×
0
Order value
€0.00
Your basket
×
total: €0.00
to checkout
Privacy Policy

Privacy Policy

 

Personal Data

The controller of your personal data is Palarnia Kawy Mateusz Wysocki, ul. Dębowa 4, 08-106 Zbuczyn, NIP: 8212581951, REGON: 147377392.

The purposes, legal bases, and period of personal data processing are specified separately for each purpose of data processing (see: description of individual purposes of personal data processing below).

Rights: GDPR grants you the following potential rights related to the processing of your personal data:

  • Right to access your data and receive a copy of it,
  • Right to rectify (correct) your data,
  • Right to delete data (if you believe there is no basis for us to process your data, you can request that we delete it),
  • Right to restrict data processing (you can request that we limit the processing of your data to its storage or to perform actions agreed with you, if you believe we have incorrect data or we are processing it without justification),
  • Right to object to data processing (you have the right to object to the processing of your data based on a legitimate interest; you should indicate a specific situation that you believe justifies the cessation of processing of the data covered by the objection. We will cease processing your data for these purposes unless we demonstrate that the grounds for processing by us are overriding your rights, or that your data is necessary for establishing, pursuing, or defending claims),
  • Right to data portability (you have the right to receive from us in a structured, commonly used machine-readable format the personal data you provided to us based on a contract or your consent; you can also instruct us to send this data directly to another entity),
  • Right to lodge a complaint with a supervisory authority (if you believe we are processing data unlawfully, you can lodge a complaint with the President of the Personal Data Protection Office or another competent supervisory authority).

The rules related to the exercise of the above rights are described in detail in Articles 16-21 of the GDPR. We encourage you to familiarize yourself with these provisions. From our side, we consider it necessary to explain to you that the above-mentioned rights are not absolute and will not apply to all activities of processing your personal data.

We emphasize that one of the rights mentioned above always applies to you - if you believe that we have violated data protection regulations while processing your personal data, you have the right to lodge a complaint with the supervisory authority (President of the Personal Data Protection Office).

You can always also contact us with a request to provide information on what data we have about you and for what purposes we process it. Just send a message to info@wysocki.coffee. We have made every effort to ensure that the information you are interested in is exhaustively presented in this privacy policy. You can also use the above email address for any questions related to the processing of your personal data.

Security

We ensure the confidentiality of all personal data provided to us. We ensure the implementation of appropriate security and data protection measures required by data protection regulations. Personal data is collected with due diligence and adequately protected from access by unauthorized persons.

Data Recipients

Your personal data may be processed by entities whose services we use and whose services are or may be associated with the processing of personal data. This includes, in particular, the following entities:

  • Hosting provider – your personal data is stored on their server,
  • Email service provider – your personal data is processed within the email service,
  • Cloud software providers, such as mailing, invoicing, accounting, CRM systems – your personal data is processed within these software systems,
  • Virtual cloud service provider – files containing your personal data may be stored in the cloud,
  • Courier companies – these companies process your personal data to deliver shipments to you,
  • Accounting office – the office processes your personal data contained in invoices and other accounting documents,
  • Law firm – the firm may access your personal data if it is necessary to provide legal services to us,
  • Entity providing technical website maintenance services – this entity may access your data in connection with technical work on areas where data is processed,
  • Marketing service provider – this entity may access your personal data to the extent necessary to perform assigned marketing activities,
  • Other subcontractors – we cooperate with various subcontractors who may have access to your personal data if they provide services related to such access.

Your personal data may also be transferred to tax authorities to the extent necessary to fulfill tax, settlement, and accounting obligations. This particularly includes any declarations, reports, statements, and other accounting documents containing your personal data.

Furthermore, if necessary, your personal data may be made available to entities, authorities, or institutions authorized to access data under legal regulations, such as police services, security agencies, courts, and prosecutors.

Transfer of Personal Data to Third Countries

We transfer your personal data to third countries in connection with the use of tools that store personal data on servers located in third countries, particularly in the USA. The providers of these tools guarantee an adequate level of data protection through appropriate compliance mechanisms provided by the GDPR, in particular by joining the Privacy Shield program or using standard contractual clauses.

