Privacy policy

The administrator of the store is FILIP DROSZCZ running a sole proprietorship based at Klonowa 7/6, 25-538 Kielce, POLAND, NIP: 9592046057, Regon: 389898063, registered in CEIDG, e-mail: filipdroszcz@gmail.com

This privacy policy has been constructed in the form of questions and answers. The choice of this form was dictated by the concern for clarity and legibility of the information presented to you.

If you have any doubts about the privacy policy, you can contact us at any time by sending a message to filipdroszcz@gmail.com

# 1: Who is the administrator of your personal data?

The administrator of your personal data is FILIP DROSZCZ running a sole proprietorship based at Klonowa 7/6, 25-538 Kielce, POLAND, NIP: 9592046057, Regon: 389898063, registered in CEIDG, e-mail: filipdroszcz@gmail.com

# 2: Who can you contact regarding the processing of your personal data?

As part of the implementation of data protection in our organization, we have decided not to appoint a Data Protection Officer due to the fact that it is not mandatory in our situation. For matters related to data protection and privacy more broadly, you can contact us by email at filipdroszcz@gmail.com

# 3: What information do we hold about you?

Depending on the purpose, we may process the following information about you:

  • name,
  • country of residence,
  • email address,
  • telephone number,
  • data contained in correspondence addressed to us,
  • bank account number,
  • IP address,
  • materials you have viewed on the site,
  • details of purchases made on the site,
  • details of abandoned shopping carts,
  • activity with respect to messages sent as part of the newsletter,
  • information about the operating system and web browser you use,
  • sub-pages viewed,
  • time spent on the site,
  • transitions between individual subpages,
  • clicks on individual links,
  • the source from which you go to our site,
  • the age range you are in,
  • your gender,
  • Your approximate location limited to locality,
  • Your interests as determined by your online activities.

We have described the scope of the processed data precisely for each processing purpose. Information in this regard can be found later in this policy.

# 4: Where do we get your personal information from?

In most cases, you provide it to us yourself. This happens when:

  • you register a customer account,
  • you make a purchase of a service,
  • you send a complaint or cancel a contract,
  • you sign up for a newsletter,
  • you contact us. 

In addition, some information about you may be automatically collected by the tools we use:

  • the service mechanism and newsletter system collect your IP address,
  • the mechanism of the service collects information about materials you have viewed, details of orders you have placed, including unfinished orders,
  • the mechanism of the newsletter system collects information on your activity with regard to the content sent to you within the newsletter, such as opening messages, clicking on links, etc,
  • Google Analytics collects a range of information about how you use our store.

# 5: Is your data secure?

We care about the security of your personal data. We have analyzed the risks involved in the various processes of processing your data, and then implemented appropriate security and data protection measures. We constantly monitor the state of our technical infrastructure, train our staff, look at the procedures in place, and make the necessary improvements. If you have any questions about your personal data, we are at your disposal at filipdroszcz@gmail.com

# 6: For what purposes do we process your personal data?

These purposes are more than one. Below is a list of them, followed by a more detailed discussion. We have also assigned to each purpose the corresponding legal basis for processing.

  • User account registration and maintenance – Article 6(1)(b) of the RODO,
  • order processing – Article 6(1)(b) of the RODO,
  • handling of complaints or withdrawal from the contract – article 6(1)(f) RODO,
  • dispatch of newsletters – article 6(1)(a) RODO,
  • sending notifications – article 6(1)(b) RODO.
  • Handling of correspondence – Article 6(1)(f) RODO,
  • fulfillment of tax and accounting obligations – Article 6(1)(c) RODO,
  • creation of an archive for the possible need to defend, establish or assert claims, as well as to identify a returning customer – article 6(1)(f) RODO,
  • Own marketing – Article 6(1)(f) RODO,
  • analysis, statistics and optimization – Article 6(1)(f) RODO.

