(valid from July 21, 2020)
I. GENERAL PROVISIONS
1. The administrator of personal data collected via theartofridingstore.com Store is Anna Guzik-Kornacka, who conducts business under the name The Art of Riding Store Anna Guzik-Kornacka entered into the Central Register and Information on Economic Activity of the Republic of Poland kept by the minister responsible for economy, address of the place of business: ul. Poludniowa 4; 05-807 Żółwin, Poland, NIP: 9482460643, REGON: 147126721, e-mail address: email@example.com, hereinafter referred to as the "Administrator" and being also the Service Provider.
II. PURPOSE AND SCOPE OF DATA COLLECTION
1. Personal data will be processed in order to make purchases in our online store, direct marketing regarding own products and services, carried out in a traditional (paper) form, constituting the so-called legitimate interest of the entrepreneur. Data for these purposes will be processed on the basis of art. 6 sec. 1 lit. b), c) and f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC ( GDPR).
2. After giving a separate consent, pursuant to Art. 6 sec. 1 lit. a) GDPR, data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for direct marketing purposes - in connection with art. 10 sec. 2 of the Act of July 18, 2002 on the provision of electronic services or art. 172 sec. 1 of the Act of July 16, 2004 - Telecommunications Law, including those directed as a result of profiling, provided that the user has given the appropriate consent.
3. If it is necessary to deliver the order, personal data may be made available to postal operators or carriers solely for the purpose of delivering the order.
4. Personal data processed for purposes related to the implementation of purchases will be processed for the period necessary to carry out purchases and orders, after which the data subject to archiving will be stored for the period appropriate for the limitation of claims, ie 6 years. Personal data processed for marketing purposes covered by the consent declaration will be processed until the consent is revoked.
5. If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.
6. Providing personal data is voluntary, however, providing marked personal data is a condition for placing an order, and failure to do so will result in the inability to order products in the store.
7. Personal data will also be processed in an automated manner in the form of profiling, provided that the user agrees to it pursuant to art. 6 sec. 1 lit. a) GDPR. The consequence of profiling will be assigning a profile to a given person in order to make decisions about him or to analyze or predict his preferences, behaviors and attitudes.
8. The administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are:
Processed in accordance with the law,
Collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes,
Factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing.
III. THE RIGHT TO CONTROL, ACCESS AND CORRECT OWN DATA
1.The data subject has the right to access their personal data and the right to rectify, delete, limit processing, the right to transfer data, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
2. In order to exercise the rights referred to in point 1, you can send an appropriate e-mail to the following address: firstname.lastname@example.org
1. The Service Provider's Store uses "cookies". No change in the browser settings on the part of the Customer is tantamount to consenting to their use.
2. The installation of "cookies" is necessary for the proper provision of services in the Store. The "cookies" files contain information necessary for the proper functioning of the Store, in particular those requiring authorization.
3. The Store uses three types of "cookies": "session", "permanent" and "analytical".
4. "Session" cookies are temporary files that are stored on the User's end device until logging out (leaving the Store).
5. "Permanent" cookies are stored in the Customer's end device for the time specified in the parameters of "cookies" or until they are deleted by the Customer.
6. "Analytical" cookies enable better understanding of the Customer's interaction with regard to the Store's content, and better organize its layout. "Analytical" "cookies" collect information on the manner in which the Customer uses the Store, the type of page from which the Customer was redirected, and the number of visits and the duration of the Customer's visit to the Store's website. This information does not record specific personal data of the Service Recipient, but is used to develop statistics on the use of the Store.
We use marketing tools such as Facebook Pixel to target you and other Facebook users with personalized advertising. This is related to the use of Facebook cookies. As part of the cookie settings, you can decide whether you consent to our use of Facebook Pixel in your case or not.
7. The Service Recipient has the right to decide on the access of "cookies" to his computer by selecting them in his browser window. Detailed information on the possibilities and ways of handling cookies is available in the software (web browser) settings.
V. FINAL PROVISIONS
1.The administrator uses technical and organizational measures to ensure the protection of personal data being processed, appropriate to the threats and categories of data protected, and in particular, protects the data against unauthorized disclosure, removal by an unauthorized person, processing in violation of applicable laws and change, loss, damage or destruction.
2. The Service Provider provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.