POLITYKA PRYWATNOŚCI
(stworzone zgodnie z ustawą o ochronie danych osobowych nr 18/2018 Z.z. o ochronie danych osobowych i zmianie niektórych innych ustaw)
Przedmowa
Spółka handlowa Ecommerce Service Company s.r.o., z siedzibą przy ul. Benadova 19, 040 22 Koszyce, wpisana do rejestru handlowego Mestského súdu Košice, oddział: Sro, wpis nr 48783/V, NIP: 53 045 416, NIP: 2121 236 810, działająca za pośrednictwem: Michal Król, dyrektor spółki (osoba kontaktowa), została założona zgodnie z prawem Republiki Słowackiej.
Spółka Ecommerce Service Company s.r.o. za pośrednictwem trzeciej osoby prowadzi usługę handlową (SaaS) na stronie krol.shop (dalej nazywanej również „portal e-commerce”). Dzięki temu portalowi osoba trzecia, bliżej nieokreślona (dalej jako „Kupujący”), ma możliwość przeglądania i wyboru usług na stronie portalu e-commerce oraz jednocześnie, zgodnie z warunkami określonymi w opublikowanych Warunkach handlowych (dalej w tekście jako „WH”), ma prawo zakupić wybrany towar i uiścić za niego ustaloną cenę zakupu.
Warunki handlowe zostały opracowane zgodnie z odpowiednimi przepisami ustawy nr 102/2014 Z. z. o ochrane spotrebiteľa pri predaji tovaru alebo poskytovaní služieb na základe zmluvy uzavretej na diaľku alebo zmluvy uzavretej mimo prevádzkových priestorov predávajúceho a o zmene a doplnení niektorých zákonov, w celu zapewnienia konsumentowi (kupującemu) wszystkich informacji dotyczących zakupu usług za pośrednictwem portalu e-commerce krol.shop. WH są dostępne na stronie internetowej krol.shop.
Spółka handlowa Ecommerce Service Company s.r.o., z siedzibą przy ul. Benadova 19, 040 22 Koszyce, wpisana do rejestru handlowego Mestského súdu Košice, oddział: Sro, wpis nr 48783/V, NIP: 53 045 416, NIP: 2121 236 810, działająca za pośrednictwem: Michal Król, dyrektor spółki (dalej jako „Sprzedawca”), jest zgodnie z art. 5 ust. o) ustawy Rady Narodowej Republiki Słowackiej nr 18/2018 Z.z. o ochrane osobných údajov a o zmene a doplnení niektorých zákonov (dalej jako „Ustawa” lub „Ustawa o ochronie danych osobowych”) operatorem danych osobowych, które Kupujący podał na portalu krol.shop lub dostarczył w trakcie komunikacji zgodnie z wymogami sprzedającego i powszechnie obowiązującymi przepisami prawa.
Jeśli w tych zasadach używane jest pojęcie „Osoba dotknięta”, odnosi się to do osoby, której dane osobowe podlegają ochronie zgodnie z powszechnie obowiązującymi przepisami prawa, a ta osoba może być nie tylko Kupującym, ale także odwiedzającym stronę krol.shop, a także osobą, która jest dobrowolnie zarejestrowana na stronie krol.shop.
Sprzedawca jest, na potrzeby niniejszych zasad, Operatorem w rozumieniu art. 5 ust. l) ustawy Rady Narodowej Republiki Słowackiej nr 18/2018 Z.z. o ochrane osobných údajov.
Article 1.
PRINCIPLES OF PERSONAL DATA PROCESSING
1. The Operator processes personal data based on the following principles:
Article 2.
IDENTIFICATION OF THE CONTROLLER ACCORDING TO THE PERSONAL DATA PROTECTION ACT
1. The Seller is the operator of the personal data information system according to Section 5, Letter l) of Act No. 18/2018 Coll. on the Protection of Personal Data and on the Amendment and Supplement to Certain Acts.
2. The identification data and contact details of the Operator are as follows:
Article 3.
SCOPE OF PERSONAL DATA PROCESSING
1. The Buyer provides the Seller with personal data, and the Seller, as the operator, processes personal data to the following extent:
Article 4.
PURPOSE OF PERSONAL DATA PROCESSING
1. The purpose of processing personal data is:
Article 5.
