§ 1 Definitions
1. Administrator (Personal Data Administrator) - means ZD company. Marcin Nasiłowski Sp. Komandytowa running a business with headquarters in Gdynia at Miodowa 23/2, NIP: 5862313751, REGON 366-358-212, which provides electronic services, and stores and gains access to information about the User's device.
2. Cookies - means IT data, in particular small text files, saved and stored on devices through which the User uses the Website pages.
3. Administrator's Cookies - means Cookies posted by the Administrator, related to the provision of electronic services by the Administrator via the Website.
4. External Cookies - means Cookies placed by the Administrator's partners via the Website.
5. Website - means the website under which the Administrator runs a website operating in the domain: zanadesign.de
6. Device - means an electronic device through which the User gains access to the websites of the Website.
7. User - means an entity for which services may be provided electronically or with which an Agreement for the provision of electronic services may be concluded in accordance with the Regulations and legal regulations.
§ 2 Processing Users' personal data
1. The entity responsible for the processing of personal data is ZD Marcin Nasiłowski Sp. Komandytowa with headquarters in Gdynia, 81-558 Gdynia, at ul. Miodowa 23/2. Entrusted personal data of Users are treated with particular concern for their safety. The scope of their processing includes activities necessary to perform the order and in the event of consent of the User, to receive marketing information.
2. In our Store we collect the following personal data:
· Name and surname - when you place an Order you will be asked to enter your name and names so that we can send you an Order and be able to contact you,
· Address of residence - we need it to send the ordered Product,
· Telephone number - it happens that we call to confirm the Order or in the event of unexpected events such as the lack of a Product in the warehouse, at the same time proposing the most beneficial solution or determining the personalization of the product,
· E-mail address - we send you a confirmation of placing an order via e-mail, and we contact you. If you have become a subscriber to our Newsletter, we will also send you trade information twice or twice a month,
· Address - information resulting from the general rules of connections made on the Internet, such as the IP address (and other information contained in the system logs) are used by the store administrator for technical purposes. IP addresses can also be used for statistical purposes - to collect general demographic information (eg about the region from which the connection takes place),
3. Providing the above data is necessary in the following cases:
· When making a purchase in our Store using the Order Form available on the Store's website (Order without logging in / registering an Account) - the data is stored for the duration of the legitimate interest pursued by the Administrator, but no longer than the period of limitation of claims against the person, whose data relate to the economic activity conducted by the Administrator. The limitation period is defined by law, in particular the Civil Code (the basic period of limitation for claims related to running a business is three years, and for a sales contract of two years) only the sales document stored for fiscal needs remains for that period,
· Registration in the Buyers database - is voluntary. We store the data you provide in our database to facilitate your future shopping in our online store,
· Newsletter subscription - if you want to be informed about interesting events and commercial offers, you can become a subscriber to the Newsletter we run. Joining is voluntary and you can unsubscribe at any time.
· Carriers / freight forwarders - in the case of the Customer who uses the Online Store with the method of delivery of the Product by post or courier, the Administrator provides the Customer's collected personal data to the selected carrier, forwarder or agent performing the shipment on behalf of the Administrator to the extent necessary to deliver the Product to the Customer.
· entities handling electronic payments or payment cards - in the case of a Customer who uses the Online Store with the electronic payment method or payment card. The Administrator provides the Customer's collected personal data to a selected entity servicing the above payments in the Online Store at the request of the Administrator to the extent necessary to handle payments made by customer.
4. Personal data entrusted to the Administrator is stored and secured in accordance with the principles set out in the applicable laws:
· Act of 29.08.1997 on the protection of personal data (consolidated text, Journal of Laws of 2016, item 922, as amended)
· Act of 18.07.2002 on the provision of electronic services (Journal of Laws No. 144, item 1204, as amended)
· Regulation of the Minister of Interior and Administration of 29.04.04 regarding personal data processing documentation and technical and organizational conditions, which should be met by devices and IT systems used to process personal data (Journal of Laws No. 100, item 1024).
5. A user who has used the option to set up an account may update his or her data on their own. Changes to your personal data can be made by logging in to your account. Each User has the right to access, modify and delete their personal data.
6. Personal data entrusted to the Administrator are not made available or resold to third parties unless it is done with the express consent of the user.
7. For statistical and marketing purposes, the Administrator processes information on the interests and demographic data of our users through the Google Analytics service.
8. In accordance with the provisions of the Act of August 29, 1997 on the protection of personal data (ie: Journal of Laws of 2016, item 922, as amended), you have the right to correct, supplement, update, rectify and request removal of your data personal information. For this purpose, send an e-mail message to the e-mail address: firstname.lastname@example.org.
