Privacy Policy

The administrator of personal data responsible for their processing is:
Maciej Rogulski
Jana Kasprowicza 12d
Lodz 92-781
rodo@kokietki.pl

Thank you for your interest in our online store. Protecting your privacy is very important to us. Below you will find detailed information regarding the handling of your data.

1. Access data and hosting

You can visit our websites without providing personal data. For each web page call-up, the server automatically saves only so-called server logs, e.g. the name of the requested file, your IP address, the date and time of the call-up, the amount of data transferred and the requesting ISP (so-called access logs) and documents the page call-up. This data is analyzed for the sole purpose of ensuring the proper functioning of our website and improving our offerings. The above serves, in accordance with Article 6 (1) (f) RODO, to safeguard our legitimate interest in the optimal, correct presentation of our websites and offerings.

Hosting

Website hosting and display services are partially provided on our behalf by our service providers under a data processing entrustment. Unless otherwise stated in this privacy policy, all access data and data collected in the forms provided for this purpose on our website will be processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please contact us. You can find our contact information under "Our contact information and your rights".

2. Collection and processing of data for contract performance and contact purposes

2.1 Data processing for the purpose of contract execution

We process the personal data voluntarily provided by you in the course of placing an order for the purpose of fulfilling the contract (including inquiries regarding the processing of claims under warranty or guarantee and with regard to the obligation to inform you of necessary updates). The legal basis in this regard is Article 6(1)(b) of the DPA. Mandatory fields are marked as such because they relate to data that are necessary for the execution of the order and without providing them we are unable to process the order. What data is collected is a direct result of the forms into which the data is entered.

For further information on the processing of your data, in particular with regard to the transfer of data to our service providers for order processing, payment and shipping, please see the following sections of this privacy policy. Once the contract has been fulfilled, the processing of your data will be limited, and after the expiration of the retention periods required by tax and accounting law, your data will be deleted (Article 6(1)(c) of the DPA), unless you expressly consent (Article 6(1)(a) of the DPA) to the continued use of your data for other purposes, or we reserve the right to continue using your data in statutorily permitted cases, in which case we inform you of this privacy policy.

Commodity management system

We also use an external commodity management system to process orders and fulfill the contract. Our service providers provide services for us in this regard under a data entrustment agreement. If you have questions about our service providers and the basis of our cooperation with them, please contact us. You will find contact information under "Our contact information and your rights".

2.2 Customer Account

If, pursuant to Article 6(1)(a) of the RODO, you give your consent to create a customer account - we will process your personal data necessary for this purpose. They will also be used for future orders on our website. Your customer account can be deleted at any time. To do so, please send a message to our contact address indicated under "Our contact information and your rights" or use the corresponding function in your customer account settings. After deletion of your customer account, the processing of your data will be restricted, and after the expiration of the retention periods specified in the Tax Law and the Accounting Law, the data will be deleted (Article 6(1)(c) of the DPA), unless you expressly consent (Article 6(1)(a) of the DPA) to the continued use of the data or, in accordance with applicable law, we reserve the right to continue using the data for other purposes, in which case we inform you of this privacy policy.

2.3 Data processing for contact purposes

As part of our communication with you, we process your personal data in order to process your inquiries (Article 6(1)(b) of the RODO). You provide us with this data voluntarily when you contact us (e.g. via contact form or email). Mandatory fields are marked as such because they refer to data that are necessary to process your inquiry. What data is collected is a direct result of the forms into which the data is entered. Once your inquiry has been fully processed, your data will be deleted, unless you expressly consent (Article 6(1)(a) of the DPA) to the further use of such data for other purposes, or we reserve the right to further use such data in statutorily permitted cases, in which case we inform you of this privacy policy.

3. Data processing for delivery

In order to perform the contract (Article 6(1)(b) of the RODO), we will transfer your data to the shipping company selected by you in the ordering process and commissioned to deliver the ordered products.

4. Data processing for payment processing

In order to process payments in our online store, we cooperate with third-party service providers handling electronic online payments and provide your data to the payment processing company selected by you during the ordering process. The above is for the purpose of fulfilling the contract (Article 6(1)(b) of the RODO).

