Privacy Policy

Privacy Policy

I. General Provisions

1.        This privacy policy sets out the rules for processing and protecting the personal data of Customers using the online store at www.odnogi.pl.

2.        This privacy policy fulfills the information obligation of the Administrator in accordance with Article 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR.

3.        The Administrator of personal data of Customers collected via the online store is SAMOYA Jakub Szczygielski ul. Kręta 50 lok. U1 15-345 Białystok NIP: 542 335 1867.

4.        The Administrator can be contacted via e-mail: odnogi.pl@gmail.com, or in writing to: SAMOYA ul. Kręta 50 lok. U1 15-345 Białystok 

II. Data Processing Principles

1.        The Administrator processes Customers' personal data in accordance with the GDPR.

2.        The Administrator applies technical and organizational measures required by EU law, ensuring the protection of personal data processing and safeguarding personal data against unauthorized disclosure, unauthorized access, processing in violation of regulations, and alteration, loss, or destruction.

3.        The Administrator declares that providing data marked as required in the online store is voluntary but necessary for using the online store's functionalities, including creating and maintaining a Customer account and placing and fulfilling an order.

III. Purposes and Legal Bases for Personal Data Processing

1.        Customers' personal data will be processed for the following purposes:

1.        maintaining a Customer account in the online store (Art. 6 sec. 1 lit. b GDPR);

2.        order fulfillment in the online store (Art. 6 sec. 1 lit. b GDPR);

3.        direct marketing of own services and products, which constitutes a legitimate interest of the Administrator (Art. 6 sec. 1 lit. f GDPR);

4.        archival or evidentiary purposes in the event of claims or in connection with applicable tax law provisions (Art. 6 sec. 1 lit. F GDPR).

IV. Personal Data Retention Period

1.        Customer data will be stored for the following period:
a. data related to maintaining a Customer account – for the period of its existence in the online store, no longer than until the Customer requests its deletion;
b. data related to order fulfillment – for 5 years from the end of the year in which the sale was made, unless further storage is justified by the statute of limitations for claims;
c. data related to marketing activities – until an objection is raised;
d. archival purposes and those related to asserting claims and tax law – for the period necessary to achieve this purpose resulting from general legal provisions.

V. Categories of Personal Data

1.        The Administrator collects, stores, and processes the following data: 
a. in connection with account creation: e-mail address, first and last name, address, phone number, and for entrepreneurs, VAT ID and company name;
b. in connection with order placement: e-mail address, first and last name, address, phone number, and for entrepreneurs, VAT ID and company name;
c. in connection with newsletter subscription: e-mail address and first name;
d. in other respects necessary for the realization of a given purpose.

2.        While using the online store, the Administrator automatically collects and gathers information such as IP address, URL address, device ID, time spent on individual pages, browser type, and operating system type and version.

VI. Cookies

1.        The online store uses cookies. They are saved on the end device of the person visiting the online store if the browser allows it.

2.        Cookies are IT data, especially text files, which are stored on the Customer's end device and are intended for using the online store.

3.        Cookies are used for the following purpose:
a. recognizing the device used by the Customer to properly display the content of the page;
b. creating statistics that help understand how customers use websites;
c. maintaining the Customer's online store session, thanks to which the Customer does not have to re-enter login and password on each subpage of the store.
d. If the Customer does not agree to the online store's use of cookies, they should change their browser settings accordingly or cease using the online store's pages.

VII. Data Sharing

1.        Customers' personal data may be transferred to entities to whom the Administrator entrusts personal data for processing based on agreements, and to entities authorized to obtain data based on legal provisions.

2.        To fulfill the contract concluded via the online store and ensure its proper functioning, the Administrator shares Customers' personal data primarily with entities providing services such as:

3.        transport;

4.        electronic payment;

5.        banking;

6.        accounting;

7.        hosting;

8.        marketing in the scope of online store support.

VIII. Customer Rights

1.        The Customer has the right to access their data and the right to request its rectification, erasure, or restriction of processing. To the extent that the processing of personal data is based on the legitimate interest of the administrator (Art. 6 sec. 1 lit. f GDPR), the Customer has the right to object to the processing of their data.

2.        To the extent that the Customer's data is processed for the purpose of concluding and executing a contract, the Customer also has the right to data portability.

3.        The Customer also has the right to lodge a complaint with the supervisory authority responsible for personal data protection if the processing of their personal data is unlawful.