PRIVACY POLICY WITH INFORMATION ABOUT COOKIES
PREAMBLE:
This Privacy Policy sets out the rules for the processing and protection of personal data of customers of the online store operating under the website www.aperia.pl, as well as information on these customers collected using cookies, for the implementation of services provided electronically, as well as for legally permissible purposes and without bad faith towards customers whose data is processed in the Store.
The owner and administrator of the online store available under the domain aperia.pl Aperia Halina Pęciak, with its registered office in Wodzisław Śląski, at st. Leszka 42, 44-286 Wodzisław Śląski, NIP: 6471084181, REGON: 273323390, Phone: 885 664 965, +48 32 417-20-10, email address: aperia@aperia.pl
In addition, this Privacy Policy serves as an information and guarantee instrument for the Store's customers and guidelines for the Data Administrator, which he follows when collecting, processing and permitted use of the Customers personal data provided to him.
I. DEFINITIONS
Administrator - means Aperia Halina Pęciak, which provides electronic services and stores and accesses information on the User's devices.
Cookies - means IT data, in particular small text files, saved and stored on devices through which the Customer uses the Store's websites.
Administrator's cookies - means Cookies posted by the Administrator, related to the provision of electronic services by the Administrator via the Store.
External Cookies - means Cookies posted by the Administrator's partners via the Store's website.
Shop - here means the website where the Administrator runs the online store. Store's website address, operating at the address aperia.pl.
Equipment - means an electronic device through which the Customer gains access to the Store.
Customer - means an entity for which, in accordance with the Regulations and legal regulations, services may be provided electronically or with which an Agreement for the provision of electronic services may be concluded.
II. GENERAL INFORMATION
1. Out of concern for the security of the entrusted data, the Administrator has developed internal procedures and recommendations to prevent disclosure of data to unauthorized persons. The administrator controls their performance and constantly checks their compliance with the relevant legal acts - the Act on the protection of personal data, the Act on the provision of electronic services, as well as all types of implementing acts and Community law, especially in the field of changes resulting from the 2018 entry into force GDPR.
2. Personal data are processed on the basis of the consent expressed by the Customer and in cases where the law authorizes the Administrator to process personal data on the basis of legal provisions or to implement the contract concluded between the parties.
3. The store performs the functions of obtaining information about users and their behavior in the following way:
a) through information entered voluntarily in forms,
b) by collecting "Cookies",
c) by collecting server logs via the hosting operator.
4. The Store collects information voluntarily provided by the Customer, by means of consents given when placing the order or when registering in the Store. Consents may be granted in the form of accepting a ready-made statement prepared by the Administrator. The information collected in this way is processed only for the purpose of improving the operation of the Store, as well as improving the quality of customer service, in no case will the Administrator process the information obtained in this way for purposes that go beyond the marketing of its services permitted by law, works to improve the operation of the Store and improve the quality and speed. customer service.
5. The data provided in the form are processed for the purpose resulting from the function of a specific form. The administrator does not directly or implicitly extend the consent to the processing of the Customer's personal data in an unforeseen or unauthorized manner.
6. Personal data left on the website will not be sold or made available to third parties, in accordance with the provisions of the Personal Data Protection Act.
7. The data contained in the form may be viewed by the natural person who placed it there. This person also has the right to modify and stop processing his data at any time.
8. The Store reserves the right to change the privacy policy, which may be influenced by the development of internet technology, possible changes in the law in the field of personal data protection and the development of the Online Store. The Store will inform about any changes in a visible and understandable way.
9. Links to other websites may appear on the Store's websites. Such websites operate independently of the Store and are in no way supervised by the Online Store website address. These websites may have their own privacy policies and regulations, which the customer is recommended to read.
10. The Administrator informs the Users that he entrusts the processing of personal data to the following entities:
a) Data Quest Jarosław Domin, 44-336 Jastrzębie-Zdrój ul. Niepodległości 110 NIP: 6331013867 Regon: 273797640 - in order to store personal data on the server on which the store is installed,
b) T Pay - Krajowy Integrator Płatności S.A. with its registered office in Poznań, 61-808, ul. St. Marcina 73/6, with NIP numbers: 7773061579, REGON: 300878437, entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000412357, share capital in the amount of PLN 5,494,980, fully paid up,
c) Pay Pal Polska sp. z o.o. with its seat in Warsaw, 00-113, ul. Emilii Plater 53, with NIP numbers: 5252406419, KRS: 0000289372, REGON: 141108225 - in order to enable electronic payments for the ordered Goods,
d) Jawo Doradztwo Podatkowe D. i J. Wojcierowscy, 44-300, Wodzisław Śląski, Minorytów 16, NIP (tax identification number) 6470509922,
e) Poczta Polska Spółka Akcyjna, ul. Rodzinskich 8, 00-940 Warsaw, NIP: 525-000-73-13, KRS: 0000334972 Registry Court: District Court for the Capital City of Warsaw Warsaw, share capital: 774,140,000, fully paid up,
f) GLS - General Logistics Systems Poland Sp. z o.o., ul. Tęczowa 10, Głuchowo, 62-052 Komorniki, registered by the District Court in Poznań Nowe Miasto i Wilda, 8th Commercial Division of the National Court Register under the number KRS 0000005009, NIP: 7851561831, share capital: PLN 16,311,638.00 - for order fulfillment online store and delivery of ordered goods.
