PRIVACY AND COOKIES POLICY
This document defines the privacy rules in the Online Store https://kacperglobal.pl/ (hereinafter referred to as the “Online Store”). The data administrator in the Online Store is KACPER GLOBAL sp.z o.o., ul. Partyzantów 4, 42-300 Myszków, NIP: 5771976084, KRS number 0000470314, firstname.lastname@example.org
- Personal data collected by the Administrator are processed on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / WE (hereinafter referred to as GDPR), the current act on the protection of personal data and the act of 18 July 2002 on the provision of electronic services (Journal of Laws 2002 No. 144 item 1204 as amended).
- The administrator collects information provided voluntarily by the Customers of the Online Store. However, providing marked personal data is a condition for placing an order, while failure to do so will result in the inability to order products in the store. The store will collect the following customer data: surname, first name, e-mail address, telephone number, address for delivery of goods.
- In addition, the Administrator may save information about connection parameters, such as IP addresses, for technical purposes related to server administration and to collect general, statistical demographic information (e.g. about the region from which the connection takes place), as well as for security purposes.
- The Administrator makes special efforts to protect the privacy and information provided to him regarding the Customers of the Online Store. The administrator with due diligence selects and applies appropriate technical measures, including programming and organizational measures, ensuring the protection of the data being processed, in particular, protects the data against unauthorized disclosure, disclosure, loss and destruction, unauthorized modification, as well as against their processing in violation of applicable law.
- Personal data will be processed in accordance with the principles of art. 5 (GDPR).
Personal data will be:
- processed lawfully, fairly and in a transparent manner for the data subject (“lawfulness, fairness and transparency”);
- collected for specific, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes is not recognized in accordance with Art. 89 sec. 1 GDPR for inconsistent with the original purposes (“purpose limitation”);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”);
- correct and, where necessary, kept up to date (“correctness”);
- kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed; personal data may be stored for a longer period as long as they are processed solely for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 sec. 1 GDPR, subject to the implementation of the appropriate technical and organizational measures required by this Regulation to protect the rights and freedoms of data subjects (“storage limitation”);
- processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organizational measures (“integrity and confidentiality”).
- As part of the Administrator’s use of tools supporting his current activity provided, for example, by Google, the Customer’s Personal Data may be transferred to a country outside the European Economic Area, in particular to the United States of America (USA) or another country where the entity cooperates with it maintains tools for the processing of Personal Data in cooperation with the Administrator.
- The basis for the processing of the Customer’s personal data is primarily the need to perform the contract to which he is a party or the need to take action at his request before its conclusion (Article 6 (1) (b) of the GDPR).
- After expressing a separate consent, pursuant to art. 6 sec. 1 lit. a) GDPR, data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for direct marketing purposes – in connection with art. 10 sec. 2 of the Act of July 18, 2002 on the provision of electronic services or art. 172 sec. 1 of the Act of July 16, 2004 – Telecommunications Law.
- For other purposes, the Customer’s personal data may be processed on the basis of:
- applicable law – when processing is necessary to fulfill the legal obligation incumbent on the Administrator, e.g. when on the basis of tax or accounting regulations, the Administrator settles concluded sales contracts (Article 6 (1) (c) of the GDPR);
- indispensability for purposes other than those listed above, resulting from legitimate interests pursued by the Administrator or by a third party, in particular to establish, investigate or defend claims, conduct correspondence with customers, also via contact forms (including replying to customer messages), market and statistical analyzes (Article 6 (1) (f) of the GDPR).
- Personal data processed for purposes related to the implementation of purchases will be processed for the period necessary to carry out purchases and orders, after which the data subject to archiving will be stored for the period appropriate for the limitation of claims. Personal data processed for marketing purposes covered by the consent declaration will be processed until the consent is revoked.
Recipients of personal data
- The recipients of the Buyer’s data may be entities performing the order at the request of the Seller and dealing with its service: mail order companies, accounting companies, suppliers of goods, IT solution providers, payment processing companies, banks, companies providing marketing services, storage service providers, telecommunications service providers, law firms. legal, authorized state bodies.
