1. GENERAL PROVISIONS
1.2. The administrator of the personal data collected through the Online Store is Kamil Radziejewski, doing business as KRR Kamil Radziejewski, entered to the Central Registration and Information on Business of Poland, kept by the Minister applicable for business-related matters, with the place of performing business and mailing address as follows: ul. Rędzińska 128, 42-209 Częstochowa, NIP: 9492036036, email address: firstname.lastname@example.org – hereinafter referred to as "Administrator" and being at the same time the Service Provider of the Online Store and the Seller.
1.3 Recipient personal data is processed in accordance with the Personal Data Protection Act of 29 August 1997 (Journal of Laws 1997 No. 133, item 883 as amended) (hereinafter referred to as: Personal Data Protection Act) and the Act on Rendering Electronic Services of 18 July 2002 (Journal of Laws 2002 No. 144, item 1204 as amended).
1.4 The administrator takes special care to protect the interests of the people, who the data refers to, and in particular ensures that the data collected by him is processed in accordance with the law.
2. PURPOSE AND SCOPE OF DATA COLLECTION
2.1 Each time, the purpose, scope and recipients of data processed by the Administrator result from the actions taken by the Service Recipient or Customer at the Online Store. Possible purposes of collecting the personal data of Service Recipients or Customers by the Administrator:
- conclusion and implementation of a Sales Agreement or an Agreement for the provision of Electronic Services (e.g. an Account).
- direct marketing of the Administrator's own products or services.
2.2 Possible recipients of personal data of the Online Store’s Customers:
- In the case of a Customer who chooses the electronic payment or card payment method, the Administrator shares the collected personal data with the selected entity handling the above payments in the Online Store.
- In the case of a Customer who chooses in the Online Store a delivery method different than personal collection, the Administrator shares the collected personal data with the selected entity handling the package delivery.
2.3 Administrator can process following personal data of Service Recipients or Customers using the Online Store: name; surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, place, country), address of residence/business/office (if it's different than the delivery address). In the case of Service Recipients or Customers who are not consumers, the Administrator can additionally process the name of the company and the tax identification number (NIP) of Service Recipient or Customer.
2.4 Providing personal data, referred to in the above-mentioned point, can be necessary to conclude and implement the Sales Agreement or the agreement for the provision of Electronic Services in the Online Store.
3. COOKIES AND OPERATIONAL DATA
3.1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (e.g. on the hard drive of the computer, laptop or on the smartphone's memory card – depending on which device is used visiting our Online Store). Specific information about Cookies and the history of its creation can be found, among others, here: https://en.wikipedia.org/wiki/HTTP_cookie.
3.2 The Administrator can process data included in the Cookies during the use of the Online Store's website by the visitors, for the following purposes:
- identification of the Service Recipients as logged in the Online Store and showing them that they are logged in;
- remembering the products added to the cart in order to place an Order;
- remembering the data from filled Order Forms, polls or login data from the Online Store;
- adjusting the content of the Online Store's website to the individual preferences of the Service Recipient (e.g. regarding colors, font size, page layout) and optimizing the use of the pages of the Online Store;
- keeping anonymous statistics showing the manner of use of the Online Store website;
- popularizing the Online Store through Facebook.com social service.
3.3 As standard, most of the internet browsers available on the market accepts saving the Cookies by default. Everyone has the possibility to define the terms of using cookies using the personal internet browser's settings. It means that it is possible e.g. to partly restrict (for example temporarily) or completely turn off the possibility to save the Cookies – however, in this last case it can impact some of the functionalities of the Online Store (for example it may be impossible to pass the Order path through the Order Form due to not memorizing the Products in the cart during the subsequent steps of making an Order).
3.5 Specific information about changing the settings regarding Cookies and their independent removal in browser settings are shared by Creators of given internet browsers or available in the browser's help section.
3.6 The administrator also processes anonymised operational data associated with using the Online Store (IP address, domain) to generate statistics helpful in managing the Online store. This data is collective and anonymous, ie. does not contain features that identify visitors to the Online Store website. This data is not to be disclosed to third parties.
4. BASIS FOR DATA PROCESSING
4.1 Providing personal data by the Service recipient or Customer is voluntary but lack of providing the data indicated at the website of the Online Store and in the Terms and Conditions of the Online Store required to conclude a Sales Agreement or an agreement on the provision of an Electronic Service will result in an impossibility to conclude such an agreement.
4.2 The basis for processing of personal data of Service Recipient or Customer is the necessity to perform the contract to which he is a party or take action on his request before its conclusion. In the case of processing data for the purpose of direct marketing of the Administrator's own products or services, the basis of such processing is (1) previous consent of Service Recipient or Customer, or (2) fulfillment of legally justified purposes implemented by the Administrator (in accordance with the art. 23 section 4 of Personal Data Protection Act, as legally justified purpose is considered in particular direct marketing of the Administrator's own products or services).
5. RIGHT TO CONTROL, ACCESS AND MAKE AMENDMENTS TO PERSONAL DATA
5.1 The Service Recipient or Customer has the right to access their personal data and correct them.
5.2 Every person has the right to control the processing of data concerning them, contained in the database of the Administrator, and in particular the right to request to amend, update, or correct personal data, temporary or permanent suspension of its processing or removal if it is incomplete, outdated, untrue or collected in violation of the law, or is no longer necessary for the purpose for which it was collected.
5.3 If the Service Recipient or Customer grants permission for data processing for direct marketing of the Administrator's own products or services, the permission can be revoked at any time.
5.4. If the Administrator intends to process or is processing the data of the Service Recipient or Customer for direct marketing of the Administrator's own products or services, the person that the data concerns is also authorized to (1) submit a written, motivated request to cease processing of their data due to their special situation, or to (2) submit an objection against processing of their data.
6. FINAL PROVISIONS
6.2. The Administrator uses technical and organizational measures to protect personal data, appropriate to the risks and category of data being protected, in particular to protect data against their unauthorized disclosure, takeover by an unauthorized person, processing with the violation of existing regulations, alteration, loss, damage or destruction.
6.3. The Administrator provides the appropriate following technical measures to prevent the acquisition and modification by unauthorized persons of the personal data transmitted electronically:
6.3.1. Securing the data set against unauthorized access.
6.3.2. Account access only after providing the individual login and password.
6.3.3. SSL certificate.
6.3.4. Data encryption.
Identifying information of the store www.bonamera.com:
KRR Kamil Radziejewski
ul. Rędzińska 128