LEGAL BASIS FOR PERSONAL DATA PROCESSING
1. 1. The legal basis for the processing of Buyers' personal data for the purpose of concluding the aforementioned purchase contract is the provision of § 13.ods. 1 letter b) Act no. 18/20018 on the protection of personal data, while the contract is, in the sense of the cited provision, a contract for the purchase of goods (purchase contract), while for the purpose of processing the order, the indicated data are necessary for the conclusion of the contract and the realization of the business case. The mentioned personal data are processed without the consent of the person concerned. Without providing this data, it is not possible to make a purchase, to deliver the goods, and it is not possible to issue or deliver a purchase receipt. The Buyer gives consent and the Seller informs the Buyer that the provided personal data may be:
2. Personal data is processed during the period of performance of the contract for the purchase of goods and during the warranty period for the delivered goods.
3. The legal basis for the processing of Buyers' personal data for the purpose of registering the Buyer on a voluntary basis is his consent in accordance with the provisions of § 13 paragraph 1 letter a) of Act no. 18/20018 Coll. on the protection of personal data, while customer registration automatically simplifies and speeds up the process of implementing a business case in the case of a purchase of services, as the registered customer does not have to fill in the data necessary to conclude a contract. Customer registration:
4. The legal basis for the processing of Buyers' personal data for the purpose of customer registration in the commission system is the provision of § 13.ods. 1 letter b) Act no. 18/20018 on the protection of personal data, since the commission system represents a contract on mediation of sales, while for the purpose of providing commissions, the given data are necessary for concluding a contract and implementing a business case for the purpose of obtaining a commission. The mentioned personal data are processed without the consent of the person concerned. Without providing this data, it is not possible to:
5. Personal data is processed during the period of registration in the commission system.
6. The legal basis for the processing of Buyers' personal data for the purpose of entering into a purchase contract is the provision of § 13.ods. 1 letter b) Act no. 18/20018 on the protection of personal data, while the contract is, in the sense of the cited provision, a contract for the purchase of goods (purchase contract), while for the purpose of processing the order, the indicated data are necessary for the conclusion of the contract and the realization of the business case. The mentioned personal data are processed without the consent of the person concerned. Without providing this data, it is not possible to make a purchase, to deliver the goods, and it is not possible to issue or deliver a purchase receipt. The Buyer gives consent and the Seller informs the Buyer that the provided personal data may be:
7. Personal data is processed during the period of performance of the contract for the purchase of services and during the warranty period for the delivered goods.
8. The legal basis for the processing of Buyers' personal data for the purpose of the participation of the affected person in the competition published and organized by the Seller via the krol.shop website or social networks, such as Facebook, is the provision of § 13.ods. 1 letter b) Act no. 18/20018 on the protection of personal data, while the win in the competition represents a legally enforceable contractual obligation of the Seller, and without the provision of personal data, it will not be possible to hand over and deliver any winnings to the participant of the competition, and it will not be possible to ensure the rights of the winners in connection with the exercise of their consumer rights. The mentioned personal data are processed without the consent of the person concerned. Without providing this data, it is not possible to deliver the goods as a prize in the competition and it is not possible to issue or deliver a document about the goods for the purpose of, for example, claim rights.
Article 6.
PROCESSING OF PERSONAL DATA THROUGH COOKIES
1. The seller uses the terms cookies and cookie on the krol.shop website, which represent cookies and other similar technologies that are covered by the EU Directive on the protection of privacy in electronic communications.
2. The term Cookies refers to small text files that are created by the visited website and their basic purpose is to improve and facilitate the use of krol.shop pages.
3. The legal basis for the processing of personal data through cookies is the provision of § 13.ods. 1 letter f) Act no. 18/20018 on the protection of personal data.
4. The seller uses temporary and permanent cookies on the krol.shop website, which are temporarily stored in the computer's memory while the visitor browses the company's website.
5. Cookies are deleted when the user closes the web browser or after a certain period of time. Persistent cookies remain on the visitor's computer (hereinafter referred to as the data subject) until they are deleted.
6. The seller uses cookies exclusively for internal needs, primarily for the purpose of creating traffic statistics and how the krol.shop website is used, and they serve to improve the use of the company's website.
7. Cookies can store information about how site visitors use the sharing function.
8. The krol.shop website uses Google Analytics, Google Tag Manager, Google Retargeting, Google Search Console and Facebook Pixel, which uses cookies.
