Privacy policy and cookies

§ 1
PRIVACY POLICY

  1. The administrator of Personal Data collected in connection with the use of the Website is Beata Ludwin, running a business under the name: P55 Mirrors Beata Ludwin with its registered office in Toruń at ul. Zygmunta Krasińskiego no. 21/23, apt. 53, 87-100 Toruń, NIP: 5771943311, REGON: 340825591, hereinafter referred to as: "Administrator".

  2. Respecting your rights as data subjects and respecting applicable law, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), hereinafter referred to as: "GDPR", the Act of May 10, 2018 on the protection of personal data (i.e. Journal of Laws of 2019 . item 1781), hereinafter referred to as the "GDPR" and other relevant provisions on the protection of personal data, we commit ourselves to maintaining the security and confidentiality of the personal data obtained from you.

  3. In matters related to the processing of your data by the Administrator, you can contact using the above data:

    1. email: [email protected];

    2. telephone number: +48 792604403;

    3. address: P55 Mirrors Beata Ludwin, ul. Krasińskiego 21-23/53, 87-100 Toruń.

  4. The Website collects the following personal data:

    1. Name and surname;

    2. Home address;

    3. e-mail address;

    4. Telephone number;

    5. Business name;

    6. Registered address for business;

    7. Delivery address;

    8. Tax identification number of business;

    9. Bank account number.

  5. Providing the data indicated in the preceding point is necessary in the following cases:

    1. when making a purchase on the Website using the Order Form,

    2. while registering in the Client base,

    3. in order to submit a complaint or in the scope of other claims related to purchases on the Website.

  6. Each of you as a person using our online Store has the option of choosing whether and to what extent you want to use our services and share information and data about yourself to the extent specified in this Privacy Policy.

  7. Your personal data is processed in order to:

    1. setup and manage a User Account or Accounts;

    2. provide support for the User's Account and transactions, including solving technical problems;

    3. adjust the content displayed in the properties of the Website or the properties of third-party services based on Users' activity;

    4. contact Users, including for purposes related to the provision of services, User service, through available communication channels, in particular e-mail and telephone;

    5. fulfill contracts concluded under the sales contract with Users on the Website;

    6. handle complaints and requests from Users;

    7. provide support for payment services, execute of commission payments for transactions on the Website.

  8. In accordance with the principle of minimization, we process only those categories of personal data that are necessary to achieve the goals referred to in the preceding sentence.

  9. We process personal data for the time necessary to achieve the purposes listed in the preceding point. Personal data may be processed for a period longer than indicated in the preceding sentence, if such a right or obligation imposed on the Personal Data Administrator results from specific legal provisions or when the service we provide is continuous.

  10. The source of the Personal Data processed by the Administrator are the data subjects.

  11. Your personal data is not transferred to a third country within the meaning of the provisions of the GDPR.

  12. We do not share any personal data with third parties without the express consent of the data subject. Personal data without the consent of the data subject may be made available only to public law entities, i.e. authorities and administration authorities (e.g. tax authorities, law enforcement authorities and other entities authorized by generally applicable laws).

  13. Personal data may be entrusted for processing to entities processing such data for our company as the Personal Data Administrator. In such a situation, as the Personal Data Administrator, we conclude a personal data processing agreement with the processing entity. The processing entity processes the entrusted personal data, but only for the needs, to the extent and for the purposes indicated in the entrustment agreement referred to in the preceding sentence. Without entrusting your personal data for processing, we would not be able to conduct our business as part of the online Store or deliver parcels with ordered Products to you. As the Personal Data Administrator, we entrust personal data for processing to the following entities:

    1. providing hosting services for the Website on which our online Store operates,

    2. providing postal, courier and transport services for the purpose of delivering parcels with ordered Products,

    3. providing other services to us as the Administrator of personal data that are necessary for the current functioning of the online Store.

  14. Personal data may also be processed in an automated manner in the form of profiling, provided that the User agrees to it according to art. 6 sec. 1 lit. a) GDPR. The consequence of profiling will be assigning a profile to the User in order to make decisions concerning him or her, or to analyze or predict their preferences, behaviour and attitudes.