Customer account – details

When purchasing a service, you must provide the data necessary to conclude a contract and also to create an account: name, surname, country of residence, telephone, e-mail address and password. Providing the data is voluntary, but necessary to create an account. 

As part of editing your account data, you can provide your more far-reaching data, such as your home address, which can be used to correspond with you. 

In addition, our system used for customer accounts records your IP number, which you used when registering a customer account.

Moreover, we use the integration of the Google Analytics tool with the customer account mechanism. In this way, the data collected by the Google Analytics tracking code about your use of our service is assigned to your customer account. This includes information such as:

  • information about the operating system and web browser you use,
  • sub-pages viewed,
  • time spent on the site,
  • transitions between individual sub-pages,
  • clicks on individual links,
  • the source from which you go to our site,
  • the age range you are in,
  • Your gender,
  • Your approximate location limited to locality.
  • Your interests as determined by your online activities.

We analyze such information about you in order to optimize our websites for user experience, efficiency and conversion, which is our legitimate interest referred to in Article 6(1)(f) of the RODO.

The data provided by you in connection with the purchase of a service and with the creation of an account is processed for the purpose of providing you with an electronic service consisting of providing you with a customer account. This service is provided on the basis of a contract concluded according to the terms and conditions described in the regulations, which means that in this regard the legal basis for the processing of your personal data is Article 6(1)(b) RODO.

The data will be stored for the duration of the customer account. At any time you can decide to delete your account, however, this will not lead to the removal of information about your purchases made using your account from our database. Order data is stored in our archive until the expiration of the statute of limitations for claims under the contract / for the entire period of operation of the service due to ensuring the possibility of identifying the returning customer, reconstructing his/her purchase history, discounts granted, etc., which is our legitimate interest referred to in Article 6(1)(f) of the RODO. 

Complaints and withdrawals – details

If you make a complaint or withdraw from the contract, you provide personal data contained in the content of the complaint or withdrawal statement, which includes name, address, telephone number, e-mail address, bank account number. Providing data is voluntary, but necessary to make a complaint or withdraw from the contract.

The data provided to us in connection with filing a complaint or withdrawing from the contract are used for the purpose of implementing the complaint procedure or withdrawal procedure, and then for archival purposes, which is our legitimate interest (Article 6(1)(f) RODO). 

The data will be processed for the time necessary to carry out the complaint procedure or withdrawal procedure. Complaint documents will be stored until the expiration of warranty rights. Statements of withdrawal will be stored together with accounting records for the period required by law. 

Newsletter – details

By signing up for the newsletter, you provide us with your name and email address. Providing the data is voluntary, but necessary to subscribe to the newsletter. 

In addition, our system used for the newsletter, records your IP number you used when signing up for the newsletter, determines your approximate location, the email client you use for email, and tracks your actions taken in connection with messages sent to you. Accordingly, we also have information about which messages you have opened, within which messages you have clicked on links, etc. 

The data you provide to us in connection with signing up for the newsletter, is used for the purpose of sending you the newsletter, and the legal basis for its processing is your consent (Article 6(1)(a) of the RODO) given when signing up for the newsletter. As for the processing of information that does not come from you, but is collected automatically by our mailing system, we rely in this regard on our legitimate interest (Article 6(1)(f) RODO) to analyze the behavior of newsletter subscribers in order to optimize mailing activities. 

You can unsubscribe from the newsletter at any time by clicking on the dedicated link included in each message sent as part of the newsletter, or by simply contacting us. Despite opting out of the newsletter, your data will continue to be stored in our database for the purpose of identifying the returning subscriber and for the possible defense of claims related to the sending of the newsletter to you, in particular for the purpose of proving the fact that you gave your consent to receive the newsletter and when you withdrew it, which is our legitimate interest referred to in Article 6(1)(f) of the RODO. 

You can modify your data provided for the purpose of receiving the newsletter at any time by clicking on the relevant link visible in each message sent as part of the newsletter, or by simply contacting us. 

