Privacy policy and use of cookies
For us, the protection of personal data is an extremely important aspect for the proper operation of the company. Attaching particular importance to respect for your privacy in the processing of personal data, we present this policy, which was developed to create and maintain a high level of security with respect for the applicable laws in this regard. This document defines the principles of collection and processing of a set of personal data, as well as the rights of entities to manage the data.
1. GENERAL PROVISIONS
1.1. The administrator of personal data, i.e. the entity responsible for the collection, processing and use of personal data is Loftie sp. z o.o., Egor Ustinov, based in Warsaw (registered office and delivery address: Humanska 8/3, 00-789 Warsaw), NIP: 521-396-32-97, REGON: 521703971, Date of registration in the National Court Register 06.04.2022, e-mail address: info@loftie.eu, contact phone number: +48 536 065 148.
1.2. The Administrator shall act on the basis of internal procedures and recommendations in accordance with the relevant legal acts in the field of personal data protection, in particular with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
1.3. For the sake of security of the data entrusted to us, we have developed internal procedures and recommendations to prevent data from being made available to unauthorized persons. In implementing this privacy policy, we exercise the utmost care to protect the interests of data subjects, and in particular ensure that the data are:
- processed in accordance with the law,
- collected for designated legitimate purposes and not subjected to further processing incompatible with those purposes,
- Substantially correct and adequate in relation to the purposes for which they are processed,
- stored with the ability to identify individuals, no longer than necessary for the purposes for which they were collected.
2. PURPOSE AND SCOPE OF COLLECTION OF PERSONAL DATA
2.1. The purpose and scope of the collection of personal data processed by the Administrator result from the provisions of law or from the User's consent. Each time they are specified in connection with the activities undertaken in the online store, or within the framework of other communication channels.
2.2. The main purpose of the Administrator's collection of Customers' personal data is to handle and fulfillment of orders resulting from the conclusion of a sales or service contract, together with subsequent possible warranties. In addition, equally important possible purposes are direct marketing of the Administrator's own products or services and prevention of illegal acts and fraud. For other purposes, the User's personal data may be processed on the basis of voluntarily expressed consents and applicable laws.
2.3. A customer of the online store shall register by providing his/her name, delivery address, contact telephone number, e-mail address and optionally company data and tax identification number (NIP). The created account is protected by an individual password selected by the customer. After placing an order, the administrator of the online store panel manually enters the Customer's data and details of his order into the order processing system.
2.4. In order to process the order we require correct identification data (name, address) and payment data. We use the phone number and mailbox address to communicate with the Customer, send the order and confirm its receipt. The e-mail address is also necessary for identification when the customer logs into his, individual account. Please be advised that we may record your data when you contact us by phone, e-mail or letter.
2.5. The provision of Personal Data by the Customer is voluntary, but necessary for the conclusion and execution of the Sales Agreement, as well as its settlement.
3. WHO ARE THE RECIPIENTS OF THE DATA?
3.1. Users' Personal Data shall be provided to third parties only when permitted by law, including for contract performance and settlement purposes, for marketing purposes or if the User has given prior consent. The service providers may use the data thus provided only for the purpose of carrying out their task.
3.2. Please be informed that your data will not be transferred outside the European Economic Area.
3.3. In the event that the Customer who uses the method of delivery in the online store by mail or courier, the Administrator shall make the collected personal data of the Customer available to the selected carrier or intermediary performing shipments on behalf of the Administrator.
3.4. When using the method of electronic payment or payment card, the Administrator shall make available the collected personal data of the Customer to a selected entity handling the above payments in the Internet Store.
3.5. The Administrator of personal data shall supervise what data and to what extent, as well as to whom they are available.
3.6. As part of direct marketing (retargeting and banner advertising), we use third parties that use cookies on our site. These include the following companies:
- Doubleclick by Google, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; https://www.google.com/intl/no/policies/technologies/ads/
- Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA; https://www.facebook.com/about/privacy
4. USE OF DATA FOR ADVERTISING PURPOSES
4.1. In addition to collecting and processing data in the course of processing and processing orders, we also use personal data for advertising purposes. With a view to the satisfaction of our customers, we process data to optimize purchases within the framework of a customer-friendly offer, to be able to contact you in connection with marketing campaigns, or to match and recommend products that may be of interest to you.
