§1 PERSONAL DATA
1.1. Personal data provided by the Client shall be processed by the Seller. The Seller, i.e. Anna Kukuła, pursuing business activity under the name Umimono Anna Kukuła, address: Plac Grunwaldzki 8/8, 50-384 Wrocław, Poland, Tax Identification Number NIP: 8992515489, National Business Registry Number REGON: 022301055, is the personal data collector, in accordance with the provisions.
1.2. The scope of processed personal data is determined by the scope of data completed by the Client and sent to the Seller by means of a relevant form. The processing of Client’s personal data may pertain to his/her e-mail address, first and last name, delivery address, phone number, and computer IP address.
1.3. Personal data of the Client shall be processed for the following purposes: (a) execution of legal provisions, (b) execution of the Order, provision of services by electronic means, examination of filed complaints and other actions as specified in the Terms of Service, (c) promotional and commercial actions of the Seller.
1.4. Providing the personal data is voluntary, but the lack of consent to process personal data marked as obligatory shall prevent the Seller from performing services and Sales Agreements.
1.5. The legal basis for processing personal data in the case referred to in clause 1.3(a) is the statutory authorization to process data which are essential to act in accordance with the law, whereas in the case referred to in clause 1.3(b) it is the statutory authorization to process data which is necessary to perform an agreement if a data subject is a party to such agreement, or if it is essential for undertaking certain actions prior to conclusion of the agreement upon request of the data subject, while in the case referred to in clause 1.3(c) it is voluntary consent of the Client.
1.6. Personal data of Clients may be transferred for processing only for the purpose of performance of Sales Agreements and agreements for the provision of services by electronic means by the Seller to a company providing hosting of the Store infrastructure, a company providing accounting services to the Seller, a company providing the Newsletter service and a carrier. Personal data collected by the Seller may also be disclosed to: competent state bodies upon their request on the basis of relevant provisions of law, or other persons and entities—in the cases prescribed in the provisions of law.
1.8. The Client shall have the right to control the processing of the data which refer to him/her and are included in databases, in particular, the right to:
1.8.1 access his/her personal data, complement and correct them by filing a relevant request with the Seller;
1.8.2 request temporary or permanent suspension of their processing or their removal if they are incomplete, invalid, inaccurate, or if they were collected in violation of the law, or they become unnecessary to realize the purpose for which they were collected;
1.8.3 object the processing of his/her personal data—in the cases prescribed in the legal provisions—and the right to request their removal if they become unnecessary to realize the purpose for which they were collected.
1.9. If the Seller is advised that the Client uses the service provided by electronic means in a manner violating the Terms of Service or applicable provisions of law (unauthorized use), then the Seller may process personal data of the Client in the scope required for establishing the liability of the Client.
1.10. The Store may store http enquiries, therefore the files containing web server logs may store certain data, including the IP address of the computer sending the enquiry, the name of Client’s station—identification through http protocol, if possible, date and system time of entry into the Store and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the user before if the Client has entered the Website through a link, information concerning user’s browser, information concerning errors occurred during realization of the http transaction. Web server logs may be collected as material for the purposes of proper administration of the Store. Only persons authorized to administer the IT system shall have access to data. Files containing web server logs may be analyzed for the purposes of preparing statistics concerning traffic in the Store and occurring errors. Summary of such details shall not identify particular Clients.
§2 INFORMATION SECURITY
2.1. The Seller shall apply technological and organizational means in order to secure the processing of personal data corresponding to threats and the category of data to be secured, in particular, through technical and organizational means the Seller shall secure data against publishing to unauthorized persons, taking over by an unauthorized person, processing in violation of the law and change, loss, damage or destruction; among others the SSL (Secure Socket Layer) certificates shall be applied. The set of Clients’ personal data shall be collected and stored on a secured server; moreover, the data shall be secured by Seller’s internal procedures related to the processing of personal data and information security policy.
2.2. At the same time, the Seller states that using the Internet and services provided by electronic means may pose specific teleinformatic threats, such as: presence and operation of worms, spyware or malware software, including computer viruses, as well as possibility of being exposed to cracking or phishing (fishing passwords) and other. In order to obtain detailed and professional information related to security in the Internet, the Seller recommends taking advice from entities specializing in such IT services.
3.2. The Seller shall use two types of Cookies: session cookies, which are permanently deleted upon the closing of the session of the Client’s browser, and permanent cookies, which remain on the Client’s device after closing the session until they are deleted.
3.3. It is not possible to identify the Client on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collecting any personal data.
3.4. Cookies used in the Store are safe for the Client’s device, in particular, they prevent viruses or other software from breaking into the device.
3.5. Files generated directly by the Store may not be read by other Internet services. Third-Party Cookies (i.e. Cookies provided by associates of the Seller) may be read by an external server.
3.6. The Client may disable storing Cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the Store.
3.7. The Seller shall use own Cookies provided by Shoplo sp. z o.o. with its registered office in Warsaw for the following purposes: authenticating the Client in the Store and preserving Client’s session; configuration of the Store and adjusting the content of pages to Client’s preferences, such as: recognizing Client’s device, remembering settings set up by the Client; Cookies ensuring security of data and use of the Store; analyses and researches of views; advertisement services.
3.8. The Seller shall use third-party Cookies for the following purposes: preparing statistics (anonymous) for the purposes of optimizing the functionality of the Store by means of analytic tools such as Google Analytics; using interactive functions by means of social networks: Facebook.com; Pinterest.com; Instagram.com; Plus.Google.com.
3.9. The Client may individually change the Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The Client may also individually delete Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.
3.10. Details concerning Cookies support are available in the settings of the browser used by the Client.