Privacy policy
Dear User!
We care about your privacy and want you to feel comfortable while using our services. Below, we present the most important information about how we process your personal data and cookies used by our Store. These details have been prepared in accordance with GDPR, the General Data Protection Regulation.
Personal Data Administrator ("Administrator")
The Administrator of your personal data will be Naree sp. z o.o. with its registered office in Kraków, ul. Tadeusza Połomskiego 4, 30-609 Kraków.
You can contact us in the following ways:
1. By mail at: ul. Tadeusza Połomskiego 4, 30-609 Kraków
2. By email: [email protected]
Data Protection Officer
We have appointed a Data Protection Officer. This is the person you can contact in all matters regarding the processing of personal data and the use of rights related to data processing. You can contact the Officer by email at: [email protected]
Personal Data and Privacy
If you intend to create a User Account and use our services, you will be asked to provide your personal data.
Your data will be processed for the purposes related to the operation of the Store as indicated below.
Purpose of Processing:
We will process your data for the following purposes:
1. To conclude and perform the sales agreement and ongoing customer and potential customer service – the legal basis for processing is the necessity of data processing for the conclusion and performance of the contract,
2. Direct marketing of our products, including for analytical and profiling purposes; within the framework of direct marketing, we will, among other things, send you newsletters and offers to the email address you provide, as well as display ads for products that may interest you. We will also conduct profiling for marketing purposes – the legal basis for processing is your consent, provided you have given it; otherwise, your personal data will not be processed for these purposes;
3. Possibly, for the purpose of pursuing claims related to the sales agreement concluded with you – the legal basis for data processing is the necessity of processing to fulfill the legitimate interest of the administrator; the legitimate interest of the administrator is the ability to pursue claims.
Profiling Information
Based on your personal data, we conduct profiling, which means an automatic evaluation of certain personal factors about you. We conduct profiling to better understand your preferences and needs regarding our products and, as a result, offer you a more tailored offer. Based on your profile, we will send you tailored marketing messages. We will also use this to propose participation in discount or seasonal sales campaigns and inform you of price reductions for selected products or brands.
For profiling, we use data about your previous purchases and activity on our store's website, including products you viewed or added to your Cart or wishlist, data on the average value of your purchases and their frequency, and your activity on social media. Additionally, for profiling, we consider statistical data regarding [e.g., products frequently chosen by users with a similar profile].
Legal Basis for Processing:
1. Sales agreement or actions taken at your request leading to its conclusion (Art. 6(1)(b) GDPR)
2. A legal obligation incumbent on us, e.g., related to accounting (Art. 6(1)(c) GDPR)
3. Your consent given in the Store (Art. 6(1)(a) GDPR)
4. Service agreement or actions taken at your request leading to its conclusion (Art. 6(1)(b) GDPR)
5. Our legitimate interest in processing data to establish, pursue, or defend possible claims (Art. 6(1)(f) GDPR)
6. Our legitimate interest in conducting direct marketing (Art. 6(1)(f) GDPR)
7. Our legitimate interest in processing data for analytical and statistical purposes (Art. 6(1)(f) GDPR)
8. Our legitimate interest in conducting customer satisfaction surveys (Art. 6(1)(f) GDPR)
Providing Data:
Providing personal data in connection with the agreement is voluntary but necessary for the conclusion and performance of the sales agreement – without providing personal data, it is not possible to conclude a sales agreement.
Consequence of Not Providing Data:
Depending on the purpose for which the data is provided:
1. Inability to register in the Store
2. Inability to use the Store's services
3. Inability to make purchases in the Store
Possibility of Withdrawing Consent:
At any time – Data processing up to the moment of withdrawal of your consent remains lawful.
Processing Period:
We will process your data only as long as we have a legal basis for doing so, i.e., until:
1. We are no longer legally obligated to process your data
2. The possibility of establishing, pursuing, or defending possible claims related to the contract concluded by the Store between the parties expires
3. You withdraw your consent to data processing, if it was the basis for processing
4. Your objection to the processing of your personal data is accepted – in cases where the legal basis for data processing was the legitimate interest of the administrator or when the data was processed for direct marketing purposes – depending on which applies and occurs last.
Data Security:
While processing your personal data, we apply organizational and technical measures in accordance with applicable law, including using SSL encryption.
Your Rights:
You have the right to request:
1. Access to your personal data,
2. Correction,
3. Deletion,
4. Limitation of processing,
5. Request to transfer data to another administrator.
Additionally:
1. You may object at any time to the processing of your data: due to reasons related to your particular situation – to the processing of your personal data based on Art. 6(1)(f) GDPR (i.e., legitimate interests pursued by the administrator),
2. If personal data is processed for direct marketing purposes, as far as processing is related to such direct marketing.
Contact us if you wish to exercise your rights.
If you believe your data is being processed unlawfully, you may file a complaint with the supervisory authority.
EXTERNAL SERVICES / DATA RECIPIENTS
We use external service providers to whom your data may be transferred. Below is a list of possible recipients of your data:
1. Software provider necessary to run the online store
2. Payment service provider
3. Individuals cooperating with you under civil law contracts, supporting your ongoing operations
4. Software provider facilitating business operations (e.g., accounting software)
5. Entity providing us with technical support
6. Appropriate public authorities, to the extent that the Administrator is required to disclose data to them
7. In the scope of Newsletter service, data is transferred to Edrone sp. z o.o. based in Kraków (31-203), ul. Lekarska 1. You can read the privacy policy of our partner here: https://edrone.me/en/privacy-policy/
Contact with the Administrator:
Do you want to exercise your data-related rights?
Or maybe you simply want to ask about something related to our Privacy Policy?
Write to us at: [email protected]
Cookies Policy
Our Store, like most websites, uses so-called cookies.
The cookies we use are safe for the User's Device. In particular, this means no viruses or other unwanted software or malware can enter Users' Devices via cookies. These files allow identifying the software used by the User and customize the operation of the Service for each User individually. Cookies usually contain the name of the domain from which they originate, their storage time on the Device, and an assigned value.
We use two types of cookies:
1. SESSION COOKIES: are stored on the User's Device and remain there until the session of the given browser ends. The saved information is then permanently deleted from the memory of the Device. The mechanism of session cookies does not allow for the collection of any personal data or any confidential information from the User's Device.
2. PERMANENT COOKIES: are stored on the User's Device and remain there until they are deleted. Ending a browser session or turning off the Device does not delete them from the User's Device. The mechanism of permanent cookies does not allow for the collection of any personal data or any confidential information from the User's Device.
The User can limit or disable the access of cookies to their Device. If you use this option, using the Service will still be possible, except for functions that by their nature require cookies.
To learn how to manage cookies, including disabling them in your browser, you can use the help file of your browser or the information about cookies available at www.allaboutcookies.org
Purposes for which Cookies are used:
The Administrator uses Own Cookies for the following purposes:
a) Service configuration – adapting the content of the Service's web pages to the User's preferences and optimizing the use of the Service's web pages;
b) Analysis, research, and audience audit – collecting general and anonymous statistical data, creating anonymous statistics through analytical tools, which help understand how Users use the Service's web pages, allowing improvements in their structure and content;
c) Provision of advertising services – presenting advertising content tailored to the User's preferences;
The Service Administrator uses External Cookies for the following purposes:
a) Service configuration – adapting the content of the Service's web pages to the User's preferences and optimizing the use of the Service's web pages
b) Analysis, research, and audience audit – collecting general and anonymous statistical data via analytical tools such as Google Analytics – Cookies administrator: Google Inc. based in the USA; HotJar (HotJar Ltd.),
c) Provision of advertising services – presenting advertising content tailored to the User's preferences using analytical tools like Google Adwords, Edrone (Edrone Sp z. o. o).