4.2. The data acquired through cookies may be used to display remarketing advertisements. As part of the advertising, you may see mainly products that you have already viewed on our site or products similar to those you have previously viewed. We use this technology to be able to offer Users a more attractive online offer.
4.3. You may object at any time to the processing of your personal data for advertising purposes in its entirety or for individual activities. For this purpose, a notice in text form to the contact details listed in Section 10 is sufficient.
5. NEWSLETTER
5.1. For the dispatch of the newsletter we process the email address provided by the User. In order to use it, we require the User's confirmation consisting of his/her consent, as the owner of the e-mail address, to receive the newsletter, i.e. to process personal data for marketing purposes in accordance with the Act of August 29, 1997 (Journal of Laws of 2002 No. 101, item 926, as amended) on the protection of personal data and to receive commercial information by means of electronic communication in accordance with the Act of 18.07.2002 (Journal of Laws No. 144, item 1204, as amended) on the provision of electronic services.
5.2. The user may cancel the newsletter at any time. Wanting to cancel your consent, you should send a request under the title: "I resign from the newsletter" to the email address: info@loftie.eu.
6. COOKIES
6.1. Cookies are small files stored on the user's data carrier, which are used to save certain settings and data by the user's browser for exchange with our system. We distinguish between two types of cookies, so-called session cookies, which are deleted when the user closes the browser, and temporary (permanent) cookies, which are stored for a longer period or permanently on the user's data carrier. By storing these files, we are able to properly prepare our websites and offerings for the user's preferences. This makes it easier for the user to use the site, for example, by storing certain user data so that the user does not have to enter it each time.
6.2. When visiting the website for the first time, the user is informed about the use of cookies. By remaining on the website, the user accepts the use of ordinary cookies on the website. Failure on the part of users to change their browser settings is tantamount to consent to the use of cookies.
6.3. The installation of "cookies" is necessary for the proper provision of services on the Website. The "cookies" files contain information necessary for the proper functioning of the Website, especially those requiring authorization. You may at any time change the settings of your browser so that cookies are either accepted or rejected, or so that you are notified not to place these files on your computer.
6.4. Most of the cookies we use are automatically deleted from your computer's hard drive when your browser session ends (so-called session cookies). We also use cookies stored on the hard drive of the user's computer. During your next visit, the site automatically recognizes you and your preferred information and settings. Temporary and permanent cookies (retention period of up to 2 years) are stored on the hard drive of the user's computer, and are automatically deleted after a certain period of time.
6.5. Only pseudonymized data is stored in the cookies we use. When a cookie is activated, it is assigned an identification number without assigning the user's personal data to this identification number. Based on this cookie technology, we obtain, for example, information about which pages of our store a user has visited, which products he has viewed, etc. The sole purpose of cookies is to customize our offerings as much as possible and thus make it easier for you to navigate our site.
7. LOG FILES
7.1. During each visit to our websites, the browser provides data on user behavior, which are saved in log files, so-called server log files. The collections saved in this way contain the following data: the date and time of the download, the name of the page opened, the IP address, the URL of the reference page (the address of the page from which the user was redirected), the amount of data downloaded, as well as information about the product version of the web browser used. These log file data records are used by us to ensure server security.
8. WEB ANALYTICS
8.1. With a view to optimizing and continuously improving our offerings, we use so-called tracking technologies. We use Google Analytics services for this purpose.
8.2. Google Analytics
This website uses the web statistics analysis tool Google (Universal) Analytics from Google Inc. (www.google.pl). Google (Universal) Analytics uses methods to analyze your use of the website, such as cookies. The information generated in this way regarding visits to this website is generally transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address is truncated by Google before it is transmitted within the member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional situations is the full IP address transmitted to a Google server in the USA and shortened there. The anonymized IP address sent by the user's browser as part of the Google Analytics service is not combined with other Google data. The user can avoid the transmission of the data generated by the cookie relating to his/her use of the website (including the IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following address: http://tools.google.com/dlpage/gaoptout?hl=pl.
