Personal data and GDPR
Personal data and GDPR
PERSONAL DATA
-
KVIAT.ART Katažyna Vinska, NIP: 5422952085, with address ul. ks. Grzybowskiego 77A, 15-635 Klepacze (‘COMPANY’) is the controller of the personal data of Online Store Customers. The owner and operator of the store at www.kviat-art.eu (‘STORE’).
-
Should you have any questions or requests regarding personal data, please contact us at the following e-mail address: kviat.art@gmail.com or by post to the address indicated in clause 1 above.
-
Kviat.Art processes personal data of the Customers in accordance with the General Regulation on the Protection of Personal Data of the European Union 2016/679 of April 27th, 2016 ("GDPR").
-
The privacy policy applies if you use the services of www.kviat-art.eu, i.e. you register in the Online Store, buy www.kviat-art.eu products in the Online Store, contact us or subscribe to the newsletter, in order to receive e-mail messages from us with marketing contents. The personal data processed by Kviat.Art are obtained directly from customers in connection with the use of www.kviat-art.eu services.
-
Depending on the services you use, Company processes the following personal data:
-
Company uses personal data to provide customers with the store's services, administer the account in Online Store and fulfil orders and handle returns and complaints, data processing for accounting and tax purposes, as well as sending the ordered newsletter. The basis for data processing is the processing necessary for the performance of the contract (under Article 6 (1) (b) GDPR), and in some cases the legal basis may also be a specific legal provision that allows COMPANY to process data in order to fulfil a legal obligation - e.g. . accounting and tax regulations (under Article 6 (1) (c) GDPR).
-
COMPANY sends the Customers marketing messages in the form of a newsletter to the e-mail address provided by the Customer only if the Customer has consented to it. The basis for data processing is the consent of the Customer (under Article 6 (1) (a) GDPR). The Customer may unsubscribe from the newsletter at any time. In each marketing message sent by STORE, there is a special link to unsubscribe from the Newsletter. A user who has registered in the Online Store may also unsubscribe from the newsletter by changing the settings on the user's account. The consent may also be withdrawn by sending it to STORE in an e-mail to the following address: kviat.art@gmail.com. The withdrawal of consent does not affect the lawfulness of data processing which was made on the basis of consent before its withdrawal.
-
COMPANY uses personal data to contact the Customers, for example by e-mail, as well as responding to posts on the social media sent to STORE, in order to improve service performance, inform about changes and provide explanations and information. The basis for data processing is the legitimate interest of COMPANY under Article 6 (1) (f) GDPR).
-
COMPANY requires that the Customer provide the personal data necessary for the performance of the contract - provision of services or order delivery. If this information is not provided by the Customer, COMPANY will not be able to provide services or deliver orders. If required by law, e.g. tax regulations, COMPANY may also require other necessary data. Apart from the above, the provision of personal data by the Customer is voluntary.
-
COMPANY transfers personal data for processing to service providers who perform certain duties and functions on behalf of COMPANY. COMPANY provides data to service providers who: support Store's website, provide services related to direct marketing via e-mail, operate online media channels and social media, implement payments related to orders in Store, provide services related to data storage, provide services courier services, accounting services and legal services for COMPANY. COMPANY provides the aforementioned service providers only with such data that are necessary for the proper performance of services for or on behalf of COMPANY. In the case of data transfer, COMPANY ensures that the service provider processes the data in compliance with security requirements, and does not use the data for purposes other than providing services to COMPANY.
-
COMPANY does not transfer personal data to entities other than the service providers referred to in the point above, except in cases where it is necessary in connection with legal regulations or a decision of authorities, as well as in the case of the necessity to establish, exercise or defend the rights of COMPANY.
-
COMPANY does not transfer personal data outside the European Union.
-
COMPANY processes the personal data of customers only for the period necessary for the proper performance of contracts with the Customers, i.e. the provision of services, as well as order handling and the complaint process, pursuing claims in connection with the performance of the contract, as well as for the period resulting from the obligations imposed on COMPANY by legal regulations (e.g. with regard to the performance of tax and accounting obligations, in accordance with the relevant regulations for a period of 5 years), only to the necessary extent. For marketing purposes, the data is stored for the duration of the contract or until the Customer objects to such processing.
-
COMPANY ensures the application of appropriate technical and organizational security measures for personal data in order to ensure an appropriate level of security for the processed personal data.
-
The Customers have the right to access their personal data, which includes the right to request information about their data or be provided with a copy of this data processed by COMPANY.
-
The Customers have the right to have their personal data rectified if such data is incomplete, out of date or untrue.
-
The Customers may object to the processing of personal data by COMPANY. "Marketing" objection – the Customer may object to the processing of their data for the purpose of direct marketing. Objection due to a special situation – the Customer may also object to the processing of their data on the basis of a legitimate interest for purposes other than direct marketing, as well as when the processing is necessary for COMPANY to perform a task carried out in the public interest. In such a case, a special situation should be indicated that justifies the cessation of the processing covered by the objection by COMPANY. COMPANY will cease to process the Customer's data for these purposes, unless it proves that the grounds for data processing by COMPANY override the Customer's rights or that the data is necessary for COMPANY to establish, assert or defend claims.
-
Customers may demand restriction of the processing of personal data by COMPANY.
-
The Customers may demand that their personal data be removed.
-
The Customers may request that their personal data be transferred to the Customer or a designated third party.
-
The Customers may lodge a complaint with the supervisory body for the protection of personal data: Personal Data Protection Office [Pol. ‘Urząd Ochrony Danych Osobowych (UODO)’], ul. Stawki 2, 00-193 Warsaw, Poland, tel. +48 22 53 10 440, website:http://www.uodo.gov.pl
-
The data obtained by COMPANY shall not be profiled.
COOKIES POLICY
-
STORE does not automatically collect any information, except for information contained in cookie files, subject to Customer consent.
-
Cookies are IT data, in particular text files, which are stored in the end device of the Store User and are intended for using Store's websites. Cookies usually contain the name of the website they come from, the storage time on the end device and a unique number.
-
The entity that places cookies on the Store User's end device and obtains access to them is the COMPANY.
-
Cookies are used for:
-
adjusting the contents of the Store websites to the User's preferences and optimizing the use of websites; in particular, these files allow to recognize the Store User's device and properly display the website, tailored to their individual needs;
-
creating statistics that help to understand how Store Users use websites, which facilitates improving their structure and content;
-
Store uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User's end device until they leave the website or turn off the software (web browser). Persistent cookies are stored on the User's end device for the time specified in the cookie file parameters or until deleted by the User.
-
The following types of cookies are used in Store:
-
"essential" cookies, enabling the use of services available within Store, e.g. authentication cookies used for services that require authentication within Store;
-
cookies used to ensure security, for example used to detect authentication fraud within Store;
-
"performance" cookies, enabling the collection of information on the use of the Store's websites;
-
"functional" cookies, enabling "remembering" the settings selected by the User and personalizing the User's interface, e.g. in terms of the selected language or region of the User, font size, website appearance, etc.;
-
"advertising" cookies, enabling the delivery of advertising content to Users more tailored to their interests.
-
In many cases, the software used for browsing websites (web browser) allows cookies to be stored on the User's end device by default. Store users can change cookie settings at any time. These settings can be adjusted in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about their every placement in the Store User's device. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
-
The Store operator informs that restricting the use of cookies may affect some of the functionalities available on the Store's websites.
-
Cookies placed on the Store User's end device may also be used by advertisers and partners cooperating with the Store operator.
-
More information on cookies is available in the "Help" section of the browser's menu.