Data storage on servers located in third countries occurs through the following tools:

  • Google services within the G-Suite package, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland - for all data processed within Google services, including data contained in files synchronized with Google Drive. Google Ireland Limited ensures an adequate level of data protection by using compliance mechanisms provided by the GDPR, particularly by joining the Privacy Shield program. Below are links to the confirmations of participation in the Privacy Shield program, where you can find information on how these entities process personal data.

Google: Privacy Shield.

Purposes and Activities of Personal Data Processing

User Account: When creating a user account, you must provide data necessary to set up the account, such as your first name, last name, email address, and password. Providing data is voluntary but necessary to set up an account. Within the account data editing, you can provide additional data.

Data provided in connection with setting up an account is processed to provide you with the electronic service of ensuring the possibility of using the user account. This service is provided based on the contract concluded under the terms described in the regulations, which means that the legal basis for processing your personal data in this regard is Article 6(1)(b) of the GDPR.

You can decide to delete your account at any time, but this will not lead to the deletion of your data from our database, as this data is necessary for us to potentially establish, defend, or pursue claims related to the electronic service contract. Furthermore, your data is stored in the database after the account is deleted so that we can identify you as a returning user if you decide to use the site again as a registered user. In this regard, the legal basis for processing your personal data is our legitimate interest – Article 6(1)(f) of the GDPR.

You can modify the data contained in your account at any time.

Orders: When placing an order, you must provide data necessary to fulfill the order, such as your first name, last name, billing address, email address, phone number, company name, and VAT number. Providing data is voluntary but necessary to place an order.

Data provided to us in connection with an order is processed to perform the contract concluded by placing the order (Article 6(1)(b) of the GDPR), issue an invoice (Article 6(1)(c) of the GDPR), include the invoice in accounting documentation (Article 6(1)(c) of the GDPR), and for archival and statistical purposes (Article 6(1)(f) of the GDPR).

Order data will be processed for the time necessary to fulfill the order and then until the expiration of claims arising from the concluded contract. Furthermore, after this period, the data may still be processed for archival and statistical purposes, particularly to identify a returning customer. Remember that we are obliged to store invoices with your personal data for 5 years from the end of the tax year in which the tax obligation arose.

For order data, you cannot rectify the data after the order is fulfilled. You also cannot object to the data processing or demand the data deletion until the expiration of claims arising from the concluded contract. Similarly, you cannot object to the data processing or demand the deletion of data contained in invoices. After the expiration of claims arising from the concluded contract, you can, however, object to the processing of your data for statistical purposes and demand the deletion of your data from the database.

Complaints and Withdrawal from the Contract: If you file a complaint or withdraw from the contract, you provide personal data contained in the complaint or withdrawal statement, which includes your first name, last name, address, phone number, email address, and bank account number. Providing data is voluntary but necessary to file a complaint or withdraw from the contract.

Data provided in connection with a complaint or withdrawal is used to implement the complaint or withdrawal procedure (Article 6(1)(c) of the GDPR) and then for archival purposes, which constitutes our legitimate interest (Article 6(1)(f) of the GDPR).

Data will be processed for the time necessary to implement the complaint or withdrawal procedure. Complaints and withdrawal statements may also be archived to demonstrate the course of the complaint or withdrawal process in the future.

For data contained in complaints and withdrawal statements, you cannot rectify the data. You also cannot object to the data processing or demand the data deletion until the expiration of claims arising from the concluded contract. After the expiration of claims arising from the concluded contract, you can, however, object to the processing of your data and demand the deletion of your data from the database.

Newsletter: When signing up for the newsletter, you provide us with your email address.

Providing an email address is voluntary but necessary to sign up for the newsletter.

Data provided to us during the newsletter sign-up is used to send you the newsletter, and the legal basis for its processing is your consent (Article 6(1)(a) of the GDPR) given when signing up for the newsletter.

You can unsubscribe from the newsletter at any time by clicking the dedicated link in each message sent as part of the newsletter or simply by contacting us. Despite unsubscribing from the newsletter, your data will still be stored in our database to potentially defend claims related to sending you the newsletter, particularly to demonstrate that you gave consent to receive the newsletter and the time of its withdrawal, which constitutes our legitimate interest mentioned in Article 6(1)(f) of the GDPR.

You can rectify your data stored in the newsletter database at any time. If you object to the processing of your personal data and simultaneously demand the deletion of your data from our database, we must inform you that due to our legitimate interest mentioned in the preceding paragraph, we will not delete your data from the database. Deleting such data would prevent us from demonstrating, if necessary, that you had given consent to receive the newsletter in the past.

