1. General provisions
- ASPAR s.c. A. Siciński, A. Sobczyński with headquarters in Chwaszczyno, ul. Oliwska 112, 80-209 Chwaszczyno, Poland, NIP: 586-21-08-040, REGON: 192919168, tel. 58 732-71-73, e-mail: firstname.lastname@example.org adheres to the privacy principles of individuals and he duly protects their personal data.
- Online Store – it should be understood as an online store with the address www.ampero.eu run by ASPAR s.c. A. Siciński, A. Sobczyński
- The Seller – it should be understood as the owner of an online store, an entity running an online store – ASPAR s.c A. Siciński, A. Sobczyński
- User – should be understood as a person using the services of the Online Store
- The Administrator – it should be understood as the Administrator of Users' personal data. The personal data administrator is the company ASPAR s.c. A. Siciński, A. Sobczyński.
2. Personal data
- Each User of the Online Store may browse the pages without providing his / her personal details.
- The basis for the processing of personal data is the User's consent, as well as the statutory authorization to process data necessary for the implementation and settlement of the sale transaction by ASPAR s.c. A. Siciński, A. Sobczyński.
- Users' personal data are processed and protected in accordance with the provisions of the Personal Data Protection Act of 29 August 1997. ASPAR s.c. A. Siciński, A. Sobczyński does not transfer, sell or lend collected Users' personal data to other persons or institutions except to enable them to fulfill their obligations under the law.
- In the case that the User wants to set up an Account in the Online Store, he must provide the following personal data: name, surname, name of company, VAT number, company address, phone number, e-mail address. The User provides his data voluntarily, however refusal to provide them prevents the Account from being created in the Online Store.
- During registration, the User provides an e-mail address, constituting a login and password to secure the User's account on the website. The login and password should be secured by the User against their use by unauthorized persons.
- In the case that User wants to subscribe to the newsletter, he must consent to the sending of commercial information within the meaning of art. 2 points 2 of the Act of 18.07.2002 on the provision of electronic services for the purposes of direct marketing. The User provides his data voluntarily, however refusal to provide them makes it impossible to send the User a newsletter.
3. The use of personal data
- The data provided by the User during registration are used as part of the services provided by the Seller only to enable the user to log in to the site, execute orders placed by him and to process payments for the order. To execute an order, user's personal data may be transferred to other entanties that will process user's personal data on their own behalf: courier companies, mail providers, while these entities are obliged to maintain confidentiality with regard to the user data provided to them.
- User's personal data may be made available to organ of government entitled to receive them on the basis of applicable law.
- User's personal data collected through direct contact of the User with the Seller via the website, e-mail, telephone are used only to correspond with the User and respond to his inquiries.
- The applicable law requires processing of personal data for tax and accounting purposes.
- Customer data is also collected for the purpose of sending commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002, No. 144, item 1204, as amended) if the user consented to this.
- The legal basis for data processing is:
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes (Article 6 (1) (a) of GDPR)
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1) (b) of GDPR)
- processing is necessary for compliance with a legal obligation to which the controller is subject (Article 6 (1) (c) of GDPR)
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (Article 6 (1) (f) of GDPR).
4. The recipient of user's personal data
- The administrator
- Courier companies, standard mail providers
- Accounting office providing to ASPAR s.c. accounting and administration services
- The organ of government entitled to receive data on the basis of applicable law
- The companies providing IT services
- The banks providing financial services
These entities are required to maintain confidentiality regarding the user data provided to them.
5. The right to access personal data, correct and delete them
In the situation where the Data Administrator processes your personal data, you have the following rights:
- the right to withdraw consent to the processing of data,
- the right to access your personal data,
- the right to request the correction of your personal data,
- the right to request the removal of your personal data,
- the right to demand the restriction of the processing of your personal data,
- the right to object to the processing of data - the Administrator processes your personal data in order to, among others, conduct marketing activities relating to Controller’s products and services. “A legitimate interest of the Administrator” constitutes the basis for such processing. In the case of such processing, you have the right to object. As a consequence, the Admionistrator will stop processing your personal data for the aforementioned purpose.
You have the right to lodge a complaint with the Head of the Office for Personal Data Protection if you believe that the processing of the personal data relating to you violates the provisions of the GDPR.
6. The period of storage of personal data
The data Administrator stores personal data for a period which depends on the purpose for which they are processed:
- for the purpose related to the performance of the sales contract and the contract for the provision of electronic services, the data is stored for the period necessary to perform, terminate or otherwise terminate the concluded contract,
- for the purpose of marketing, the data is stored until the consent of the data subject is withdrawn by the data subject for further processing of his data for this purpose,
- for the purpose of keeping accounting books, data is stored for a period required by law requiring the administrator to store accounting books (5 years, counting from the beginning of the year following the financial year for which the data pertain),
- for the purpose of establishing, investigating or defending claims, the data is stored for the duration of the legitimate interest pursued by the administrator, but no longer than for the period of limitation of claims against the data subject for the business activity conducted by the administrator.The limitation period is defined by law, in particular the Civil Code (the basic deadline for claims related to running a business is 3 years, and for a sales contract 2 years).
7. Security of personal data
- The personal data administrator applies technical and organizational measures necessary for data protection as required by the Personal Data Protection Act, in particular, protects Users' personal data against making them available to unauthorized persons, loss or damage.
- In order to prevent the unauthorized acquisition and modification of personal data sent by the User during registration and logging into the user account of the Online Store, the Administrator provides encryption of the connection to the Online Store using the SSL certificate.
- The User should keep the login and password for the account in the Online Store confidential and not disclose them to third parties. In order to prevent the use of the User Account by unauthorized persons, the User should log out each time after using the Online Store.
8. Automatic processing of personal data
Your personal data is not processed in an automated way (including in the form of profiling).
9. Transfer of personal data to a third country
Your personal data will not be transferred to a third country/international organisation.
10. Collection of data by cookies
- Cookies are files containing IT data, which in turn are stored in the User's end device (eg: computer, tablet, smartphone, etc.), which streamline and facilitate the use of the Online Store resources.
- diagnosing problems related to the work of our Online Store,
- proper functioning of the Online Store,
- analysis of security breaches,
- providing users with content that best suits their interests,
- remembering the cart status or the status of the logged User,
- statistical purposes.
- Changing the settings for cookies
- Detailed manual for cookies is available in the User's web browser settings.
- Consequences of excluding cookies
- Disabling cookies does not affect the ability to read or view the contents of the Online Store. However, it may lead to incorrect operation of the Online Store or the occurrence of restrictions on access to certain services offered as part of that Online Store.
- In special cases, as a cookie, an encrypted session key may be stored, the absence of which will automatically log out the user from the Online Store.
11. Links to external websites
The Seller is not responsible for the content, content or availability of information on the landing pages to which the links placed in the Online Store lead.
12. Final Provisions