I. General Provisions
- The data controller of personal data of Users of the Store, in line with art. 4(7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/WE (‘GDPR’), shall be Brands Factory Sp. z o.o. with its registered office in Warsaw, ul. Konstruktorska 11 (02-673), entered into the Register of Entrepreneurs held by the District Court for the capital city of Warsaw in Warsaw, XIII Commercial Department of the National Court Register under KRS No 0000829896, NIP (tax identification number) 5213890888, REGON (statistical identification number) 385608401, the owner of the Store, hereinafter referred to as the ‘Controller’.
II. Scope of Collected Data
- The Controller shall collect personal data of Users within the scope that is necessary for fulfilling orders placed via the Store, making a registration in the Store and rendering other services set forth in the Store Regulations.
- The scope of collected data shall include:
a) a full name;
b) an e-mail address;
c) a contact address;
d) a delivery address (street, house number, post code, city, country);
e) a phone number;
f) log-in data, and
g) a date of birth.
III. Purpose of Data Processing
- The Controller shall process personal data of Users exclusively for the following purposes:
a) to render the service in line
with the Store Regulations, including the fulfilment of orders placed via the
Store, to issue invoices, and to handle complaints;
b) to register an account in the Store;
c) to carry out competitions, promotional campaigns or loyalty programmes organised by the Controller;
d) for statistical and archival purposes;
e) to fulfil obligations that result from rules of law;
f) to enforce the compliance with the Store Regulations by Users and to prevent abuse and fraud;
The Controller shall process personal data of Users only and exclusively for the above-mentioned purposes.
- Transferring personal data shall be voluntary, but necessary for rendering the service via the Store by the Controller.
IV. Transferring Personal Data to Third Parties
- The Controller shall not, as a rule, transfer any personal data of Users to any third parties or entities, except for situations where the duty to provide access to personal data results from rules of law, a requirement of authorised entities or when necessary for rendering the service.
- Access to personal data of Users may be also gained by service providers of the Controller. In such instances, the Controller has made relevant agreements on protecting personal data of Users against access by unauthorised persons.
- Personal data of Users shall not be transferred to any states from outside the European Economic Area.
V. Rights of Users
- Personal data of Users shall be collected and stored at the registered office of the Controller.
- The User shall have the right to:
a) obtain access to one’s data and receive their copies;
b) rectify personal data that concern the User;
c) erase personal data (‘right to be forgotten’);
d) limit the processing of personal data;
e) require the transfer of personal data to another personal data controller, if technically feasible;
f) object in accordance with art. 21 GDPR;
g) revoke consent to data processing at any time.
- The User may exercise rights mentioned in the preceding section by submitting a relevant declaration of intent to the Controller:
a) personally, at the registered office of the Controller: 02-673 Warszawa, ul. Konstruktorska 11; or
b) by post, to the above-mentioned address; or
c) by e-mail to firstname.lastname@example.org
d) via an account of the Store User.
- The User shall be also entitled to file a complaint to the Chairman of the Personal Data Protection Agency (PUODO).
VI. Period of Storing Personal Data
- Personal data of Users shall be kept not longer than necessary for the proper performance of a service within the Store according to the purpose indicated in section III.
- After this period, personal data of Users shall be erased or anonymised in the manner that prevents the identification of the User.
- Personal data of Users may be stored longer if this obligation results from rules of law or is necessary to enforce civil-legal claims of the Controller towards a User.
VII. Protection of User Personal Data
- The Controller represents that he shall process personal data of Users in accordance with GDPR regulations and other applicable rules of law concerning personal data protection, including secondary legislation.
- The Controller represents that he applies technical and organizational measures that provide personal data protection adequate to hazards, such as giving access to personal data to unauthorised persons.
- The Controller shall notify the User of a planned change and its effective date via the Store’s website, and in the event of registered Users, via their accounts.
Any and all questions concerning personal data protection are to be addressed to:
BRANDS FACTORY SP. Z O.O.
ul. Konstruktorska 11
with a note: ‘personal data protection’
to the e-mail address: email@example.com.
This Cookies Policy defines the rules for storing and accessing information via cookies on the devices of the User accessing the Website under the domain brandsfactory.pl, whose administrator is Brands Factory sp. z o.o., with its registered office in Warsaw, at ul. Konstruktorska 11, 02-673 Warsaw.
1. Administrator – means Brands Factory sp. z o.o., with its registered office in Warsaw, at ul. Konstruktorska 11, 02-673 Warsaw, which stores and accesses information on Users’ devices via cookies.
2. Cookies – means computer data, in particular small text files, saved and stored on devices through which the User accesses the Website’s web pages.
3. Administrator Cookies – means Cookies placed by the Administrator, related to the provision of electronic services by the Administrator via the Website’s web pages.
4. External Cookies – means Cookies placed by the Administrator’s partners via the Website’s web page.
5. Website – means a web page or application under which the Administrator operates its Internet service, operating under the domain brandsfacotry.pl
6. Device – means an electronic device through which the User gains access to the Website.
7. User – means a natural person using the Website.
II. TYPES OF COOKIES USED
1. Cookies used by the Administrator are safe for the User’s Device. These files make it possible to identify the software used by the User, and to customise the Website for each User individually. Cookies usually contain the name of the domain from which they originate, the duration of the storage on the Device, and the value assigned to them.
2. The Administrator uses two types of cookies
a. Session cookies: these are stored on the User’s Device and remain there until the end of the browser session. The stored information is then permanently deleted from the Device memory. The mechanism of session cookies does not allow the extraction of any personal data or confidential information from the User’s Device.
b. Permanent cookies: these are stored on the User’s Device and remain there until deleted. Closing a browser session or switching off the Device does not remove the cookies from the User’s Device. The mechanism of permanent cookies does not allow the extraction of any personal data or confidential information from the User’s Device.
3. The User has the option of limiting or disabling the access of cookies to their Device. If this option is used, the User will be able to use the Website, except functions which by their nature require cookies.
III. PURPOSES FOR WHICH COOKIES ARE USED
a. Website configuration
– adjusting the content of the Website’s web pages to the User’s preferences, and optimising the use of the Website
– recognising the Website User’s device and its location, and, accordingly, displaying the web page in a manner tailored to the User’s individual needs
– saving the settings selected by the User and personalising the User’s interface, e.g. in terms of the selected language or the User’s region.
b. User authentication on the website
– maintaining the session of the Website User
– correctly configuring selected functions of the Website, enabling in particular the verification of the authenticity of a browser session
– optimising and increasing the efficiency of the services provided by the Administrator
c. The implementing of processes necessary for the full functionality of the web pages.
d. Analyses and research, as well as audience audits – creating anonymous statistics which help to understand how users of the Website utilise the Website’s pages, which makes it possible to improve their structure and content.
2. The Administrator uses external cookies to collect general and anonymous static data via Google Analytics tools [administrator cookies: Google Inc., based in the USA].
IV. FEASIBILITY TO DETERMINE THE CONDITIONS OF STORAGE OR ACCESS BY COOKIES
1. The User can change the Cookies settings themselves any time by specifying the conditions governing the manner in which Cookies are stored, and how the Cookies gain access to the User’s Device. Changes to the settings referred to in the previous sentence can be made by the User to the web-browser settings, or by using the Website configuration. These settings can be changed especially in such a manner as to block the automatic handling of cookies in the settings of the browser, or to report each time Cookies are placed on the User’s Device.
2. Detailed information on the possibilities and methods of using cookies is available in the software (web-browser) settings.
3. The User can delete Cookies any time by applying the functions available in the web browser being used.