9. HOW LONG DO WE KEEP THE DATA?
9.1. The acquired personal data in relation to the mailbox, individual accounts of the store's Users, the newsletter and server logs are stored for no longer than is necessary for the purposes of processing or until the withdrawal of consent. Google Analytics stores collected data for a period of 50 months, while remarketing lists store data for 90 days. The obligation to collect data may also be designated by relevant laws, such as the need to store accounting documents, and the term of storage is in accordance with current legislation. We remind you that you have the right to manage your data (more on this in the next section).
10. DATA MANAGEMENT
10.1. Each person has the right to control his or her personal data, which may be exercised, among other things, by requesting information regarding the processing of his or her data. He or she may also exercise the right to request their updating, correction and deletion, and has the right to object in the cases specified in the provisions of the Personal Data Protection Act.
10.2. Account cancellation
Wanting to delete the account, one should send a request under the title: "I resign from my account" to the email address: info@loftie.eu. Information should be sent from the email address that is assigned to the account on loftie.eu. Resignation from the account is not equivalent to the deletion of personal data.
10.3. Deletion of personal data
In order to delete your personal data, you should send a message titled "I request deletion of personal data" to info@loftie.eu. The user should use the email address used to create an account or to process an order. Requesting deletion of personal data is equivalent to resignation from the account.
At the same time, we would like to draw your attention to the fact that in accordance with Article 23 of the Law on Personal Data Protection, in some cases, despite the request, the administrator may not delete part of your personal data.
10.4. Correction of personal data
Pursuant to Article 32.6 of the Personal Data Protection Act, any person may request that personal data be supplemented, updated, rectified, temporarily or permanently suspended or deleted if it is incomplete, outdated, untrue or has been collected in violation of the Act, or is no longer necessary for the purpose for which it was collected. This right can be exercised by editing the data in the "My Account" section. We also require you to send this information to our email address below in order to correct your data in the order processing system. If you place an order by phone or through the mailbox, you can update your data by sending a message under the title: "Correction of personal data" to the email address: info@loftie.eu.
10.5. Right to object
Any person whose data is processed has the right to control it (Article 32(1) of the Law). It is expressed, among other things, by the ability to object to their use for marketing purposes or transfer to another data controller.
The right to object can be exercised when the controller justifies the processing of data by meeting the conditions referred to in Article 23(1)(4) and (5) of the Act, i.e. when: the processing of the data is necessary for the performance of legally defined tasks carried out for the public good, or is necessary for the fulfillment of his legally justified purposes, or third parties to whom he transfers the data. This right does not apply when, for example, the basis for data processing is consent, a specific provision of law, or the data are processed in connection with the performance of a contract concluded with the controller.
If the User raises an objection, further processing of the questioned data is not allowed. However, the Administrator may leave the person's name(s) and address in the filing system only to avoid reuse of the person's data for purposes covered by the objection (Article 32.3 of the Law).
10.6. You are also entitled to lodge a complaint with the competent supervisory authority if you believe that your personal data has been processed in violation of applicable data protection laws.
Please direct any questions or concerns to the email address info@loftie.eu.
11. SAFEGUARDS
11.1. The Administrator shall use all technical and organizational means to ensure the security of personal data and protect it against accidental or intentional destruction, accidental loss, modification, unauthorized disclosure or access. Information is stored and processed on high-security servers with appropriate security measures that meet the requirements of the law.
11.2. The Administrator shall provide the following technical measures to prevent unauthorized persons from obtaining and modifying personal data sent electronically:
- securing the data set against unauthorized access,
- SSL certificate on the pages of the online store,
- encryption of data used for User authorization,
- access to the Account only after providing an individual login and password.
12. FINAL PROVISIONS.
12.1. The Online Store may contain links to other websites. The Administrator encourages the User, when redirected to other sites, to read the privacy policy and rules and regulations established there. This Policy applies only to the Administrator's designated activities.
12.2. The Administrator reserves the right to change the Privacy Policy in the future. This may occur as a result of the development of Internet technology, possible changes in the law on personal data protection and the development of the website. We will inform users of any changes in a visible and understandable manner.
12.3. In case of doubt or contradiction between the Policy and the consents given by the Customer, regardless of the provisions of this Policy, always the basis for taking and determining the scope of our activities shall be the consents voluntarily given by the Customer or the law. This Policy, however, is for informational purposes only.