§ 1 GENERAL PROVISIONS
- The Data Controller for the processing of data collected through the website located at www.arystea.com is Aleksandra Tkocz trading as Batelektro Adam Tkocz registered in the Business Activity Central Register and Information Record (CEIDG) operated by the Ministry of Economy of the Republic of Poland, principal place of business and address for service: ul. Orzepowicka 18B, 44-217 Rybnik, Poland, tax identification number NIP: 6422234516, statistical number REGON: 276734797, email address: firstname.lastname@example.org, hereinafter referred to as “Data Controller” or “Service Provider”.
§ 2 PURPOSE AND SCOPE OF DATA COLLECTION
- Arystea.com shall only process your personal data for the purpose of processing orders at our Shop as well as for the purpose of conducting direct marketing related to our products and services by traditional means (in paper form), i.e. for the purposes of the legitimate interests pursued by the Data Controller. The data collected for these purposes shall be processed in accordance with the provisions of art. 1 section 1, points (b), (c) and (f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/WE (General Data Protection Regulation).
- If the Data Subject has given a separate consent to such processing (Article 6 section 1, point (a) GDPR) their personal data may be processed for the purpose of sending electronic marketing messages and for direct marketing via telephone – in accordance with Article 10 section 1, points (b), (c) and (f) of the Act on the Provision of Electronic Services of 18 July 2002 or Article 172 of the Telecommunications Law Act of 16 July 2004, including profiled marketing communications if the Data Subject has consented to receive such communications.
- If the order needs to be delivered to the Customer personal data may be shared with postal operators and courier companies solely for order delivery purposes.
- Personal data collected in connection with the purchase of products and services offered through our Shop shall be kept for no longer than is necessary for the purpose of order processing, the archived data shall be stored for a prescriptive period of 10 years. The personal data processed for marketing purposes, based on the consent of the data subject, shall be processed until the withdrawal of consent.
- Submitting your personal data is voluntary, however we require certain personal data for order processing purposes; placing orders through the Website is not possible without the provision of the requested personal data.
- The personal data collected via the Website is subject to automatic processing through profiling if the data subject has consented to such processing (Article 6, section 1, point (a) GDPR). As a result of profiling the Data Controller builds a profile of each data subject which enables the Data Controller to take decisions concerning Users as well as to analyse or predict their personal preferences, behaviours and attitudes.
- The Data Controller shall take all reasonable steps to protect the interests of data subjects and ensure that all data is:
- lawfully processed,
- obtained only for specified, lawful purposes, and not further processed in any manner incompatible with those purposes,
- factually correct, adequate and relevant in relation to the purposes for which it is processed; stored in a form that permits identification of the data subject, for no longer than is necessary for those purposes.
§ 3 RIGHT OF CONTROLL, ACCESS AND RECTIFICATION
- Every User has a right to access, to rectify and to control his personal data as well as the right to erasure, the right to restrict processing, the right to data portability, the right to object to processing and the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
- The User may exercise his rights under points 1 and 2 by sending an email message to email@example.com.
- Cookies are essential for the provision of electronic services via the website. Cookies, especially those requiring the User’s additional authorisation, contain information that is necessary for the proper functioning of the website.
- The website uses three main types of cookies: “session” cookies, “persistent” cookies and “analytical” cookies.
- “Session” cookies are temporary files which are stored on the User’s end-device until they log out (leave the website).
- “Persistent” cookies remain stored on the User’s device until deleted manually or automatically after a set period of time.
- “Analytical” cookies provide information on how individual Users interact with www.arystea.com and are used to improve the performance of the website. “Analytical” cookies collect information about how Users use the website, what type of website referred the User to www.arystea.com, the frequency of visits and the time of each visit. All User data is collected anonymously and used solely for statistical analysis of website use.
- The User can adjust cookie permissions via options in their browser settings. More detailed information about cookie management with specific web browsers can be found in the browsers’ respective settings.
§ 5 FINAL PROVISIONS
- The Data Controller shall implement all necessary technical and organisational security measures to safeguard the data during processing ensuring a level of security appropriate to the nature of the data to be protected and, in particular, protect the data against unauthorised access, takeover, processing in violation of law, alteration, loss, damage or destruction.
- The Service Provider shall take appropriate technical measures to safeguard the electronic personal data against unauthorised interception or modification.