Privacy policy

§1 General Provisions

1. This document is an annex to the Terms and Conditions. By using our services, you entrust us with your information. This Privacy Policy serves only as an aid in understanding what information and data are collected, for what purpose, and how we use them. This data is very important to us, so we kindly ask you to carefully review this document as it outlines the principles and methods of processing and protecting personal data. This document also specifies the rules for the use of "Cookies."
2. We hereby declare that we comply with the principles of personal data protection and all legal regulations provided for by the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
3. A person whose personal data is processed has the right to contact us to obtain comprehensive information on how we use their personal data. We always strive to clearly inform about the data we collect, how we use it, for what purposes it is intended, to whom we transfer it, what protection we provide for this data when transferring it to other entities, and we provide information about institutions to contact in case of doubts.
4. The Service applies technical measures such as: physical data protection measures, hardware measures for IT and telecommunications infrastructure, software and database protection measures, and organizational measures to ensure adequate protection of processed personal data, in particular protecting personal data from disclosure to unauthorized third parties, acquisition by an unauthorized person, and use for unknown purposes, as well as accidental or intentional alteration, loss, damage, or destruction of such data.
5. Under the terms specified in the Terms and Conditions and this document, we have exclusive access to the data. Access to personal data may also be entrusted to other entities through which payments are made, which collect, process, and store personal data in accordance with their Terms and Conditions, and entities responsible for order fulfillment. Access to personal data is granted to the aforementioned entities to the extent necessary and only to the extent that ensures the performance of services.
6. Personal data is processed only for the purposes for which you have given consent by clicking on the appropriate fields in the form provided on the Service or in another explicit manner. The legal basis for processing your personal data is your consent to data processing or the requirement to perform a service (e.g., ordering a Product) that you have ordered from us (pursuant to Article 6(1)(a) and (b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - GDPR).

§2 Privacy Principles

1. We take privacy seriously. We are characterized by respect for privacy and the fullest possible and guaranteed convenience in using our services.
2. We value the trust that Users place in us by entrusting us with their personal data for the purpose of order fulfillment. We always use personal data fairly and in a manner that does not betray this trust, only to the extent necessary for order fulfillment, including its processing.
3. The User has the right to obtain clear and comprehensive information about how we use their personal data and for what purposes it is needed. We always clearly inform about the data we collect, how and to whom we transfer it, and provide information about entities to contact in case of doubts, questions, or comments.
4. In case of doubts regarding our use of the User’s personal data, we will promptly take action to clarify and resolve such doubts, fully and comprehensively addressing all related questions.
5. We will take all reasonable actions to protect Users’ data from improper and uncontrolled use and to secure it comprehensively.
6. The Data Controller of your personal data is Kacper Nieć, conducting business under the name Kacper Nieć, with its registered office at ul. Księcia Witolda 49/15, 50-202 Wrocław, NIP: 7171841566, REGON: 527125920, email address: contact@pradem.eu. For matters related to the processing of personal data, please contact us via the provided email address or by mail at the registered office address. We ensure that we take all measures to protect your personal data and provide comprehensive information regarding their processing.
7. The legal basis for processing your personal data is Article 6(1)(b) GDPR. Providing data is not mandatory but necessary to undertake appropriate actions prior to concluding a contract and its execution. We will transfer your personal data to other recipients entrusted with processing personal data on our behalf and for our benefit. Your data will be transferred based on Article 6(1)(f) GDPR, where the legitimate interest is the proper performance of contracts/orders. Additionally, we will share your personal data with other business partners. The collected personal data is stored within the European Economic Area (“EEA”), but it may also be transferred to a country outside this area and processed there. Each operation of transferring personal data is performed in accordance with applicable law. If data is transferred outside the EEA, we apply standard contractual clauses and the Privacy Shield as safeguards in relation to countries for which the European Commission has not determined an adequate level of data protection.
8. Your personal data related to the conclusion and execution of contracts will be processed for the duration of their execution, and also for a period not longer than provided for by legal regulations, including the provisions of the Civil Code and the Accounting Act, i.e., no longer than 10 years, counting from the end of the calendar year in which the last contract was executed.
9. Your personal data processed for the purpose of concluding and executing future contracts will be processed until an objection is raised.
10. You have the right to: access your personal data and receive a copy of the personal data being processed, correct your inaccurate data; request the deletion of data (the right to be forgotten) in cases provided for in Article 17 GDPR; request the restriction of data processing in cases specified in Article 18 GDPR, object to data processing in cases specified in Article 21 GDPR, and transfer provided data processed in an automated manner.
11. If you believe that your personal data is being processed unlawfully, you may file a complaint with the supervisory authority (Office for Personal Data Protection, ul. Stawki 2, Warsaw). If you need additional information related to personal data protection or wish to exercise your rights, please contact us by mail at the correspondence address.
12. We make every effort to protect against unauthorized access, unauthorized modification, disclosure, and destruction of information in our possession. In particular:
a) We control methods of collecting, storing, and processing information, including physical security measures, to protect against unauthorized system access.
b) We grant access to personal data only to those employees, contractors, and representatives who need to have access to it. Furthermore, under the contract, they are obliged to maintain strict confidentiality, allow us to audit and verify how they fulfill their entrusted duties, and may face consequences for failing to meet these obligations.
13. We will comply with all applicable data protection laws and regulations and cooperate with data protection authorities and authorized law enforcement agencies. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, principles of social coexistence, and established customs.
14. The detailed method of personal data protection is included in the personal data protection policy (DPP: security policy, personal data protection regulations, IT system management instructions). For security reasons, due to the procedures described therein, it is available for inspection only to state supervisory authorities.
15. If you have questions about how we handle personal data, we invite you to contact us through the page from which the user was redirected to this Privacy Policy. The request for contact will be promptly forwarded to the appropriate designated person.
16. The User always has the right to notify us if:
a) they no longer wish to receive information or messages from us in any form;
b) they wish to receive a copy of their personal data in our possession;
c) they wish to correct, update, or delete their personal data in our records;
d) they wish to report a violation, improper use, or processing of their personal data.
17. To facilitate our response or handling of the provided information, please provide your name and further details.