  15. In accordance with the provisions of the GDPR, each person whose personal data we process as the Personal Data Administrator has the right to:

    1. being informed about the processing of personal data referred to in art. 12 of the GDPR - the Administrator is obliged to provide you, as the persons whose data will be processed, with the information specified in the GDPR (including about your data, purposes and legal grounds for the processing of personal data, recipients or categories of recipients of personal data, if any, or about the period by which the data will be processed or about the criteria for determining this period); this obligation should already be fulfilled at the moment of obtaining the data, and if the data are not obtained from the data subject but from another source, within a reasonable period of time, depending on the circumstances; the Administrator may refrain from providing this information if the data subject already has it;

    2. access to own personal data referred to in art. 15 of the GDPR - by providing us with personal data, you have the right to inspect and access them. You have the right to know what your data is and for what purpose we process it, and the right to obtain a copy of your personal data, with the first copy being issued free of charge, and for each subsequent copy, in accordance with the provisions of the GDPR, we charge an appropriate administrative fee corresponding to the cost of making a copy,

    3. correct, supplement, update, rectify personal data referred to in art. 16 of the GDPR - if your personal data has changed, please inform us as the Personal Data Administrator about this fact, so that the data we have is consistent with the actual state and up-to-date; also in a situation where there has been no change in personal data, but for any reason these data are incorrect or have been stored incorrectly (e.g. as a result of a typographical error), please inform us in order to correct or rectify such data,

    4. deletion of data (the right to be forgotten), referred to in art. 17 of the GDPR - in other words, you have the right to request the "deletion" of the data held by us as the Personal Data Administrator. You can request the deletion of your personal data primarily when:

      1. the purposes for which the personal data were collected have been achieved, e.g. we have fully implemented the sales contract concluded with you,

      2. the basis for the processing of your personal data was only your consent, which was then withdrawn and there are no other legal grounds for further processing of your personal data,

      3. you have filed an objection pursuant to Art. 21 of the GDPR and you believe that we do not have any overriding legal grounds to further process your personal data,

      4. your personal data has been processed unlawfully, i.e. for unlawful purposes or without any basis for processing personal data - please remember that in this case you must have a basis for your request,

      5. the need to delete your personal data results from the law,

      6. personal data concern a minor and have been collected in connection with the provision of information society services,

    5. restriction of processing referred to in art. 18 GDPR - you can contact our company with a request to limit the processing of your personal data if:

    6. you contest the accuracy of your personal data, or

    7. you believe that we are processing your data without a legal basis, but at the same time you do not want us to delete this personal data, or

    8. you have filed an objection referred to in point g) of this point, or

    9. your personal data is needed to establish, pursue or defend claims, e.g. in court,

    10. transfer of data referred to in art. 20 GDPR - you have the right to obtain your data in a format that allows reading this data on a computer and the right to send this data in such a format to another administrator; you have this right only if the basis for the processing of your data was consent or the data was processed automatically,

    11. object to the processing of personal data, as referred to in art. 21 of the GDPR - you have the right to object if you do not agree to the processing of personal data by us, which we have so far processed for legitimate purposes in accordance with the law; in particular, the right to object applies to the processing of your personal data for the purposes of direct marketing,

    12. not to be subject to profiling referred to in art. 22 in relation to art. 4 point 4 of the GDPR - on our Website you will not be subject to automated decision making or profiling within the meaning of the GDPR, unless you consent to it; additionally, we will always inform you about profiling, should it take place,

    13. file a complaint with the supervisory body (i.e. the President of the Personal Data Protection Office), referred to in art. 77 of the GDPR - if you believe that we are processing your personal data unlawfully or in any way violate the rights arising from generally applicable provisions of law in the field of personal data protection.

  16. With regard to the right to delete data (the right to be forgotten), we would like to point out that, in accordance with the provisions of the GDPR, you do not have the right to exercise this right if:

    1. the processing of personal data is necessary for our company to fulfill its legal obligations resulting from the regulations - we cannot delete your data for the period necessary to fulfill the obligations (e.g. tax) imposed on us by law,

    2. the processing of your data is carried out for the purpose of investigating, establishing or defending claims.