III. TYPES OF USED COOKIES
1. Cookies used by the Administrator are safe for the Customer's Device. In particular, it is not possible for viruses or other unwanted software or malware to enter Customer Devices this way. These files allow to identify the software used by the Customer and adjust the Store individually to each User. Cookies usually contain the name of the domain they come from, their storage time on the Device and the assigned value.
2. The administrator uses two types of cookies:
a) Session (temporary) cookies: they are stored on the Customer's Device and remain there until the end of the browser session. The saved information is then permanently deleted from the Device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the Customer's Device,
b) Permanent cookies: they are stored on the User's Device and remain there until they are deleted. Ending a browser session or turning off the Device does not delete them from the Customer's Device. The persistent cookies mechanism does not allow the collection of any personal data or any confidential information from the Customer's Device,
c) The Customer has the option to limit or disable the access of Cookies to his Device. If you use this option, the use of the Website will be possible, except for functions which, by their nature, require cookies. The customer may at any time change the settings of his cookies, he may also permanently resign from collecting them, bearing in mind that some information generated in this way may turn out to be indispensable for the performance of the distance contract concluded with the Seller. 4. The customer can control the use of cookies at any time using the web browser settings. Depending on the browser model, the available options may include:
• accepting only temporary cookies,
• accepting only selected cookies,
• acceptance of own cookies only (external cookies will not be placed while using the website),
• refusing to accept all cookies.
IV. PURPOSES FOR WHICH COOKIES ARE USED
1. The Administrator uses Own Cookies for the following purposes:
a) service configuration,
b) adjusting the content of the Store's websites to the Customer's preferences and optimizing the use of the Store's websites,
c) recognition of the Store's Customer's device and its location and properly displaying the website, tailored to his individual needs,
d) remembering the settings selected by the customer and personalizing his interface, e.g. in terms of the language or region the customer comes from,
e) remembering the history of visited pages on the website in order to recommend content,
f) font size, website appearance, etc.
2. Authenticating the Customer in the Store and ensuring the Customer's session in the Store:
a) maintaining the Store's Customer session (after logging in), thanks to which the Customer does not have to re-enter the login and password on each subpage of the Store,
b) correct configuration of selected functions of the Store, enabling in particular verification of the authenticity of the browser session,
c) optimizing and increasing the efficiency of services provided by the Administrator.
3. Implementation of processes necessary for the full functionality of websites:
a) adapting the content of the Store's websites to the Customer's preferences and optimizing the use of the Store's websites. In particular, these files allow to recognize the basic parameters of the Customer's Device and properly display the website, tailored to his individual needs,
b) correct operation of the partner program, enabling in particular verification of sources of customer redirects to the Store's websites.
4. Remembering the Customer's location - correct configuration of selected functions of the Store, allowing in particular to adjust the information provided to the Customer, taking into account its location.
5. Analyzes and research and audience audit - creating anonymous statistics that help to understand how the Store's customers use the Store's websites, which allows improving their structure and content.
6. Provision of advertising services - adaptation of advertisements of services and products of third parties presented via the Store.
7. Ensuring the safety and reliability of the Store.
8. The Administrator undertakes to obtain the Customer's consent to the use of cookies in each of the listed functionalities, especially after the entry into force of the GDPR. The customer will always have the option to stop using his cookies in any or one of the above-mentioned forms, and each form of collecting information (profiling) of the customer will be presented to him and properly communicated.
9. The administrator of the service uses external cookies for the following purposes:
a) Collecting general and anonymous static data via analytical tools: Google Analytics [Cookies administrator: Google Inc. based in the USA],
b) Use of interactive functions to popularize the Store using social networking sites: Facebook.com [Cookies administrator: Facebook Inc. based in the USA or Facebook Ireland based in Ireland] or Instagram.com [Cookies administrator: Facebook inc. based in the USA].
10. The transmission protocol used by the Aperia online store to ensure the security of data transmission on the Internet is the SSL protocol (Secure Socket Layer v3). It is a type of security that involves encoding data before sending it from the Customer's browser and decoding after it safely reaches the store's server. The information sent from the server to the client is also encoded and decoded after reaching the target.
11. SSL performs encryption, authentication and message integrity assurance. At the time of establishing a connection with a secure (using the SSL protocol) website, encryption keys are set, which are then used to transfer data between the browser on the client's computer and the store's server. Both the handshaking of the keys and the transmission itself are very difficult to break. After connecting to a secure website, the user is informed about it.
12. SSL uses identity certificates to check server and user permissions. These certificates are issued and "digitally signed" by one of the certificate issuers - Certification Authorities (CA).
