I. General provisions
II. Purpose and scope of data collection
III. Right of controll, access and rectification
V. Final provisions
I. GENERAL PROVISIONS
1. The administrator of personal data collected via the www.ManufakturaChodzieska.pl store is Dariusz Kepka doing business under the name DARIUSZ KEPKA CENTRUM CERAMIKI I TECHNOLOGII registered in the Business Activity Central Register and Information Record (CEIDG) operated by the Ministry of Economy of the Republic of Poland, principal place of business and address for service: : os. Cechowe 27/28, 64‑840 Budzyń, tax identification number NIP: 7660012421, statistical number REGON: 570134779, email address: sklep@ManufakturaChodzieska.pl, hereinafter referred to as the "Administrator" and being also a Service Provider.
2. The Data Administrator appointed the Data Protection Officer, whose function in the Business Activity is Kamil Kępka. Address os. Cechowe 27 28, 64 840, Poland.
II. PURPOSE AND SCOPE OF DATA COLLECTION
1. 1. Personal data will be processed for the purpose of shopping in our online store, direct marketing related to your own products and services, carried out in the traditional (paper) form, constituting the so‑called the legitimate interest of the entrepreneur. Data for these purposes will be processed on the basis of art. 6 par. 1 lit. b), c) and f) of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (GDPR).
2. After expressing separate consent, pursuant to art. 6 par. 1 lit. a) GDPR data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for direct marketing purposes ‑ respectively in connection with art. 10 par. 2 of the Act of 18 July 2002 on the provision of electronic services or art. 172 par. 1 of the Act of 16 July 2004 ‑ Telecommunications Law, including those managed as a result of profiling, provided that the user has given appropriate consent.
3. In case of order delivery, personal data may be made available to postal operators or carriers only for the purpose of delivering the order. Transaction data, including personal data, may be transferred to the electronic payment operator, chosen by the Customer in the process of placing the Order, to the extent necessary to handle payment for the Order. Personal data processed for purposes related to the purchase will be processed for the period necessary to complete the purchase and order, after which the data subject to archiving will be stored for the period appropriate for the expiration of claims ( 10 years). Personal data processed for marketing purposes covered by the consent statement will be processed until the consent is revoked.
4. If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the General Inspector for Personal Data Protection (after 25 May 2018 ‑ the President of the Office for Personal Data Protection).
5. Providing personal data is voluntary, however it is necessary to provide personal data which is marked in order to make a successful order placement. If marked information are not provided, the order will be not processed.
6. Personal data will also be processed in an automated way in the form of profiling, however the user has to agree on the basis of art. 6 par. 1 lit. a) GDPR. The consequence of profiling will be the assignment of a profile to a given person in order to take decisions regarding that person or to analyze or predict personal preferences, behaviors and attitudes.
7. The administrator takes special care to protect the interests of the data subjects, and in particular ensures that the data collected are:
- processed in accordance with the law,
- collected for marked, legitimate purposes and not subject to further processing incompatible with those purposes,
- substantively correct and adequate in relation to the purposes for which they are processed and stored in a form allowing identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.
III. RIGHT OF CONTROLL, ACCESS AND RECTIFICATION
1. The data subject has the right to access their personal data and the right to rectify, delete, limit the processing, the right to data transfer, the right to raise objections, the right to withdraw consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal.
2. In order to exercise the rights referred to in point 1, you can send an appropriate e‑mail to the following address: sklep@ManufakturaChodzieska.pl.
2. Cookies are essential for the provision of electronic services via the website. Cookies, especially those requiring the User’s additional authorisation, contain information that is necessary for the proper functioning of the website.
3. The website uses three main types of cookies: “session” cookies, “persistent” cookies and “analytical” cookies.
- “Session” cookies are temporary files which are stored on the User’s end‑device until they log out (leave the website).
- “Persistent” cookies remain stored on the User’s device until deleted manually or automatically after a set period of time.
- “Analytical” cookies provide information on how individual Users interact with www.ManufakturaChodzieska.pl and are used to improve the performance of the website. “Analytical” cookies collect information about how Users use the website, what type of website referred the User to ManufakturaChodzieska.pl, the frequency of visits and the time of each visit. All User data is collected anonymously and used solely for statistical analysis of website use.
4. User can adjust cookie permissions via options in their browser settings. More detailed information about cookie management with specific web browsers can be found in the browsers’ respective settings.
V. FINAL PROVISIONS
1. The Data Controller shall implement all necessary technical and organisational security measures to safeguard the data during processing ensuring a level of security appropriate to the nature of the data to be protected and, in particular, protect the data against unauthorised access, takeover, processing in violation of the Act, alteration, loss, damage or destruction.
2. The Service Provider takes appropriate technical measures to safeguard the electronic personal data against unauthorised interception or modification.