cookies”: “session” and “permanent”.
3.1 “Session” cookies are temporary files, which are stored in the final device of the Customer until logging out (leaving the site).
3.2 Permanent cookies are stored in the terminal equipment of the Customer for the time specified in the parameters of cookies or until they are deleted by the Customer. 4.
4. The Administrator uses its own cookies to better understand how Clients interact with the content of the site. The cookies collect information about the use of the website by the Client, the type of website from which the Client was redirected, the number of visits and the time of the Client’s visit to the website. This information does not record specific personal data of the Client, but is used to compile website usage statistics.
5. The Administrator uses external cookies to collect general and anonymous statistical data through Google Analytics analytical tools (administrator of external cookies: Google Inc. based in the U.S.).
6. Cookies may also be used by advertising networks, in particular the Google network, in order to display advertisements tailored to the manner in which the Customer uses the Store. For this purpose, they can store information about the Customer’s navigation path or time spent on a particular page.
7. The Customer has the right to decide on the access of cookies to his computer by selecting them in advance in his browser window. Detailed information on the possibility and methods of using cookies is available in the software settings (web browser).
ADDITIONAL SERVICES RELATED TO USER’S ACTIVITY IN THE SHOP
1. The Shop uses so-called social plugins (“plugins”) of social networks. By displaying the website www.workgloves.world, containing such a plug-in, the Service Recipient’s browser will establish a direct connection to the servers of Facebook, Instagram, Google and YouTube.
2. The content of the plug-in is transmitted by the respective service provider directly to the user’s browser and integrated into the website. Through this integration, service providers receive information that the client’s browser has viewed the www.workgloves.world website, even if the client does not have a profile with the service provider or is not currently logged in with him. This information (including the Client’s IP address) is sent by the browser directly to the provider’s server (some servers are located in the USA) and stored there.
3. If the Client is logged into one of these social networks, the service provider will be able to directly associate the visit to www.workgloves.world with the Client’s profile in that social network.
4. If the Client uses a plug-in, e.g. by clicking on the “Like” or “Share” button, the relevant information will also be sent directly to the provider’s server and stored there.
5. The purpose and scope of data collection and further processing and use of data by service providers, as well as the possibility of contact and the rights of the Customer in this regard and the possibility to make settings to ensure protection of the Customer’s privacy are described in the privacy policies of service providers:
6. If the Customer does not want the social networking sites to associate the data collected during visits to www.workgloves.world directly with his/her profile on a given site, he/she must log out of that site before visiting www.workgloves.world. The recipient may also prevent the website from loading plug-ins by using appropriate browser extensions, e.g. blocking scripts with “NoScript”.
7. The Administrator uses remarketing tools on his website, i.e. Google Ads, which involves the use of Google LLC cookies related to the Google Ads service. Within the mechanism for managing cookie settings, the Customer has the possibility to decide whether the Service Provider will be able to use Google Ads (administrator of external cookies: Google Inc. based in the USA) in relation to him.
1. The Administrator shall apply technical and organizational measures to ensure the protection of the processed personal data, appropriate to the risks and categories of data covered by the protection, and in particular to protect the data from unauthorized access, from being taken by an unauthorized person, from being processed in violation of the applicable legislation, and from being altered, lost, damaged or destroyed.
2. The Administrator provides appropriate technical measures to prevent acquisition and modification by unauthorized persons of personal data transmitted electronically.