Mail handling – details

By contacting us, you naturally provide us with your personal data contained in the content of correspondence, in particular your e-mail address and name. Providing your data is voluntary, but necessary to make contact.

Your data is processed in this case for the purpose of contacting you, and the basis for processing is Article 6(1)(f) of the RODO, i.e. our legitimate interest. The legal basis for post-contact processing is also our legitimate purpose of archiving your correspondence for the purpose of ensuring that we can prove certain facts in the future (Article 6(1)(f) RODO). 

The content of the correspondence may be subject to archiving and we are not able to clearly determine when it will be deleted. You have the right to request the history of the correspondence you have had with us (if it was subject to archiving), as well as to request its deletion, unless its archiving is justified by our overriding interests, such as defense against potential claims on your part. 

Tax and accounting obligations – details

If we issue a bill to you, it becomes part of your accounting records, which will be kept for the period of time required by law. Your personal data is processed in such a situation in order to fulfill our tax and accounting obligations (Article 6(1)(c) of the RODO in connection with the provisions governing tax and accounting obligations).

Archive – details

As part of the description of the various purposes for processing personal data above, we have indicated the deadlines for storing personal data. These time limits are often related to our archiving of certain data for the purpose of ensuring our ability to prove certain facts in the future, to reconstruct the course of cooperation with the customer, exchanged correspondence, defense, establishment or assertion of claims. In this regard, we rely on our legitimate interest as referred to in Article 6(1)(f) of the RODO.

Custom marketing – details

As part of our service, we use an abandoned cart recovery mechanism. In a situation where you start the process of purchasing a package, but do not complete it, our system will note this fact in order to take actions to induce you to finalize the transaction. These actions may include, in particular, sending you an email with an incentive to finalize your order or displaying a targeted advertisement while you are browsing the Internet.  

Our store may also collect information about your activity and, based on this, display targeted advertising to you while you are browsing the Internet. However, if you are not a registered customer, the information used for this purpose is not personal. Only when they are matched with your personal information collected in your user account do they take on the nature of personal data. 

We carry out the activities described above based on our legitimate interest referred to in Article 6(1)(f) of the RODO, consisting in marketing our own products.

Analysis, statistics, optimization – details

We collect statistical information about users’ browsing behavior on our websites, such as clicks on links, transitions between sub-pages, time spent on individual pages, etc. We analyze this information in order to optimize our sites for user experience, efficiency and conversion. In most cases, the information processed in this way is not personal data. The exception is if you are a registered customer. Then we may collate this information with your other data collected in your user account. 

We carry out the activities described above based on our legitimate interest referred to in Article 6(1)(f) of the RODO to optimize our websites. 

# 7: How long will we keep your personal data?

Data retention periods are indicated separately for each processing purpose. You will find this information within the details dedicated to each separate processing purpose.  

# 8: Who are the recipients of your personal data?

We would venture to say that modern business cannot do without services provided by third parties. We also use such services. Some of these services involve the processing of your personal data. Third-party service providers that are involved in the processing of your personal data are:

  • hosting provider, which stores data on a server,
  • a cloud service provider, where backups that may contain your personal data are stored,
  • the provider of a mailing system where your data is stored if you are a newsletter subscriber,
  • provider of a CRM system, where we store your data to improve the customer service process and for archival purposes,
  • invoicing system provider, where your data is stored for invoicing purposes,
  • an accounting firm that processes your data shown on invoices,
  • a law firm that accesses your data if necessary to provide legal assistance to us,
  • a maintenance service provider that accesses the data if the technical work carried out concerns areas where personal data is located,
  • other subcontractors who gain access to the data if the scope of their activities requires such access.

Your personal data may also be transferred to tax authorities to the extent necessary for the performance of tax and accounting obligations. This includes, in particular, all declarations, reports, statements and other accounting documents containing your personal data.

In addition, if necessary, your personal data may be shared with entities, authorities or institutions authorized to access the data under the law, such as police, security services, courts, prosecutors’ offices.