Processing data to prevent fraud and optimize payments

In certain situations, we may provide our service providers with additional information that they may use along with the information necessary to process payments. These service providers then act on our behalf as processors and provide us with services for fraud prevention and optimization of payment processes (e.g. invoicing, analysis of rejected payments, accounting support). In accordance with Article 6(1)(f) of the RODO, this serves our legitimate interests in protecting us against fraud and abuse and in managing payments effectively.

5. Channels of marketing activities: e-mail

If you sign up for our newsletter, then based on the consent you give us (Article 6(1)(a) of the DPA), we will use the data you provide to us in order to send our newsletter by email on a regular basis.

Unsubscribing from the newsletter is possible at any time. To do so, send a message to our contact address indicated under "Our contact information and your rights" or use the unsubscribe link provided in the newsletter. After unsubscribing from the newsletter recipient list, we will delete your email address unless you expressly consent (Article 6(1)(a) of the DPA) to the continued use of this data for other purposes, or we reserve the right to continue using the data in accordance with applicable law, in which case we inform you of this privacy policy.

The newsletter is sent under the entrustment of data processing on our behalf by an external service provider. If you have questions about our service providers and the basis of our cooperation with them, please contact us. You will find contact information under "Our contact information and your rights".

Sending an invitation to give feedback on a purchase

If you have given your consent during or after placing an order (Article 6(1)(a) of the DPA), then we will use your email address to send you an electronic invitation to rate a purchase made in our store. Issuing a review/rating is done through the feedback system we use. You may withdraw the consent you have given us at any time by sending a message stating that you have withdrawn your consent to our contact address indicated under "Our contact information and your rights". Alternatively, you can also use the unsubscribe link in the newsletter invitation message.

Invitations to give feedback are sent by our service provider Trusted Shops AG Subbelrather Str. 15C, 50823 Cologne, Germany ("Trusted Shops"). As part of the sending of the invitations, we receive status information from Trusted Shops (e.g. whether the invitation to submit a review has been sent and whether it has reached the addressee). This is done in accordance with Article 6(1)(f) of the RODO in order to realize our legitimate interest in receiving information regarding the opinion invitation, so that we can optimize on this basis if necessary, as well as to realize Trusted Shops' legitimate interest in being able to offer this service.

We are jointly responsible with Trusted Shops for sending out invitations to give feedback and for collecting and displaying feedback and rating or status information.

As part of this shared responsibility that exists between us and Trusted Shops, if you have any questions about the protection of your data or wish to assert your rights, please contact Trusted Shops. Contact information is available at this page. There you will also find further information on data protection at Trusted Shopsj. Regardless, you can also always contact us directly. If necessary, your inquiry will be forwarded to Trusted Shops, which is jointly responsible for data processing.

6. Cookies and similar technologies

General information

In order to make your visit to our website more attractive and to enable you to use its key features, we use technological tools for this purpose, including so-called cookies. Cookies are small text files that are automatically stored on your terminal device. Some cookies we use are deleted when your browser session ends, i.e. when you close it (so-called session cookies). Other cookies are retained on your end device and enable us to recognize your browser the next time you visit the website (so-called persistent cookies).

Protecting the privacy of end devices
When using our online offerings, we use technologies that are absolutely necessary to ensure the correct and optimal use of the necessary functions of our website. In this regard, storing information on your terminal device or accessing information that is already stored on your terminal device does not require your consent.

For functions that are not absolutely necessary, storing information on your terminal device or accessing information already stored on your terminal device requires your consent. Please note that in the absence of consent, some features or elements of the site may not be available in full. Any consent you give remains valid until you withdraw your consent, configure your settings or reset the relevant settings on your end device.

Other cases of data processing through cookies and other technologies

We use technologies that are absolutely necessary to ensure the correct and optimal use of the necessary functions of our website (e.g. shopping cart function). These technologies process data such as, for example, your IP address, the time of your visit to the website, device and browser information, as well as information about your use of our website (e.g., the contents of your shopping cart). This serves, in accordance with Article 6(1)(f) of the RODO, to fulfill our legitimate interest in optimally presenting our offerings.

In addition, we also use technology tools to comply with legal obligations to which we are subject (e.g., to prove receipt of consent to process your personal data), as well as for web analytics and online marketing. For further information on this, including the relevant legal basis for processing your data, please refer to the following sections of this privacy policy.

