If this document refers to a “Service”, it should be understood as services provided as part of the provision of services to clients (hereinafter “Users” or “Customer”).
Administrator of Users’ personal data transmitted in connection with use of the Services (the “Personal Data”) is a BB REPUBLIC sp. z o.o., Hutnicza 49A street, 81-061 Gdynia, Poland, NIP 958-170-95-83, REGON 386612824, KRS 0000851807, e-mail: firstname.lastname@example.org, phone (0048) 519 536 746.
II. Users’ personal data
- The use of Services of a commercial nature (against payment) may require the User to provide personal data. In this case, failure to provide personal data may limit the use of these Services.
- Providing personal data by the User may also be required in other justified circumstances, such as a request to the Administrator to provide certain information, about which the User will be informed each time.
- The Administrator may conduct questionnaires among Users in order to obtain specific data for keeping statistics. The questionnaires is always voluntary, and the personal data collected in this way will be processed anonymously and will be used for statistical analysis and creation of a collective image of Users. The disclosure of these data is always voluntary.
- The data processed on the basis of your consent will be kept until you withdraw your consent to the processing of your data, unless applicable law requires us to store them longer.
III. The scope of personal data and their processing
- To the terms justified by the given Service, the Administrator may ask the User to provide, in particular, the following personal data: name, address, telephone number, e-mail address and other data necessary to perform the Service.
- The Administrator processes personal data for the purpose of:
– conclusion and performance of a sales contract as well as ongoing service for current and potential customers,
– direct marketing of products, for analytical and profiling purposes, for example, to send an e-mail, a newsletter, advertisements for products and/or services, and other promotional and marketing content,
– conducting statistical analyzes and creating a collective profile of Users,
– optionally, for the purpose of manage returns, complaints, and pursuing claims related to the concluded sales contract.
- Based on the collected personal data, profiling is performed, i.e. an automatic assessment of certain personal factors. When profiling, statistical data are taken into account, among others, regarding the goods selected by the User or Users with a similar profile. It is carried out to better understand the preferences and needs of the User. On the basis of the collected data, among others, marketing messages, proposals to take part in discount campaigns, information about price reductions will be sent. For profiling, among others, data on purchases made, activity on the website of our store, on the goods viewed, data on the average value of purchases and their frequency, activity in social media are used.
- When visiting our website, we process data such as: IP address, cookies – art. 6 par. 1 lit. f) RODO, when ordering we process data such as: e-mail address, name and surname, delivery address, invoice address, IP address, cookies – art. 6 par. 1 lit. a), b) and f) RODO, when sending the newsletter we process such data as: e-mail address, first and last name, order history – art. 6 par. 1 lit. a) and f) RODO, during the recruitment process we process data such as: name and surname, telephone number, e-mail address, application documents (cv) – art. 6 par. 1 lit. a) RODO.
IV. The basis for the processing of personal data
- Personal data are processed on the basis of the consent expressed by the User and in cases where the law authorizes the Administrator to process personal data, in the case of placing an order under a contract in other cases on the basis of legally justified interests carried out by the Administrator.
- The User agrees to the processing of his personal data by accepting the information displayed on the website or by continuing to use the website. In the case of the conclusion of the contract, the consent is made by submitting the order by the User through our website.
V. Commercial information, surveys, newsletter
- Administrator may send Users, including e-mail addresses indicated by them, commercial information about the products and services of entities belonging to their partners.
- Administrator may send Users, including the e-mail addresses provided by them, questionnaire if they agree to such action.
- The Administrator may process personal data to improve the Services, as well as to adapt advertisements, materials or recommendations displayed on the Website to the preferences or interests of the User. The Administrator may for this purpose link personal data provided by the User in connection with the use of a given Service with other Personal Data relating to that User and processed by the Administrator.
VI. Transmission and sharing of personal data
- Administrator may provide or disclose personal data to third parties in the event that:
a) the user agrees or,
b) it will be justified by specific law regulations or,
c) it will be necessary to provide the Services.
VII. User Rights
- The user has the right to access their data and the right to rectify, delete, limit processing, the right to data transfer, the right to object, the right to withdraw consent at any time, or the right to lodge a complaint to the supervisory body.
- User may use his rights by submitting an appropriate instruction via traditional or electronic mail. The answer will be sent immediately after receiving the application. If necessary, the deadline for making the request may be extended due to the complex nature of the request or the number of requests made. If the applications turn out to be excessive, in particular due to their usual nature, Administrator may request a reasonable fee for the next request or refuse to take action in relation to the application.
- Administrator which processes data in files, has the obligation to provide information at the request of the person whose data is processed about:
a) the fact that data concerning it are processed,
b) full address of the registered office and full name of the data administrator,
c) the purpose, scope and method of data processing,
d) the date from which the data were included in the file,
e) data content,
f) the method of sharing data and recipients or categories of recipients of data,
g) the source from which the data relating to it originate, unless the controller is obliged to maintain state, professional or business secrets in this regard.
VIII. Safety rules
- Administrator is obliged to apply technical and organizational measures to ensure protection of personal data being processed, and in particular should secure data from unauthorized access, unauthorized removal, processing in violation of the Act, change or loss, damage or destruction.
- The collections of personal data are protected and secured:
1) after completion of work, personal data should be secured in closed rooms, in a way that makes it impossible for third parties to read their content,
2) individual computers containing personal data should be password protected. Employees employed in their operation may not allow unauthorized persons to use the computer,
3) in addition to the password, computers are equipped, among others, with anti-virus software,
4) staying in rooms of unauthorized persons is allowed only in the presence of the person employed in the processing of these data,
5) rooms should be closed during the absence of employed persons,
6) computer monitors should be set up in order to prevent third parties from viewing personal data,
7) employees with access to personal data must submit a statement about the confidentiality of personal data and read the provisions on data protection.
- Administrator is obliged to collect the declarations referred to in this article, from employees. The scope of activities of persons employed in the processing of personal data, to the extent appropriate to the tasks, should take into account responsibilities in the area of responsibility for the security of personal data. Mentioned declarations shall be signed in two copies, one of which shall be given to:
1) data administrator,
2) the employee.
IX. Cookies and other technologies
- We use Local Storage (LS) technology, similar to the principle of operation for cookies, but having slightly different properties. LS is a separate part of browser memory used to store data saved by websites. Access to it can only be obtained from a website operating on the same website from which the data was saved, but unlike cookies, they are not sent by the browser every time you refer to the server. The data in LS is permanently stored by the browser and is not deleted when the browser is closed or has a validity period. We emphasize that we do not use this technology to “track” or identify users, but only to provide services at the highest level. We use LS technology, eg to remember settings or save data about recommended entries.
- We also use the User Agent, which is a client application. Header containing the so-called user agent string (UAString), which is used by websites to recognize the type of client program. Virtually every modern browser uses UAString. Also, many HTTP clients that are not typical browsers send the UAString header when validating the source or indexing pages to the search engine database.
X. Browser settings
The user can change the settings of the web browser at any time. Failure to change means that the aforementioned cookie information may be posted and stored in the User’s end device. From the level of the web browser that the user uses, for example, you can manage cookies manually. The most popular browsers include the ability to: specify settings for cookies, or block or delete cookies. Comprehensive information is available in the software (web browser) settings and its manual.
- The Website User may contact Administrator in order to obtain information on whether and how the Administrator uses or intends to use his personal data.
- Address where you can contact the Administrator:
BB REPUBLIC sp. z o.o.,
Hutnicza 49A street,
81-061 Gdynia, Poland,
NIP 958-170-95-83, REGON 386612824, KRS 0000851807,
phone (0048) 519 536 746