Privacy policy

This Privacy Policy defines the rules of storing and accessing information on the User’s devices by means of Cookies, which are used to provide services provided by electronic means requested by the User, by Jędrzej Kistowski Firma Kistowski Stwanki nr 2, 64-130 Rydzyna, NIP:. 69719230871.

  1. Definitions:
    1. Administrator – means Jędrzej Kistowski Firma Kistowski Stwanki nr 2, 64-130 Rydzyna, NIP: 6971923087, which is the administrator of personal data, stores and accesses information in the User’s devices and provides services electronically.
    2. Cookies – means IT data, in particular small text files, saved and stored on devices through which the User uses the Website’s websites.
    3. Administrator Cookies – means Cookies placed by the Administrator, related to the provision of services electronically by the Administrator via the Service.
    4. External Cookies – means Cookies placed by the Administrator’s partners, via the Service website.
    5. Service – means the website under which the Administrator operates the Internet service, operating in the domain https://www.kistowski.shop/.
    6. Device – shall mean an electronic device through which the User obtains access to the Service.
    7. User – shall mean an entity for the benefit of which services may be provided by electronic means in accordance with the provisions of law, or with which an Agreement on the provision of services by electronic means may be concluded, which has entrusted personal data to the Administrator through the Service.
  2. The purposes, conditions for storing and processing personal data and cookies
    1. The processing of personal data shall take place:
      • to fulfil contractual obligations,
      • to fulfil legal obligations,
      • for purposes resulting from legitimate interests pursued by the Administrator or a third party.

      The processing of personal data will be carried out in compliance with the relevant legal acts – the Personal Data Protection Act, the Act on Provision of Electronic Services, as well as all types of executive acts and acts of European Union law.

    2. Personal data shall be processed on the basis of the consent given by the User and in cases where legal regulations authorize the Administrator to process personal data on the basis of legal regulations or for the purpose of performing an agreement concluded between the parties.
    3. The Service performs the functions of obtaining information about users and their behaviour in the following way:
      • through information voluntarily entered in the forms,
      • by collecting cookies.
    4. The Service collects information voluntarily provided by the user.
    5. The data provided in the form shall be processed for the purpose resulting from the function of a particular form, e.g. in order to make the information contact handling process.
    6. Personal data left in the Service shall not be sold or made available to third parties without User’s consent.
    7. The data contained in the form may be viewed by the natural person who placed it there. Such a person also has the right to modify and stop processing his/her data at any time.
    8. The Service may contain links to other websites. Such websites operate independently of the Website and are in no way supervised by https://www.kistowski.shop/. These websites may have their own privacy policies and regulations, which we recommend you read. If in doubt about any of the provisions of this privacy policy we are available to you.
    9. The privacy policy may be changed by the Administrator in the future.
  3. Processing of personal data
    1. The Data Administrator processes users’ personal data primarily for the purpose and to the extent necessary for their use of the Service, placing orders and concluding contracts with the Administrator.
    2. Personal data is collected in the course of placing an order. This data is:
      • name and surname or company, 
      • address, 
      • PESEL or NIP, 
      • the telephone number, 
      • e-mail address (e-mail address). 
    3. The Administrator may process users’ data for marketing purposes, provided that the user agrees to this separately.
    4. The Administrator may process users’ data for statistical purposes in order to maintain and improve the services and offer of the Service so as to meet the needs of the users.
    5. The recipients of personal data may be the Administrator’s employees, courier companies, payment institutions, IT service providers (e.g. server and software providers, programmers), accounting service providers.
    6. The data shall be stored for the period required by the tax regulations increased by the period of limitation of possible claims of both the Administrator and the Customer.
    7. The User shall have the right to supplement, update, correct personal data, temporarily or permanently suspend their processing or delete them if they are incomplete, outdated, untrue or have been collected in violation of the law or are no longer necessary for the purpose for which they were collected.
    8. The data controller reserves the right to refuse to delete the user’s data if their preservation is necessary for the realization of claims or if it is required by the applicable law.
    9. The personal data collected by the Data Administrator are directly accessible only by authorized employees or collaborators of the Data Administrator and authorized persons dealing with servicing the Service who have been granted appropriate powers of attorney.
    10. Personal data of the users may be made available to entities entitled to receive them under the binding provisions of law, and in particular to competent judicial authorities.
    11. The Data Administrator declares that it processes users’ personal data in accordance with the Act of 10 May 2018. 3.10. The controller declares that it processes the personal data of users in accordance with the Act of 10 May 2018 on the protection of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – TODO) in such a way as to prevent access by third parties. The controller shall apply technical and organisational measures to ensure the protection of the processed data appropriate to the risks and categories of data to be protected, and in particular shall protect the users’ personal data against unauthorised access, loss or damage.
  4. Cookie policy
    1. The Service operated by the Administrator uses “cookies”. If the User does not change the settings of the browser, it is equivalent to consent to their use. Cookie files are placed on the device which the User uses to browse the Service in order to gather information about his visits to the Service. Some information is necessary for the website to work properly.
    2. What are “cookies” and what are they for?
      Cookies are small text files saved on the User’s end device (computer, notebook, tablet, smartphone, etc.) while browsing some websites. We use cookies, for example, to determine whether you are visiting us for the first time or to determine which functions of our website may be of particular interest to you. These files can significantly improve the use of our website by saving your preferences when you visit. Most web browsers will tell you how you can block the acceptance of new cookies and how to block existing cookies. However, you should note that if you do not accept cookies from your website, you may not be able to use the full functionality of the Website.
    3. What kind of cookie files does the Service use?
      The Website uses three types of “cookies”: “session”, “permanent” and “analytical” cookies.

