1. GENERAL PROVISIONS
1.1. Personal data collected via the Online Store [w1] are administered by AGIO SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (Ltd.), based in Warsaw, with the office on Miączyńska 69A, 02637 Warsaw, phone/fax .: 22 521 52 73, e-mail: email@example.com, entered into the National Court Register kept by the District Court for the Capital City Warsaw in Warsaw, 13th Commercial Division, with the National Court Register Number 000331555, REGON - [Business ID. No.] 141900409, NIP [Taxpayer ID. No.] - 5213530641, with share capital of PLN 5000, and the bank account of the following number: 14 1050 1025 1000 0023 4171 4570; e-mail address: firstname.lastname@example.org - hereinafter referred to as "Administrator", and who is also the Service Provider and Seller.
1.2. Personal data of the Service Recipient (Customer) shall be processed in accordance with the Act of 29 August 1997 on Personal Data Protection (Journal of Laws No. 133, item. 883 as amended.) and the Act on Electronic Services of 18 July 2002 (Journal of Laws No. 144, item. 1204, as amended.).
1.3. The Administrator shall take special care to protect the interests of the collected personal data, and in particular ensure that this data is processed in accordance with the law and for specified, legitimate purposes, not subjected to further processing incompatible with those purposes, being at the same time relevant and adequate in relation to the purposes for which it is processed and stored in a form that permits identification of the persons it concerns, for no longer than is necessary to achieve the purpose of processing.
1.4. All words, phrases and acronyms appearing on this web site and beginning with a capital letter (e.g. Seller, Online Store, Electronic Service) shall be understood in accordance with the definition contained in the Online Store’s Terms and Conditions available on: http://www.sklep.agiomilano.com/regulamin-pm-5.html
2. PURPOSE AND SCOPE OF DATA COLLECTION
2.1. The purpose of collecting personal data by the Administrator is:
2.1.1. to establish, customize content, modify, execute or terminate the contractual relationship between the Service Provider (Seller) and the Service Recipient (Customer) for the provision of electronic services through the Online Store or the conclusion and execution of the Sales Agreement and the subsequent delivery of the Goods to the Customer.
2.1.2. direct marketing of the Administrator’s own products or services [w2].
2.2. In the case of Customers who use the services of delivery of the Goods to the Customer, the Administrator shall transmit the collected personal data concerning them to the extent necessary for the selected carrier to fulfill the delivery:
2.2.1. DPD (Poland) Sp. z o.o. based in Warsaw (main office address Mineralna 15; 02274Warsaw, Poland), of the following National Court Register Number: 0000028368
2.3. The Administrator shall processes the following personal data of the Service Recipients (Customers): [w3] full name; e-mail address; phone number; address (house/flat number, street, apartment number, postal code, city, district, country). In the case of the Service Recipients (Customers) who are not at the same time consumers, the shall additionally be allowed to processes the company’s name and tax identification number (NIP).
2.4. Providing personal data referred to in Art. 2.3. is necessary to provide by the Service Provider Electronic Services in the Online Store or conclude the Sales Agreement. Each time the data requested is indicated also in the Online Store’s T&C, as well as prior the provision of specific services or the conclusion of the Sales Agreement on the Online Store’s web site.
3. COOKIES AND OPERATIONAL DATA [w4]
3.1. Cookie files (cookies) are small text information in the form of text files sent by a server and stored on the side of the user visiting visitor Online Store’s site (e.g. on hard drive, notebook or smartphone’s memory card - depending on the device used for visiting the Online Store). Detailed information on cookie files, as well as their history, can be found e.g. here: http://pl.wikipedia.org/wiki/Ciasteczko.
3.2. The Service Provider processes the data contained in cookie files collected during the user’s visit to the Online Store’s site for the following purposes:
3.2.1. identify the Customers as signed in the Online Store and display their relevant status;
3.2.2. store products added to the cart in order to submit orders;
3.2.3. store data from the filled out order forms, surveys or data used when logging in to the Online Store;
3.2.4. customize content of the Online Store’s site to the individual preferences of the Customer (e.g. color, font size, page layout) and optimize the use of the Online Store’s pages;
3.2.5. keep anonymous statistics showing the way of using the Online Store and research needs of the Customers, with the exception of personal identification of the Service Recipient.
3.5. For details on changing the settings for cookies and their removal in the most popular web browsers are available in the web browser’s help section and on the following pages (simply click on the link):
· in Google Chrome
· in Mozilla Firefox
· in Internet Explorer
· in Opera
· in Safari
3.6. The Service Provider also collects operational data (the so-called “logs” - IP address, domain), stored indefinitely and used to generate statistics to assist in the administration of the Online Store. This data is anonymous and aggregate, i.e. does not contain identifying characteristics of visitors to the Online Store. Logs are not disclosed to third parties
4. THE BASIS FOR DATA PROCESSING
4.1. Providing personal data by the Service Recipient / Customer is voluntary, nevertheless failure to provide the personal data necessary for the conclusion of the Sales Agreement or Agreement for the Provision of Electronic Services, as set out in the T&C, shall result in refusal to conclude the contract. The data necessary for the conclusion of the two aforementioned agreements is also indicated in each case on the Online Store’s web site.
4.2. The basis for the processing of the Service Recipient’s / Customer’s personal data is the need to fulfill the provisions of the agreement to which the Service Recipient / Customer is a a party or to take action on his or her request prior to its conclusion. In the case of data processing for direct marketing of the Administrator’s own products or services, the basis for such processing is further consent granted by the Service Recipient / Customer.
5. RIGHT TO VERIFICATION, ACCESS DATA CONTENT AND ITS IMPROVEMENT
5.1. The Service Recipient shall have the right to access his or her personal data and correct it.
5.2. Every person shall have the right to control the processing of data concerning him or her, as contained in the data set of the Administrator, and in particular the right to request to supplement, update or correct personal data, temporary or permanent suspension of its processing, or removal if it is incomplete, outdated, incorrect or collected in violation of the law, or is no longer necessary for the purpose for which it was collected.
5.3. In the case of data processing for direct marketing of the Administrator’s own products or services, the data subject shall also be entitled to make a written, reasoned request to cease the processing of his or her data due to his or her particular situation and object to the processing of his or her data.
5.4. In order to exercise the rights referred to above, you can use the option in the Account, send the appropriate e-mail message to: email@example.com, or in writing by letter sent to the Administrator’s address.
6. FINAL PROVISIONS
6.2. The Administrator shall take technical and organizational measures to ensure the protection of personal data processed, appropriate to the risks and category of the data being protected, and in particular shall protect data against its unauthorized disclosure, takeover by an unauthorized person, processing with the violation of existing regulations, modification, loss, damage or destruction.
6.3. The Service Provider shall provide the following technical measures to prevent the acquisition and modification by unauthorized persons personal data transmitted electronically:
6.3.1. Securing the data set against unauthorized access.
6.3.2. Access to the account shall be possible only after the entering the correct individual username and password.