The mailing system we use tracks your actions related to the messages sent to you. Therefore, we have information on which messages you opened, and which links you clicked on, etc.

Contact: When contacting us, you naturally provide us with your personal data contained in the correspondence, particularly your email address and name. Providing data is voluntary but necessary to establish contact.

Your data is processed for contact purposes, and the legal basis for processing is Article 6(1)(f) of the GDPR, i.e., our legitimate interest. The legal basis for processing after contact ends is also our legitimate purpose of archiving correspondence for internal purposes (Article 6(1)(f) of the GDPR).

The content of the correspondence may be archived, and we cannot clearly determine when it will be deleted. You have the right to request the history of correspondence you have had with us (if it was archived) and demand its deletion unless its archiving is justified by our overriding interests, such as defending against potential claims from you.

Cookies and Other Tracking Technologies

Our website, like almost all other websites, uses cookies.

Cookies are small text information stored on your end device (e.g., computer, tablet, smartphone) that can be read by our IT system (own cookies) or the IT system of third parties (third-party cookies).

Some of the cookies we use are deleted after the web browser session ends, i.e., after it is closed (session cookies). Other cookies are stored on your end device, allowing us to recognize your browser the next time you visit the site (persistent cookies).

Below you will find detailed information about the cookies functioning on our site.

Consent to cookies: During your first visit to the site, you are shown information about the use of cookies, along with a request for consent to use them.

You can always change your cookie settings from your browser or delete cookies entirely. Browsers manage cookie settings in different ways. In the browser help menu, you will find explanations on changing cookie settings.

You can also manage cookie settings by installing special add-ons that allow control over cookies, such as Ghostery (https://www.ghostery.com).

Remember that disabling or limiting the use of cookies may cause difficulties in using our site and many other websites that use cookies.

Own cookies: We use own cookies to ensure the proper functioning of the site. Information about your consent to use cookies and information about the cookie settings you defined on our site are also stored in own cookies. Own cookies are also used by the script responsible for the abandoned cart recovery mechanism. This means that cookies may contain information about the contents of your cart, recently viewed products, etc.

Third-party cookies: Our site, like most modern websites, uses features provided by third parties, which involves using third-party cookies. The use of such cookies is described below.

Google Analytics: We use the Google Analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We carry out activities in this regard based on our legitimate interest in creating statistics and their analysis to optimize our websites.

Google Analytics automatically collects information about your use of our site. The information collected in this way is usually transmitted to a Google server in the United States and stored there.

Due to the activated IP address anonymization, your IP address is shortened before further transmission. Only in exceptional cases is the full IP address transmitted to a Google server in the United States and shortened there. The anonymized IP address provided by your browser as part of Google Analytics is not combined with other Google data.

We emphasize that within Google Analytics, we do not collect any data that would allow your identification. Therefore, the data collected within Google Analytics is not personal data. The information we have access to within Google Analytics includes, in particular:

  • Information about the operating system and web browser you use,
  • Subpages you view within our site,
  • Time spent on our site and its subpages,
  • Transitions between individual subpages within our site,
  • The source from which you visit our site.

Additionally, within Google Analytics, we use the following Advertising Features:

  • Demographic and interest reports,
  • Remarketing,
  • Advertising reporting features, user-ID.

Within the Advertising Features, we also do not collect personal data. The information we have access to includes, in particular:

  • Your age range,
  • Your gender,
  • Your approximate location limited to the town,
  • Your interests identified based on online activity.

To use Google Analytics, we have implemented a special Google Analytics tracking code in the code of our site. The tracking code uses Google LLC cookies for the Google Analytics service. You can block the Google Analytics tracking code at any time by installing the browser add-on provided by Google: https://tools.google.com/dlpage/gaoptout.

The Google Analytics and Google Analytics 360 services have obtained the ISO 27001 security standard certification. ISO 27001 is one of the most widely recognized standards globally, confirming that the systems supporting Google Analytics and Google Analytics 360 meet appropriate requirements.

If you are interested in details related to data processing within Google Analytics, we encourage you to read the explanations provided by Google: https://support.google.com/analytics/answer/6004245.

