privacy policy

ONLINE STORE PRIVACY POLICY 

www.affiche.pl

The owner of the Online Store Marcin Dziedzic, taking into account the trust of customers, stores their data with the greatest care and maintaining security standards, protecting them against unauthorized interference. For this purpose, the Privacy Policy has been created, which presents the rules that are applied in the field of collecting, processing and using the data of the Online Store Customers. This document is informative and does not constitute a source of obligations for the Online Store Customers or Service Recipients.

  1. INFORMATION COLLECTED AND HOW IT IS USED
    1. The store undertakes to protect personal data in accordance with applicable law.
    2. Customer data will be processed, stored and secured in accordance with applicable law, and Customers of the Online Store www.affiche.pl have the right to inspect their data, as well as to correct them and to stop using them.
    3. The www.affiche.pl Online Store requires the Customer to provide a minimum of data necessary for the correct execution of the order. This information will not be shared, lent or sold to third parties.
    4. In order to complete the order, it is necessary to provide some customer data to the courier company or other suppliers. This is the data needed to complete the delivery, and the companies performing it are obliged to use this data only to carry out an efficient delivery process.

  1. COOKIES
    1. A cookie is a text file that is saved on the Customer's computer disk using a web browser. The "cookie" file is not used to collect the Customer's personal data, therefore it is not possible to identify the Customer based on its content.
    2. The customer, using the HELP function located on the menu bar of most web browsers, will obtain information on how to prevent the browser from accepting new cookies, how to set the browser to inform about the fact of receiving new cookies and how to completely disable the ability to store cookies cookies on your hard drive.
    3. Web browser settings in the field of Cookies are important from the point of view of consent to the use of Cookies by the Online Store - in accordance with the regulations, such consent may also be expressed through the web browser settings. In the absence of such consent, the web browser settings should be changed accordingly
      in the field of Cookies.
    4. If cookies are disabled, some functions or services of the www.affiche.pl Online Store may not work properly.
    5. The www.affiche.pl Online Store also processes anonymized operational data related to the use of the Online Store (IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features identifying people visiting the Online Store website. These data are not disclosed to third parties.

  1. EXTERNAL LINKS
    1. The www.affiche.pl Online Store may contain links to other websites and is not responsible for the rules of confidentiality and privacy policy applicable on these other websites. Please exercise caution when leaving the store and read the privacy statements on any other website.

  1. CHANGE OF PRIVACY POLICY
    1. The privacy policy may change. Any changes to the Privacy Policy will be posted on this page. 
    2. If you have any additional questions or concerns regarding this Privacy Policy, please contact us by email: affiche.contact@gmail.com

  1. PROCESSING OF PERSONAL DATA 

Having regard to the principles of personal data protection resulting from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /WE (General Data Protection Regulation - GDPR), below we present the most important information related to the collection
and processing personal data of Customers and Service Recipients of the Online Store www.affiche.pl.

    1. ADMINISTRATOR

The administrator of personal data is Marcin Dziedzic running a business activity entered into the Central Register and Information on Business Activity under the name: Marcin Dziedzic, with the address of the place of business: Krasków 71A, 46-00 Kluczbork, gm. Kluczbork, Kluczbork poviat, province. Opolskie, NIP 7511786324 , REGON 522549147 , e-mail address: affiche.contact@gmail.com, telephone number: +48 531317562. The administrator processes personal data in accordance with applicable regulations and with appropriate technical and organizational measures that meet the requirements of Polish law.

    1. CATALOG OF DATA COLLECTED BY THE AFFICHE.PL ONLINE STORE
  • first name and last name;
  • address of residence, correspondence address;
  • Phone number;
  • e-mail adress;
  • bank account number (in case of return).

The personal data indicated above are collected when using the online store www.affiche.contact@gmail.com  as a Service Recipient or Customer. Personal data is collected through:

  • registration in the Online Store when creating a Customer Account;
  • verification and identification, among others when logging in;
  • execution of orders placed via the Online Store;
  • sending e-mails about the willingness to place an order;
  • telephone call and willingness to place an order in the Online Store;
  • commenting on products by submitting opinions or commenting on blog entries;
  • using the functionality of the Online Store.

    1. PURPOSE OF COLLECTING AND PROCESSING PERSONAL DATA
  • Using the functionality of the Online Store (including: creating an account, logging in to it and using it).
  • Placing and processing orders in the Online Store.
  • Sending information about changes to the Terms and Conditions.
  • Handling the complaint process.
  • Sending commercial information by electronic means - if the Customer gives separate consent.
  • Correspondence with the client.
  • Information about promotions.
  • Conducting competitions.
  • Preparation of accounting documentation, including issuing invoices.
  • Implementation of other obligations arising from the provisions of generally applicable law.