§3 Scope and Purpose of Collecting Personal Data

1. We process necessary personal data for the purpose of providing services and for accounting purposes, and only for such purposes, i.e.:
a) to place an order,
b) to conclude a contract, file a complaint, and withdraw from a contract,
c) to issue a VAT invoice or other receipt.
d) to monitor traffic on our websites;
e) to collect anonymous statistics to determine how users use our website;
f) to determine the number of anonymous users of our websites;
g) to control how often selected content is displayed to users and which content is most frequently viewed;
h) to control how often users choose a particular service or from which service contact is most frequently made;
i) to study newsletter subscriptions and contact options;
j) to use a personalized e-commerce recommendation system;
k) to use a tool for communication, both via email and subsequently by phone;
l) to integrate with social media platforms;
m) for potential online payments.
2. We collect, process, and store the following user data:
a) name and surname,
b) residential address,
c) delivery address (if different from the residential address),
d) tax identification number (NIP),
e) email address,
f) phone number (mobile, landline),
g) date of birth,
h) PESEL number,
i) information about the web browser used,
j) other personal data voluntarily provided to us.
3. Providing the above data is entirely voluntary but also necessary for the full performance of services.
4. The purpose of collecting, processing, or using data by us:
a) direct marketing, archival purposes of advertising campaigns;
b) fulfilling obligations imposed by law by collecting information about adverse actions;
5. We may transfer personal data to servers located outside the user’s country of residence or to affiliated entities, third parties based in other countries, including those within the EEA (European Economic Area, EEA – a free trade zone and Common Market, including European Union countries and the European Free Trade Association EFTA) for the processing of personal data by such entities on our behalf in accordance with the provisions of this Privacy Policy and applicable laws, customs, and data protection regulations.
6. We store your personal data no longer than necessary for the proper quality of service and, depending on the method and purpose of their acquisition, we store them for the duration of the service and after its completion for the purposes of:
a) fulfilling obligations arising from legal provisions, tax, and accounting regulations;
b) preventing abuse or crime;
c) statistical and archival purposes.
d) Marketing activities – for the duration of the contract, with separate consent for processing such data – until the completion of transaction-related activities, your objection to such processing, or withdrawal of consent.
e) Pre-sales and promotional activities – e.g., contests, promotional campaigns – for the duration and settlement of such activities.
f) Operational activities – until the expiration of obligations imposed by the GDPR Regulation and relevant national regulations, to demonstrate diligence in processing personal data.
g) Pursuing any claims related to the executed contract;
7. Considering that in many countries to which this personal data is transferred, the same level of legal data protection as in the user’s country does not apply. Access to the user’s personal data stored in another country may be obtained, for example, by courts, authorities responsible for law enforcement and national security, in accordance with the regulations applicable in that country. Subject to lawful requests for disclosure, we undertake to require entities processing personal data outside the user’s country to take measures to protect the data in a manner adequate to their national law.

