Skip to main content

Privacy Policy

§ 1 GENERAL PROVISIONS

  1. The administrator of personal data is Graffidea Agnieszka Dryzek, located at 34 Puławska Street, building 6, with tax identification number: 9511666992. Graffidea Agnieszka Dryzek can be contacted in writing at the address indicated in the preceding sentence or by email at: biuro@graffidea.pl
  2. According to Art. 37 of the GDPR, “Graffidea Agnieszka Dryzek” has not appointed a Data Protection Officer.
  3. The privacy policy is an integral part of the Regulations. By using the services offered by us, you entrust us with your information. This document serves only as an aid in understanding what information and data are collected, for what purpose, and how they are used. This data is very important to us, so please read this document carefully as it defines the principles and methods of processing and protecting personal data. This document also specifies the rules for the use of “Cookies” files.
  4. We inform you that we comply with the principles of personal data protection and all legal regulations provided for by the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  5. Upon request of the person whose personal data is processed, we provide exhaustive information on how we use their personal data. We always strive to clearly inform about the data we collect, how we use it, what purposes it serves, to whom we provide it, what protection we provide for this data when transferring it to other entities, and we provide information about institutions to contact in case of doubts.

§ 2 PRIVACY PRINCIPLES

  1. We respect your privacy. We want to ensure your convenience in using our services.
  2. We value the trust you place in us by entrusting us with your personal data to provide services. We always use personal data fairly and in a way that does not betray your trust, only to the extent necessary to provide services.
  3. As a User, you have the right to obtain full and clear information about how we use your personal data and for what purposes it is necessary. We always clearly inform about the data we collect, how and to whom we provide it, and provide information about entities to contact in case of doubts.
  4. In case of doubts regarding the use of your personal data by us, we will immediately take action to clarify and dispel such doubts. We comprehensively answer all related questions.
  5. We will take all reasonable actions to protect your data from improper and uncontrolled use.
  6. The legal basis for processing your personal data is:
    1. art. 6 para. 1 lit. a – the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    2. art. 6 para. 1 lit. b – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
    3. art. 6 para. 1 lit. c – processing is necessary for compliance with a legal obligation to which the controller is subject;
    4. art. 6 para. 1 lit. d – processing is necessary to protect the vital interests of the data subject or of another natural person;
    5. art. 6 para. 1 lit. e – processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    6. art. 6 para. 1 lit. f – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.Y
  7. our personal data related to the conclusion and performance of the contract will be processed for the duration of its performance, as well as for a period not longer than provided for by law, including the provisions of the Civil Code and the Accounting Act, i.e., no longer than 10 years from the end of the calendar year in which the last contract was performed.
  8. Your personal data processed for the purpose of concluding and performing future contracts will be processed until objection is raised.
  9. You have the right to: access your personal data and obtain a copy of the personal data being processed, correct your incorrect data; request deletion of data (right to be forgotten) in case of circumstances specified in art. 17 of the GDPR; request restriction of data processing in cases specified in art. 18 of the GDPR, object to data processing in cases specified in art. 21 of the GDPR, and transfer provided data processed in an automated manner.
  10. If you believe that your personal data is being processed unlawfully, you can lodge a complaint with the supervisory authority (the President of the Office for Personal Data Protection, Stawki 2 Street, Warsaw). If you need additional information related to personal data protection or want to exercise your rights, please contact us in writing at the correspondence address.
  11. We comply with all applicable laws and regulations regarding data protection and will cooperate with data protection authorities and law enforcement agencies authorized to do so. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, social norms, and established customs.
  12. For questions, please contact us through the page from which you were redirected to this Privacy Policy.
  13. Your request for contact will be promptly forwarded to the appropriate person appointed for this purpose.

§ 3 SCOPE AND PURPOSE OF PERSONAL DATA COLLECTION

  1. We process necessary personal data to provide services and for accounting purposes only.
  2. We collect, process, and store the following user data:
    1. first and last name,
    2. address,
    3. delivery address (if different from the residential address),
    4. tax identification number (NIP),
    5. email address,
    6. phone number (mobile, landline),
    7. information about the internet browser used,
    8. other personal data voluntarily provided to us.
  3. Providing the above data is completely voluntary but also necessary for the full provision of services.
  4. We may transfer personal data to servers located outside your country of residence or to affiliated entities, third parties based in other countries, including countries in the European Economic Area (EEA – European Economic Area), for the purpose of processing personal data by such entities on our behalf in accordance with the provisions of this Privacy Policy and applicable law, customs, and data protection regulations.
  5. Entities providing services necessary for the operation of the service may have access to your data, such as:
    1. Hosting companies providing hosting services or related services for the Administrator,
    2. Companies through which the Newsletter service is provided,
    3. IT service and support companies performing maintenance or responsible for maintaining IT infrastructure,
    4. Companies mediating in online payments for goods or services offered within the Service (in the case of making purchase transactions in the Service),
    5. Companies mediating in mobile payments for goods or services offered within the Service (in the case of making purchase transactions in the Service),
    6. Companies responsible for accounting for the Administrator (in the case of making purchase transactions in the Service),
    7. Companies responsible for delivering physical products to the User (postal / courier services in the case of making purchase transactions in the Service).