    1. LEGAL BASIS FOR PROCESSING PERSONAL DATA
    • article 6 sec. 1 lit. a) GDPR - in the case of consent to receive commercial information;
    • article 6 sec. 1 lit. b) GDPR - in a situation where data processing is necessary to perform the contract,
    • article 6 sec. 1 lit. c) GDPR - in a situation where processing is necessary to fulfill the legal obligation incumbent on the Administrator, 
    • article 6 sec. 1 lit. f) GDPR - when data processing is necessary for purposes arising from legitimate interests pursued by us or by a third party.

    Providing personal data is voluntary, however, failure to provide personal data or their incomplete provision may prevent the use of the functionality of the Online Store.
    In particular, without providing all data, the contract may not be concluded.

      1. OTHER RECIPIENTS OF PERSONAL DATA

    Personal data of Service Recipients and Customers of the Online Store may be transferred to the following recipients or categories of recipients:

      • carriers / forwarders / courier brokers - in the case of a customer who uses
        in the Online Store from the method of delivery of the Product by post or courier, the Administrator provides the Customer's collected personal data to the selected carrier, forwarder or intermediary performing shipments at the request of the Administrator to the extent necessary to complete the delivery of the Product to the Customer;
      • entities servicing electronic payments or by payment card - in the case of a Customer who uses the Online Store with the method of electronic payments or by payment card, the Administrator provides the Customer's collected personal data to the selected entity servicing the above payments in the Online Store at the request of the Administrator
        to the extent necessary to handle payments made by the Customer;
      • creditors / lessors - in the case of a Customer who uses the Online Store with the method of payment in installments or leasing payments, the Administrator provides the Customer's collected personal data to the selected lender or lessor handling the above payments in the Online Store at the request of the Administrator to the extent necessary to handle payments made by customer;
      • service providers supplying the Administrator with technical, IT and organizational solutions, enabling the Administrator to run a business,
        including the Online Store and the Electronic Services provided through it (in particular, computer software providers to run the Online Store, e-mail and hosting providers, and software providers for company management and technical assistance to the Administrator) - The Administrator provides the collected personal data of the Customer to a selected supplier operating on its order only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this privacy policy;
      • providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (in particular an accounting office, law firm or debt collection company) - the Administrator provides the collected personal data of the Customer to a selected supplier acting on his behalf only in the case and to the extent necessary to complete the given the purpose of data processing in accordance with this privacy policy.

        1. PERIOD OF STORAGE OF PERSONAL DATA 

      Personal data collected in connection with the use of the Online Store (also by placing orders) will be stored for the period in which their processing is necessary to comply with the obligation of financial reporting (tax settlements). Personal data that was obtained as a result of consent to receive commercial information will be stored for a period of 10 years.

        1. RIGHTS OF THE DATA SUBJECT 
        • The right to access, rectify, limit, delete or transfer - the data subject has the right to request from the Administrator access to their personal data, rectification, deletion ("the right to be forgotten") or limitation of processing and has the right to object to processing, and has the right to transfer his data. Detailed conditions for the exercise of the above-mentioned rights are indicated in art. 15-21 of the GDPR Regulation.
        • The right to withdraw consent at any time - a person whose data is processed by the Administrator on the basis of consent (pursuant to art. 6 par. 1 letter a) or art. 9 sec. 2 lit. a) of the GDPR Regulation), she has the right to withdraw her consent
          at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
        • The right to lodge a complaint to the supervisory body - the person whose data is processed by the Administrator has the right to lodge a complaint to the supervisory body in the manner and mode specified in the provisions of the GDPR Regulation and Polish law, in particular the Act on the Protection of Personal Data. The supervisory authority in Poland is the President of the Office for Personal Data Protection.
        • Right to object - the data subject has the right to object at any time - for reasons related to his particular situation - to the processing of personal data concerning him based on art. 6 sec. 1 lit. e) (public interest or tasks) or f) (legitimate interest of the administrator), including profiling based on these provisions. In this case, the administrator is no longer allowed to process this personal data, unless he demonstrates the existence of valid legally justified grounds for processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims.
        • The right to object to direct marketing - if personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him or her for such marketing, including profiling, to the extent that
          to which the processing is related to such direct marketing.

        In order to exercise the rights referred to in this point of the privacy policy, you can contact the Administrator by sending an appropriate message in writing or by e-mail to the Administrator's address indicated at the beginning of the privacy policy.

        In the event of receiving from a natural person a request to access their personal data, rectify them, delete them, limit processing, object to their processing, request data transfer or not to be subject to a decision based solely on automated data processing - without undue delay, no later than within 30 days of receiving the request, the Administrator will provide information about the actions taken in connection with the request. If necessary, due to the complicated nature of the request or the number of requests, the Administrator may extend the response time by another 30 days. Within 30 days of receiving the request, the Administrator will inform about the extension of the deadline, stating the reasons for the delay. If the request is submitted electronically, the Administrator's feedback will be  also transmitted electronically, unless the person requests a different form.

        Providing information is free of charge.

        If the Customer or the Service Provider becomes aware of a data protection breach, he is obliged to immediately notify the Administrator.