§1 General provisions
2. We hereby declare that we comply with the principles of personal data protection and all legal regulations that are provided for in the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to with the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC.
3. The person whose personal data is processed has the right to ask us to obtain comprehensive information on how we use his personal data. We always strive to inform you about the data we collect, how we use it, what purpose we want it to serve and to whom we pass it, what protection we provide to other entities and provide information about the institutions to contact in case of doubt .
4. The Seller applies technical measures such as: physical protection measures for personal data, hardware measures for IT and telecommunications infrastructure, security measures within software tools and databases, and organizational measures ensuring adequate protection of personal data being processed, in particular protecting personal data against unauthorized disclosure third parties, obtaining by unauthorized person and using them for unknown purpose, as well as accidental or deliberate change, loss, damage or destruction of such data.
5. Under the terms of the Regulations and in this document we have exclusive access to data. Access to personal data may also be entrusted to other entities by means of which payments are made, which collect, process and store personal data in accordance with its Regulations and entities that have the task of completing the order. Access to personal data is granted to the above entities to the extent necessary and only that which will ensure the provision of services.
6. Personal data is processed only for purposes for which you have given consent by clicking the appropriate form fields on the Website or in a different way. The legal basis for the processing of your personal data is the consent to the processing of data or the requirement to provide a service (eg. ordering a product) that you ordered from us (pursuant to Article 6 paragraph 1 letter a and b of Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (general regulation on data protection) – GDPR.
§2 Privacy rules
1. We take privacy seriously. We are characterized by respect for privacy and the fullest possible and guaranteed convenience of using our services.
2. We value the trust Users place in us, entrusting us with their personal data in order to fulfill the order. We always use personal data in a fair manner and in order not to fail this trust, only to the extent necessary to perform the order including its processing.
3. The user has the right to obtain clear and complete information on how we use his personal data and for what purposes they are needed. We always clearly inform about the data we collect, how and to whom we pass it on and provide information about entities to contact in case of doubts, questions or comments.
4. In case of any doubts regarding the use of your personal data, we will immediately take action to clarify and dispel such doubts, and in a full and comprehensive manner, we answer all questions related to this.
5. We will take all reasonable measures to protect Users’ data against improper and uncontrolled use and to secure them in a comprehensive manner.
6. The administrator of your personal data is ANETTA HELLER DESIGN STUDIO – HELLER DESIGN STUDIO, ul. Wały Piastowskie 1/1508, 80-855 Gdańsk, Polska, mail: email@example.com tel +48 576 476 243
7. The legal basis for the processing of your personal data is Art. 6 clause 1 lit. b) GDPR. Providing data is not mandatory, but necessary to take the appropriate steps prior to the conclusion of the contract and its implementation. We will transfer your personal data to other recipients entrusted with the processing of personal data on behalf of and for us. Your data will be transferred pursuant to art. 6 clause 1 lit. f) GDPR, where the legitimate interest is the proper performance of contracts / orders. In addition, we will share your personal data with other business partners. We store collected personal data within the European Economic Area (“EEA”), but they can also be sent to a country outside this area and processed there. Each operation of sending personal data is carried out in accordance with applicable law. If data is transferred outside the EEA, we use standard contractual clauses and the privacy shield as safeguards for countries where the European Commission has not found an adequate level of data protection.
8. Your personal data related to the conclusion and implementation of the contract for the implementation of contracts will be processed for the period of their implementation, as well as for a period not longer than provided for by law, including the provisions of the Civil Code and the Accounting Act, i.e. not longer than for 10 years from the end of the calendar year in which the last contract was performed.
9. Your personal data processed in order to conclude and perform future contracts will be processed until you object.
10. You have the right to: access your personal data and receive a copy of your personal data being processed, rectify your incorrect data; request deletion of data (right to be forgotten) in the event of circumstances provided for in art. 17 GDPR; requests to limit data processing in the cases indicated in art. 18 of the GDPR, objecting to data processing in the cases indicated in art. 21 GDPR, transferring data provided, processed in an automated manner.