In the help menu of your web browser you will find explanations on how to change your cookie settings. These are available at the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

When consent has been given to us by you for the use of certain technological tools (Article 6(1)(a) of the RODO), it can be withdrawn by you at any time. To withdraw your consent, please contact us via the contact address indicated under "Our contact information and your rights."

7. Use of cookies and similar technological tools

On our site we use the cookies indicated below and other similar tools/technologies of third-party service providers. Unless otherwise indicated in the description of each technology, their use takes place on the basis of your consent within the meaning of Article 6(1)(a) of the RODO. Once the purpose of the processing has been fulfilled and the use of the respective tool/technology has been terminated, the data collected through the use of these tools/technologies will be deleted. The consent granted may be revoked by you at any time. For details on the possibility to revoke consent and your right to object, please see "Cookies and similar technologies". You will find further information on the pages of the individual service providers. If you have questions about our service providers and the basis of our cooperation with them, please contact us. You will find contact information under "Our contact information and your rights."

7.1 Using Google services

We use the technology tools of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") indicated below. The information automatically collected by Google technologies regarding the use of our website is usually transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. Unless otherwise specified for the particular Google technologies described in this privacy policy, data processing is carried out on the basis of a personal data co-management agreement with Google in accordance with Article 26 of the DPA. For further information on Google's data processing, please see privacy policy on Google's website.

Our service providers are based and/or use servers located in countries outside the EU and EEA for which the European Commission has issued a so-called adequacy decision stating an adequate level of data protection.

Our service providers are based and/or use servers located in countries outside the EU and EEA. With respect to these countries, the European Commission has not issued decisions finding an adequate level of data protection. Our cooperation is based on standard data protection clauses adopted by the European Commission.

Google Analytics

For the purpose of analyzing the use of our website, we use Google Analytics, a web analytics tool from Google, which automatically processes your data for this purpose (IP address, time of visit, device and browser information, as well as information about the use of our website) and creates pseudonymized user profiles based on this data. Cookies may be used for this purpose. When a user visits our website from within the EU, his or her IP address is stored on a server located in the EU for the purpose of obtaining location data, and then immediately deleted even before the traffic is redirected to further Google servers. Data processing for the Google Analytics service is based on a data entrustment agreement with Google.

In order to optimize and make our website offerings more attractive, we have also activated the data sharing settings for "Google products and services". This allows Google to access the data collected and processed as part of the Google Analytics service and use it to improve the products and services provided by Google. Sharing data with Google for this purpose is based on an additional agreement between the data controllers. We have no influence on the subsequent processing of data by Google.

For web analytics purposes, we also use the tool Google Signals, google Analytics, which is an extension of Google Analytics services and allows so-called "cross-device tracking" (identification of users using multiple devices). This means that if your Internet-enabled devices are connected to your Google account and you have activated the "personalized advertising" option in your Google account, then Google can generate reports on the use of our website (in particular on the number of users using different devices), even if you change your device. We do not process your personal data in this regard, we only receive statistics based on Google Signals functions and technologies.

If you do not consent to the use of Google Analytics in accordance with Article 6(1)(a) of the RODO, then no cookies will be read or stored on your end device. The data processing described in the preceding paragraphs does not then take place. In order to fill the gaps in the statistical analysis of the site by means of behavioral and conversion modeling, pings with data (so-called user-agent, user behavior information, screen resolution, IP address) are sent to Google.

Google Ads

With the help of Google Ads, we promote our website in search results and on third-party websites. For this purpose, when you visit our website, a file is automatically stored on your device cookie remarketing by Google, which, based on the pages you visit, enables us to display advertisements based on your interests by processing your data (IP address, time of visit, device and browser information, as well as information about your use of our website) for this purpose using a pseudonymous identifier (ID). Further data processing only takes place if you have activated the option to personalize ads in your Google account settings. In this case - if you are simultaneously logged into Google while visiting our website, Google will use your data together with the data collected from Google Analytics to create and define so-called target group lists for remarketing purposes on different devices.

For web analytics, we use a tool Google Ads Conversion Tracking, in order to measure and analyze your behavior when you visited our website through advertising within the Google Ads tool. Cookies may be used for this purpose and data such as your IP address, time of visit, device and browser information, as well as information about your use of our website, such as your visit to the website or your registration for the newsletter, may be processed. From this data, pseudonymized user profiles are then created.