Moreover, we use tools that collect a range of information about you related to your use of our service. This includes, in particular, the following information:

  • information about the operating system and web browser you use,
  • sub-pages viewed,
  • time spent on the site,
  • transitions between individual subpages,
  • clicks on individual links,
  • the source from which you go to our site,
  • the age range you are in,
  • Your gender,
  • Your approximate location limited to locality.
  • Your interests as determined by your online activity.

This information in itself does not, in our opinion, have the character of personal data. As this information is collected by third-party tools we use, this information is also processed by tool providers under the terms of their terms of use and privacy policies. Generally, this information is used to provide and improve services, manage them, develop new services, measure the effectiveness of advertisements, protect against fraud and abuse, and personalize the content and advertisements displayed on individual services, sites and applications. We have tried to describe the details in this regard later in this policy, within the explanations devoted to each tool.  

# 9: Do we transfer your data to third countries or international organizations?

Yes, part of the processing operations of your personal data may involve transferring them to third countries. 

We transfer your personal data to third countries in connection with the use of tools that store personal data on servers located in third countries, particularly in the USA. The providers of these tools guarantee an adequate level of personal data protection through the relevant compliance mechanisms provided for by the RODO, in particular through the use of standard contractual clauses.

The storage of personal data on servers located in third countries occurs, among others, through the use of tools from companies such as Google, Dropbox, and Facebook. These companies declare to ensure an adequate level of protection of the processed personal data by adopting and applying EU standard contractual clauses in place of the so-called Privacy Shield invalidated by the judgment of the Court of Justice of the European Union (CJEU) of July 16, 2020 in the Schrems II case (FB information, Google information). The type of safeguards used is analyzed in terms of risks and may change in the event that new legal instruments are adopted by the relevant EU authorities to ensure an adequate level of security for personal data transferred outside the EEA

Each of the tools we use where storage of personal data on third-country servers may occur ensures an adequate level of protection of personal data by applying the compliance mechanisms provided for by the RODO, in particular through the use of standard contractual clauses. 

We would also like to remind you here that we use third-party tools that may collect anonymous information about you. We have mentioned this several times within this policy, including in response to a previous question. The providers of these tools often use servers located around the world, particularly in the United States of America (USA), to store the information they collect. 

# 10: Do we use profiling? Do we make automated decisions based on your personal data? 

We do not make decisions to you based solely on automated processing, including profiling, that would produce legal effects or similarly materially affect you. 

Yes, we use tools that may take certain actions depending on the information collected through tracking mechanisms, but we believe that these actions do not materially affect you because they do not differentiate your situation as a customer, do not affect the terms of a contract you may enter into with us, etc. 

Using certain tools, we may, for example, target you with personalized advertisements based on previous actions you have taken on our site or suggest products that may be of interest to you. We are talking here about so-called behavioral advertising. We encourage you to learn more about behavioral advertising, particularly with regard to privacy issues. You can find detailed information, along with the ability to manage your behavioral advertising settings, here: http://www.youronlinechoices.com. 

We emphasize that within the tools we use, we do not have access to information that would allow us to identify you. The information we are talking about here is, in particular: 

  • information about the operating system and web browser you use,
  • the subpages you view,
  • time spent on the site,
  • transitions between sub-pages,
  • the source from which you go to our site,
  • the age range you are in,
  • your gender,
  • Your approximate location limited to locality,
  • Your interests as determined by your online activities.

We do not collate the information indicated above with your personal information that is in our databases. This information is anonymous and does not allow us to identify you. This information is stored on the servers of the providers of the individual tools, and these servers can most often be located around the world.

An exception to the anonymous nature of the information mentioned above is if you have a customer account with us. Then this information may be compiled with your data collected in your customer account. However, we still do not, with the use of this information, make decisions towards you based solely on automated processing, including profiling, which would produce legal effects towards you or similarly significantly affect you. We believe that the activities of targeting you with advertisements depending on your activity on our site and taking optimization measures do not materially affect you. Therefore, in this regard, we rely on our legitimate interest referred to in Article 6(1)(f) of the RODO.

