We provide our clients with full respect for their privacy and protection of their personal data.
Providing personal data, as well as consent to their processing are completely voluntary. Any personal data provided to us is processed only to the extent and for the purpose for which you have given your consent. In the event that you decide, however, not to provide us with the data necessary to process the order and you do not agree to their processing, unfortunately we will not be able to fulfill your order.
Please note that you have the right to have your personal data updated or completely deleted at any time. You can do it yourself, as well as using our help, which we will be happy to provide.
I. DATA CONTROLLER
The owner of the store and at the same time the administrator of personal data is Anna Rudzka conducting business activity under the name Pulcino Anna Rudzka, Mikołaja Reja Street, 71-561 Szczecin, entered into the Central Register and Information on Economic Activity kept by the Minister competent for the economy and running CEiDG, NIP: 8512899930, REGON: 321202057, hereinafter referred to as pulcino.shop
II. PERSONAL DATA PROTECTION SYSTEM
The Administrator has applied technical and organizational measures to ensure the protection of processed data in accordance with the requirements set out in the applicable provisions on the protection of personal data. In particular, the following were taken into account: the Regulation of the Minister of Internal Affairs and Administration of 29 April 2004 on the documentation of personal data processing and technical and organizational conditions to be met by devices and IT systems used to process personal data (Journal of Laws No. 100, item 1024); guidelines of the Inspector General for Personal Data Protection; Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
The most important elements of the applied personal data protection system include:
1. SSL certificate, which guarantees that communication between your computer and the pulcino.shop is encrypted with a 256-bit key.
2. We collect and process only the necessary personal data for the shortest possible time, and for each activity not related to the implementation of the purchase contract you must give your separate consent.
3. Access to your personal data is granted only to persons authorized and trained in the protection of personal data, guaranteeing their security.
4. The IT system of the pulcino.shop store and internal procedures meet all standards of personal data protection.
The data controller has thus fulfilled all legally provided obligations in the field of personal data protection.
III. PURPOSE OF PROCESSING AND LEGAL BASIS.
The Administrator processes personal data of the Store Service Recipients in the case of:
- Registration of an Account in the Store, in order to create an individual account and manage this Account, pursuant to Article 6(1)(.b) of the GDPR (performance of the contract for the provision of electronic services in accordance with the Store Regulations),
- Placing an order in the Store, in order to perform the sales contract, pursuant to Article 6(1)(.b) of the GDPR (implementation of the sales contract).
- Subscribe to the Newsletter in order to send commercial information by electronic means. Personal data is processed after a separate consent, pursuant to Article 6(1)(a) of the GDPR
IV. PERIOD OF STORAGE OF PERSONAL DATA.
Personal data of service recipients are stored by the Administrator:
- In the event that the basis for data processing is the performance of the contract, as long as it is necessary for the performance of the contract, and after that time for a period corresponding to the period of limitation of claims. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years
- In the event that the basis for data processing is consent, until the consent is revoked, and after the consent is revoked, for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and that may be raised against him. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
- When using the Store, additional information may be collected, in particular: IP address assigned to the Customer's computer or external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
- After expressing a separate consent, pursuant to Article 6(1)(a) of the GDPR, the data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for the purpose of direct marketing – respectively in connection with Article 10(2) of the Act of 18 July 2002 on the provision of electronic services or Article 172(1) of the Act of 16 July 2004 – Telecommunications Law, including those directed as a result of profiling, provided that the Customer has given appropriate consent.
- Navigation data may also be collected from the Service Recipients, including information about links and references in which they decide to click or other actions taken in the Store. The legal basis for this type of activity is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in facilitating the use of services provided electronically and improving the functionality of these services.
- Providing personal data by the Customer is voluntary.
- The Administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are processed in accordance with the law, collected for lawful purposes and not subjected to further processing incompatible with these purposes. In addition, the data are factually correct and adequate in relation to the purposes for which they are processed and stored in a form that allows identification of the persons to whom they relate, no longer than it is necessary to achieve the purpose of processing.
V. PROVISION OF PERSONAL DATA
Personal data of Service Recipients are transferred to service providers used by the Administrator when running the Store, in particular to:
- Entities delivering Products,
- Suppliers of payment systems,
- Accounting office,
- Hosting providers,
- Providers of business enabling software,
- Entities providing a mailing system,
- Marketing entities,
- Providers of software needed to run an online store.
Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, are either subject to the Administrator's instructions as to the purposes and methods of processing these data (processors) or independently determine the purposes and methods of their processing (administrators).
Cookies - your personal data, which are collected automatically after entering the pulcino.shop
- The Administrator's website uses "cookies".
- The installation of "cookies" is necessary for the proper provision of services on the Store's website. "Cookies" contain information necessary for the proper functioning of the website, and they also give the opportunity to develop general statistics of website visits.
- As part of the pulcino.shop website, "session" cookies are used, which are temporary files and are stored in the Customer's end device until logging out (leaving the website).
- In addition, as part of the pulcino.shop website, "permanent" cookies are used, which are stored in the Customer's end device for the time specified in the parameters of "cookies" or until they are deleted by the Customer.
- The Administrator uses its own cookies in order to better understand how the Service Recipients interact with the content of the website. The files collect information about the manner of using the website by the Customer, the type of page from which the Customer was redirected and the number of visits and time of the Customer's visit to the website. This information does not record specific personal data of the Customer, but is used to compile statistics on the use of the website.
- The administrator uses external cookies to collect general and anonymous static data through Google Analytics analytical tools (third-party cookie administrator: Google Inc. with its registered office in the USA).
- Cookies may also be used by advertising networks, in particular Google, Pinterest, Facebook, in order to display advertisements tailored to the way in which the Customer uses the Store. For this purpose, they may retain information about the Customer's navigation path or the time of staying on a given page.
- The Service Recipient has the right to decide on the access of "cookies" to his computer by selecting them in advance in the browser window. Detailed information about the possibilities and ways of handling "cookies" are available in the software (web browser) settings.
If you do not agree to the placement of cookies on your device, you can block their placement by configuring your web browser accordingly. You can find information on how to do this in the help files of your web browser. Unfortunately, if you block cookies from pulcino.shop we cannot guarantee its correct operation.
If you agree to the placement of cookies on your device, but after the end of your visit to the pulcino.shop you would like to delete them, you can do it without risk, and information on how to do this can be found in the help files of your web browser.
VII. OTHER SERVICES RELATED TO THE USER'S ACTIVITY IN THE STORE
- The Store uses so-called social plugins ("plug-ins") of social networking sites. By displaying a website pulcino.shop containing such a plug-in, the Customer's browser will establish a direct connection with the servers of Facebook, Instagram, Pinterest and Google.
- The content of the plug-in is transmitted by a given service provider directly to the Customer's browser and integrated into the website. Thanks to this integration, service providers receive information that the Customer's browser has displayed the Store's website, even if the Customer does not have a profile with a given service provider or is not logged in with him. Such information (together with the IP address of the Customer) is sent by the browser directly to the server of the respective service provider (some servers are located in the USA) and stored there.
- If the Customer logs in to one of the above social networking sites, this service provider will be able to directly assign the visit to the Store's website to the Customer's profile on a given social networking site.
- If the Customer uses a given plug-in, e.g. by clicking on the "Like" button or the "Share" button, the corresponding information will also be sent directly to the server of the respective service provider and stored there.
- If the Service Recipient does not want social networking sites to assign data collected during visits to the Store's website directly to his profile on a given website, he must log out of this website before visiting the Store's website. The Service Recipient may also completely prevent plug-ins from being loaded on the website by using appropriate browser extensions, e.g. blocking scripts with "NoScript".