Google Ads: We use the Google Ads advertising program provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to run advertising campaigns, including remarketing. We carry out activities in this regard based on our legitimate interest in marketing our products or services.

When you visit our website, a remarketing cookie file from Google is automatically left on your device, which, using a pseudonymous identifier (ID) and based on the pages you visit, enables displaying ads based on your interests.

Further processing of information occurs only if you have consented to Google combining your browsing history and app usage with your account and using information from your Google account to personalize ads displayed on websites. If you are logged in during your visit to our website with your Google account, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing purposes. In this case, Google temporarily combines the information collected with Google Analytics data to create target groups.

We emphasize that by using Google Ads, we do not collect any data that would allow your identification. Any data aggregation that gives them the character of personal data may be done by Google, but in this respect, we are not responsible, as Google performs these activities based on an agreement with you as a user of Google services.

By using Google Ads, we can only define the audience we want our ads to reach. Based on this, Google decides when and how to present our ad to you.

To use Google Ads, we have implemented a special Google Ads conversion pixel in the code of our site. The pixel uses Google LLC cookies for the Google Ads service. From our site, using the cookie management mechanism, you can disable these cookies. You can manage ad settings directly on Google: https://adssettings.google.com/.

If you are interested in details related to data processing within Google Ads, we encourage you to read Google’s privacy policy: https://policies.google.com/privacy.

Facebook Ads and Insights: We use the marketing and analytical tools available within the Facebook platform. The provider of these tools is Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA. We carry out activities in this regard based on our legitimate interest in marketing our products or services and analysis and statistics.

To target personalized ads based on your behavior on our site, we have implemented the Facebook Pixel within our site, which automatically collects information about your use of our site regarding the pages viewed. The information collected in this way is usually transmitted to a Facebook server in the United States and stored there.

Information collected within the Facebook Pixel is anonymous, meaning it does not allow us to identify you. We only know what actions you took on our site. We can also check your age range, gender, and where you connect to the internet. Facebook Insights can also provide us with more information about you, but these are never details that would allow us to identify you.

However, we inform you that Facebook may combine the collected information with other information about you collected within your use of Facebook and use it for its purposes, including marketing. Such Facebook activities are no longer dependent on us, and you can find information about them directly in Facebook's privacy policy: https://www.facebook.com/privacy/explanation. From your Facebook account, you can also manage your privacy settings. Here you will find useful information in this regard: https://www.facebook.com/help/568137493302217.

Social Media Tools

On our website, plugins and other social media tools provided by social networking sites such as Facebook are used.

When viewing our website, which contains such a plugin, your browser establishes a direct connection with the servers of social network administrators (service providers). The content of the plugin is transmitted by the respective service provider directly to your browser and integrated into the website. Thanks to this integration, the service providers receive information that your browser has displayed our site, even if you do not have a profile with the respective service provider or are not currently logged in. This information (including your IP address) is transmitted directly by your browser to the server of the respective service provider (some servers are located in the USA) and stored there.

If you are logged in to one of the social networking sites, the service provider will be able to directly associate the visit to our site with your profile on the respective social network.

If you use the plugin, e.g., by clicking the "Like" or "Share" button, the corresponding information will also be transmitted directly to the respective service provider's server and stored there.

Additionally, this information will be published on the respective social network and will be visible to the people added as your contacts. The purpose and scope of data collection and its further processing and use by service providers, as well as the possibility of contact and your rights in this regard, and the possibility of setting options to ensure your privacy protection are described in the privacy policies of the respective service providers.

If you do not want social networks to associate the data collected during visits to our website directly with your profile on the respective social network, you must log out of that social network before visiting our site. You can also completely prevent the plugins from loading on the website by using appropriate extensions for your browser, e.g., script blocking.

Server Logs

Using the site involves sending queries to the server on which the site is stored. Each query sent to the server is recorded in the server logs.

Logs include, among others, your IP address, server date and time, information about the web browser and operating system you are using. Logs are stored and archived on the server.

The data stored in the server logs is not associated with specific individuals using the site and is not used by us to identify you.

Server logs are used only as an auxiliary material for site administration, and their content is not disclosed to anyone other than those authorized to administer the server.

© COPYRIGHT 2020 | Projektowanie stron www see-me | Sklep internetowy Shoper.pl
Shop is in view mode
View full version of the site
Sklep internetowy Shoper.pl