1. GENERAL PROVISIONS
1.1. The administrator of personal data collected through the Online Store is Biuro Techniczne Tadeusz Kwaśny ul. Ukryta 293, 43-384 Jaworze, e-mail address: firstname.lastname@example.org, conducting business activity and entered into the Central Register and Information on Economic Activity operated by the minister of economy, NIP 5470164090, REGON 070010372, hereinafter referred to as the “Administrator” and being at the same time the Service Provider of the Online Store and the Seller.
1.2. The personal data of the Service Recipient (Client) is processed in accordance with the Act of 29 August 1997 on the protection of personal data (Journal of Laws No. 133 item 883 as amended) and the Act of 18 July 2002 on the provision of services by electronic means (Journal of Laws No. 144 item 1204 as amended).
1.3. The Administrator processing the data protects the interests of data subjects with particular care, and in particular ensures that: the data is processed in accordance with the applicable law, the data is collected for specified and legitimate purposes and not further processed in a way inconsistent with the intended purposes, the data is relevant and adequate to the purposes for which it is processed, and the data is kept in a form which permits identification of the data subjects, no longer than it is necessary for the purposes for which they are processed.
1.4. Any words, expressions and acronyms found on this page starting with a capital letter (e.g. Seller, Online Store, Electronic Service) are to be understood in accordance with their definitions contained in the Terms and Conditions of the Online Store, which is available at the following address: http://www.kwasnycarvings.com
2. PURPOSE AND SCOPE OF DATA COLLECTION
2.1. The purposes of collecting data by the Administrator are:
2.1.1. to establish, shape the contents, change, perform or terminate a contractual relationship between the Service Provider (Seller) and the Service Recipient (Client) involving the provision of Electronic Services by the Online Store or the conclusion and fulfilment of the Agreement of the sale of Products as well as the delivery of the products to the Client;
2.1.2. direct marketing of the Administrator's own products or services.
2.2. Recipients of personal data:
2.2.1. In the case of Clients, who use the method of delivery by mail, courier or pallet, the Administrator discloses the collected personal data of the Clients, within the scope and for the duration necessary to make the delivery, to the selected carrier or agent responsible for performing the deliveries at the request of the Administrator.
2.2.2. In the case of Clients, who use electronic payments or payments by card, the Administrator discloses the collected personal data of the Clients, within the scope and for the duration necessary to make the payments, to the selected settlement agent responsible for handling the above payments in the Online Store.
2.3. The Administrator processes the following personal data of the Service Recipients (Clients): name and surname, e-mail address, contact telephone number; address (street, house number, premises number, postal code, town). In the case of Service Recipients (Clients), who are not at the same time consumers, the Administrator additionally processes the company name and tax identification number (NIP).
2.4. Providing the personal data mentioned in Section 2.3 is necessary to provide Electronic Services by the Service Provider as part of the Online Store or to conclude an Agreement of the sale of Products. Each time the range of required personal data is also specified in the Terms and Conditions of the Online Store as well as before beginning to provide the specified Electronic Service or concluding an Agreement for the sale of Products on the Online Store website.
3. COOKIES AND OPERATIONAL DATA
3.1. Cookies are small pieces of text information in the form of text files, sent by the server and saved on the side of the user who is visiting the Online Store website (e.g. on the hard drive of a computer, laptop or on smartphone's memory card – depending on which device you use when visiting our Online Store). Detailed information regarding Cookies as well as their history can be found, for example, here: http://pl.wikipedia.org/wiki/Ciasteczko.
3.2. The Service Provider processes data found in the Cookies while visitors are using the Online Store website, for the following purposes:
3.2.1. identifying Service Recipients as logged into the Online Store and showing that they are logged in;
3.2.2. remembering Products added to the cart in order to place an Order;
3.2.3. remembering data from filled out Order Forms, surveys, or data provided when logging into the Online Store;
3.2.4. adapting the content of the Online Store website to the individual preferences of the Service Recipient (e.g. concerning colour, size of font, website layout) as well as optimizing the use of the Online Store website;
3.2.5. conducting anonymous statistics presenting the ways in which the Service Recipients use the Online Store website and studying their needs, excluding personal identification of the Service Recipients.
3.4. The web browser Cookie settings are important in terms of consent to use Cookie files by our Online Store – according to the law, such consent may also be expressed through the web browser settings.
3.5. Detailed information regarding changes to Cookie settings and deleting Cookies on your own in the most popular web browsers is available in the help section of the web browser and on the websites listed below (just click the appropriate hyperlink):
· Chrome web browser
· Firefox web browser
· Internet Explorer web browser
· Opera web browser
· Safari web browser
3.6. The Service Provider also processes anonymized operational data (so-called logs – IP address, domain) to generate statistics which help in administering the Online Store. This data has a consolidated and anonymous nature, i.e. it does not contain characteristics which identify the persons visiting the Online Store. These logs are not disclosed to third parties.
4. BASIS FOR DATA PROCESSING
4.1. Providing personal data by the Service Recipient/Client is voluntary, however, not providing the personal data specified in the Terms and Conditions, which is necessary to conclude an Agreement of sale or an Agreement of the provision of electronic services, results in the refusal to conclude such agreements. The personal data required to conclude an Agreement of sale or an Agreement of the provision of electronic services is also indicated each time on the Online Store website.
4.2. The basis for processing personal data of the Service Recipient /Client is a necessity to perform the agreement, to which the Service Recipient /Client is a party, or to take action on his/her request before concluding the agreement. In the case of processing data for the purpose of direct marketing of the Administrator's own products or services, the basis for such processing is consent expressed by the Service Recipient /Client.
5. RIGHT TO CONTROL, ACCESS AND AMEND THE CONTENT OF PERSONAL DATA
5.1. The Service Recipient has the right to access and amend his/her personal data.
5.2. Every person has the right to control the processing of his/her personal data contained in the database of the Administrator, in particular he/she has the right to: demand the data to be completed, updated, rectified, demand the processing of the data to be temporarily or permanently suspended or demand the data to be erased, if it is incomplete, out-of-date, untrue or if it has been collected with violation of the law, or if it is no longer required for the purpose for which it has been collected.
5.3. In the case of processing data for the purpose of direct marketing of the Administrator's own products or services, the person whom the data relates to is also entitled to submit a written, justified demand to stop processing his/her personal data due to his/her particular situation and to object to processing such data.
5.4. In order to exercise the rights referred to above it is possible to use the options of the Account or to send appropriate information by electronic mail to the following address: email@example.com, or to send it in writing to the address of the Administrator.
6. FINAL PROVISIONS
6.2. The Administrator uses technical and organisational measures to protect the personal data being processed, in a way appropriate to the risks and the category of data under protection, and in particular protects the data against its unauthorised disclosure, takeover by an unauthorised person, processing with violation of the applicable law, any change, loss, damage or destruction.
6.3. The Service Provider makes available the following technical measures designed to prevent the acquisition and modification of the personal data sent by electronic means by unauthorised people:
6.3.1. The protection of the database against unauthorised access.
6.3.2. Access to the Account only after providing an individual login and password.