This document defines the principles and purposes of personal data processing by:
PIAPI & MORE Aneta Kowalska
with headquarters in Dąbrówka on the street Cisowa 22/1, 62-070 Dąbrówka,
telephone: +48 535 009 200, e-mail: [email protected]
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC;
- Store – online store www.piapimo.pl, run by PIAPI & MORE Aneta Kowalska based in Dąbrówka on the street Cisowa 22/1, 62-070 Dąbrówka, NIP: 6971917862, REGON: 016264666, tel. +48 535 009 200, e-mail: [email protected];
- Customer / User / You – a natural person using the Store, including in particular sending an inquiry to the Store, making a purchase, contacting the Store;
- Terms and conditions – store terms and conditions available at the link http://piapimo.pl/regulamin-sklepu-internetowego/;
- Personal data – information about an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of an identifier such as name and surname, identification number, location data, internet identifier or one or more specific physical, physiological, genetic, mental factors, the economic, cultural or social identity of a natural person;
- Personal data administrator – a natural or legal person, public authority, unit or other entity that independently or jointly with others sets the purposes and methods of personal data processing;
- Processing of personal data – an operation or a set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, ordering, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or other types of sharing, matching or combining, limiting, deleting or destroying.
- Personal data administrator: The administrator of the Customer’s personal data is PIAPI & MORE Aneta Kowalska with its registered office in Dąbrówka on the street Cisowa 22/1, 62-070 Dąbrówka, NIP: 6971917862, REGON: 016264666;
- The scope, purpose and grounds for processing your personal data by the Administrator. In connection with the conclusion and performance of contracts for the sale of our products, we require the following personal data from you: name, surname, address, telephone number, e-mail address. Below we present detailed purposes and legal grounds for the processing of your personal data indicated above.
Performance of the contract for the sale of products offered by the Store
Processing is necessary for the performance of the contract between us and you, including the execution of orders (Article 6 (1) (b) of the GDPR).
Presentation of the commercial offer or information materials regarding the product you are interested in
Processing is necessary to take steps before or in connection with the conclusion of a contract (Article 6 (1) (b) of the GDPR).
Creating an account in the Store and using its functionalities
Processing is necessary for the provision of services related to the creation and maintenance of an account in the Store (including placing orders without the need to fill in forms each time) (Article 6 (1) (b) of the GDPR) and on the basis of our legitimate interest, consisting in the need to provide communication with Store Users (Article 6 (1) (f) of the GDPR).
Processing is necessary for the performance of our obligations under the complaint procedure regarding the contract concluded between you and us (Article 6 (1) (b) of the GDPR) and our legitimate interest in evaluating complaints, managing complaint documentation (Article 6 (1) letter f of the GDPR).
Sending you commercial information, including marketing and newsletter, containing information about products, promotions and events organized by PIAPI & MORE Aneta Kowalska.
Our legitimate interest (Article 6 (1) (f) of the GDPR) – i.e. direct marketing of products and services.
Possible determination or pursuit of claims by us or consideration and defence against such claims.
Our legitimate interest (Article 6 (1) (f) of the GDPR).
Fulfilling our obligations under the law (e.g. from the Accounting Act or tax regulations).
Processing is necessary to fulfil our legal obligation (Article 6 (1) (c) of the GDPR).
- PIAPI & MORE Aneta Kowalska may also process your personal data in the form of your date of birth. This happens if you enter your date of birth in the order form, so that on your birthday we will be able to send you a gift.
PIAPI & MORE Aneta Kowalska may also process your personal data related to your visiting Piapimo profiles in social media (Facebook, Instagram, Pinterest, YouTube). These data may be processed only in connection with keeping a profile, including to inform Users about the Administrator’s activity and to promote various types of events, services and products, as well as to communicate with Users through the functionalities available in social media. The legal basis for the processing of personal data by the Administrator for this purpose is its legitimate interest (Article 6 (1) (f) of the GDPR) consisting in promoting its own brand and building and maintaining a brand-related community.
- Recipients of personal data.
The personal data processed by PIAPI & MORE Aneta Kowalska will be made available to a limited number of recipients. The recipients of personal data may be our trusted service providers or subcontractors – e.g. courier companies, postal operators, entities providing the Store’s website maintenance services, providing support and operation of our tools and ICT systems, entities providing analytical services related to the functioning of the Store’s website, operators payments, entities providing ongoing legal and accounting services. PIAPI & MORE Aneta Kowalska may be required to provide your personal data on the basis of mandatory provisions of law, including at the request of authorized courts, public authorities or other institutions.
- Transferring data outside the EEA.
The administrator may transfer your personal data to recipients located outside the European Economic Area (EEA). The terms of such data transfer will be secured in accordance with the requirements of the GDPR.