Google reCAPTCHA

In order to protect against spam and to prevent abuse and misuse of our web forms (e.g. using malicious bots), a Google reCAPTCHA tool has been integrated into our website which processes your data for this purpose (IP address, time of visit, device and browser information, as well as information regarding the use of our website) and, based on this data, uses JavaScript and cookies to analyze your use of our website. The personal data you enter in the individual form fields on our pages will not be read or saved.

Google Fonts

In order to ensure consistent presentation of content on our websites, a script called "Google Fonts" is integrated with our website, which processes your data (IP address, time of visit, device and browser information, as well as information about the use of our website). We have no influence on the above data processing by Google.

YouTube Video Plugin

In order to integrate third-party content using the YouTube video plug-in - the following data is processed by Google when the video is played: IP address, time of visit, information about the user's device and browser.

7.2 Using Facebook services

Facebook Pixel

We use the Facebook Pixel tool provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Facebook (by Meta)" bzw. "Meta Platforms Ireland"). The scope of functionality we use is indicated below. The Facebook pixel automatically collects and saves data (your IP address, the time of your visit to the website, device and browser information, as well as information about your use of our website, such as your visit to the website or your registration for the newsletter). From this data, pseudonymized user profiles are then created. As part of what is known as extended data comparison in the Facebook Analytics tool - for comparison purposes, also zhashed information with which individuals can be identified (e.g., names, email addresses and phone numbers) is collected and stored.
For this purpose, when you visit our website, Facebook Pixel stores a cookie on your device, which, with the help of a pseudonymized Cookie-ID, enables automatic recognition of your browser when you visit other websites. Facebook (by Meta) will combine this information with other data from your Facebook account and use it to compile reports on website activity and to provide other services related to your use of the websites, particularly for personalized advertising. Information collected automatically by Facebook technologies (by Meta) regarding your use of our website is usually sent to the server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA and stored there. Further information on data processing by Facebook can be found at facebook's privacy policy (by Meta). Our service providers are headquartered and/or use servers in countries for which the European Commission has issued decisions stating an adequate level of data protection. The headquarters of our service providers are located in: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina. The decision stating an adequate level of data protection for the US applies as a basis for transferring data to third countries, provided that the service provider in question has been certified. The certification has been obtained. Our service providers are headquartered and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
With respect to these countries, the European Commission has not issued decisions finding an adequate level of data protection. The transfer of data in our cooperation with service providers from these countries is based on the following safeguards: the European Commission's standard data protection clauses.

Facebook's analytical tools

As part of Facebook Business tools - on the basis of data collected by means of the Facebook pixel code on your use of our site, statistics are created on user activity on our site. Data processing by Facebook takes place on the basis of the concluded data entrustment agreement. The analysis of the data (website usage statistics) is used to optimize and make our website more attractive.

Facebook Ads (ad management)

Facebook Ads allows us to advertise our website on Facebook and other platforms. We set the parameters of a given advertising campaign. Facebook is responsible for the exact implementation and, in particular, for the decision to display a particular ad to individual users. Unless otherwise specified for specific functions and tools, data processing is carried out on the basis of a personal data co-management agreement in accordance with Article 26 of the RODO. The joint responsibility is limited to the collection of data and its transfer to Facebook Ireland. This does not include the subsequent processing of data by Facebook Ireland.

Based on the statistics created with the Facebook Pixel tool on the activity of users visiting our websites, we conduct via the function Facebook Custom Audience emissions of advertisements to the right audience while specifying the profile/characteristics of the target group. As part of the enhanced data matching function (see above), Facebook is the data processor on our behalf.

Based on the pseudonymized Cookie-ID stored by the Facebook Pixel and the information collected about users' activities on our website, we create through the function of the Facebook Pixel Remarketing personalized advertising.

For the purposes of web analytics and optimization of our offerings - using the function Facebook Pixel Conversions we analyze the activity of users who visit our website through ads displayed within the Facebook Ads service. Data processing by Facebook is based on the concluded data entrustment agreement.

8. Integration with Trusted Shops Trustbadge and other widgets

Insofar as you have given your consent in accordance with Article 6(1)(a) of the DPA, Trusted Shops widgets are integrated into our website in order to display Trusted Shops services (e.g. trustmark, rating system) and offer Trusted Shops products to buyers after an order has been placed.