§4 Cookies Policy

1. We automatically collect information contained in cookies to gather User data. A cookie is a small piece of text sent to the User’s browser, which the browser sends back during subsequent visits to the website. They are mainly used to maintain sessions, e.g., by generating and sending a temporary identifier after logging in. We use “session” Cookies stored on the User’s end device until they log out, close the website, or turn off the web browser, and “persistent” Cookies stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
2. Cookies adapt and optimize the website and its offer to the needs of Users through activities such as creating page view statistics and ensuring security. Cookies are also necessary to maintain a session after leaving the website.
3. The Administrator processes data contained in Cookies each time the website is visited by visitors for the following purposes:
a) optimizing the use of the website;
b) identifying Service Recipients as currently logged in;
c) adapting graphics, selection options, and any other website content to the individual preferences of the Service Recipient;
d) remembering automatically and manually entered data from Order Forms or login data provided by the visitor;
e) collecting and analyzing anonymous statistics showing how the website is used in the administrative panel and Google Analytics;
f) creating remarketing lists based on information about preferences, behavior, usage, and interests on the Website and collecting demographic data, then sharing these lists in AdWords and Facebook Ads.
g) creating data segments based on demographic information, interests, and preferences in selecting viewed products/services.
h) using demographic data and interest data in Analytics reports.
4. The User can, at any time, completely block and delete the collection of Cookies using their web browser.
5. Blocking the ability to collect Cookies on the User’s device may hinder or prevent the use of certain website functionalities, to which the User is fully entitled but must be aware of the functional limitations in such a case.
6. A User who does not want Cookies to be used for the purposes described above can delete them manually at any time. To learn about the detailed procedure, please visit the website of the manufacturer of the web browser currently used by the User.
7. More information about Cookies is available in the help menu of each web browser. Examples of web browsers that support the mentioned “Cookies”:
a) Cookie settings in Internet Explorer
b) Cookie settings in Chrome
c) Cookie settings in Firefox
d) Cookie settings in Opera
e) Cookie settings in Safari
f) Cookies in Android
g) Cookies in Blackberry
h) Cookies in iOS (Safari)
i) Cookies in Windows Phone

§5 Rights and Obligations

1. We have the right, and in cases specified by law, also a legal obligation, to provide selected or all information concerning personal data to public authorities or third parties who submit such a request for information based on applicable Polish law.
2. The User has the right to access the content of their personal data provided, the User can correct and supplement this data at any time, and also has the right to request its deletion from their databases or cessation of its processing, without providing any reason. To exercise their rights, the User can send an appropriate message to the email address or in any other way that delivers/transmits such a request.
3. The processing of personal data of individuals who are our clients is based on:
a) the legitimate interest of the data controller (e.g., for creating a database, analytical and profiling activities, including activities related to the analysis of product usage, direct marketing of own products, securing documentation for defense against potential claims or for pursuing claims);
b) consent (including, in particular, consent to email marketing or telemarketing);
c) execution of a concluded contract;
d) obligations arising from the law (e.g., tax law or accounting regulations).
4. The processing of personal data of individuals who are potential clients is based on:
a) the legitimate interest of the data controller (e.g., for creating a database, direct marketing of own products);
b) consent (including, in particular, consent to email marketing or telemarketing).
5. A User’s request to delete personal data or cease its processing may result in the complete inability to provide services or their significant limitation.
6. We place particular emphasis on the issue of profiling and indicate that:
a) for profiling purposes, we typically process data that has previously been encrypted with SSL;
b) we use typical data for this: email address and IP or cookies;
c) we profile to analyze or predict the personal preferences and interests of individuals using our Services or products or services and to tailor the content on our Services or products to these preferences;
d) we profile for marketing purposes, i.e., tailoring marketing offers to the aforementioned preferences.
7. We undertake to act in accordance with applicable legal regulations and principles of social coexistence.
8. Information on out-of-court consumer dispute resolution. The authorized entity within the meaning of the Act on Out-of-Court Consumer Dispute Resolution is the Financial Ombudsman, whose website address is as follows: www.rf.gov.pl.