V. POSSIBILITIES TO DETERMINE THE CONDITIONS OF STORAGE OR ACCESSING COOKIES
1. The Customer may independently and at any time change the settings for Cookies, specifying the conditions for their storage and access to the Customer's Device by Cookies. Changes to the settings referred to in the previous sentence can be made by the Customer using the web browser settings or by using the service configuration. These settings can in particular be changed in such a way as to automatically block handling cookies in the settings of the web browser or informing about their every posting of cookies on the customer's device. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.
2. The customer may at any time delete cookies using the functions available in the web browser he uses.
3. Restricting the use of cookies may affect some of the functionalities available on the Store's website.
VI. COLLECTION AND SHARING OF DATA
1. The data can be made available to external entities only within the limits permitted by law.
1.1. The administrator does not entrust the processing of data and does not disclose the collected personal data of customers to unrelated entities without the consent of the interested parties, unless the following circumstances apply:
a) The Administrator may use the support of external entities to provide the services provided by them, however, these entities are not authorized to independently use personal data processed on behalf of the Online Store, and all their activities are subject to the provisions of the Privacy Policy of the Online Store,
b) The Administrator retains the right to disclose data to public authorities in conducting proceedings for possible violations of the law or in combating possible violations of the Regulations of the Online Store.
2. Data enabling the identification of a natural person are made available only with the consent of that person. The customer has the right to access their personal data collected by the Administrator at any time. This right includes the possibility of verification, modification, supplementation, deletion, restriction of data processing, objection to processing, data transfer, cessation of processing of the Customer's personal data, as well as the right to withdraw consent to the processing of data for a specific purpose, if the Customer has previously given such consent and the right to lodge a complaint with the supervisory authority. These rights are available without giving a reason.
3. The operator may be required to provide information collected by the Store to authorized bodies on the basis of lawful requests to the extent resulting from the request and not going beyond them.
4. The customer who uses the services and tools provided as part of the Store confirms that he has read the provisions of the Privacy Policy and the Regulations of the Online Store, and also agrees to the use of his personal data in accordance with the Store Regulations and its Privacy Policy.
5. All data collected by the Administrator are protected with the use of rational technical and organizational measures and security procedures in order to protect them against unauthorized access or their unauthorized use.
6. The Administrator processes the Customers' personal data necessary for the proper implementation of the services available in the Online Store and is entitled to use the data collected and stored in the Online Store for the following purposes:
a) placing an order in the Online Store,
b) the conclusion and implementation of the Sales Agreement or the Agreement for the provision of Electronic Services,
c) direct marketing of own products or services,
d) providing full service to the User, including setting up and managing the User's account / accounts, solving technical problems and providing relevant functions,
e) adjusting the offer and the User's experience, including advertisements, in the properties of the Store,
f) monitoring the activity of all and specific Users,
g) contacting Users, in particular for purposes related to the provision of services, User service, permitted marketing and advertising activities,
h) carrying out research and analysis to improve the performance of available services,
i) enforcing compliance with the Online Store Regulations,
j) assessing some of the Customer's personal factors,
k) handing over to processors for the purpose of order fulfillment, in particular to contractors on behalf of the administrator
7. The administrator collects, processes and stores the following customer data:
a) email address (email address),
b) name and surname,
c) company name (in the case of customers who are not consumers),
d) NIP (in the case of Clients who are not consumers),
e) delivery address of the Goods (street, house number, apartment number, zip code, city, country),
f) address of residence / business / seat (if different from the delivery address),
g) telephone number.
8. Customers who have registered in the Store have the right to view, edit and delete the data they have provided. The customer ensures that the data provided or published by him in the online store are correct. Customers who have decided to delete their Account in the Store have the right to request that their personal data be permanently deleted from the Administrator's resources. This right ("the right to be forgotten") results directly from the GDPR that comes into force.
9. Customers' personal data are collected (or will be) using the following functionalities of the online store: email contact with the Customer, order form, data provided in the Customer Account, login data and registration data.
10. The Administrator, on the basis of a separate consent given by the Store's Customer, to express an opinion on the concluded Sales Agreement, provides the collected personal data of the Customer to the selected entity servicing the system of surveys giving opinions on the concluded Sales Agreements in the Online Store. The administrator undertakes to have a signed relevant agreement for entrusting the processing of personal data to such a third party. The entity operating the survey system is obliged by the above agreement to maintain confidentiality and process only to the extent entrusted to the Customer's personal data obtained in this way.
11. The administrator informs that he uses (or will use) the following technologies to track actions taken by the user / customer as part of the store's website: Google Analytics and Facebook Pixel tracking code - to analyze the statistics of the store's website and remarketing.
This Privacy Policy along with information about Cookies shall enter into force on 04/16/2018 on the day of its publication on the website of the store available at aperia.pl. Any changes to this document will be communicated to the Customers at least 14 days in advance, using the information about changes available on the Store's website and the possibility of changing the configuration of their Cookie settings in this regard. Changes to the Privacy Policy and information about Cookies may, in particular, be the result of the development of the technology on which the Store is built, changes in legislation in this area, or result from internal, justified needs of the Administrator.