§ 1. PERSONAL DATA
1. Personal data provided by the Customer shall be processed by the Seller (i.e. K&A Arkadiusz Kosiarski based in Bytom, ul. Felińskiego 23/1A
41-923, NIP PL6262591695), who is the administrator of personal data. In accordance with the principles set out in the content of Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016. (hereinafter “RODO”). Contact with the Controller of personal data can be made by e-mail [email protected] or by telephone contact 517 695 685.
2. The scope of processed personal data is determined by the scope of data completed by the Customer and then sent to the Seller using the appropriate form. Processing of the Customer’s personal data may involve their e-mail address, name and surname, telephone number, residential address and computer IP address.
The Customers’ personal data will be processed for a period of 5 years, after which it will be deleted, unless its further processing results from another legal basis.
3. Customers’ personal data will be processed in order to: (a) realization of legal regulations, (b) creation of an Account, realization of an Order, provision of electronic services, consideration of submitted complaints and other activities indicated in the Regulations, (c) promotional and commercial activities of the Seller.
4. Providing personal data is voluntary, but lack of consent for the processing of personal data marked as mandatory will prevent the Seller to perform services and Sales Agreements.
5. The legal basis for the processing of personal data in the case referred to in paragraph. 3 lit. (a) is the legal obligation of the Seller related to the performance of an agreement to which the data subject is a party, including the obligation to act at the request of the data subject before entering into an agreement; in the case referred to in paragraph. 3 lit. (b ) the legal basis for the processing of personal data is the consent of the data subject, who has given his/her consent to the processing of his/her personal data for one or more specified purposes, while in the case referred to in paragraph 3 point (c) the processing is necessary for the performance of a legal obligation by the controller
6. Personal data of the Clients may be entrusted for processing, only for the purpose of Sales Agreements and agreements on provision of electronic services by the Seller, to a hosting company, a company providing accounting services to the Seller, a courier company, a company performing online transfers. The entity processing personal data of Clients on the basis of an Entrustment Agreement will process, since the entry into force of the RODO, personal data of Clients, through another entity, only on the basis of prior consent of the Seller. Personal data collected by the Seller may also be made available to the relevant state authorities at their request on the basis of the relevant provisions of law, or to other persons and entities – in cases provided for by law.
7. Disclosure of personal data to unauthorized entities under this Policy, may take place only with the prior consent of the Customer to which the data relate.
8. Customers have the right to: remove personal data collected about them both from the Seller’s system and from databases of entities cooperating with the Seller, to limit data processing, to transfer personal data collected by the Seller about the Customers and to receive them in a structured form, to file a complaint to the supervisory authority in a situation where the Customer believes that his data are processed unlawfully, and to bring a legal action before the court against the supervisory authority as against the entity committing violations.
9. In the case of obtaining information by the Seller on the use by the Customer of the service provided electronically in contravention of these Terms of Service or applicable laws (unauthorized use), the Seller may process the Customer’s personal data to the extent necessary to determine the liability of the Customer.
10. The Service may store http queries, and in connection with this inquiries may be stored in server log files certain information, including the IP address of the computer from which the inquiry was received, the name of the Client’s station – identification via the http protocol, if possible, the date and time of registration in the Store and receipt of the inquiry, the number of bytes sent by the server, the URL of the site previously visited by the Client, if the Client came via a link, information about the Client’s browser, information about errors that occurred during the http transaction. Logs can be collected as material for proper administration of the Store. Only persons authorized to administer the computer system have access to the information. Log files may be analyzed in order to prepare statistics of traffic in the Store and errors that occur. Summary of such information does not identify the Customer.
11. Transfer of Customers’ personal data to third countries will take place in accordance with the requirements introduced by RODO.
§ 2. INFORMATION SECURITY
1. The Seller applies technical and organizational measures to ensure the protection of processed personal data referred to in Articles 25,30, 32-34, 35-39 of the RODO, ensuring increased protection and safety of processing of Customers’ personal data, appropriate to the threats and categories of protected data, and in particular technically and organizationally secures the data against unauthorized access, taking by an unauthorized person, processing in violation of the Act, and against change, loss, damage or destruction, inter alia SSL (Secure Socket Layer) certificates are used. The collection of collected personal data of Customers is stored on a secure server and the data is also protected by internal procedures of the Seller on personal data processing and information security policy.
2. To log into an Account, it is necessary to provide a login and password. To ensure an adequate level of security, the password to access the Account exists in the Store only in encrypted form. Moreover, registration and logging into an Account takes place in a secure https connection. Communication between the client’s device and servers is encrypted using SSL protocol.
3. The Seller also points out that the use of the Internet and services provided electronically may be associated with specific ICT risks, such as: the presence and operation of Internet worms (worm), spyware or malware, including computer viruses, as well as the possibility of being exposed to cracking or phishing (password hunting), and others. In order to obtain detailed and professional information on maintaining security on the Internet, Seller recommends consulting entities specializing in this type of IT services.
§ 3 COOKIES
2. Seller uses two types of cookies: session cookies, which are deleted permanently at the end of the session of the Client’s browser and with the consent of the Client, expressed through the settings of the browser permanent cookies, which remain after the end of the browser session on the Client’s device until they are deleted.
3. Based on cookies, both session and persistent, it is not possible to determine the identity of the Customer. Cookies mechanism does not allow you to collect any personal data.
4. Cookies Shop are safe for your device, in particular they do not allow the penetration to the device of viruses or other software.
5. The files generated directly by the Store can not be read by other services. External cookies (i.e. cookies placed by Seller’s partners, with the prior consent of the Customer by selecting the appropriate settings in the browser) can be read by an external server.
6. The Customer may disable the storage of Cookies on their device, in accordance with the instructions of the browser manufacturer. Disabling by the Customer of persistent cookies and external cookies can not, however, make part or all of the functions of the Shop unavailable.
8. Seller uses External Cookies, subject to paragraph 15, for the following purposes: to create statistics (anonymous) to optimize the usefulness of the Store, through analytical tools such as Google Analytics; to use interactive features through social networking sites: Facebook, Google+, YouTube and Instagram.
9. The Customer can independently change the settings for Cookies at any time, specifying the conditions for their storage, through the settings of your web browser or by configuring the service. The Customer may also independently delete Cookies stored on his device at any time, in accordance with the instructions of the browser manufacturer.