1.1. The data controller with respect to any data collected through the Online Store is L37 SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, a Polish limited liability company with its registered office in Warsaw (registered and correspondence address: ul. Chmielna 21/21, 00-021 Warszawa, Poland), registered in the Business Register of the National Court Register under entry No. KRS 0000462821; the Registry Court having custody of the corporate documents: District Court for the Capital City of Warsaw in Warsaw, 12th Economic Division of the National Court Register; share capital of PLN 19,800.00; tax identification No. NIP: 7010381042; statistical No. REGON: 146681870; e-mail address: email@example.com, hereinafter referred to as the “Controller” and being also the Online Store Service Provider and the Seller.
1.2. Your personal data as the User (Customer) are processed in accordance with the Personal Data Protection Act of 29 August 1997 (Journal of Laws No. 133, item 883, as amended) and the Online Services Act of 18 July 2002 (Journal of Laws No. 144, item 1204, as amended).
1.3. The Controller exercises particular diligence to protect the interests of data subjects and, specifically, is committed to ensure that the data collected by the Controller are processed in compliance with the law; gathered for specific and lawful purposes and not subject to further processing contrary to such purposes; correct in their content and adequate to the purposes of their processing and stored in a form which enables identification of data subjects no longer than necessary to attain the purpose of such processing.
1.4. Any words, phrases or abbreviations as used on this page and capitalized (such as the Seller, the Online Store, Online Services) shall be construed as defined in the Online Store Terms and Conditions available at:www.l37.eu/en_US/i/Terms-and-Conditions/78
PURPOSE AND SCOPE OF DATA COLLECTION
2.1. The purpose of personal data collection by the Controller is as follows:
2.1.1. To establish, formulate, amend, maintain or terminate the contractual relationship between the Service Provider (Seller) and you (the User or Customer) involving the provision of Online Services through the Online Store or execution and performance of a Sale Contract for Merchandise and delivery of such Merchandise to you.
2.1.2. To conduct direct marketing of own products or services of the Controller.
2.2. If you use Merchandise home delivery service, the Controller will transfer the personal data collected from you, to the extent necessary to complete the delivery, to the selected carrier:
2.2.1. DPD Polska Sp. z o.o. based in Warsaw (registered address: ul. Mineralna 15, 02-274 Warszawa, Poland); Business Register entry No. KRS: 0000028368.
2.3. If you use electronic payment services or pay by payment card, the Controller will transfer the personal data collected from you only to the intermediary of your choice and only to the extent necessary for you to effect your payment using such intermediation. The intermediary available in the Online Store is:
2.3.1. PayU.pl operated by PayU S.A. based in Poznań (registered address: ul. Grunwaldzka 182, 60-166 Poznań, Poland), registered in the Business Register of the National Court Register under entry No. KRS 0000274399; registration records kept by the District Court for Poznań – Nowe Miasto i Wilda in Poznań; share capital of PLN 4,000,000 fully paid-up; tax identification No. NIP: 779-23-08-495.
2.4. The Controller processes the following User (Customer) data: name; e-mail address; contact phone number; address (street, number, flat/apartment, postal code, city/town and country). If you are not a consumer, the Controller will also process the name and tax identification number of your business.
2.5. Submitting the personal data described in par. 2.4. is necessary for the Service Provider to be able to provide Online Services through the Online Store or execute a Sale Contract for certain Merchandise. The scope of data required is always stated in the Online Store Terms and Conditions and before any specific Online Services are commenced or a Sale Contract made on the Online Store website.
COOKIES AND OPERATING DATA
3.1. Cookie files (cookies) are small pieces of data in the form of text files that are sent by the server and stored at your end when you visit the Online Store site (e.g. on the hard disk of your computer or laptop or on the memory card of your smartphone, depending on the device you are using while visiting our Online Store). For more information about cookies and the history of their creation, go to: http://en.wikipedia.org/wiki/HTTP_cookie or other relevant sources.
3.2. The Service Provider processes data contained in cookies while visitors to the Online Store website use the site’s features, for the following purposes:
3.2.1. To identify the Users logged in the Online Store and show their logged in status;
3.2.2. To remember Merchandise added to the basket to place an Order;
3.2.3. To remember the information typed in the Order Forms, questionnaires or the Online Store log in information;
3.2.4. To customize the content of the Online Store to suit your individual preferences (e.g. colors, font size, page layout, etc.) and optimize your user experience of the Online Store webpages; and
3.2.5. To keep anonymous statistics demonstrating the use of the Online Store features and survey Customer needs, excluding your personal identification.
3.3. Normally, the majority of web browsers available on the market accept cookies by default. You may set the conditions for using cookies in your browser settings. This means that you can partially (e.g. temporarily) or totally disable cookies on your computer, however, if you choose the latter option, some of the Online Store functionalities may be affected (for instance, going through the Ordering process using the Order Form may become impossible).
3.5. Details on how to change your cookie settings and delete cookies yourself are available in the Help section in your browser and at the following websites (click the relevant link to view): • for the Chrome browser • for the Firefox browser • for the Internet Explorer browser • for the Opera browser • for the Safari browser
3.6. Additionally, the Service Provider collects operating data (so-called logs: IP address and domain), which are stored for an indefinite period. We use them to generate statistics that help us administer the Online Store. These data are aggregated and anonymous, i.e. they do not contain any information that could identify visitors to the Online Store site personally. Logs are not disclosed to any third parties.
GROUNDS FOR DATA PROCESSING
4.1. Your decision to provide your personal data is voluntary but failure to submit the personal data mentioned in the Terms and Conditions and required to execute a Sale Contract or a Contract for Online Services will result in rejection of such a contract. The data required to execute a Sale Contract or a Contract for Online Services are always stated on the Online Store website.
4.2. Our commitment to perform the contract that you are a party to or to take any actions as you may request before contracting provides the grounds for the processing of your data. If your personal data are processed for direct marketing of own products or services of the Controller, such processing is additionally subject to your consent.
RIGHT OF ACCESS TO, CONTROL AND CORRECTION OF YOUR DATA
5.1. You have the right to access and have your personal data corrected.
5.2. Every data subject is entitled to control the processing of his/her data contained in the data set of the Controller, including, but not limited to, request that his/her personal data be supplemented, updated, corrected, temporarily or permanently suspended from processing or removed if they are incomplete, invalid, false or have been collected in violation of the statute, or are no longer needed for the purposes for which they have been collected.
5.3. For data processing for direct marketing of own products or services of the Controller, the data subject has also the right to file a written, substantiated request that the data processing be stopped due to his/her special situation and to object to the processing of his/her data.
5.4. To exercise the rights as aforesaid, you may use the relevant option in your Account or send an appropriate message via e-mail to: firstname.lastname@example.org or in writing to the address of the Controller.
6.2. The Controller uses technical and organizational measures to ensure that the personal data being processed are sufficiently protected, considering the risks and categories of protected data, and in particular provides protection of data against any unauthorized access or carrying away, unlawful processing or alteration, loss, damage or destruction.
6.3. The Service Provider provides the following technical safeguards preventing unauthorized acquisition or modification of data being submitted on-line:
6.3.1. Protection of the data set against unauthorized access.
6.3.2. Login and password protected access to the User Account.