The Administrator of Personal Data which are collected through the Shop is a 4lck Sp. z o.o. (Ltd.) with its registered office in Majdan (05-462) at Krajobrazowa 8 Street, entered into the register of entrepreneurs kept by the District Court for the Capital City of Warsaw with the KRS number: 0000572465, Tax Identification Number: 5322053625, REGON number: 362353152, firstname.lastname@example.org - hereinafter referred to as the "Administrator".
Personal data of Client and Customer are processed in accordance with GDPR from 27.042016 r. (PL. Dz.U.UE.L.2016.119.1).
The Administrator assure the highest degree of professional care to protect the interests of persons whose data are concerning, in particular ensure that the data collected by him are processed in accordance with the law; collected for specified, legitimate purposes and that they are not subjected to further processing incompatible with those purposes; relevant and adequate in relation to the purposes for which they are processed and kept in a form which permits identification of persons the data concerning for no longer than is necessary to achieve the purpose of processing.
Any words, phrases and acronyms appearing on this side and beginning with a capital letter (e.g. Client, Shop) shall be understood in accordance with their definition in the Rules of the Shop available on website.
Each time, the purpose, scope and recipients of data processed by the Administrator results from actions taken by the Client or Customer in the Shop. For example, if the customer while placing an order will choose a personal collection instead of courier service, its personal data will be processed to conclude and execute the Sale Agreement, but will not be made available to the carrier performing the deliveries commissioned by the Administrator.
Possible purposes of collecting personal data of the Customers or Clients by the Administrator:
Conclusion and implementation of the Sale Agreement or Electronic Service Agreement (e.g. account).
Direct marketing of its own products or services of the Administrator.
Possible recipients of the Shop's Clients personal data:
In the case of the Client who uses in the Shop the method of delivery by post or courier, the Administrator provides collected personal data of the Client to the selected carrier or intermediary performing the deliveries commissioned by the Administrator.
In the case of Client who uses in the Shop the electronic payment method or credit card, the Administrator provides collected personal data of the Client, to a selected entity supporting those payments in the Shop.
The Administrator may process the following personal data of the Customers and Clients using the Shop: name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city, country), address of residence/conduct of business /seat (if different from delivery address). In the case of the Customers or Clients not being consumers, Administrators can also process the company name and tax identification number (NIP) of the Customer or Client.
Providing personal data mentioned in the paragraph above may be necessary for the conclusion and execution of the Sale Agreement or Electronic Service Agreement in the Shop. Each time the scope of data required to conclude the agreement is indicated already on the website and in the Rules of the Shop.
Providing personal data by the Customer or Client is voluntary, but failure to set out indicated on the website and in the Rules of the Shop personal data which are necessary for the conclusion and execution of the Sale Agreement or Electronic Service Agreement results in the inability to conclude this agreement.
The basis of processing personal data of the Customer or Client is necessity to implement the agreement, which the Customer of Client is a party or to take an action before it is concluded at his request. In the case of data processing for direct marketing of its own products or Administrator's services the basis for such processing is (1) the prior consent of the Customer or the Client or (2) the fulfillment of legally justified objectives pursued by the Administrator (in accordance with GDPR from 27.042016 r. (PL. Dz.U.UE.L.2016.119.1)).
Customer and Client has the right to access and to correct his personal data.
Every person has the right to control the data processing concerning him, contained in the Administrator's data set and notably the right to: require completion, updating, rectification of personal data, movement of personal data, temporary or permanent suspension of their processing or removal.
If awarded by the Customer’s or Client's consent to the data processing for direct marketing of its own products or services of the Administrator, such consent may be revoked at any time.
If the Administrator intends to process or processes Customer’s or Client's data for direct marketing of its own products or services of the Administrator, the person whose data are concerning is entitled also to (1) fill a written, justified request to cease processing the data because of its particular situation or (2) to appeal against data processing concerning such person.
Administrator uses technical and organizational measures to ensure the protection of personal data processed appropriate to the risks and data categories which are being protected, and in particular protects data from their unauthorized disclosure, takeover by an unauthorized person, processing with violation of existing regulations, change, loss, damage or destruction.
Administrator properly makes available the following technical measures to prevent the acquisition and modification by unauthorized persons personal data transmitted by electronic means Protection of a set of data against unauthorized access.
Access to the account only after providing an individual login and password.