9. Cookies store information mainly about:
10. The types of cookies used are as follows:
11. The menu of the majority of Internet browsers includes options for configuring settings, i.e. the browser usually includes options such as allow cookies, view cookies, disable all or selected cookies, etc.
12. When you visit our website, we also automatically collect technical and statistical data about the use of the krol.shop online store by setting cookies. This is the following data:
13. The seller does not use cookies to collect identifiable information about visitors to the krol.shop site.
14. Cookies set by the Seller or websites of third parties can be rejected and blocked by changing the browser settings via the links below:
15. The seller, in the position of the operator, informs the buyer as well as the visitor of the krol.shop website about their use before starting the processing of personal data.
Article 7.
INFORMATION SYSTEMS OF THE CONTROLLER
1. The operator operates information systems in which it processes the personal data of the persons concerned, as follows:
Article 8.
METHOD OF PERSONAL DATA PROCESSING AND THEIR SECURITY
1. Personal data is processed by the operator in the information system, which is protected by passwords and access codes in order to protect it from misuse by unauthorized persons.
2. The display units of the information system are placed in such a way that the displayed data cannot be misused by eavesdropping.
3. Data carriers are protected by encryption, while access to information systems is subject to authorized identification and authorization of authorized persons.
4. The operator creates secure backups with the selected periodicity.
5. The operator's information systems are protected by detecting the presence of malicious code in incoming e-mail and other files received from a publicly accessible computer network or from data carriers.
6. In addition to the measures mentioned above, the operator ensures the security of personal data by specifying and instructing in writing the persons who are authorized to work with the information systems.
Article 9.
RIGHTS OF THE BUYER REGARDING DATA PROTECTION
1. The person concerned has the right to access personal data in the form of obtaining confirmation as to whether his personal data relating to him are processed in the operator's information system.
2. The affected person has the right to obtain information about:
3. The person concerned has the right to:
4. The data subject has the right to be informed of adequate safeguards regarding the transfer if personal data is transferred to a third country or international organization.
5. The operator is obliged to provide the person concerned with his/her personal data, which he processes. For the repeated provision of personal data requested by the data subject, the operator may charge a reasonable fee corresponding to the administrative costs. The operator is obliged to provide personal data to the person concerned in a manner according to his request.
6. The person concerned exercises his rights through the contact person and contact e-mail of the operator, which is listed in Article 2 of these policies.
7. The person concerned has the right to have the operator correct incorrect personal data concerning him without undue delay. Taking into account the purpose of personal data processing, the data subject has the right to supplement incomplete personal data.
8. The person concerned has the right to have the operator delete personal data concerning him without undue delay.
9. The operator is obliged to delete personal data without undue delay if the person concerned has exercised the right to deletion according to paragraph 8, if:
10. If the operator has published personal data and is obliged to delete them according to paragraph 1, he is also obliged to take appropriate security measures, including technical measures, taking into account the available technology and the costs of their implementation, for the purpose of informing other operators who process the personal data of the person concerned about his request. that these operators delete links to her personal data and their copies or write-offs.
11. The affected person is entitled to exercise his right to correct or delete personal data by sending a request in the form of an e-mail to the operator's contact person, which is listed in Article 2 of these policies. After processing the request, the operator will confirm to the affected person without undue delay the method of dealing with the request of the affected person.
12. The person concerned has the right to have the operator limit the processing of personal data if
13. If the processing of personal data has been limited according to paragraph 12, in addition to storage, the operator may process personal data only with the consent of the person concerned or for the purpose of asserting a legal claim, for the protection of persons or for reasons of public interest.
14. The operator is obliged to inform the affected person whose processing of personal data will be restricted according to paragraph 12 before the restriction of personal data processing is cancelled.
Article 10.
FINAL PROVISIONS
1. Personal data is processed by the operator in the information system, which is protected by passwords and access codes in order to protect it from misuse by unauthorized persons.
2. The display units of the information system are placed in such a way that the displayed data cannot be misused by eavesdropping.
3. Data carriers are protected by encryption, while access to information systems is subject to authorized identification and authorization of authorized persons.
4. The operator creates secure backups with the selected periodicity.
5. The operator's information systems are protected by detecting the presence of malicious code in incoming e-mail and other files received from a publicly accessible computer network or from data carriers.
6. In addition to the measures mentioned above, the operator ensures the security of personal data by specifying and instructing in writing the persons who are authorized to work with the information systems.