§ 3 THE RIGHT OF A PERSON WHO THE DATA CONCERNS
· Right of access, rectification, restriction, deletion or transfer - the data subject has the right to request from the Administrator access to his personal data, rectification, deletion ("right to be forgotten") or processing restrictions and has the right to object to processing and has the right to transfer your data. Detailed conditions for the exercise of the abovementioned rights are indicated in art. 15-21 of the GDPR Regulation.
· Right to withdraw consent at any time - a person whose data is processed by the Administrator on the basis of expressed consent (pursuant to Article 6 paragraph 1 letter a) or art. 9 par. 2 lit. a) Regulation of the GDPR), it has the right to withdraw consent at any time without affecting the legality of the processing, which was made on the basis of consent before its withdrawal.
· The right to lodge a complaint to the supervisory body - a person whose data is processed by the Administrator, has the right to lodge a complaint to the supervisory body in the manner and mode specified in the provisions of the Regulation of the GDPR and Polish law, in particular the Act on the Protection of Personal Data. The supervisory body in Poland is the President of the Office for Personal Data Protection.
· Right to object - the data subject has the right to object at any time - for reasons related to his particular situation - to the processing of his personal data based on art. 6 par. 1 lit. e) (public interest or tasks) or f) (legitimate interest of the administrator), including profiling based on these provisions. In such a case, the administrator may no longer process such personal data unless he demonstrates the existence of valid legally valid grounds for processing that override the interests, rights and freedoms of the data subject or the grounds for determining, investigating or defending claims.
· Right to object to direct marketing - if personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of his personal data for such marketing purposes, including profiling, to the extent in which the processing is related to such direct marketing.
§ 4 Newsletter list
1. The administrator keeps a list of the newsletter [newsletter is an electronic newsletter published periodically, in which are published, among others information about the offer and about promotions, contests, events related to the functioning of the Website and other marketing activities of the Website]. By subscribing to the newsletter voluntarily, the user agrees to receive marketing information. The administrator does not resell or share the e-mail address to third parties. The user's e-mail address is subject to the same protection as other personal data. The User has the right to unsubscribe from the newsletter at any time. All you have to do is click on the appropriate link from each sent from the message. After clicking the link, the User is redirected to the site, where he decides not to subscribe to subsequent messages. With the resignation from subscribing to further messages, the User's e-mail address is immediately removed from the address database.
2. The messages sent will be 100% compatible with the CAN-SPAM act to which the anti-spam policy applies. Both advanced automated systems and manual verification are used to take immediate action to eliminate the risk of sending unwanted messages. These practices help reduce the risk of receiving unwanted messages to a minimum.
§ 5 Types of cookies used
1. Cookies used by the Administrator are safe for the User's Device. In particular, it is not possible for viruses or other unwanted software or malicious software to enter User Devices. These files allow to identify the software used by the User and adjust the Website individually for each User. Cookies usually contain the name of the domain from which they originate, their storage time on the Device and the assigned value.
2. The administrator uses two types of cookies:
1. Session cookies: they are stored on the User's Device and remain there until the end of the session of the given browser. The saved information is then permanently removed from the Device's memory. The mechanism of session cookies does not allow to download any personal data or any confidential information from the User's Device.
2. Persistent cookies: they are stored on the User's Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not delete them from the User's Device. The persistent cookies mechanism does not allow the collection of any personal data or any confidential information from the User's Device.
3. The User has the ability to limit or disable access of Cookies to his Device. If you use this option, the use of the Website will be possible outside the functions that, by their nature, require cookies.
§ 6 The purposes in which Cookies are used
1. The administrator uses own cookies in order to properly configure the website, in particular to:
· adjusting the content of the Website pages to the User's preferences and optimizing the use of Website pages;
· recognizing the device of the Website User and its location and properly displaying the website, tailored to his individual needs;
· remembering the settings selected by the User and personalizing the User interface, eg in the scope of the selected language or region from which the User comes;
· remembering the history of visited pages on the site in order to recommend content;
2. The administrator uses his own cookies to implement the processes necessary for the full functionality of websites, and in particular to:
· adjusting the content of the Website pages to the User's preferences and optimizing the use of Website pages. In particular, these files allow to recognize the basic parameters of the User's Device and properly display the website, tailored to his individual needs;
· correct operation of the affiliate program, enabling in particular verification of sources of Users' redirects to the Website's websites;
3. The Administrator uses own Cookies to analyze and research and audience audits, and in particular to create anonymous statistics that help to understand how the Service Users use the Website, which allows improving their structure and content.
4. The Administrator uses own Cookies in order to provide advertising services, and in particular to adapt the services and products of third parties presented via the Website.
5. The service administrator uses external cookies to popularize the Website using social networks Facebook.com (administrator of External Cookies: Facebook Inc. with its registered office in the USA or Facebook Ireland based in Ireland).
6. The service administrator uses external cookies to popularize the Website via the Google social network (administrator of External Cookies: Google Inc. with its registered office in the USA).