§6 Basic Security Principles

1. Every user should take care of their own data security and the security of their devices used to access the Internet. Such a device should absolutely have an antivirus program with an up-to-date, regularly updated database of virus definitions, types, and variants, a secure version of the web browser used, and an enabled firewall. The user should check whether the operating system and installed programs have the latest and compatible updates, as attacks exploit vulnerabilities found in installed software.
2. Access credentials to services offered on the Internet – e.g., logins, passwords, PINs, electronic certificates, etc. – should be secured in a place inaccessible to others and impossible to hack from the Internet. They should not be disclosed or stored on the device in a form that allows unauthorized access and reading by unauthorized persons.
3. Caution should be exercised when opening unfamiliar attachments or clicking on links in unexpected emails, e.g., from unknown senders or from the spam folder.
4. It is recommended to enable anti-phishing filters in the web browser, i.e., tools that check whether a displayed website is authentic and not used for phishing, e.g., by impersonating a person or institution.
5. Files should only be downloaded from trusted sources, services, and websites. We do not recommend installing software from unverified sources, especially from unknown publishers with unverified reputations. This also applies to mobile devices, e.g., smartphones, tablets.
6. When using a home Wi-Fi wireless network, a password should be set that is secure and difficult to crack, it should not be any pattern or sequence of characters that is easy to guess (e.g., street name, host’s name, date of birth, etc.). It is also recommended to use the highest possible Wi-Fi encryption standards that can be activated on the equipment, e.g., WPA2.

§7 Use of Social Media Plugins

1. Plugins, so-called plug-ins, for social media platforms such as facebook.com and Twitter, and others, may be present on our websites. The services related to them are provided by Facebook Inc. and Twitter Inc., respectively.
2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. To view Facebook plugins, go to: https://developers.facebook.com/docs/plugins
3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view Twitter plugins, go to: https://dev.twitter.com/web/tweet-button
4. The plugin only transmits to its provider information about which of our websites you accessed and at what time. If, while viewing or staying on our website, the user is logged into their account on, e.g., Facebook or Twitter, the provider can link your interests, information preferences, and other data obtained, e.g., by clicking the Like button, leaving a comment, or entering a profile name in searches. This information will also be transmitted by the browser directly to the provider.
5. More detailed information on the collection and use of data by Facebook or Twitter and on privacy protection can be found on the following pages:
a) Data protection/privacy advice issued by Facebook: http://www.facebook.com/policy.php
b) Data protection/privacy advice issued by Twitter: https://twitter.com/privacy
6. To avoid having a visit to a selected user account recorded by Facebook or Twitter on our website, you must log out of your account before starting to browse our websites.

The owner of all material copyrights to the template of this policy is the LEGATO Law Firm, which has granted a non-exclusive and non-transferable right to use this document for purposes related to its own commercial activity on the Internet and extends legal protection to the aforementioned document for the duration of the agreement. Copying and disseminating the template of this document without the consent of the LEGATO Law Firm is prohibited and may result in both criminal and civil liability. Online sellers can learn more about the possibility of using the privacy and cookies policy template at http://www.kancelaria-legato.pl

Country/region

Language

Privacy policy