Categories of Data
Data sent and retrieved through the Platform may include both publicly available and non-publicly available data, including personal data of Customers. The "Customer" shall mean any person or entity which has purchased products or services from sites that sell the Controller's products. The personal data of Customers sent and retrieved through the Platform may include: first name and surname, address, email address, telephone number, the content of the message attached to Promotional Campaigns, payment status, information about purchases made and all correspondence conducted with Customers. Providing personal data, as well as consenting to its processing, are completely voluntary. Any personal data provided to us are processed only to the extent and for the purpose to which the Customer has consented. If the Customer does not provide the data necessary to carry out the data order and does not agree to have their data processed, it may be impossible to fulfil the order.
The Purpose of Data Processing
The personal data sent and retrieved through the Platform shall be processed in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR), in order to provide after-sales service for orders placed by Customers on sites on which the products of the Vendor are sold. Personal data sent or retrieved for purposes other than those permitted by law shall not be processed.
Data Retention Period
Personal data shall be stored and processed for as long as necessary for the execution of the Order or Contract. After the indicated period, personal data shall be permanently and securely deleted (in accordance with data security standards). Personal data shall be deleted at the request of the Customer. The Customer shall be entitled to access the contents of their personal data and to request their rectification, to demand their complete deletion, to limit the right to process their personal data, and the right to object to their processing. The Customer shall be entitled to revoke their consent at any time.
No data shall be shared with third parties, whether individually labelled or aggregated, transmitted and retrieved through the Platform on behalf of the Vendor, unless this is required by law.
Appropriate technical and organisational measures are implemented to ensure an adequate level of security with respect to the risks associated with the processing of personal data sent and retrieved through the Platform, taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of the processing, in order to:
maintain the security and confidentiality of such data to which the Platform has access, which is collected, used, stored or transmitted by the Platform;
protect such data from known or reasonably anticipated threats to their security and integrity, accidental loss, alteration, disclosure and any other unlawful forms of processing.
The indicated measures include:
ensuring proper data management through the implementation of a personal data protection policy and keeping records of processing activities and categories of processing activities;
implementing a data access control system based on roles within the organisation, on a need-to-know basis and raising awareness among employees;
implementing procedures governing the handling of security incidents, including system recording and monitoring;
implementing technical measures such as network protection measures, creation of regular data backups, and encryption of transmitted and stationary data, including of the backups made, regular monitoring, verifying and updating of implemented technical and organisational measures.
Cookies Use Policy
In order to provide services by electronic means, the Platform creates and stores temporary files and gains access to selected information in the Customer's devices.
Cookies mean binary data, most often small text files, saved and stored on the Customer's devices, which are used in programming languages for more efficient communication between the Platform and the Customer.
Cookies created on the Customer's devices may originate from either the Platform's system (so-called own Cookies) and external programs which monitor communication on the Internet (so-called external cookies coming from Google and other sites).
Purposes of Cookies Use
Cookies do not collect any personal information, including names and email addresses.
The Customer can delete cookies at any time using the functions available in the web browser they are using.
Any inquiries or requests regarding personal data sent and retrieved through the Platform in connection with the services we provide may be sent to the Controller in electronic form to the following email address: firstname.lastname@example.org.