- Period of personal data storage.
The period of storage of your personal data depends on the purpose for which your data is processed.
- personal data processed for the purpose of performing the contract with you, including for the purposes of making purchases in our Store, will be processed for the period necessary to perform the contract;
- personal data processed for the purposes of maintaining and servicing your account in the Store, will be processed until you resign from your user account in our Store, but not shorter than the period necessary to perform the contract related to the account;
- personal data processed for the purpose of providing you with our newsletter, we will process until, respectively, you unsubscribe from the newsletter, finishes issuing it or you object to the processing of your data;
- personal data processed for the purposes of fulfilling our obligations under the law (e.g. from the Accounting Act or tax regulations), we will process for the period resulting from such provisions (e.g. for billing purposes, your data will be stored for 5 years from the end of the calendar year in which the payment deadline for the tax related to the order or transaction has expired);
- personal data processed for the implementation of our legitimate interests, including, for example, marketing communication, we will process for the duration of the legitimate interest, unless you exercise your right and object to the processing of this data for marketing purposes;
- personal data processed for the implementation of our legitimate interests other than the above-mentioned, i.e. establishing and pursuing claims or defending against claims, answering your questions, complaints or requests, as well as keeping statistics related to your use of our website, we will process for the duration of our legitimate interest (in particular until the expiry of the limitation period for claims), unless you exercise your right and object to such processing of personal data due to your special situation, and we will not be able to demonstrate the existence of valid legally justified grounds for processing this data overriding your rights, or grounds for establishing, investigating or defending claims.
We may extend the above-mentioned periods of personal data processing by the limitation period for you or our claims, if the processing of this data is necessary to establish or pursue claims, as well as to defend against such claims.
Subject to the exceptions and limitations provided for in the GDPR:
- Customer rights.
In the cases specified in the GDPR, you are entitled to:
- the right to access personal data,
- the right to rectify personal data (when the data is incorrect or incomplete),
- the right to request the deletion of personal data (when the data is no longer necessary for the purposes for which it was collected; when you withdraw your consent to data processing; when you object to the processing of your personal data; when your data will be processed unlawfully; when data should be deleted in order to fulfil the obligation resulting from the law),
- the right to limit the processing of personal data (when the data is incorrect – you may request the restriction of data processing for a period allowing for data verification; when your data will be processed unlawfully, but you do not want it to be deleted; when your data will no longer be used by us necessary, but may be necessary for you to defend or pursue claims; when you object to the processing of data – until it is determined whether the legitimate grounds on our side override the grounds of objection),
- the right to object to the processing of personal data,
- the right to transfer personal data (when the processing of your data is based on your consent or a contract concluded with you and when this processing is carried out automatically).
Subject to the exceptions and limitations provided for in the GDPR:
- if the data processing is based on your consent, you can withdraw it at any time, which will not affect the lawfulness of data processing carried out before the consent is withdrawn,
- if the processing of your personal data is based on the so-called legitimate interest, you have the right to object at any time – for reasons related to your particular situation – to the processing of your personal data.
You can exercise these rights by sending an appropriate statement specifying such a request to the following address: PIAPI & MORE Aneta Kowalska ul. Daleka 14, 60-124 Poznań or by email: [email protected]
You also have the right to lodge a complaint with the supervisory body (Art. 77 GDPR) – the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw. More information on the website of the Office.
- Social media.
You can also contact us via our social media channels (Facebook, Instagram, TikTok, YouTube). For example, if you send us a message or post something on our social media channels, we may use the information from your message or post to contact you about the matter in which you contacted us through the social media channel you used. However, you should be aware that any post on a public social media channel can be read by anyone. Please note that you should not include any sensitive information (such as information about racial or ethnic origin, political opinions, religious or philosophical beliefs, or health) in your post or message. Detailed information about the purposes, scope and use of your data by the aforementioned social media, about your rights in this respect and about privacy protection settings can be found on the following websites:
- Facebook: https://www.facebook.com/about/privacy,
- Instagram: https://help.instagram.com/155833707900388,
- Pinterest: https://policy.pinterest.com/pl/privacy-policy
- YouTube: https://policies.google.com/privacy?hl=pl.
The Store’s website contains links to social channels. We do not use standard plugins to protect our clients’ data when visiting our website. We use HTML links embedded in the website that allow you to share information on social channels. The embedding of links prevents direct connection with the servers of social channels when entering the website from the level of our website. Clicking on one of the buttons opens a window and redirects the user to the appropriate page, where – after logging in – you can use the “Like” or “Share” buttons.
- Security of personal data.
We ensure the application of adequate technical and organizational measures necessary to ensure the confidentiality, integrity and continuity of the processing of your personal data. Only authorized persons have access to your data and only to the extent that it is necessary due to the tasks performed by them. We take due care to ensure that our subcontractors and suppliers also apply appropriate security measures when they process your personal data.
What are cookies?
Cookies are small text files saved in the user’s computer memory. Cookies have a variety of functions, including help to adjust the content of the website to the computer settings selected by the user, remember the preferred appearance of the website, set the font size, and ensure that the user performs several steps (e.g. adding an article, making a purchase in an online store). Cookies saved on the user’s devices may come both from the website to which the given user enters, and may also be sent from the servers of the websites to which the visited websites refer, e.g. Google, YouTube or social networking sites such as Facebook, Twitter and others.
In terms of the time of storing cookies on the user’s device, they can be divided into two types of files: session cookies – stored on the user’s device until the end of the session of the software used for browsing websites (i.e. the browser) and persistent cookies – stored on the user’s device during the session. a given browser, as well as for a specified period of time after closing a given session. Ending a browser session or turning off the device does not delete them from the user’s device. They are used to maintain the user’s settings or preferences, and thus, inter alia, to ensure comfortable use of the website during the next visit. Detailed information on cookies and their operation can be found, for example, at http://www.aboutcookies.org
Modification of cookie settings:
In many cases, browsers used by users allow cookies to be stored on the user’s device by default. Each user, however, can change the cookie settings in the browser they use, including completely disabling the possibility of saving them. Detailed information on the possibilities and methods of handling cookies is available in the software settings of a given web browser.
Below are the methods of disabling or changing the settings for the most popular web browsers:
- Google Chrome – the default settings of Google Chrome allow the storage of cookies. To change the settings:
- in the upper right corner, click “More” and select “Settings”;
- click on “Advanced” at the bottom of the page;
- in the “Privacy and settings” section, select the “Content settings” option;
- select the desired settings;
- to enter special settings for a given website, add website addresses in the “Block”, “Clear when closing”, “Allow” sections;
- Mozilla Firefox – the default settings of the Mozilla Firefox browser allow the storage of cookies. To change the settings:
- click on the “Tools” menu (in other versions: click the “Firefox” button) and select “Options”;
- then select the “Privacy and Security” tab and select the required settings;
- to enter special settings for a given website, click on “Exceptions” and choose your own settings for the sites;
- confirm the changes with the “OK” button.
- click on the “Tools” menu and select “Internet Options”;
- select the “Privacy” tab;
- click “Advanced” and select the required settings;
- to enter special settings for a given website, click “Websites”, then add the addresses of websites that may save cookies (“Allow”), or exclude (“Block”).
- Opera – Opera’s default browser settings allow cookies to be stored. To change the settings:
- click on “Opera Logo”, select “Settings” and then “Privacy and Security”;
- select the desired settings;
- to enter special settings for a given website, click “Manage exceptions”, and then enter the desired settings;
- confirm the changes with the “Done” button.
- Safari – Safari’s default settings allow cookies to be stored. To change the settings:
- in the “Safari” menu, choose the “Preferences” option;
- click on the “Privacy” icon;
- select the desired settings;
- to enter special settings for a given site, click “Details” and choose your own settings for the sites.
What cookies do we use and why?
Our use of certain cookies is necessary to enable you to navigate the Store’s website and use it optimally, e.g. to access content reserved for registered users.
We also use functional WordPress cookies – to save information enabling the adaptation of the Store’s website to the needs and preferences of users, e.g. to remember the preferred language or currency, to remember the contents of the basket or the fact that the user has already completed questionnaires. These files are stored on your end device for 20 days.
We use session PHP SES SID files that are stored on your device until the end of the browsing session or closing the browser. These files enable the transfer of parameters between visited subpages.
We also use files related to subscribing to the newsletter, i.e. newsletCookie (stored for 30 days) and files enabling the collection of information on how to use our Store’s website (stored from 1 hour to 730 days), i.e. _ga, _gid, _gat cookies.
PIAPI & MORE Aneta Kowalska also uses cookie_ue. This cookie is installed on the end device of a visitor to our website who has accepted the “cookie clause”. Thanks to this file, if the User visits our website within 30 consecutive days, he will not be shown the “cookie clause” again during this time.
More information on the principles of operation of Google Analytics, including the rules on which Google Analytics collects and processes data, can be found on the website: https://www.google.com/analytics/terms/pl.html, and also in the data protection declaration available on the website: https://policies.google.com/privacy?hl=pl&gl=de. In particular, please see the tab “How Google uses the data collected when using websites and applications our partners “, which can be found at www.google.com/intl/pl/policies/privacy/partners/.
You can prevent the collection of data obtained by cookies and relating to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, if you download and install the browser plug-in available on the website: https://tools.google.com/dlpage/gaoptout?hl=en