§ 4 COOKIE FILES

  1. We use cookies or similar technologies (hereinafter collectively referred to as “cookies”) through which computer data, in particular text files, intended for use on websites and stored on Users’ end devices browsing the pages, can be understood. Information collected using cookies allows for customizing services and content to individual needs and preferences of users, as well as serves to develop general statistics regarding users’ use of the pages. Data collected using cookies is collected solely for the purpose of performing specific functions for Users and is encrypted in a way that prevents unauthorized access to them.
  2. We use the following types of cookies on our website:
    1. Internal cookies – files placed and read from the User’s Device by the Service’s IT system,
    2. External cookies – files placed and read from the User’s Device by the IT systems of external Services. Scripts of external Services that may place cookies on User Devices have been knowingly placed on the Service through scripts and services provided and installed in the Service,
    3. Session cookies – files placed and read from the User’s Device by the Service during one session of a given Device. After the session ends, the files are deleted from the User’s Device,
    4. Persistent cookies – files placed and read from the User’s Device by the Service until they are manually deleted. Files are not automatically deleted after the session ends unless the User’s Device configuration is set to delete cookie files after the Device session ends.
  3. The following types of cookies are used on our website due to the necessity of providing services:
    1. necessary cookies, enabling the use of services available within the website, in particular authentication cookies used for services requiring authentication;
    2. security cookies, in particular used to detect abuse in the field of authentication;
    3. performance cookies, enabling the collection of information about the way users use websites;
    4. functional cookies, enabling the “remembering” of user-selected settings and personalization of the user interface;
    5. advertising cookies, enabling the delivery of advertising content tailored to their interests to users.
  4. Web browsing software (web browser) usually allows cookies to be stored on the end device by default. The User browsing the website can independently and at any time change the settings regarding cookies, specifying the conditions for their storage and access by cookies to the User’s device. Changes to the settings referred to in the previous sentence can be made in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about each placement of cookies on the User’s Device. Detailed information on the possibilities and ways of handling cookies is available in the software settings (web browser).
    Using the website without changing the settings regarding cookies means expressing consent to the storage of cookies. The User can always withdraw their consent by changing the cookie settings. Information on how to configure cookie settings in example web browsers is available here:

    1. Chrome
    2. Opera
    3.  FireFox
    4. Edge
    5. Safari
    6. Internet Explorer 11

§ 5 SOCIAL MEDIA PLUGINS

  1. So-called social media plug-ins may be present on our website.
    1. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To view Facebook plugins, go to: https://developers.facebook.com/docs/plugins
    2. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view Twitter plugins, go to: https://dev.twitter.com/web/tweet-button
  2. The plugin only provides the provider with information about which of our websites you accessed and when. If a user is logged into their account on Facebook or Twitter while viewing or being on our website, the provider is able to link your interests, information preferences, and other data obtained, for example, by clicking the Like button or leaving a comment, or by entering a profile name in the search. Such information will also be transmitted by the browser directly to the provider.
  3. To avoid being recorded by the Plugin on our website, you must log out of your account before browsing our website.

§ 6 RIGHTS AND OBLIGATIONS

  1. We have the right and, in cases specified by law, also a statutory obligation to provide selected or all information regarding personal data to public authorities or third parties who request such information based on applicable Polish law.
  2. The User has the right to:
    1. access to personal data
      The User has the right to obtain access to their personal data, exercised upon request submitted to the Administrator
    2. rectification of personal data
      The User has the right to demand from the Administrator immediate rectification of inaccurate personal data or supplementation of incomplete personal data, exercised upon request submitted to the Administrator
    3. erasure of personal data
      The User has the right to demand from the Administrator immediate erasure of personal data, exercised upon request submitted to the Administrator In the case of user accounts, data deletion consists of anonymizing data enabling identification of the User. The Administrator reserves the right to suspend the execution of a request for data deletion to protect the Administrator’s legitimate interests (e.g., if the User has violated the Regulations or the data has been obtained as a result of conducted correspondence). In the case of the Newsletter service, the User has the option to delete their personal data independently using the link included in each email message sent.
    4. restriction of processing personal data
      The User has the right to restrict the processing of personal data in cases specified in art. 18 of the GDPR, including questioning the accuracy of personal data, exercised upon request submitted to the Administrator
    5. data portability
      The User has the right to receive from the Administrator personal data concerning the User in a structured, commonly used, machine-readable format, exercised upon request submitted to the Administrator
    6. object to the processing of personal data
      The User has the right to object to the processing of their personal data in cases specified in art. 21 of the GDPR, exercised upon request submitted to the Administrator
    7. lodge a complaint
      The User has the right to lodge a complaint with the supervisory authority responsible for the protection of personal data.