# 11: What rights do you have in connection with the processing of your personal data?

The RODO grants you the following potential rights related to the processing of your personal data:

  • the right to access your data and to receive a copy of it,
  • The right to rectify (amend) your data,
  • The right to erasure (if, in your opinion, there are no grounds for us to process your data, you can demand that we erase it),
  • The right to restrict the processing of your data (you can demand that we restrict the processing of your data only to the storage of your data or the performance of activities agreed with you, if in your opinion we have inaccurate data or are processing it unfoundedly),
  • The right to object to processing (you have the right to object to processing on the basis of legitimate interests; you should indicate the particular situation that you think justifies us stopping the processing covered by the objection; we will stop processing your data for these purposes unless we demonstrate that the grounds for our processing override your rights or that your data is necessary for us to establish, assert or defend claims),
  • the right to data portability (you have the right to receive from us in a structured, commonly used, machine-readable format the personal data you have provided to us under the contract or your consent; you can have us send this data directly to another entity),
  • The right to withdraw your consent to the processing of personal data, if you have previously given such consent,
  • The right to lodge a complaint with a supervisory authority (if you find that we are processing your data unlawfully, you may lodge a complaint to this effect with the President of the Office for Personal Data Protection or other competent supervisory authority).

The rules related to the exercise of the rights indicated above are described in detail in Articles 16 – 21 of the RODO. We encourage you to familiarize yourself with these provisions. For our part, we consider it necessary to explain to you that the rights indicated above are not absolute and you will not be entitled to them in relation to all processing activities of your personal data.  

We emphasize that one of the rights indicated above is always available to you – if you consider that we have violated data protection regulations in the processing of your personal data, you have the opportunity to file a complaint with the supervisory authority (President of the Office for Personal Data Protection). 

You can also always request that we provide you with information about what data we have about you and for what purposes we process it. All you need to do is send a message to filipdroszcz@gmail.com. However, we have made every effort to ensure that the information of interest to you is comprehensively presented in this privacy policy. You can also use the e-mail address provided above if you have any questions about the processing of your personal data.

# 12: Do we use cookies and what are they actually?

Our website, like almost all other websites, uses cookies. 

Cookies are small textual information stored on your terminal device (e.g. computer, tablet, smartphone), which can be read by our ICT system (our own cookies) or third-party ICT systems (third-party cookies). Cookies may record and store certain information, which can then be accessed by ICT systems for specific purposes.

Some of the cookies we use are deleted when your browser session ends, i.e. when you close it (so-called session cookies). Other cookies are retained on your terminal device and enable us to recognize your browser the next time you visit the site (persistent cookies). 

If you want to learn more about cookies as such, you can read, for example, this material: https://pl.wikipedia.org/wiki/HTTP_cookie. 

# 13: On what basis do we use cookies?

We use cookies on the basis of your consent, except when cookies are necessary for the proper provision of electronic services to you. 

With regard to your consent to cookies, we accept the option that you give such consent through the settings of your Internet browser or additional software that supports the management of cookies. We assume that you agree to all cookies used by us that are not blocked by your browser or additional software you use. 

Please note that disabling or restricting cookies may prevent you from using some of the features available in our store and cause difficulties in using our store, as well as many other websites that use cookies. For example, if you block the cookies of social networking plug-ins, the buttons, widgets and social features implemented in our store may not be available to you.

# 14: Can you disable cookies?

Yes, you can manage your cookie settings within your web browser. You can block all or selected cookies. You can also block cookies of specific sites. You can also delete previously saved cookies and other site and plug-in data at any time. 

Web browsers also offer the possibility to use incognito mode. You can use it if you do not want information about the sites you have visited and the files you have downloaded to be saved in your browsing and download history. Cookies created in incognito mode are deleted when you close all windows in this mode.

