Your cartThere are no more items in your cart
I. General information
- This document sets out the privacy rules for the Online Shop www.mojehobby.pl (hereinafter referred to as the "Online Shop"). The administrator of the data in the Internet Shop is J&L Models Katarzyna Tyła, ul.Orlik-Ruckemanna 41/51 m10, 42-202 Częstochowa, NIP: 9492040150, firstname.lastname@example.org.
II. Personal data
- The personal data collected by the Administrator are processed on the basis of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter RODO), the current Act on personal data protection and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2002 No. 144 item 1204, as amended).
- The Administrator collects the information provided voluntarily by the Customers of the Internet Shop. However, providing the designated personal data is a condition for placing an order, while the consequence of failing to provide such data shall be the inability to order products in the shop. The shop will collect the following customer data: surname, first name, e-mail address, telephone number, address of residence for delivery of goods.
- In addition, the Administrator may store information about the connection parameters, such as IP addresses, for technical purposes related to server administration and to collect general, statistical demographic information (e.g. about the region from which the connection is made), as well as for security purposes.
- The Administrator shall make every effort to protect privacy and information provided to him and concerning the Customers of the Internet Shop. The Administrator shall exercise due diligence in the selection and use of appropriate technical, including software and organisational measures to ensure the protection of the processed data, in particular to protect the data against unauthorised access, disclosure, loss and destruction, unauthorised modification, as well as against their processing in violation of applicable laws.
- Personal data will be processed in accordance with the principles in Article 5 (RODO). The personal data will be:
- processed lawfully, fairly and in a manner transparent to the data subject ('lawfulness, fairness and transparency');
- collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes; further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes shall not be considered incompatible with the original purposes under Article 89(1) of the RODO ("purpose limitation");
- adequate, relevant and limited to what is necessary for the purposes for which they are processed ("data minimisation");
- correct and updated as necessary ('correctness');
- kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed; personal data may be kept for longer periods insofar as they will be processed solely for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes under Article 89(1) of the RODO, subject to the implementation of appropriate technical and organisational measures required under this Regulation to protect the rights and freedoms of data subjects ("storage limitation");
- processed in a manner which ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organisational measures ("integrity and confidentiality").
- Within the framework of the Administrator's use of tools supporting its current operations provided e.g. by Google, the Customer's Personal Data may be transferred to a country outside the European Economic Area, in particular to the United States of America (USA) or another country in which an entity cooperating with it maintains Personal Data processing tools in cooperation with the Administrator.
III. Legal bases
- The basis for the processing of the Customer's personal data is primarily the need to perform a contract to which the Customer is a party or the need to take steps at the Customer's request prior to concluding a contract (Article 6(1)(b) RODO).
- Upon separate consent, pursuant to Article 6(1)(a) of the RODO, data may also be processed to send commercial information by electronic means or to make telephone calls for the purpose of direct marketing - respectively in connection with Article 10(2) of the Act of 18 July 2002 on the provision of electronic services or Article 172(1) of the Act of 16 July 2004 - Telecommunications Law.
- For other purposes, the Customer's personal data may be processed on the basis of:
- applicable law - when processing is necessary for compliance with a legal obligation to which the Administrator is subject, e.g. when on the basis of tax or accounting regulations the Administrator settles concluded sales contracts (Article 6(1)(c) of the RODO);
- indispensability for purposes other than those mentioned above resulting from the legitimate interests pursued by the Administrator or by a third party, in particular for the establishment, assertion or defence of claims, correspondence with Clients, including via contact forms (including replying to Clients' messages), market analyses and statistics (Article 6(1)(f) RODO).
- Personal data processed for the purposes of shopping will be processed for the period necessary for the completion of the shopping and order, after which the data subject to archiving will be stored for the period relevant to the limitation of claims. Personal data processed for marketing purposes covered by the declaration of consent will be processed until the consent is revoked.
IV. Recipients of personal data
- The recipients of the Buyer's data may be entities executing the order on behalf of the Seller and dealing with its servicing: shipping companies, accounting companies, suppliers of goods, suppliers of IT solutions, companies handling payments, banks, companies providing marketing services, suppliers of warehouse services, suppliers of telecommunication services, law offices, authorized state authorities.
