- The administrator of Personal Data is: Salon LED sp. z o.o. with registered office at ul. Mokra Strona 12A, 36-020 Tyczyn, NIP: 8133781242, REGON: 380303750, entered in the register of entrepreneurs of the National Court Register maintained by the District Court in Rzeszów, XII Commercial Division of the National Court Register, under KRS number: 0000732977.
- Respecting your rights as subjects of personal data (data subjects) and respecting applicable laws, including in particular Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals in connection with processing of personal data and on the free flow of such data and repealing Directive 95/46 / EC (general regulation on data protection), hereinafter referred to as the RODO , the Act on Personal Data Protection of 10 May 2018 (Journal of Laws of 2018, item 1000), hereinafter referred to as the Act and other relevant provisions on the protection of personal data, we undertake to keep the personal data obtained from you secure and confidential. All employees have been properly trained in the processing of personal data, and our company as the Personal Data Administrator has implemented appropriate safeguards and technical and organizational measures to ensure the highest level of personal data protection. We have implemented procedures and policies for the protection of personal data in accordance with the RODO, thanks to which we ensure compliance with the law and reliability of data processing processes, as well as the enforceability of all rights that are attributable to you as data subjects. In addition, if necessary, we cooperate with the supervisory body in the Republic of Poland, ie with the President of the Office for Personal Data Protection (hereinafter referred to as PUODO ).
- Our company as the Personal Data Administrator has appointed the Inspector of Personal Data Protection , which is Konrad Cioczek, ENSIS Kancelaria Doradztwa Prawnego. All inquiries, applications, complaints regarding the processing of personal data by our company (the Personal Data Administrator), hereinafter referred to as Submissions , should be sent to the following e-mail address of the Personal Data Protection Inspector: firstname.lastname@example.org or in writing to the Personal Data Administrator's address , i.e. ul. Mokra Page 12A, 36 - 020 Tyczyn. The Contents should clearly indicate:
- a) details of the person or persons concerned by the Application,
- b) the event which is the reason for the Report,
- c) present their demands and the legal basis for these demands,
- d) indicate the expected method of settling the matter.
- In our Online Store we collect the following personal data:
- a) name and surname - when submitting the Order you will be asked to give your name and surname so that we can fulfill the Order and that we can contact you,
- b) address of residence - we need it to execute Orders in the form of shipments ordered by your Product,
- c) telephone number - it happens that we call you to confirm the Order or in case of unexpected events (such as lack of Product in the warehouse, delay etc.) at the same time proposing the most beneficial solution,
- d) e-mail address - via e-mail address we send you confirmation of placing the Order and we will contact you in the event of such a need related to the Order being processed.
- e) Tax Identification Number - we collect the Tax Identification Number from entrepreneurs and persons who require invoicing and have a tax identification number,
- f) IP address of the device - information resulting from the general rules of connections made on the Internet, such as the IP address (and other information contained in the system logs) are used by the administrator of the Online Store for technical purposes. IP addresses can also be used for statistical purposes, in particular to collect general demographic information (eg about the region from which the connection takes place),
- Providing the data indicated in the previous point is necessary in the following cases:
- when making a purchase in our Online Store using the Order Form available on the Online Store website (Order without logging in / registering an Account),
- in order to register you in the Buyers database, which is voluntary; in this case, we store the data you provide in our database to help you make purchases in our online store in the future,
- Your personal data is processed by our company as an Administrator of Personal Data in order to implement sales contracts and any additional services provided to you (ie persons whose data relates to) and offered in the Online Store. In accordance with the principle of minimization, we process only those categories of personal data that are necessary to achieve the goals referred to in the preceding sentence.
- We process personal data for the time necessary to achieve the goals listed in the preceding point. Personal data may be processed for a longer period than indicated in the preceding sentence, if such authorization or obligation imposed on the Personal Data Administrator results from specific provisions of law or when the service we perform is continuous.
- The source of data processed by the Administrator is the persons whose data relates to.
- Your personal data is not transferred to a third country within the meaning of the RODO regulations.
- We do not share any personal data with third parties without the express consent of the data subject. Personal data without the consent of the data subject may be made available only to public law entities, ie to authorities and administration (eg tax authorities, law enforcement authorities and other entities possessing authorization in generally applicable laws).
- Personal data may be entrusted for processing to entities that process such data for the benefit of our company as a Personal Data Administrator. In such a situation, as the Personal Data Administrator, we conclude with the entity that processes the contract to entrust the processing of personal data. The processing company processes the entrusted personal data, but only for the needs, to the extent and for the purposes indicated in the contract of entrustment referred to in the preceding sentence. Without entrusting your personal data for processing, we would not be able to run your business as part of the Online Store or provide you with shipments of ordered Products. As the Personal Data Administrator, we entrust personal data for processing to entities:
- a) providing hosting services to the website on which our online store operates,
- b) providing postal, courier and transport services in order to deliver parcels with ordered Products,
- c) providing other services to us as an Administrator of personal data that are necessary for the day-to-day operation of the Online Store.
