Administrator of Personal Data
The Administrator of Personal Data of the Online Shop’s Customers is Czarnocki, Jeżak Pragmatic Studio General Partnership with its headquarters in Warsaw, address: Marszałkowska 58, 00-545 Warsaw, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, XII Commercial Division of the National Court Register under NCR number (KRS): 0000802219, TIN: 7010943698, REGON no.: 384283581 (hereinafter referred to as „Administrator”).
The Administrator can be contacted by e-mail: [email protected] or in writing: Czarnocki, Jeżak Pragmatic Studio Sp.j., Marszałkowska 58, 00-545 Warsaw.
Rules of processing personal data
The Administrator processes personal data of Customers according to provisions of GDPR.
The Administrator uses technical and organizational measures, required by provisions of the EU legislation, which guarantee security of the processed personal data and protection of the personal data against sharing them with unauthorized individuals, taking possession of them by unauthorized individuals, processing while violating the provisions as well as against altering, losing or destroying them.
The Administrator declares that the provision of those personal data, which have been marked as required in the Online Shop, is voluntary, but necessary to use the website, create and use the Customer Account as well as to place and complete orders.
Customers can grant their consent to receive commercial information from the Administrator, for instance by means of digital communication, and to use their telecommunication end-devices for marketing purposes. Granting the above consents is voluntary and isn’t required to complete orders or use the Customer Account in the Online Shop.
Purposes and legal bases for processing personal data
Personal Data of Customers shall be processed for the following purposes:
- using the Customer Account in the Online Shop (art. 6 sec. 1 let. b GDPR),
- completing orders in the Online Shop (art. 6 sec. 1 let. b GDPR),
- using the Newsletter (art. 6 sec. 1 let. b GDPR),
- direct marketing of own services and products, except for the newsletter, which is a legitimate interest of the Administrator (art. 6 sec. 1 let. f GDPR),
- replying to messages sent via the online chat (art. 6 sec. 1 pt. a) GDPR, that is, the consent granted by initiating contact),
- completing the product claim process or terminating the agreement (art. 6 sec. 1 let. b GDPR),
- analytical research, particularly one based on studying and analysing traffic on our website to collect statistics, which is a legitimate interest of the Administrator (art. 6 sec. 1 let. f GDPR),
- archiving (evidence) in case of a legal requirement to demonstrate facts, which is a legitimate interest of the Administrator (art. 6 sect. 1 let. f GDPR),
any action of establishing, investigating or defending against claims that are the execution of a legitimate interest of the Administrator (art. 6 sec. 1 let. f GDPR).
Period of keeping personal data
Customer data shall be kept for the following periods:
- data required to use the Customer Account – for the duration of using it in the Online Shop and not longer than until the Customer requests their deletion,
- data related to the completion of orders – for the period of 5 years from the end of the year, in which a given sales transaction was completed, unless keeping the data for longer is justified by the limitation period,
- using the Newsletter– until the subscription is cancelled,
- data related to the execution of marketing activities – until and objection is reported,
- data related to replying to enquiries– until correspondence is completed or withdrawal of the granted consent is executed, unless keeping the data for longer is justified by a superior interest of the Administrator, such as defence against possible claims,
- data related to the completion of the product claim process or agreement termination – for the period of 5 years from the end of the year, in which the claim was processed or the agreement terminated,
- collecting statistics– until an objection is reported, however, not longer than for the period of 50 months from the date of Customer’s last activity on the website,
- archiving purposes– for the period required to complete this purpose,
- establishing, investigating or defending against claims – for the period required to complete this purpose.
Categories of Personal Data
The Administrator collects, processes and keeps the following Customer data:
- related to the creation of Customer Accounts: e-mail, name and surname, address, telephone, and in the case of entrepreneurs, TIN and the name of a company;
- related to the placement of orders: mail, name and surname, address, telephone, and in the case of entrepreneurs, TIN and the name of a company;
- related to a message sent via the online chat: e-mail, name and surname and telephone number;
- related to the use of the newsletter: name and e-mail.
While using the Online Shop, the Administrator automatically collects and keeps information such as: IP address, URL address, device ID, time spent on individual sites, browser type, browser language, date and time of using the website, screen resolution, type and version of the operating software, and other information of similar nature.
The Online Shop uses tiny files called cookies. They are saved on the end-device of the person visiting our Online Shop, if his or her browser has permission to store them.
Cookie files are IT data, in particular text files, which are kept on the end-device of Customers allowing them to use the Online Shop. Cookies usually contain the name of the website, from which they originate, storage time on the end-device and a unique number.
Cookie files are used for the following purposes:
- recognizing the device used by a Customer to display the website content properly,
- creating statistics that help understand how Customers use websites, which aids in improving their structure and content,
- maintaining the current session of the Online Shop’s Customer. Thanks to that, Customers don’t have to sign into their accounts on every subsite of our website,
- adjusting content and functionality of the Online Shop by assigning a randomly chosen, anonymous tracking ID, which allows the Administrator to check e.g. where the Customer comes from, what browser the Customer has used, what link the Customer has clicked, what key phrases the Customer has entered and at what time the Customer has stopped using the Online Shop,
- collecting general and anonymous data to complete marketing activities via remarketing lists, which allows for advertising content adjusted to the Customer’s preferences to be displayed.
Internet browsers usually allow storing cookie files on the Customer’s end-device as a default option. Customers can change these settings. An Internet browser allows for deleting the stored cookie files and also for blocking them automatically. Detailed information about this is included in the help section or the user manual of the Internet browser.
The Online Shop employs marketing and analytical tools of other providers, who use cookie files in the Online Shop. Providers of those tools are first and foremost Google LLC (Google Analytics, Google Tag Manager), Facebook Inc. (Facebook Pixel) and Hotjar Ltd. (HotJar). More information about cookie files of the above-mentioned entities can be found in their privacy policies. Some of the above-mentioned providers can store Customers’ data outside of the European Economic Area. In such instances, Customers’ data shall be transferred only to countries that provide an adequate degree of protection (pursuant to the Executive Decision of the European Commission of 12 July 2016 concerning the introduction of the Privacy Shield), and to countries, which don’t provide an adequate level of protection, only if they provide adequate safety measures, including e.g. standard contract clauses accepted by the European Commission.
Customers’ personal data can be shared with entities that process them for the Administrator on the basis of agreements. They can also be shared with entities authorized to obtain personal data pursuant to the provisions of the law.
In order to execute the agreement entered into via the Online Shop and to make sure that the Store works correctly, the Administrator shares personal data of Customers, in particular with entities that provide the following services:
- electronic payments,
- IT and software provision,
- newsletter and online chat,
- marketing in the form of Online Shop support.
Customers have the right to access their data, request their rectification, deletion, or limitation of their processing. To the extent to which the basis for processing personal data is a prerequisite of a legitimate interest of the Administrator, Customers have the right to object to the processing of their personal data.
To the extent to which the basis for processing Customers’ personal data is their consent, they have the right to withdraw it. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
To the extent to which the basis for processing Customers’ personal data is the conclusion and execution of the concluded Agreement or processing is carried out on the basis of consent – Customers also have the right to transfer their personal data i.e. to receive their personal data from the Administrator in a structured and commonly-used, machine-readable format. Customers can transmit those data to another administrator of data.
The Customer also has the right to lodge a complaint with a supervisory authority responsible for the protection of personal data.