11. If you think that personal data is being processed unlawfully, you can make a complaint with the supervisory authority (Office for Personal Data Protection, ul. Stawki 2, Warsaw). If you need additional information related to the protection of personal data or want to exercise your rights, please contact us by post to the correspondence address.
12. We strive to protect against unauthorized access, unauthorized modification, disclosure and destruction of information in our possession. In particular:
a) We control methods for collecting, storing and processing information, including physical security measures, to protect against unauthorized access to the system;
b) We only provide access to personal data to employees, contractors and representatives who must have access to them. In addition, under the contract they are obliged to maintain strict confidentiality, to allow us to control and verify how they fulfill their obligations, and in the event of failure to fulfill these obligations may suffer consequences.
13. We will comply with all applicable laws and regulations regarding data protection and we will cooperate with data protection authorities and authorized law enforcement authorities. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, principles of social coexistence as well as established customs.
14. The exact manner of protection of personal data has been included in the personal data protection policy (PDP: security policy, personal data protection regulations, IT system management instructions) For security reasons, due to the procedures described in it, it is available for inspection only to control authorities state.
16. The user is always entitled to notify us if:
a) does not want to receive information or messages from us in any form;
b) would like to receive our copy of your personal data;
c) correct, update or delete your personal data in our records;
d) wishes to report violations, improper use or processing of personal data.
17. To help us answer or respond to the information provided, please provide your name and further details.
§3 The scope and purpose of collecting personal data
1. We process the necessary personal data for the purpose of providing services and for accounting purposes and only such as:
a) in order to place an order,
b) in order to conclude a contract, complaint and withdrawal from the contract,
c) issue a VAT invoice or other receipt,
d) monitor traffic on our websites,
e) collecting anonymous statistics, to determine how users use our website,
f) determining the number of anonymous users of our websites,
g) controlling how often the selected content is shown to users and what content is most often used,
h) controlling how often users choose a given service or from which level of service the most frequent contact occurs,
i) study memberships to newsletters and contact options,
j) using the system of personalized recommendations for e-commerce,
k) using the tool for both e-mail and telephone communication,
l) integration with the social networks,
m) possible online payments.
2. We collect, process and store the following user data:
a) name and surname / company name,
b) address of residence,
c) delivery address (if different from the address of residence),
d) tax identification number (TAX ID),
e) e-mail address (e-mail),
f) telephone number (cellular, landline),
g) information about the web browser used,
h) other voluntary personal data provided to us.
3. Providing these data by is completely voluntary but also necessary for the full implementation of the services.
4. The purpose of collecting and processing or using our data:
a) direct marketing, archival goals of advertising campaigns,
b) fulfillment of duties imposed by law by collecting information about undesirable activities.
6. We store your personal data no longer than they are needed for the proper quality of service and, depending on the mode and purpose of obtaining them, we keep them for the duration and after its completion for the purposes of:
a) fulfillment of obligations resulting from legal regulations, tax and accounting regulations,
b) preventing fraud or criminal offense,
c) statistical and archiving,
d) Marketing activities – for the duration of the contract, giving separate consent for the processing of such data – until the completion of operations related to transaction processing, opposition against such processing or withdrawal of consent,
e) Intermediary and promotional activities – eg. contests, promotional campaigns – for the duration and settlement of such shares,
f) Operational activities – until the limitation period of obligations imposed by the GDPR Regulation and relevant national provisions to demonstrate reliability in the processing of personal data,
g) Investigation of any claims related to the contract.
7. Bearing in mind the fact that in many countries to which this personal data is sent, the same level of legal protection of personal data as in the user’s country does not apply. For personal data stored in another country, access in accordance with the law in force, for example, can be accessed by courts, enforcement authorities and national security, in accordance with the laws in force in that country. Subject to lawful requests for disclosure, we undertake to require entities that process personal data outside the user’s country to take action to protect data in an adequate manner to the regulation of their national law.
§4 “Cookies” policy
1. We collect automatically the information contained in cookie files in order to collect your data. A cookie file is a small piece of text that is sent to the User’s browser and which the browser sends back at the next entries to the site. They are mainly used to maintain sessions by generating and sending back a temporary identifier after logging in. We use “session” cookies stored on the User’s end device until logging out, turning off the website or turning off the web browser and “permanent” cookies stored on the User’s end device for the time specified in Cookie parameters or until they are deleted by the User.
2. Cookie files adjust and optimize the website and its offer for the needs of Users through such activities as creating statistics of page views and ensuring security. Cookies are also necessary to maintain the session after leaving the website.
3. The administrator processes the data contained in Cookies each time the site is visited by visitors for the following purposes:
a) optimization of the use of the website;
b) identification of the Registered Users as currently logged in;
c) adaptation, graphics, selection options and any other content of the site to the individual preferences of the Customer;
d) remembering automatically and manually-added, uploaded data from Order Forms or login details provided by the visitor;
e) collecting and analyzing anonymous statistics showing how to use the website in the administrative panel and google analytics;
f) create remarketing lists based on information about preferences, behavior, how to use the interests of the Website and collect demographic data, and then share these lists in AdWords and AdSense, Facebook Ads;
g) Google Adsense cookies are used to display relevant ads to you. Adsense Cookies do not contain personal data. If you would like to learn more about Google AdSense cookies and how to control it, please go to http://www.google.co.uk/policies/privacy/ads/
h) creating data segments based on demographic information, interests, preferences in the selection of products / services viewed;
i) use of demographic and interest data in Analytics reports;
j) due to the need to prevent certain functions on our trading platforms from doing internet robots, we use the Google reCAPTCHA V2 mechanism to sporadically investigate whether the behavior of users is not characteristic of robots’ behavior. In this situation, we may disclose your IP address to Google LLC.
4. The User at any time using his web browser can completely block and delete the collection of cookies.
5. Blocking by the User the possibility of collecting cookies on his device may hinder or prevent the use of certain functionalities of the site to which the User is fully entitled but must in this situation be aware of functional limitations.
6. A user who does not want to use “cookies” in the above-described purpose at any time can delete them manually. To read the detailed instructions for the procedure, please visit the website of the manufacturer of the web browser used currently used by the User.
7. More information about Cookies is available in the help menu of any web browser. Examples of Internet browsers that support the mentioned “Cookies” files:
Cookie settings Internet Explorer
Cookie settings Chrome
Cookie settings Firefox
Cookie settings Opera
Cookie settings Safari
Cookies files in Android
Cookies files in iOS (Safari)
Cookies files in Windows Phone
§5 Rights and obligations
1. We have the right, and in cases of law, also defined, and the statutory obligation to provide selected or all information regarding personal data to public authorities or third parties who submit such a request for information on the basis of applicable provisions of Polish law.
2. The User has the right to access the content of his personal data that he makes available, the User may correct the data, supplement it at any time, and has the right to request that it be removed from his databases or discontinued, without giving any reason. In order to exercise its rights, the User may at any time send a message to an e-mail address or in any other way that delivers / transmits such a request. The exception is the e-Book created by Camerapixo Press for the photographer on demand. These e-books can only be edited by our team.
3. The processing of personal data of physical persons who are our clients is based on:
a) legitimate interest as a data controller (eg. in the area of database creation, analytical and profiling activities, including activities regarding the analysis of use of products, direct marketing of own products, securing documentation for the purpose of defending against possible claims or for claims);
b) consent (including, in particular, consent to e-mail marketing or telemarketing);
c) performance of the concluded contract;
d) obligations arising from law (eg. tax law or accounting regulations).