Trustbadge and the services advertised with it are offered by Trusted Shops AG, Subbelrather Str. 15c, 50823 Cologne, Germany (hereinafter "Trusted Shops") with which we are jointly responsible for the protection of jointly administered data in accordance with Article 26 RODO. We hereby inform you of the essential contents of the joint arrangements of the joint controllers (Article 26 (2) RODO).

As part of the shared responsibility that exists between us and Trusted Shops AG, if you have questions about data protection and wish to assert your rights, please contact Trusted Shops using the contact information indicated in the privacy policy trusted Shops. Regardless of this, however, you can always turn to the co-data controller of your choice. Your inquiry or request will then be forwarded to the other co-data controller for processing/response, if necessary.

8.1 Data processing in the integration of Trustbadg and other widgets

Trustbadge is provided by the US-based content provider CDN (Content-Delivery-Network). An adequate level of data protection is provided by a decision of the European Commission (the so-called adequacy decision), which is available here for the US . U.S.-based service providers are typically certified under the framework of the agreement between the U.S. and the EU (the "Data Privacy Framework," or "DPF" for short). Further information in this regard can be found here. For service providers that are not certified according to the "DPF" assumptions, agreeing on the validity of standard contractual clauses was adopted as an adequate guarantee for data protection.

When Trustbadge is called, the web server automatically saves a so-called log file (server logs), which also contains your IP address, the date and time of the call, the amount of data transferred and the requesting operator (access data) and documents the call. The IP address is anonymized as soon as it is downloaded, so that the recorded data cannot be attributed to a specific person. The anonymized data is used in particular for statistical and error analysis purposes.

8.2 Data processing after the order has been placed

If you have given your consent, Trustbadge accesses the order information stored on your terminal device (order total, order number and, if applicable, product purchased) and your email address used during the ordering process. The email address is hashed using a cryptological one-way function. The hash value is then transmitted to Trusted Shops along with your order information in accordance with Article 6(1)(1)(a) of the DPA.

This serves to check whether you are already registered with Trusted Shops AG for the use of Trusted Shops Buyer Services. If you are already registered, further data processing takes place in accordance with contract concluded between you and Trusted Shops. If you are not registered or do not agree to automatic recognition of your registration with Trusbadge, you will be given the option of registering manually to use the services or to secure a purchase under an existing user agreement.

For this purpose, Trustbadge accesses the following information stored on the terminal device you use when you place an order in the store: order total, order number and email address. This is necessary so that we can offer you buyer protection. The above-mentioned data is transferred to Trusted Shops only if you actively opt-in to buyer protection by clicking on the appropriately marked button in the so-called "Trustcard" for this purpose. If you choose to use these services, further data processing takes place on the basis of the contract concluded with Trusted Shops (Article 6(1)(b) of the DPA) for the purpose of registering buyer protection and securing your order, as well as so that you can receive email invitations to provide feedback on your purchase.

Trusted Shops uses service providers for hosting and log monitoring. The legal basis for this is Article 6(1)(f) of the RODO, and the legitimate interest is to strive to ensure the trouble-free operation of the products offered. The related data processing may also take place in third countries (USA and Israel).

An adequate level of data protection is ensured on the basis of the European Commission's decision (the so-called adequacy decision), which is available here for the U.S. and here for Israel. U.S.-based service providers are typically certified under the framework of the U.S.-EU agreement (the "Data Privacy Framework," or "DPF" for short). Further information in this regard can be found here. For service providers that are not certified according to the "DPF" assumptions, agreeing on the validity of standard contractual clauses was adopted as an adequate guarantee for data protection.

9. Social media

9.1 Social media plugins: Facebook (Meta), Instagram (Meta), Pinterest

On our website, so-called plug-ins (buttons) of social networks are used. These plug-ins are accessible via an HTML link, which ensures that when you visit our site containing such plug-ins (buttons), you do not establish an automatic, direct connection to the servers of the operator of the respective social network. When you click on one of the buttons (plug-ins), a new window of your browser will open displaying the page of the respective social network, where you can approve the use of the respective button, such as "Like" or "Share".

