1.1 Adam Sokół, acting as the owner of the company Unreleased Miniatures Adam Sokół. This company is incorporated under the law of Poland with Tax Identification Number (NIP) 7773093154, with its registered office in Poznań 60-159, Galileusza 5e/11, Poland.
1.2. The administrator processes personal data in accordance with the requirements of
Regulation (EU) No 2016/679 of the European Parliament and the Council from 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC - EU General Data Protection Regulation (referred to as "GDPR").
2. Data collection
The personal data that we collect: name and surname, name (company), tax identification number, business address, delivery address, telephone number, e-mail, credit card information, bank account number, username and password, IP address of the computer from which the registration was made or an order has been placed. Personal data is collected at the User's registration, filling in the Order form, the subscription form for the newsletter, during communication with the data subject.
3. Purposes of the data processing
Data will be processed for the purpose of:
3.1 Providing Account services - during the period of maintaining (registering) the Account for the User, until the moment of liquidation of the User's Account at the User's request - pursuant to Article 6(1)(b) of the Act on Public Benefit. 1(b) GDPR;
3.2 Conclusion and implementation of contracts for the sale of products via the Portal - until the end of the contract - pursuant to Article 6(1) (b) and 9(1)(b)(2) (h) GDPR;
3.3 The Administrator shall perform his legal obligations, in particular those resulting from the tax law - for a period of 5 years, counting from the end of the calendar year in which the particular tax is due in connection with the conclusion and performance of the contract of sale of the product via the Portal has expired, or longer if required by law - pursuant to Article 6(1)(b) of the Act on Public Contracts. Article 9(1)(c) and (9)(2)(h) GDPR;
3.4. Determine, pursue or defend against any claims that the Administrator or you may have against yourself (including data contained in the User Account, data concerning agreements for the sale of products through the Portal) - pursuant to Article 6(1)(f) and 9(2)( h) of the GDPR - during the periods of limitation of claims, specified in the provisions of law;
3.5 Sending a newsletter with health information content, products offered by the Administrator, until the withdrawal of consent, pursuant to Article 6(1)(a) GDPR.
4. Voluntary provision of data, consent for data processing
4.1. Providing data is voluntary. In the scope indicated in the Terms and Conditions, providing data is necessary for the purpose of Registration or submission and implementation of the Order.
4.2. You can provide your personal data without consenting to their processing in order to receive the newsletter.
4.3. If you consent to the processing of your data for the above purposes, you may withdraw your consent at any time by contacting the Customer Service Department at firstname.lastname@example.org by phone: (+48) 698 770 201. You may withdraw your consent to receive the newsletter by clicking on the appropriate link, placed in each newsletter. Withdrawal of consent shall not affect the lawfulness of the processing which has been carried out on the basis of consent prior to its withdrawal.
5. Rights related to the processing of personal data
5.1 Everyone whose personal data are processed shall have the right to access, rectify, erase or oppose (as far as is legally possible) the processing of personal data concerning him or her, and the right to data transfer. A person whose data are processed also has the right to lodge a complaint with the personal data protection authority.
5.3 The Administrator may refuse to delete the Data if there are reasons arising from the legal provisions.
6. Data protection
6.1 The Administrator shall apply appropriate technical and organisational measures to ensure the protection of the data being processed, and in particular shall protect the data against unauthorised disclosure, unlawful processing and alteration, loss, damage or destruction.
6.2 Only persons authorised by the Administrator shall be allowed to process your data within the organization (company) of the Administrator.
7. Other provisions