Your rights in the protection of personal data
1.Due to the voluntary nature of providing your personal data, you have the right
- access to your personal data (Article 15 of the GDPR);
- rectify your personal data (Article 16 of the GDPR);
- delete your personal data (“the right to be forgotten” – Article 17 of the GDPR);
- restrictions on the processing of your personal data (Article 18 of the GDPR);
- transferring your personal data (art. 20 GDPR);
- for objection -art. 21 GDPR);
- If it is found that the processing of personal data violates the provisions of the GDPR, you have the right to lodge a complaint with the President of the Office for Personal Data Protection.
- The consent to the processing of personal data may be withdrawn at any time. Withdrawal of consent to data processing does not affect the lawfulness of data processing carried out by the Administrator on the basis of consent before its withdrawal.
Breach of personal data protection
- In the event of a breach of personal data protection, the Administrator, without undue delay, no later than 72 hours after finding the breach – reports it to the supervisory body – (the President of the Personal Data Protection Office), unless it is unlikely that the breach would result in a risk of breach of rights or the freedom of individuals. The Administrator attaches an explanation of the reasons for the delay to the notification submitted to the supervisory authority after 72 hours. If the breach of personal data protection may result in a high risk of violation of the rights or freedoms of natural persons, the Administrator shall notify the data subject of such breach without undue delay.
- When browsing the websites of the Online Store, “cookies” are used, i.e. small text information that is saved on the Customer’s end device in connection with the use of the Online Store. Their use is aimed at the correct operation of the Online Store websites.
- The “cookies” used by the Administrator are safe for the Customer’s devices. In particular, it is not possible for viruses or other unwanted software or malware to enter the Customer’s devices in this way. These files allow to identify the software used by the Customer and adjust the Online Store individually to each Customer. Cookies usually contain the name of the domain they come from, their storage time on the device and the assigned value.
- The administrator uses three types of “cookies”:
- Session cookies: they are stored on the Online Store Customer’s device and remain there until the end of the browser session. The saved information is then permanently deleted from the memory of the Online Store Customer’s device. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the Customer’s device of the Online Store.
- Persistent cookies: they are stored on the Online Store Customer’s device and remain there until they are deleted. Ending a browser session or turning off the device does not delete them from the Online Store Customer’s device. The mechanism of persistent cookies does not allow the collection of any personal data or any confidential information from the Customer’s device of the Online Store.
- “Analytical” cookies enable better understanding of the Customer’s interaction with regard to the Store’s content and better organize its layout. “Analytical” “cookies” collect information on the manner of using the Store by the Customer, the type of page from which the Customer was redirected, and the number of visits and the time of the Customer’s visit to the Store’s website. This information does not record specific personal data of the Service Recipient, but is used to develop statistics on the use of the Store.
- Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the manner in which the Customer uses the Online Store. For this purpose, information about the Customer’s navigation path or the time spent on a given page may be retained.
- In terms of information about the Customer’s preferences collected by the Google advertising network, the Customer may view and edit information resulting from “cookies” using the tool: https://www.google.com/ads/preferences/.
- The Customer may independently and at any time change the settings for “cookies”, specifying the conditions for their storage and access to the Customer’s device via “cookies”. Changes to the settings referred to in the previous sentence can be made by the Customer using the web browser settings or by using the service configuration. These settings can be changed in particular in such a way as to block the automatic handling of “cookies” in the web browser settings or to inform about their every posting on the Customer’s device. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
- To learn how to manage cookies, including how to disable them in your browser, you can use your browser’s help file. You can read the information on this subject by pressing the F1 key in the browser. In addition, relevant tips can be found on the following subpages, depending on the browser you use:
Internet Explorer / Microsoft Edge
- The customer may at any time delete “cookies” using the functions available in the web browser he uses:
- Limiting the use of “cookies” may affect some of the functionalities available on the website of the Online Store.
October 30, 2020