I. General provisions
II. Purpose and scope of data collection
III. The basis for data processing
IV. Rights of the Service Recipient
VI. Final Provisions
I. GENERAL PROVISIONS
1. The administrator of personal data collected via the Store www.tcmsklep.pl is TCM BRAND SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, entered into the register of entrepreneurs kept by the District Court for Kraków Śródmieście in Kraków, 11th Commercial Division of the National Court Register under KRS number: 0000565755, NIP: 6762490342 , REGON: 361995256, registered office: ul. Winnicka 52, 30-394 Kraków, address of the place of business and address for service: Winnicka 52, 30-394 Kraków, e-mail address: firstname.lastname@example.org, hereinafter referred to as the "Administrator" and being the Service Provider at the same time.
2. The Customer's personal data is processed in accordance with the EU General Data Protection Regulation 2016/679, the Personal Data Protection Act of August 29, 1997 (Journal of Laws No. 133, item 883, as amended) and the Act on providing services by electronic means of July 18, 2002 (Journal of Laws No. 144, item 1204, as amended).
3.The administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are:
a) processed in accordance with the law,
b) collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes,
c) factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing.
II. PURPOSE AND SCOPE OF DATA COLLECTION
1. The personal data of the Customers, collected by the Administrator, are used for accounting and marketing purposes (Newsletter), contacting the Customer and other activities related to the performance of the Sales Agreement.
2. The Administrator processes the following personal data of the Customers:
a) Name and surname,
b) NIP (tax identification number),
c) Address (street and house / flat number, zip code, city),
d) e-mail address,
e) Telephone number.
3. The Administrator may process the following data characterizing the way the Customer uses the services provided electronically (operational data):
a) Markings identifying the end of the telecommunications network or the ICT system used by the Service Recipient.
b) Information on the start, end and scope of each use by the Customer of the service provided electronically.
c) Information on the use by the Service Recipient of services provided electronically.
4. Providing personal data referred to in point 2 is necessary for the Service Provider to provide electronic services as part of the Store or to conclude a Product Sales Agreement.
5. In order for the Administrator to be able to process personal data related to the performance of the Sales Agreement, the Service Recipient must express his consent to it by checking the Data processing consent box for the purpose of making a purchase - when registering an account or placing an order. If the consent field is left unchecked, the Service User refuses to consent to the processing of personal data for this purpose. The above consent does not constitute a simultaneous consent to the processing of data for marketing purposes.
6. In order for the Administrator to be able to process personal data obtained for marketing purposes, the Service Recipient must express his consent to it by checking the box of Consent to receive the newsletter, when registering an account or placing an order. If the consent field is left unchecked, the Service User refuses to consent to the processing of personal data for this purpose. The above consent does not constitute a simultaneous consent to the processing of data for the purpose of performing the Sales Agreement.
7. The administrator stores the obtained personal data indefinitely in order to facilitate subsequent purchases and subsequent communication.
III. BASIS FOR DATA PROCESSING
1. Using the Store, concluding contracts for the provision of electronic services via the Store or concluding Product Sales Agreements, which involves the need to provide personal data, is completely voluntary. The data subject decides on his own whether he wants to start using the services provided electronically by the Service Provider or conclude a Product Sales Agreement in accordance with the Regulations.
2. Pursuant to Art. 23 of the Personal Data Protection Act of August 29, 1997 (Journal of Laws No. 133, item 883, as amended), data processing is allowed, inter alia, when:
a) the data subject consents to it, unless it concerns the deletion of data relating to him.
b) it is necessary for the performance of the contract when the data subject is a party to it or when it is necessary to take action before concluding the contract at the request of the data subject.
3. The processing of personal data by the Administrator always takes place within the framework of the admissibility of their processing listed in point 2. Data processing will be related to the performance of the contract or the need to take action before concluding the contract at the request of the data subject (point 2 (b)) . In addition, before concluding contracts for the provision of electronic services available through the Store, the future Customer is informed about the need to accept the Regulations.
IV. SERVICE RECIPIENT'S RIGHTS
1. The Service Recipient has the right to access their personal data and correct them.
2. The Service Recipient has the right to permanently delete his personal data from the Administrator's data set.
3. The Service Recipient has the right to withdraw his consent to the processing of his personal data by the Administrator.
4. The Service Recipient has the right to transfer his personal data.
5. The Service Recipient has the right to withdraw consent to receive marketing messages (Newsletter).
6.Each person has the right to control the processing of data concerning him, contained in the Administrator's data set, and in particular the right to request supplementing, updating, rectifying personal data, temporary or permanent suspension of their processing or their removal if they are incomplete or out of date. are untrue or have been collected in violation of the Act or are no longer necessary for the purpose for which they were collected.
7. The rights referred to in points 1, 2, 3, 4 and 5 are used by sending an appropriate e-mail to the following address: email@example.com
8. The rights referred to in points 1, 2 and 3 may be exercised by the Service Recipient at the level of the My Account tab on the website www.tcmsklep.pl.
9. The rights referred to in point 5 may be exercised by the Service Recipient by sending an appropriate e-mail to the following address: firstname.lastname@example.org or by clicking on the unsubscribe link included in each newsletter sent.
10. The Service Recipient, in the event that he finds that his rights are not exercised, has the right to lodge a complaint with the Inspector General for Personal Data Protection.
V. "COOKIES" FILES
1. The Service Provider's Store uses "cookies". No change in the browser settings on the part of the Customer is tantamount to consenting to their use.
2. The installation of "cookies" is necessary for the proper provision of services in the Store. The "cookies" files contain information necessary for the proper functioning of the Store, in particular those requiring authorization.
3. The Store uses three types of "cookies": "session", "permanent" and "analytical".
a) "Session" cookies are temporary files that are stored on the User's end device until logging out (leaving the Store).
b) "Permanent" cookies are stored in the Customer's end device for the time specified in the parameters of "cookies" or until they are deleted by the Customer.
c) "Analytical" cookies enable better understanding of the Customer's interaction with regard to the content of the Store, and better organize its layout. "Analytical" "cookies" collect information about the way the Customer uses the Store, the type of page from which the Customer was redirected, and the number of visits and time of the Customer's visit to the Store's website. This information does not record specific personal data of the Service Recipient, but is used to develop statistics on the use of the Store.
4. The Service Recipient has the right to decide on the access of "cookies" to his computer by selecting them in his browser window. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
VI. FINAL PROVISIONS
1. The administrator uses technical and organizational measures to ensure the protection of personal data being processed, appropriate to the threats and categories of data protected, and in particular, protects the data against unauthorized disclosure, removal by an unauthorized person, processing in violation of applicable laws and change, loss, damage or destruction. .
2. The Service Provider provides appropriate technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons.