1. Administrator - vejox with its registered office in Wrocław (hereinafter referred to as vejox), ul. Nyska 50/22 (referred to in these regulations as vejox), entered into the Register of Entrepreneurs under the number 167994 with the registered office in Wrocław at Nyska street no. 50/22, which provides electronic services and stores and gains access to information in User's Devices. Vejox is the administrator or co-coordinator together with POINT OF VIEW SP Z O O SPÓŁKA (hereinafter referred to as POV) KOMANDYTOWA, with registered office at ul. Julianowska 37 05-500 Piaseczno, REGON: 146944038, NIP: 1231282909, KRS: 0000483753
2. RODO - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general data protection regulation) (OJ L 119, 04.05.2016, EU)
3. Website - means a website or application under which the Administrator runs an online store operating in the domain . The website is intended for users who have completed 16 years of age.
6. Device - means an electronic device through which the User gains access to the Website.
7. User - means an entity for which services may be provided electronically or with which an Agreement for the provision of electronic services may be concluded in accordance with the Regulations and legal regulations.
II. Information duties of the Administrator
2. The administrator declares that he has made all efforts to fulfill these duties while maintaining a concise, transparent, understandable and easily accessible form of information referred to in art. 12 RHODE.
3. In case of any ambiguities, each person to whom the data relates may request additional information to the email address provided below for contact in matters of personal data processing.
III. Contact details regarding the processing of personal data.
1. The administrator representing vejox and POV has appointed the Data Protection Officer. The following contact details have been dedicated to reporting all matters related to the processing of personal data of the Website Users: e-mail address: firstname.lastname@example.org and correspondence address: Data Protection Inspector, vejox ul. Nyska 50/22, 50-505 Wrocław.
2. The Website User may submit a wish to exercise their rights related to the processing of their personal data also to other correspondence addresses published on the Website's websites. Bearing in mind the fact that substantive steps are taken so quickly, we recommend using the e-mail address provided in point. 1 above.
IV. Administrator's declaration
1. The administrator makes special care to protect the rights and freedoms of the data subjects, and in particular ensures that the data is:
a) processed in accordance with the law, fairly and transparently,
b) collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with those purposes,
(c) adequate, relevant and limited to what is necessary for the purposes for which they are processed,
d) correct and updated as necessary,
e) kept in a form that permits the identification of the data subject for no longer than is necessary to achieve the purposes for which they are processed,
(f) processed in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organizational measures.
2. As part of the measures listed in point 1 lit. f) above, the Administrator implemented, among others the following safeguards: firewalls, data encryption, physical access control to data centers and authorization controls of access to information, while the effectiveness of the User's data security requires that he comply with the rules set out in the Regulations, in particular not sharing his passwords with third parties. On the part of the Website User, there is also the attention to the correctness of data provided by him during the use of the Website and their updating.
3. User personal data are processed in accordance with the Regulation of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repeal of Directive 95 / 46 / EC (general regulation on data protection) (OJ L 119, 04/05/2016), and with the generally applicable provisions of national law.
V. Purpose, basis and scope of personal data processing
1. Each time the purpose, basis and scope and recipients of data processed by the Administrator result from actions taken by vejox. and / or POV.
2. Possible purposes of collecting Users' personal data by the Administrator:
1) Conclusion and implementation of a distance selling contract and the use of other services provided electronically offered as part of the Website - data collected in particular in the case of purchases including payments
and the registration process on the Website. The basis of processing - art. 6 par. 1 lit. b) RDO (processing is necessary to perform the contract).
The scope of personal data processed (ordinary data only):
a) name and surname,
b) address of residence,
c) delivery address (if different from home address),
d) e-mail address,
e) telephone number.
The Administrator may use the User's data given above to be sent electronically, with a separate consent to use this form of communication, information about products, services, offers and the possibility of receiving the newsletter.
2) Complaint proceedings related to the performed or performed sales contract in the online store. The basis of processing - art. 6 par. 1 lit. b) THE RODO.
The scope of personal data processed by the Buyer and the Person lodging the complaint (if its personal details are different from the Buyer)
a) name and surname,
b) mailing address,
c) e-mail address,
d) telephone number,
e) the reason and details of the subject of the complaint.
3) Direct marketing of the Administrator's own products or services - art. 6 par. 1 lit. f) (the Administrator's legitimate aim), however if the information is transferred electronically, the implementation takes place with the User's separate consent.
The scope of personal data processed:
a) name and surname,
b) address of residence or other address given for correspondence,
c) e-mail address,
d) telephone number.
5) Other marketing activities, including organization of competitions, loyalty programs and other forms of vejox promotion - art. 6 par. 1 lit. a) (consent of the data subject)
The scope of processed personal data includes in principle:
a) name and surname,
b) address of residence or other address given for correspondence,
c) e-mail address,
d) telephone number.
For some forms of promotion, the scope of data processed may include in addition:
b) date of birth,
5. Ensuring the security of the Website and the protection of its Users' data (cybersecurity) - the basis for processing: art. 6 par. 1 lit. f) RODO (processing is necessary for purposes resulting from legally justified interests carried out by the Data Administrator or by a third party).
The scope of personal data being processed: login details for the online store, data and geolocation of the Device from which the connection is made, including IP address of the Device.
The Service Provider also processes anonymised data related to the use of the Website (e.g., the number of Users) to generate statistics on the use of the Website. These data are aggregate and anonymous, i.e. they do not contain identifying features of people using the online store.
VI. Providing and entrusting personal data
1. In connection with the implementation of the basic functions of the Website, the Administrator provides personal data to authorized employees and associates of vejox to the extent necessary for the performance of official tasks.
2. As part of the performance of the sales agreement and after-sales services, the administrator may transfer personal data to the following categories of entities:
a) courier companies or other intermediaries in the delivery and / or installation / assembly of goods purchased by Users,
b) payment system operators (if this form of payment is chosen)
c) companies providing repair / maintenance services for goods purchased by Users.
3. Data of the User who has consented to the processing of his personal data for marketing purposes and for the use of electronic communication means may be transferred to entities specialized in the provision of mass e-mail, SMS or MMS.
4. Data of the User who has consented to the processing of his personal data in order to send via email surveys of customer satisfaction with purchases made in the online store may be transferred to entities providing customer satisfaction surveys.
5. The Administrator declares that in the selection of entities providing services described in point 2 and 3 above is always guided by the criteria given in art. 28 para. 1 RODO, i.e. everyone
from contractors must provide a guarantee of implementation and application of technical and organizational measures appropriate to the category of personal data for their security.
6. In addition, the Administrator informs that in cases described in separate legal provisions and in accordance with the mode indicated in these provisions, personal data may be provided to authorized state administration bodies.
7. Personal data may also be disclosed for audits, ensuring compliance with regulations and implementing corporate governance.
8. The administrator declares that in any case the sharing or transfer of personal data is based on the contract for the processing of data or based on a legal obligation.
VII. Periods of personal data processing (data retention)
1. Personal data of the Website User may be stored:
a) personal data assigned to the User's account on the Website - for the entire period of account activity and in the archived form until the time limit for any claims,
b) personal data provided by the User in order to perform the sales agreement without creating an account on the Website - in archived form until the time of prescription of any claims related to the concluded sale agreement by electronic means,
c) marketing data - until consent is withdrawn to the processing of data for this purpose, whereas the data concerning prior consent and marketing operations carried out towards the Website User will be stored in archive form for at least 5 years from the moment of withdrawal of consent (processing limit), for confirmation that such consent took place in the past,
d) personal data on facts and events subject to tax obligations or inclusion in the relevant accounting books - for the period required by the provisions of the Tax Ordinance Act and the Accounting Act or other generally applicable regulations.
VIII. The rights of the person whose data is processed by the Administrator.
a. Each person whose data is processed by vejox as part of the Website operation is entitled to:
a) the right to access your personal data, rectification, deletion, processing restrictions, objections and the right to transfer data in the cases specified in the RODO;
b) the right to withdraw consent at any time without affecting the lawfulness of the processing, which was made on the basis of the consent prior to its withdrawal (it concerns in particular the processing of data for marketing purposes),
c) the right to file a complaint to the Supervisory Body (the President of the Office for Personal Data Protection, address: Stawki 2, 00-193 Warsaw) if the data subject considers that the data processing by the Administrator violates the provisions of the RODO or other provisions on the protection of personal data .
IX. Option to choose personal data collected by the Administrator
1. Providing personal data when registering on the Website is voluntary, but failure to provide such data will make it impossible to use the functionality of the Website.
2. Providing data when purchasing products or services via the Website is voluntary, failure to provide such data will result in the inability to conclude a purchase and sale agreement.
3. Providing data when submitting a complaint is voluntary, however, failure to provide such data has the effect of not being able to recognize the complaint.
4. Providing personal data for marketing purposes is voluntary, but failure to do so results in the inability to receive a tailored offer of products and services as well as bonuses, rebates and other benefits offered by the Administrator for recipients of marketing activities.
This Cookies Policy sets out the rules for storing and accessing information on User's Devices collected using Cookies.
X. Cookie definitions
1. Cookies - means IT data, in particular small text files, saved and stored on the Final Devices through which the User uses websites.
2. Administrator's Cookies - means Cookies posted by the Administrator via the Website.
3. External Cookies - means Cookies placed by the Administrator's partners via the Website's website based on the concluded agreements.
XI. Types of cookies used
1. Cookies used by the Administrator are safe for the User's Device. In particular, it is not possible for viruses or other unwanted software or malicious software to enter User Devices. These files allow to identify the software used by the User and adjust the Website individually to each User. Cookies usually contain the name of the domain from which they originate, their storage time on the Device and the assigned value.
2. The administrator uses two types of cookies:
Session cookies: they are stored on the User's Device and remain there until the end of a given browser session. The saved information is then permanently removed from the Device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the User's Device.
Persistent cookies: they are stored on the User's Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not delete them from the User's Device. The mechanism of persistent cookies does not allow the collection of any personal data or any confidential information from the User's Device.
3. The User has the ability to limit or disable the access of cookies to his Device. If you use this option, the use of the Website will be possible, in addition to functions that, by their nature, require cookies.
XII. The purposes in which Cookies are used
1. The Administrator uses Administrator's Cookies for the following purposes:
1.1. Website configuration:
a. adjusting the content of the Website pages to the User's preferences and optimizing the use of the Website pages,
b. recognition of the Website User's Device, its location and proper display of the website, adapted to its individual needs,
c. remembering the settings selected by the User and personalizing the User's interface, e.g. in the scope of the selected language or region from which the User comes,
d. remember the history of websites visited on the Website in order to recommend content.
1.2. User authentication on the Website and ensuring the continuity of User's sessions on the Website:
a. maintaining the Website User's session (after logging in), thanks to which the User does not have to re-enter the login and password on each subpage of the Website,
b. correct configuration of selected Website functions, allowing in particular verification of the authenticity of the browser session,
c. optimizing and increasing the efficiency of services provided by the Administrator.
1.3. Implementation of processes necessary for the full functionality of websites:
a. adjusting the content of the Website pages to the User's preferences and optimizing the use of Website pages. In particular, these files allow to recognize the basic parameters of the User's Device and properly display the website, tailored to his individual needs,
b. correct operation of partner programs, allowing in particular for verification of sources of Users' redirects to the Website's websites.
1.4. Remembering the User's location:
a. correct configuration of selected Website functions, allowing in particular adjustment of the information provided to the User, including its location.
1.5. Analysis and research as well as audience audit:
a. creating anonymous statistics that help to understand how the Website Users use the Website's websites, which allows improving their structure and content.
1.6. Advertising services:
a. Adaptation of the services and products of the Administrator and third parties presented via the Website.
1.7. Ensuring the safety and reliability of the Website. 2. The service administrator uses external cookies for the following purposes:
2.1. Presenting multimedia content on the Website pages that are downloaded from an external website.
2.2. Collect general and anonymous static data via analytical tools, e.g. Google Analytics. Google does not use the collected data to identify you or link this information to enable identification. Detailed information about the scope and rules of data collection in connection with this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners
2.3. The use of interactive functions to popularize the Website using social networking sites.
2.4. Presenting opinions on the Website pages that are downloaded from an external website.
2.5. The use of functions to facilitate communication through the Website, which are downloaded from an external website.
XIII. Possibilities to determine the conditions of storage or access to Cookies
1. The User may independently and at any time change the settings for Cookies, specifying the conditions for their storage and access to the User's Device via Cookies. Changes to the settings referred to in the previous sentence, the User can make using the web browser settings. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser's settings or inform each time that Cookies are placed on the User's Device. Detailed information about the possibilities and ways of handling cookies are available in the software (web browser) settings.
2. The User may delete Cookie files at any time using the functions available in the web browser he uses.
1. The Administrator reserves the option of providing the User with the so-called option on the Website. geolocation, ie determining the geographical position of the User when using the Website.
2. Geolocation is carried out only with prior consent of the User, based on the browser settings and based on the IP address of the Device.
3. Geolocation is used only to present the substantive content of the Website tailored to the location in which the User is located.
4. The Administrator does not track or remember the position of the User when using the Website. Location data is only downloaded if it is required to use the function associated with it.
5. Geolocation services can be completely disabled in the Devices settings, however it may prevent or hinder the full use of the Website.
XV. Web push notifications
1. The Website may enable Users to use web push notifications.
2. Web push notifications are sent to the User's web browser only after prior consent to receive these notifications. In order to agree to receive web push notifications, the User should in the message sent
through his web browser, select the option labeled "Allow sending push messages" or other equivalent wording.
3. Consent to sending web push messages may be canceled by the User at any time. In order to withdraw consent, the User should change the settings in his web browser.
4. In connection with the User's use of web push notifications, the Administrator does not collect or otherwise process User's personal data.