Browser plug-ins are also available to control cookies, such as Ghostery (https://www.ghostery.com). The option to control cookies may also be provided by additional software, in particular antivirus packages, etc. 

In addition, there are tools available on the Internet that allow you to control certain types of cookies, in particular to collectively manage behavioral advertising settings (e.g. www.youronlinechoices.com/, www.networkadvertising.org/choices).

Please note that disabling or restricting cookies may prevent you from using some of the features available in our store and cause difficulties in using our store, as well as many other websites that use cookies. For example, if you block cookies of social networking plug-ins, buttons, widgets and social features implemented in our store may not be available to you. 

# 15: For what purposes do we use our own cookies?

Proprietary cookies are used to ensure the proper functioning of the various mechanisms of the store, such as maintaining your session after logging into your account, remembering your last browsed materials and the packages you selected before purchasing.

Proprietary cookies also store information about the cookie settings you have defined from the cookie management mechanism. 

Proprietary cookies are also used to support the abandoned cart recovery mechanism.

# 16: What third-party cookies are used?

The following third-party cookies operate as part of our service:

  • Google Analytics,
  • Google Tag Manager,
  • Google AdWords,
  • Google AdSense,
  • Google Ads
  • Facebook Custom Audiences,
  • Facebook, Twitter, Instagram, TikTok (social media tool cookies),
  • GetResponse
  • Hotjar,
  • Spotify,
  • YouTube.
  • WPForms
  • Smartsupp
  • Dropbox
  • Stripe
  • PayPal

You can find details about individual third-party cookies on their privacy policy tabs.

# 17: Do we track your behavior taken within our store?

Yes, we use Google Analytics, Google AdWords, Hotjar and Facebook Custom Audiences tools that involve collecting information about your activities in our store. These tools are described in detail under the question about third-party cookies, so we will not repeat this information here as well. 

# 18: Do we target you with targeted ads? 

Yes, we use Facebook Ads and Google Ads, where we can target ads to specific groups defined based on various criteria such as age, gender, interests, occupation, job, activities previously undertaken within our store. These tools were described in detail within the question on third-party cookies, so we will not repeat this information here as well. 

# 19: How can you manage your privacy?

The answer to this question can be found in many places in this privacy policy when describing individual tools, behavioral advertising, cookie consent, etc. Nevertheless, we have once again gathered this information in one place for your convenience. Below you will find a list of options for managing your privacy.

  • cookie settings within your web browser,
  • browser plug-ins that support cookie management, e.g. Ghostery,
  • additional software that manages cookies,
  • incognito mode in your web browser,
  • behavioral advertising settings, e.g. youronlinechoices.com,
  • Cookie management mechanism from our website,
  • Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout,
  • Google Ads Settings: https://adssettings.google.com/,
  • Facebook Ads Settings: https://www.facebook.com/ads/settings,
  • HotJar Opt-out: https://www.hotjar.com/legal/compliance/opt-out

# 20: What are server logs?

Using the service involves sending queries to the server where the service is stored. Each request made to the server is recorded in the server logs. 

The logs include, among other things, your IP address, the date and time of the server, information about your web browser and the operating system you are using. The logs are saved and stored on the server. 

The data stored in the server logs are not associated with specific individuals using the site and are not used by us to identify you.

The server logs are only support material for the administration of the site, and their contents are not disclosed to anyone except those authorized to administer the server. 

# 21: Is there anything else you should know about?

As you can see, the topics of personal data processing, the use of cookies and the management of privacy in general are quite complicated. We have done our best to ensure that this document provides you with as much knowledge as possible on the issues that are important to you. If anything is unclear to you, you want to learn more or just talk about your privacy, please email us at filipdroszcz@gmail.com

Filip Droszcz
Instagram Facebook
Copyright © 2022 Filip Droszcz
Shopping Cart