9.2 Our activity on social networks: Facebook, Twitter, Instagram, Youtube

If you have given your consent to the relevant social network in this regard (Article 6(1)(a) of the DPA), when you visit our account/profile on the aforementioned social networks, your data will be automatically collected and stored for web analytics and marketing purposes. Based on this data, pseudonymized user profiles are created. These can be used, for example, to place so-called personalized advertisements within and outside the social networks, which are likely to match your interests. Cookies are usually used for this purpose.
Detailed information regarding the processing and use of your data by individual social networks, as well as information regarding your rights and the possibility of configuring your privacy settings, as well as contact information for the purpose of submitting an inquiry are described in the privacy policies of the individual social networks linked below. Should you need assistance in this regard, you can also contact us.

Facebook (by Meta) is a social networking service offered by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). Automatically processed information regarding your activity and use of our Facebook fanpage (by Meta) is generally transmitted to the server of Meta Platforms Ireland, Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA and stored there. The processing of data in the context of visits to our fanpage on Facebook (by Meta) is carried out in accordance with Article 26 of the RODO on the basis of the concluded joint agreements of the joint controllers, which are available here. Further information on the processing of your personal data in the context of visiting the Facebook fanpage (information on page statistics functions) is available here.

Our service providers are headquartered and/or use servers in countries for which the European Commission has issued decisions stating an adequate level of data protection. The headquarters of our service providers are located in: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

A decision finding an adequate level of data protection for the US applies as a basis for transferring data to third countries, provided that the service provider in question has been certified. The certification has been obtained.

Our service providers are headquartered and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
With respect to these countries, the European Commission has not issued decisions finding an adequate level of data protection. The transfer of data in our cooperation with service providers from these countries is based on the following safeguards: standard data protection clauses adopted by the European Commission.

Twitter is a social networking service offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("Twitter"). Automatically processed information regarding your activity and use of our Twitter profile is generally transmitted to and stored on the server of Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 in the USA.

Instagram (by Meta) is a social networking service offered by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland "). Automatically processed information regarding your activity and use of our fanpage account on Instagram is generally transmitted to the server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA and stored there. The processing of data in the context of visits to the fanpage account on Instagram (by Meta) is carried out in accordance with Article 26 of the RODO on the basis of the concluded joint arrangements of the joint controllers. Further information regarding the processing of your personal data within the framework of your Facebook fanpage visit (information regarding the page statistics function) is available here.

YouTube is a social networking service offered by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Automatically processed information regarding your activity and use of our YouTube profile is generally transmitted to and stored on the server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043 in the USA.

10. Our contact information and your rights

10.1 Your rights

Data subjects have the following rights:

pursuant to Article 15 of the RODO: the right to be informed about the processing of data to the extent specified therein;
pursuant to Article 16 of the DPA: the right to rectify your inaccurate or incomplete personal data;
in accordance with Article 17 of the RODO: the so-called "right to be forgotten," i.e. the right to delete your personal data stored with us, unless further processing is necessary:
- to exercise the right to freedom of expression and information;
- to fulfill a legal obligation;
- due to considerations of public interest;
- to establish, assert or defend claims;
in accordance with Article 18 RODO: the right to restrict the processing of personal data, provided that:
- the accuracy of this personal data is disputed by you;
- processing is unlawful, and you object to their deletion;
- we no longer need your personal data, but you need it to establish, assert or defend your claims;
- you have lodged an objection under Article 21 to the processing;
pursuant to Article 20 of RODO: the right to receive the data provided to us in a structured, commonly used machine-readable format and to send it to another controller;
in accordance with Article 77 of the RODO: the right to lodge a complaint with the supervisory authority (the President of the Office for Personal Data Protection "DPA").

Right to object

If we process personal data in the manner described in this privacy policy to safeguard our legitimate interests, then you may object to the processing of your data for this purpose - with effect for the future. If the processing takes place for direct marketing purposes, you may exercise your right to object at any time. If the processing takes place for other purposes, you have the right to object only for reasons arising from your particular situation.

Once you have exercised your right to object, we will not continue to process your personal data unless we demonstrate the existence of valid, legitimate grounds for processing and they override your interests and rights, or if the processing is for the assertion, exercise or defense of legal claims.

The preceding sentence does not apply when the processing of data is carried out for direct marketing purposes. In this case, we will always stop further processing of your personal data after you have expressed your objection.

10.2 Contact Us

If you have any questions about the collection, processing and use of your personal data, or if you wish to request information, rectification, restriction of processing or deletion of your data, or to revoke consents you have given or to object to the use of certain data, please contact the data controller indicated at the beginning of this privacy policy directly.