LULUA.PL ONLINE STORE
1. GENERAL PROVISIONS
1.2. The administrator of personal information collected through the Online Store is ZBIGNIEW WITEK who runs an economic activity under the company name of ZBIGNIEW WITEK, entered in the Central Register and Information on Economic Activity of the Republic of Poland kept by a minister proper for economic affairs, having an address of the place of the business activity: Os. Na Wzgórzach 3/34, 31-721 Kraków and a delivery address: ul. Józefa 22, 31-057 Kraków, VAT number: 6780056633, REGON: 350331585, e-mail: email@example.com, contact phone number: + (48) 012 430 02 75 and fax number: + (48) 012 430 02 75 – hereinafter referred to as the “Administrator” being also the Service Provider of the Online Store and the Seller.
1.3. Personal data of the Client are processed in accordance with the Act on Personal Data Protection as of August 29, 1997. (Journal of Laws 1997, No. 133, item 883, as amended) (Hereinafter: the Act on personal data protection) and the Act on electronic services as of July 18, 2002. (Journal of Laws 2002, No. 144, item 1204, as amended.).
1.4. The Administrator shall undertake special means to protect the interests of people supplying the data. Moreover, the Administrator ensures that the data collected is processed in accordance with the applicable law; collected for specified and legitimate purposes and not processed further for illegal purposes; substantially relevant and adequate to purposes for which it is processed and stored in a form that allows identification of its owners, no longer than necessary to meet the processing purpose.
1.5. All words, phrases and acronyms that appear on this website and begin with a capital letter (e.g. Seller, Online Store, Electronic Service) shall be construed in accordance with their definition contained in the Regulations of the Online Store available at the website of the Online Store.
2. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECEIVERS
2.1. Each time, the purpose, scope and receivers of data processed by the Administrator result from the actions undertaken by the Client in the Online Shop. For example, if during order placement the Client selects personal collection instead of courier services, its personal data will be processed in order to conclude and implement the Sales Agreement, but shall not be made available to the courier company involved in the delivery on behalf of the Administrator.
2.2. Possible purposes for collection of the Clients’ personal data by the Administrator:
2.2.1. conclusion and implementation of the Sales Agreement or the Electronic Services Provision Agreement (e.g. Account).
2.2.2. direct marketing of the Administrator’s products or services.
2.3. Possible receivers of the Clients’ personal information:
2.3.1. For the Client who selects courier or postal services in the Online Store, the Administrator provides the Client’s personal data to the selected courier company involved in the delivery on behalf of the Administrator.
2.3.2. For the Client who selects the electronic or credit card payment methods in the Online Store, the Administrator provides the Client’s personal data to the selected entity, which support such payments in the Online Store.
2.4. The Administrator can process the following personal data of the Clients who use the Online Store: name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, zip code, city, country), address of residence/business activity/headquarters (if different from the delivery address). For Clients who are not consumers, the Administrator can also process the company name and the tax identification number (TIN).
2.5. The personal data referred to in the preceding item may be necessary for conclusion and implementation of the Sales Agreement or the Electronic Services Provision Agreement in the Online Store. Each time, the scope of data required to conclude an agreement is indicated in the Online Store and the Regulations of the Online Store.
3. COOKIES AND OPERATING DATA
3.1. Cookies are small portions of text information in a form of text files sent by servers and stored on the visitor’s computer (e.g. on the hard drive of a personal laptop or the memory card of a smartphone – depending on the device used by the Client visiting the Online Store). Detailed information on Cookies, as well as the history of their creation, can be found, among others, here: http://pl.wikipedia.org/wiki/Ciasteczko.
3.2. The Administrator can process the data contained in Cookies when visitors use the Online Store for the following purposes:
3.2.1. identification of Clients as registered in the Online Store and showing they are logged in;
3.2.2. storing information on Products added to the basket to place Orders;
3.2.3. storing data from Order Forms, surveys or login data to the Online Store;
3.2.4. customizing the content of the Online Store to the Client’s individual preferences (e.g. concerning colours, font size, page layout) and optimizing the use of pages of the Online Store;
3.2.5. keeping anonymous statistics which show how visitors use the Online Store page.
3.3. By default, most web browsers available on the market accept the Cookies saving process. Everyone can determine the conditions for Cookies use by changing browser settings. This means that the Cookie saving feature can be temporarily or permanently disabled – in the latter case, however, it can influence some of the functionalities of the Online Store (for example, the Order Placement process may become impossible to realize as the page will not store information concerning Products in the basket).
3.5. Detailed information on how to change the Cookie settings and remove them in the most popular web browsers is available in the help section of a given web browser and on the following pages (just click on the link):
3.6. The Administrator also processes anonymised operating data related to the use of the Online Store (known as Logs – IP address, domain) to generate statistics to help administer the Online Store. The data is cumulative and anonymous, i.e. it does not contain features that would identify the visitors to our Online Store. Logs are not disclosed to third parties.
4. DATA PROCESSING BASE
4.1. The Client provides personal data voluntary, but failing to provide personal data indicated in the Online Store page and in the Regulations of the Online Store necessary for conclusion and implementation of the Sales Agreement or the Electronic Services Provision Agreement shall make the conclusion of the Agreement impossible.
4.2. The basis for processing of the Client’s personal data is the need for implementation of the Agreement in which the Client is considered a party or taking actions on the Client’s behalf before the Agreement is concluded. In case of data processing for direct marketing purposes of the Administrator’s products or services, the basis for such processing is (1) prior consent of the Client or (2) fulfilment of legitimate objectives pursued by the Administrator (in accordance with Art. 23, item 4 of the Act on Personal Data Protection, legitimate objectives are considered direct marketing of own products or the Administrator’s services).
5. RIGHT OF CONTROL AND ACCESS TO PERSONAL DATA CONTENT AND ITS CORRECTION
5.1. The Client has the right to access its personal data and correct it.
5.2. Each person has the right to control its data processing contained in the Administrator’s database. In particular, each person is entitled to request information supplementation, update or personal data correction, temporary or permanent suspension of data processing or its removal if it is incomplete, outdated, untrue or collected in violation of the law, or is no longer necessary for the purpose for which it had been collected.
5.3. If the Client has given consent to the processing of data for direct marketing purposes of own products or the Administrator’s products, the consent may be revoked at any time.
5.4. If the Administrator intends to process or processes the Client’s data for direct marketing purposes of own products or the Administrator’s services, the owner of the data is also entitled to (1) file a written, reasoned request to stop the data processing due to a particular situation or (2) object to the data processing.
6. FINAL PROVISIONS
6.2. The Administrator uses technical and organizational measures to protect personal data processed. The protection measure is appropriate to the risks and categories of data protection, in particular, it protects data against unauthorized disclosure, processing in violation of applicable laws and change, loss, damage or destruction.
6.3. The Administrator provides the following technical measures to prevent collection and modification of personal data sent electronically by unauthorized persons:
6.3.1. Data protection against unauthorized access.
6.3.2. Access to an account after providing the username and password.