4. The processing of personal data of natural persons who are potential customers is based on:
a) justified interests of the data controller (eg. in the field of creating a database, direct marketing of own products);
b) consent (including, in particular, consent to e-mail marketing or telemarketing).
5. A request on the part of the User to delete personal data or to cease their processing by it may result in the total inability to provide services by or severely limit their services.
6. We attach particular importance to the issue of profiling and indicate that:
a) we usually process data that was previously subject to ssl encryption for profiling purposes;
b) we use typical data for this: e-mail address and IP or cookies
c) we profile in order to analyze or forecast personal preferences and interests of people using our Services or products or services and matching the content of our Services or products to these preferences
d) we profile for marketing purposes, i.e. matching the marketing offer to the abovementioned preferences.
7. We undertake to act in accordance with applicable law and principles of social coexistence.
8. Information on extrajudicial handling of consumer disputes. The authorized entity within the meaning of the Act on Out-of-court Consumer Dispute Resolution is the Financial Ombudsman, whose website address is as follows: www.rf.gov.pl.
§6 Basic safety principles
1. Each user should care for his own data security and for the security of his devices that serve the access to the Internet. Such a device should absolutely have an antivirus program with a current regularly added database of definitions, virus types and types, a secure version of the web browser it uses, and a firewall enabled. The user should check that the operating system and programs installed on it have the latest and compatible updates, because the attacks use the errors detected in the installed software.
2. Access data to services offered on the Internet is – eg. logins, passwords, PINs, electronic certificates, etc. – they should be secured in a place inaccessible to others and impossible to break in from the Internet. They should not be disclosed or stored on the device in a form that allows unauthorized access and reading by unauthorized persons.
3. Caution when opening strange attachments or clicking links in e-mail messages that we did not expect, eg. from unknown senders, or from the spam folder.
4. It is recommended to run anti-phishing filters in a web browser, i.e. tools that check whether the website displayed is authentic and is not for phishing, eg. by impersonating a person or an institution.
5. Files should be downloaded only from trusted places, websites and websites. We do not recommend installing software from unverified sources, especially from unfamiliar publishers. This also applies to portable devices, e.g. smartphones and tablets.
6. When using your home Wi-Fi wireless network, you should set a password to be safe and difficult to break, there should be no pattern and string of characters that is easy to guess (eg. street name, host name, date of birth etc.) . It is also recommended to use the highest possible standards for wireless Wi-Fi network encryption, which are possible to run on your equipment, e.g. WPA2.
§7 Use of Social Media plugins
1. Plug-ins, so-called plug-ins of social networking portals Facebook.com and Twitter and others, can be found on our sites. The related services are provided by Facebook Inc., respectively. and Twitter Inc.
2. Facebook is hosted by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To view Facebook plugins, go to: https://developers.facebook.com/docs/plugins
3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view Twitter plugins, go to: https://dev.twitter.com/web/tweet-button
4. The plug-in tells its suppliers only information about which of our websites you have had access to and at what time. If you are logged in to your account, for example on Facebook or Twitter, when you view or stay on your site, the provider is able to combine your interests, information preferences and other data, for example, by clicking the Like button or leaving button a comment, or enter the name of the profile in the searched. This information will also be transferred directly to the supplier via the browser.
5. More detailed information on the collection and use of data by Facebook or Twitter and about privacy protection can be found on the following pages:
a) Data protection / privacy tips issued by Facebook: http://www.facebook.com/policy.php
b) Data protection / privacy advice issued by Twitter: https://twitter.com/privacy
6. In order to avoid registering a visit to a selected user account via Facebook or Twitter on our website, you must log out of your account before browsing our websites.
Copyright note to the Regulations: The owner of all material copyright to the template of this policy is LEGATO Law Firm, which granted a non-exclusive and inalienable right to use this document for purposes related to its own commercial activities on the Internet and extends legal protection to the above mentioned document on duration of the contract. Copying and distributing the template of this document without the consent of the LEGATO Law Firm is prohibited and may be subject to both criminal and civil liability.