      • “Session” cookies are temporary files, which are stored in the User’s terminal equipment until logging out (leaving the Shop). 
      • “Permanent” “cookies” are stored in User’s terminal equipment for the time specified in parameters of “cookies” files or until their deletion by User. 
      • “Analytical” “cookies” enable better understanding of the way of User’s interaction in the scope of the content of the Service, better organisation of its layout. “Analytical” “cookies” gather information about the way of using the Service by the User, the type of page from which the User has been redirected and the number of visits and the time of the User’s visit to the Service. This information does not record specific personal data of the User, but serves to develop statistics on the use of the Service. 
    4. The User has the right to decide in the scope of access to “cookies” files to his/her computer through their prior selection in the window of his/her browser. Detailed information on the possibilities and ways of handling “cookies” are available in the settings of the software (Internet browser).
    5. Cookies do not store personal data of the Service Users.
    6. Additional information concerning cookie files used in the Service:
      1. Necessary cookies:
        Cookies of this type enable you to move around freely on https://www.kistowski.shop/ and use all of its functions, such as accessing secure areas of the site (after login). Lack of these files makes it impossible to use, among others, the shopping function.
      2. Cookie files related to the improvement of performance:
        These types of cookies collect information on how the user uses the site, e.g. which pages he visits most often and whether he receives error messages from the sites. All information collected in this way is aggregated and anonymous and is used solely to improve the operation of the website and for statistical purposes.
      3. Cookie files related to functionality:
        Cookies of this type enable the Site to remember choices made by the user and provide improved, more personalised functions (e.g. how products are displayed and presented on the Site). These types of cookies may also be used to remember changes made to text size, fonts and other customizable elements of the site. They may also be used to provide services that you request, such as adding comments to a forum. The files and information collected in this way may be anonymous and cannot be used to track user activity on other websites.
      4. Cookies related to targeting and advertising:
        On the basis of these files, the websites display advertisements to users that may be of interest to them. The files are also used to limit the number of displays of a given advertisement and to measure the effectiveness of the advertising activities. They are usually placed by networks and advertising agencies with our consent. They remember that a user has visited a given website and make this information available to other organisations, such as advertisers.
  5. Transfer of personal data to online payment providers:
    1. Personal data will be transferred to third parties if the User chooses to pay using online payment providers as a payment method:
    2. The Administrator shall cooperate with the following online payment entities:
      Dotpay Sp. z o.o. with the seat in Kraków, 30-552 Kraków, at 28b Wielicka Street, registered by the District Court Kraków-Śródmieście in Kraków, XI Economic Department of the National Court Register under the number 0000700791, having the tax identification number NIP 634-26-61-860, EU tax identification number PL6342661860, REGON number 240770255 and the share capital of 4,000,000.00 PLN, paid in full in cash
    3. The transfer of personal data shall be carried out on the basis of standard contractual clauses known as “Privacy Shield”, which provide an adequate level of protection.
    4. The categories of personal data to be transferred:
      • IP addresses, 
      • unique identifiers associated with the browser used by the Customer (i.e. cookies), c) type and settings of browser and device, 
      • activity at https://www.kistowski.shop/, 
      • the sources of visits, 
      • information on purchases, means of payment and delivery. 
  6. The right to control, access and rectify the content of one’s own data
    1. The data subject has the right of access to the content of his or her personal data and the right of rectification, erasure, restriction of processing, right to data portability, right to object, right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.
    2. In order to exercise the rights referred to in point 1 and to report any events which affect the security of information transfer, an appropriate e-mail may be sent to: kontakt@kistowski.shop.
    3. The data subject has the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection.
  7. Final provisions
    1. The controller shall apply technical and organisational measures ensuring the protection of the processed personal data appropriate to the threats and categories of data subject to protection, and in particular it shall protect the data against their disclosure to unauthorised persons, taking them away by an unauthorised person, processing in breach of the applicable regulations and alteration, loss, damage or destruction.
    2. The controller shall make available appropriate technical means preventing the acquisition and modification by unauthorized persons of personal data sent electronically.
    3. In matters not regulated by this Privacy Policy, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (COD) and other relevant provisions of Polish law shall apply accordingly.
    4. The controller undertakes to regularly review this Privacy Policy and amend it when necessary or desirable in view of this: new legal regulations, new guidelines of authorities responsible for supervision of personal data protection processes, best practices applied in the area of personal data protection. The controller also reserves the right to modify this Privacy Policy in case of changes in the technology by which it processes personal data and the modification of this Policy affects the wording of this Policy, as well as in case of changes in the ways, purposes or legal basis of processing personal data.