V. Your rights in data protection
- Due to the voluntary nature of providing your personal data, you have the right
- access to your personal data (Article 15 RODO)
- rectify your personal data (Article 16 RODO)
- delete your personal data ("right to be forgotten" - Article 17 RODO)
- restrict the processing of your personal data (Article 18 RODO)
- the portability of your personal data (Art. 20 RODO )
- to object - Art. 21 RODO)
- If you consider that the processing of your personal data violates the provisions of the RODO, you have the right to lodge a complaint with the President of the Data Protection Authority.
- Consent for the processing of personal data may be withdrawn at any time. The withdrawal of consent to data processing shall not affect the lawfulness of data processing carried out by the Administrator on the basis of consent before its withdrawal.
VI. Violation of personal data protection
- In case of a personal data breach, the controller shall without undue delay, but not later than within 72 hours after the breach has been identified, notify the breach to the supervisory authority (President of the Office for Personal Data Protection), unless the breach is unlikely to result in a risk of a breach of the rights or freedoms of natural persons. To the notification submitted to the supervisory authority after the lapse of 72 hours, the controller shall attach an explanation of the reasons for the delay. If the personal data breach is likely to result in a high risk of violation of the rights or freedoms of natural persons, the controller shall notify the data subject of such breach without undue delay.
- When browsing the Internet Shop's websites, "cookies" files are used, i.e. small text information which is saved in the Client's terminal equipment in connection with the use of the Internet Shop. Their use is aimed at the proper functioning of the Internet Shop's websites.
- Cookies used by the Administrator are safe for the Customer's devices. In particular, this way it is not possible for viruses or other unwanted software or malware to enter the Customer's devices. These files make it possible to identify the software used by the Customer and to customise the Online Shop individually for each Customer. Cookies usually contain the name of the domain they come from, the time they are stored on the device and the assigned value.
- The Administrator uses three types of cookies:
- Session cookies: are stored on the device of the Internet Shop Client and remain there until the session of a given browser is terminated. The stored information is then permanently deleted from the memory of the Internet Shop Client's device. The mechanism of session cookies does not allow collecting any personal data or any confidential information from the device of the Internet Shop Client.
- Persistent cookies: are stored on the device of the Internet Shop Client and remain there until they are deleted. Ending the session of a given browser or switching off the device does not cause their removal from the device of the Internet Shop Client. The mechanism of persistent cookies does not allow collecting any personal data or any confidential information from the device of the Internet Shop Client.
- Analytical cookies allow us to better understand how the Customer interacts with the content of the Store, to better organise its layout. "Analytical" cookies collect information about how the Store is used by the Customer, the type of page from which the Customer was redirected, the number of visits and the length of the Customer's visit to the Store. This information does not record specific personal data of the Customer, but is used to develop statistics on the use of Store.
- Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the manner in which the Customer uses the Internet Shop. For this purpose, information on the Customer's navigation path or time spent on a given page may be stored.
- With regard to the information on the Customer's preferences collected by the Google advertising network, the Customer can view and edit the information resulting from the "cookies" using the tool: https://www.google.com/ads/preferences/.
- We use the services of: Google Analytics, provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to analyse traffic on the Website. From this we obtain statistics showing how you and other users use the Website.
- The Customer may, independently and at any time, change the settings concerning "cookies", specifying the conditions for storing and accessing "cookies" by the Customer's device. The change of settings referred to in the previous sentence can be made by the Customer using the settings of the Internet browser or by configuring the service. These settings can be changed in particular in such a way as to block the automatic handling of "cookies" in the settings of the web browser or inform on their placement on the Client's device each time. Detailed information on the possibility and methods of using cookies is available in the software (web browser) settings.
- To find out how to manage cookies, including how to disable cookies in your browser, you can consult your browser's help file. You can read this information by pressing the F1 key in your browser. You will also find relevant instructions on the following pages, depending on which browser you are using: Firefox Chrome Safari Internet Explorer / Microsoft Edge
- The customer can delete cookies at any time using the functions available in the web browser they are using: