§ 1 General provisions
1. The administrator, i.e. the entity deciding about the purposes and means of processing personal data isVenetia Limited Liability Company with its registered office at ul. Wichrowa 7, 05-090 Raszyn, registered in the National Court Register under the number KRS 0000793101, NIP 5342603230, REGON 383773053.
2.The administrator has appointed a Personal Data Protection Inspector, who can be contacted regarding the protection and processing of your personal data at the following e-mail address: email@example.com or in writing to the address of the head office, indicated in point 1.
§ 2 The basis for the processing of personal data
1. Personal data is processed by the Administrator in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC.
2. Providing personal data is voluntary, but necessary to complete the order and deliver the ordered product. Failure to provide the data results in the inability to place an order.
3. The processing of personal data is based on:
a) the legitimate interest of the administrator,
b) consent of the data subject,
c) performance of the concluded contract,
d) fulfillment of legal obligations.
§ 3 Purpose of processing personal data
1. Personal data are processed by the administrator for purposes related to the conclusion and implementation of sales contracts and the registration of transactions.
2. Personal data will be processed for the following purposes:
a) conclusion and performance of contracts with the Administrator’s contractors (legal basis: Article 6 (1b) of the GDPR) – for the duration of the contract and settlements after its completion;
b) taking action before concluding the contract, i.e. conducting negotiations, preparing an offer, verifying data – the legal basis of art. 6 sec. 1 b) GDPR;
c) fulfillment of legal obligations incumbent on the Administrator, e.g. issuing or storing invoices and other accounting documents, answering complaints (legal basis: Article 6 (1c) of the GDPR) – for the period of time which the law requires to store data,
d) on the basis of the need to process data to implement the legitimate interest of the administrator: establishing, defending and pursuing claims (legal basis: Article 6 (1f) of the GDPR) – for the period after which the claims are time-barred,
e) direct marketing (legal basis: Article 6 (1f) of the GDPR) – for the duration of the contract or until an objection is raised,
f) in other cases, personal data are processed only on the basis of previously granted consent in the scope and for the purpose specified in the consent (Article 6 (1a) of the GDPR) – for the period from granting consent to its withdrawal.
§ 4 Recipients of personal data
1. Personal data may be made available to other entities if such an obligation will result from legal provisions or from the implementation of the purpose for which the data was provided.
2. Personal data may also be accessed by entities processing data on behalf of the controller (processors) in cases where it is necessary to achieve the purpose of personal data processing.
3. The administrator declares that he uses the services of proven entities, known on the local market and guaranteeing data security.
4. Personal data may be transferred to the following recipients or categories of recipients: entities providing IT, technical, accounting, legal, advisory services, document destruction and archiving services, entities conducting postal or courier activities.
5. Personal data may be transferred to third countries (outside the countries belonging to the European Union) in connection with the ordered delivery of products.
§ 5 Rights related to the processing of personal data
1. The customer, has the right to:
a) access your personal data and receive a copy thereof;
b) to rectify (correct) your personal data;
c) restrictions on the processing of personal data;
d) to transfer personal data;
e) deletion of personal data,
f) the right to withdraw consent to the processing of data at any time, if personal data are processed on the basis of consent.
2. In the case of the implementation of the right referred to in paragraph 1, please contact the Personal Data Protection Inspector in the manner specified in § 1 para. 2.
3. If personal data is processed contrary to applicable law, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.
§ 6 Cookies in the online store
2. Cookies are used for the following purposes:
a) adjusting the content of the website to the Customer’s preferences and optimizing the use of the website;
b) creating statistics to improve the functionality of the website and its structure;
c) ensuring the security of services provided electronically;
d) maintaining the client’s session after logging in;
f) facilitating the browsing of the website resources.
§ 7 Final Provisions
2. The law applicable to these Regulations is Polish law.