- GENERAL PROVISION
1.1. The administrator of the personal data collected via the Online Shop is Gioiello with its registered office in Mikołów (address of the registered office and mailing address: Brzechwy 9a, 43-190 Mikołów), NIP: 6341781987; REGON[National Official Business Register]: 273669266; e-mail address: firstname.lastname@example.org – hereinafter referred to as the “Administrator” and being at the same time the Online Shop Service Provider and the Seller.
1.2. The personal data of the Service User (Customer) are processed in accordance with the Personal Data Protection Act of 29 August 1997 (Journal of Laws No. 133, item 883, as amended) and the Act on Electronic Services of July 18, 2002 (Journal of Laws No. 144, item 1204, as amended).
1.3. The administrator shall make all efforts to protect the interests of the persons to whom the data refer, and in particular the administrator shall ensure that the collected data are processed in accordance with the law; are collected for specified, legitimate purposes; are not subject to further processing incompatible with these purposes; are factually correct and adequate in relation to the purposes for which they are processed and are kept in a form which allows one to identify the persons to whom these data refer only as long as it is necessary for the purposes for which the data are processed.
1.4. All words, expressions and acronyms appearing on this page and beginning with a capital letter (eg Seller, Online Shop, Electronic Service) should be understood in accordance with their definitions included in the Rules of Procedure of the Online Shop available at: http://crystalgio.com/ regulations/
- PURPOSE AND SCOPE OF DATA COLLECTION
2.1. The purpose of the collection of the personal data by the Administrator is:
2.1.1. establishing, preparing the content, changing, performing or terminating the contractual relationship between the Service Provider (Seller) and the Customer (Client) involving the provision of Electronic Services via the Online Shop or conclusion and performance of the Product Sale Agreement and delivering them to the Customer.
2.1.2. direct marketing of own products or Administrator’s services.
2.2. Recipients of the personal data:
2.2.1. In the case of a Customer who uses the Online shop with the method of delivery by post, courier or a parcel locker, the Administrator provides the collected personal data of the Customer, within the scope and only as long as it is necessary for the delivery, to the selected carrier performing the shipment at the request of the Administrator.
2.3. The Administrator processes the following personal data of the Service Receivers (Customers): given name and surname; e-mail address; contact phone number; address (street, house number, apartment number, postal code, city, country). In the case of Service Receivers (Customers) who are not consumers at the same time, the Administrator also processes the name of the company and the tax identification number (TIN).
2.4. Provision of the personal data referred to in item 2.3 is necessary for the provision of the Electronic Services by the Service Provider in the Online shop or for the conclusion of the Product Sales Agreement. The scope of required data is also each time indicated in the Regulations of the Online shop and before the commencement of the provision of a specific Electronic Service or the conclusion of a Sales Agreement on the Online shop website.
- COOKIES AND OPERATING DATA
3.1. Cookies are small text information in the form of text files, sent by the server and saved on the device of the user visiting the Online shop website (eg on the hard drive of the computer, laptop or on the smartphone’s memory card – depending on which device is used when visiting our shop Internet). Detailed information about Cookies, as well as the history of their can be found, among others here: http://en.wikipedia.org/wiki/Ciasteczko.
3.2. The service provider processes the data included in Cookies when the visitors use the Online shop website for the following purposes:
3.2.1. identification of the Service Receivers as logged in to the Online shop and showing that they are logged in;
3.2.2. memorizing Products added to the basket in order to place an Order;
3.2.3. storing data from completed Order Forms, surveys or login details to the Online shop;
3.2.4. adjusting the content of the Online shop website to the individual preferences of the Service Receiver (eg regarding colors, font size, page layout);
3.2.5. keeping anonymous statistics showing the manner of using the Online shop website and analysis of the Service Receivers’ needs, excluding the Service Receiver’s personal identification.
3.3. As a rule, most web browsers available on the market accept saving Cookies by default. Everyone has the possibility to define the terms of using cookies by setting their own web browser. This means that you can, for example, partially restrict (eg temporarily) or completely disable the option of saving Cookies on your computer – however, in the latter case it may affect some functionalities of the Online shop (for example, it may not be possible to complete all the stages of the Order Form).
3.5. Detailed information on changing cookies settings and their self-removal in the most popular web browsers is available in the help section of the web browser and on the following pages (just click on the link):
– in the Chrome browser
– in the Firefox browser
– in the Internet Explorer browser
– in the Opera browser
– in the Safari browser
3.6. The service provider also processes anonymised operational data (the so-called logs – IP address, domain) to generate statistics helpful in administering the Online shop. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online shop. Logs are not disclosed to third parties.
- BASIS OF DATA PROCESSING
4.1. Providing personal data by the Service Receiver / Customer is voluntary, but failure to provide the personal data indicated in the Regulations necessary to conclude a Sales Agreement or a contract for the provision of Electronic Services results in the refusal to conclude the Agreement. The data necessary to conclude a Sales Agreement or a contract for the provision of Electronic Services are also indicated each time on the website of the Online shop.
4.2. The basis for processing the personal data of the Service Receiver / Customer is the need to perform the contract, to which the Service Receiver / Customer is a party or to take action at its request before the conclusion thereof. In the case of data processing for direct marketing of the Administrator’s own products or services, the basis for such processing is the consent of the Service Receiver / Customer.
- THE RIGHT TO CHECK, ACCESS THE DATA AND CORRECT THEM
5.1. The Service Receiver has the right to access their personal data and correct them.
5.2. Each person has the right to control the processing of data concerning that person, included in the Administrator’s data file, in particular the right to: request supplementing, updating, rectifying personal data, temporary or permanent suspension of their processing or their removal if incomplete, out of date, false or have been collected in violation of the Act or are no longer necessary to achieve the purpose for which they were collected.
5.3. In the case of data processing for direct marketing of the Administrator’s own products or services, the person to whom the data refer is also entitled to submit a written, justified request to stop processing their data due to their special situation and to object to the processing of their data.
5.4. In order to exercise the rights referred to above, you can use the option in the Account or by sending an appropriate message by e-mail to the following address: email@example.com or by writing to the Administrator’s address.
- FINAL PROVISIONS
6.2. The Administrator applies technical and organizational means to ensure that the processed personal data are protected appropriately against risk and adequately to the categories of data covered by the protection. In particular, the Administrator protects data against unauthorized access, acquisition by unauthorized persons, processing in violation of applicable laws, and against their change, loss, damage or destruction.
6.3. The Service Provider provides the following technical measures to prevent the collection and modification of data by unauthorized persons, and of personal data sent electronically:
6.3.1. Securing the data against unauthorized access.
6.3.2. Access to the Account conditioned on the provision of individual login and password.