  17. If you wish to exercise your rights referred to in the preceding point, please send a message by e-mail to the e-mail address or in writing to the correspondence address, in accordance with the data indicated in point. 3 above.

  18. Each identified case of a security breach is documented, and in the event of one of the situations specified in the provisions of the GDPR or the Act, the data subjects and, if applicable, the President of the Data Protection Office are informed about such a breach of the provisions on the protection of personal data.

§ 2
COOKIES

I. DEFINITIONS

  1. Cookies - IT data, small text files, saved and stored on Devices through which the User uses the Administrator's website.

  2. Device - an electronic device through which the User gains access to the Administrator's website

  3. User - means an entity for which, in accordance with the Regulations and legal provisions, electronic services may be provided or with whom an Agreement for the provision of electronic services may be concluded.

II. USING COOKIE FILES

  1. The Administrator uses Cookies via the Website.

  2. The information collected on the basis of Cookies is used for the purpose of proper optimization of the operation of the Website, as well as to improve the experience of the User when using the Website.

  3. Cookie files record the activity of the Website User by recognizing the Device, thanks to which the Website is displayed in a manner optimized to the User's individual preferences.

  4. The solutions used on the Website are safe for Users' Devices using the Administrator's Website.

  5. The Administrator makes use of two types of Cookie files:

    1. Session cookies: these are files that are stored on the User's Device and remain there until the end of the browser session. The saved information is then permanently deleted from the Device's memory. The mechanism of session cookies does not allow downloading any personal data or any confidential information from the User's Device.

    2. Persistent cookies: they are stored on the User's Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not delete them from the Device. The mechanism of persistent cookies does not allow downloading any personal data or any confidential information from the User's Device.

III. WAYS TO DETERMINE THE CONDITIONS OF STORING OR OBTAINING ACCESS TO COOKIES

  1. The use of cookies to collect data through them, including access to data stored on the User's device, requires the User's consent. This consent may be withdrawn at any time.

  2. The User has the option of limiting or disabling the access of Cookies to his Device. If you use this option, the use of the Administrator's website will be possible, except for functions that by their nature require cookies.

  3. The User may independently and at any time change the settings for Cookies, specifying the conditions for their storage and access by Cookies to the User's Device. Changes to the settings referred to above can be made by the User using the web browser settings or using the service configuration. These settings can be changed in particular in such a way as to block the automatic handling of Cookies in the web browser settings or to inform about each time they are placed on the Device. Detailed information on the possibilities and ways of handling Cookies are available in the software (web browser) settings.

  4. Permission is not required only in the case of Cookies, the use of which is necessary to provide telecommunications services (data transmission to display content).

  5. Withdrawal of consent to the use of cookies is possible through the browser settings. Detailed information on this can be found at the following links:

    1. Microsoft Edge : https://support.microsoft.com/pl-pl/microsoft-edge/usuwanie-plik%C3%B3w-cookie-w-przegl%C4%85darce-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09 ;

    2. Mozilla Firefox: http://support.mozilla.org/pl/kb/ciasteczka ;

    3. Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647 ;

    4. Opera: http://help.opera.com/Windows/12.10/pl/cookies.html ;

    5. Safari: https://support.apple.com/kb/PH5042?locale=en-GB .

  6. Restricting the use of cookies may affect some of the functionalities available on the Administrator's website.

§ 3
FINAL PROVISIONS

  1. The administrator uses technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular protects data against unauthorized access, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction .

  2. The administrator provides appropriate technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.

  3. In matters not covered by this Privacy Policy, the relevant provisions of generally applicable law, including the GDPR and the Act, shall apply accordingly.

  4. The privacy policy is verified on an ongoing basis and, if necessary, updated, in particular in the event of changes in the law affecting its content.

  5. Changes to the Privacy Policy come into force on the day of their announcement on the Website.