- Personal data may be subject to profiling by the Administrator of Personal Data in order to analyze the behavior of potential clients.
- In accordance with the provisions of the RODO, every person whose personal data we process as a Personal Data Controller has the right to:
a) to be informed about the processing of personal data referred to in art. 12 RODO - administrators are obliged to provide the persons whose data will be processed with information specified in the RODO (including their data, IODO contact details, purposes and legal grounds for processing personal data, recipients or categories of recipients of personal data, if there are whether the period during which the data will be processed or the criteria for determining this period). This obligation should be fulfilled at the moment of obtaining the data (ie, for example when placing an order in the online store), and if the data is not obtained from the data subject, but from another source - within a reasonable time, depending on the circumstances. The administrator may refrain from providing this information if the data subject already has such information,
b) access to your personal data referred to in art. 15 RODO - by providing us with personal data, you have the right to access and access to them; this does not mean, however, that you have the right to access all documents on which your data appears because they may contain confidential information; however, you have the right to know what your data is and for what purpose we process and the right to obtain a copy of your personal data, we issue a first copy for free, and for each subsequent one in accordance with the provisions of the RODO we charge an appropriate administrative fee corresponding to the cost of making a copy,
c) correcting, supplementing, updating, correcting personal data referred to in art. 16 PERSONALITY - if your personal data have changed, please inform us as the Administrator of Personal Data about this fact, that the data we have is in line with the actual and current status; also in a situation where no change of personal data has occurred, but for any reasons these data are incorrect or have been incorrectly recorded (eg due to typographical errors), please inform us in order to correct or correct such data,
d) delete data (right to be forgotten) , referred to in art. 17 RODO - in other words you have the right to request "deletion" of data held by us as the Administrator of Personal Data and the right to request us as an Administrator of Personal Data to inform other administrators to whom we have transmitted your information about the need to delete them. You may request that your personal data be removed first of all if:
- the purposes for which the personal data were collected, was achieved, for example, we have completed the sales contract concluded with you,
- the basis for the processing of your personal data was only consent, which was subsequently withdrawn and there are no other legal grounds for further processing of your personal data
- you object on the basis of art. 21 RODO and you believe that we have no overriding legal basis for further processing of your personal data,
- Your personal data have been processed unlawfully, i.e. for purposes unlawful or without any basis for processing personal data - please remember that in this case you must have a basis for your request,
- the need to delete your personal data results from the law,
- personal data concern a minor and have been collected in connection with the provision of information society services,
e) limitations on the processing referred to in art. 18 RODO - you can contact our company with a request to limit the processing of your personal data (which would consist in the fact that until the welds have been cleared, our company primarily only kept them), if:
- you question the accuracy of your personal data, or
- You believe that we process your data without a legal basis, but at the same time you do not want us to delete this personal data (ie you do not use the right referred to in the preceding letter), or
- you have lodged the objection referred to in point (f) this point, or
- Your personal details are necessary to establish, investigate or defend claims, e.g. in court,
f) transfer of data referred to in art. 20 RODO - you have the right to obtain your data in a format that allows reading this data on a computer and the right to send such data in such format to another administrator; this right is only granted to you if the basis for the processing of your data was consent or the data were processed automatically,
g) object to the processing of personal data , as referred to in art. 21 RODO - you have the right to lodge an objection, if you do not agree to the processing of personal data that we have so far processed for legitimate purposes in accordance with the law,
h) not to be subject to the protection referred to in art. 22 in conjunction from art. 4 point 4 RODO - in our Online Store you will not be subject to automated decision making or profiling within the meaning of the GDPR, unless you consent to it; in addition, we will always inform you about profiling if it was to take place,
i) submitting a complaint to the supervisory body (ie to the President of the Office for Personal Data Protection), referred to in art. 77 RODO - if you feel that we are processing your personal data unlawfully or in any way infringe the rights resulting from generally applicable provisions of law in the field of personal data protection.
- Regarding the right to delete data (the right to be forgotten), we note that according to the provisions of the GDPR, you do not have the right to exercise this right if:
a) the processing of your personal data is necessary to exercise your right to freedom of expression and information, e.g. if you have posted your data on the blog, in comments, etc.,
b) the processing of personal data is necessary for our company to fulfill its legal obligations under the regulations - we can not delete your data for a period necessary to comply with obligations (eg tax obligations) which are imposed by law on us,
c) the processing of your data is done for the purpose of investigating, establishing or defending claims.
- If you want to use your rights referred to in the preceding point, please use the appropriate tabs in the Online Store, which allow you to delete your account and data collected in our Online Store or please send an e-mail to the following e-mail address: biuro @ salonled.pl or contact the Data Protection Inspector referred to in point 3 above.
- Each identified breach of security is documented, and in the event of occurrence of one of the situations specified in the provisions of the GDPR or the Act, the data subjects and, if applicable, PUODO are informed of such breach of the provisions on the protection of personal data.