Privacy and Cookies Policy

§1 Introductory issues

  1. This Privacy Policy sets out the rules for the processing and protection of personal data of Users and Customers using the online store available at https://magicstairlighting.pl (hereinafter: the “Online Store”). The document also sets out the rules for the use of cookies.
  2. The owner of the Store and at the same time the data administrator is Roman Jarocki, who runs a business under the company Apacheta Smart Systems Roman Jarocki based in Poland, Podkowa Leśna 05-807, ul. Sarnia 41, NIP: 113-082-84-65, REGON: 015504134, entered into the Central Register and Information on Economic Activity kept by the Minister of Development, hereinafter referred to as APACHETA.
  3. Personal data collected by APACHETA via the Online Store are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), also called the GDPR.

§2 The type of data processed, purposes and legal basis

  1. APACHETA collects information about natural persons carrying out legal actions not directly related to their activities, natural persons conducting business or professional activities on their own behalf, and natural persons representing legal persons or organizational units that are not legal persons, to whom the law confers legal capacity, conducting on their own behalf business or professional activity, hereinafter collectively referred to as Customers.
  2. Customers’ personal data is collected in the case of:
    1. placing an order in the Online Store in order to perform the sales contract. Legal basis: necessary to perform the sales contract (art.6 par.1 point b GDPR). The Customer provides the following data: e-mail address, name and surname, address data (street, house / flat number, zip code, city and country), telephone number, and in the case of Entrepreneurs also the name of the Entrepreneur’s company and tax identification number.
    2. using the contact form service to perform an electronic contract. Legal basis: the necessity to perform the contract for the provision of the contact form service (Article 6 par. 1 point b of the GDPR). The customer provides the following personal data: email address, name and surname.
  3.  Personal data provided to APACHETA are provided voluntarily in connection with concluded sales or service provision services via the Online Store Website, with the proviso that failure to provide the data specified in the forms in the process of using the Contact Form prevents contact with the Online Store, and if you place an order, it will prevent you from submitting and processing your order.
  4. Customers’ personal data may be processed in accordance with the GDPR in order to:
    1. the implementation and performance of the contract concluded with the Customer in accordance with art. 6 par. 1 point b GDPR
    2. performance by the Administrator of legally binding obligations, in accordance with art. 6 par. 1 point c  GDPR and to the extent that specific provisions provide for it
    3. the implementation of legitimate interests pursued by the Administrator in accordance with art. 6 par. 1 point f  GDPR, i.e. to determine, defend, investigate or enforce possible claims and to defend against claims in proceedings before courts and other state authorities, as well as to protect persons and property belonging to the Administrator; in addition to personal data, other data regarding the use of services may also be processed in this case, if the claims result from the manner in which the Customer uses the services, as well as other data necessary to prove the existence of the claim, including the extent of damage suffered
    4. the implementation of legitimate interests pursued by the Administrator in accordance with art. 6 par 1 point f  GDPR, i.e. for the purpose of conducting direct marketing by the Administrator of the Administrator’s goods and services.
  5. When using the Store Website, additional information may be downloaded, in particular: the IP address assigned to the Customer’s computer or the supplier’s external IP address Internet, domain name, browser type, access time, operating system type.
  6. Navigation data may also be collected from customers, including information about links and references in which they decide to click or other activities undertaken in our Online Store. Legal basis – a legitimate interest (Art. 6 par.1 point f of the GDPR), consisting in facilitating the use of electronic services and improving the functionality of these services.

§ 3 Who is the data shared or entrusted to and how long is it stored?

  1. Customer’s personal data is transferred to service providers that APACHETA uses when running the Online Store. These are:
    1. Entities processing personal data only on the instructions of APACHETA (including courier and postal companies, hosting providers, accounting services, providing marketing systems, systems for analyzing traffic in the Online Store, systems for analyzing the effectiveness of marketing campaigns)
    2. Administrators who do not act solely on instructions and set the purposes and ways of using Customers’ personal data themselves. These are entities providing electronic and banking payment services.
  2. Location – service providers are based mainly in Poland and other countries of the European Economic Area (EEA).
  3. Time of storing clients’ personal data:
    1. If the basis for the processing of personal data is consent, then the Customer’s personal data are processed by APACHETA until the consent is revoked, and after revoking the consent for a period corresponding to the limitation period of claims that APACHETA may raise and which may be raised towards him. Unless a special provision provides otherwise, the limitation period is ten years, and for claims for periodic benefits and claims related to business operations – three years.
    2. If the basis for data processing is the performance of the contract, then the Customer’s personal data is processed by APACHETA as long as it is necessary to perform the contract, and after that time for the period corresponding to the period of limitation of claims. Unless a special provision provides otherwise, the limitation period is ten years, and for claims for periodic benefits and claims related to business operations – three years.
  4. Navigation data can be used to provide customers with better service, statistical data analysis and adapt the Online Store to customer preferences, as well as to administer the Online Store.
  5. APACHETA, in the event of a request to it, provides personal data to authorized state authorities, in particular organizational units of the Prosecutor’s Office, the Police, the President of the Office for Personal Data Protection, the President of the Office for Competition and Consumer Protection or the President of the Office of Electronic Communications.
  6. The website does not automatically collect any information, except for information contained in cookies. We never sell or transfer this information to other entities.

§ 4 Cookies mechanism, IP address

  1. The Online Store automatically uses small files, called cookies, which are saved by APACHETA on the end device of the person visiting the Online Store, provided the internet browser allows it. Cookies are IT data, in particular text files, usually containing the name of the website, if they come from, time of storage on the end device and a unique number.
  2. The entity placing the cookies on the Website User’s end device and accessing them is the Website operator.
  3. Cookies are used to:
    1. adjusting the content of the Website pages to the User’s preferences and optimizing the use of websites; in particular, these files allow to recognize the device of the Website User and properly display the website, tailored to his individual needs;
    2. creating statistics that help to understand how Website Users use websites, which allows improving their structure and content.
  4.  The cookies mechanism does not allow the collection of any personal data or any confidential information from clients’ computers.
  5.  The Website uses two basic types of cookies: “session” cookies and “persistent” cookies. Session cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). Persistent cookies are stored on the User’s end device for the time specified incookie file parameters or until they are deleted by the User.
  6.  APACHETA uses its own cookies for analysis and research and audience audit, and in particular to create anonymous statistics that help understand how customers use the Store Website, which allows improving its structure and content.
  7.  APACHETA uses external cookies to:
    1. popularizing the Online Store using the social network facebook.com (administrator of external cookies: Facebook Inc. with its registered office in the USA or Facebook Ireland with based in Ireland)
    2. popularizing the Store using the twitter.com social website (external cookie administrator: Twitter Inc. with its registered office in the USA)
    3. collecting general and anonymous static data about the manner and popularity of using our websites through analytical tools Google Analytics (external cookie administrator: Google Inc. based in the USA). By using the website’s pages you agree to the analysis of your data by Google Analytics for the purposes described here.
    4. popularizing the Store using the social network plus.google.com (administrator of external cookies: Google Inc. based in the USA)
    5. presenting ads tailored to the customer’s preferences using the Google AdWords online advertising tool (external cookie administrator: Google Inc. based in the USA)
    6. presenting multimedia content on the Store’s websites, which are downloaded from an external website www.youtube.com (administrator of external cookies: Google Inc. based in the USA)
    7. popularizing the Store using the social networking site pinterest.com (administrator of external cookies: Pinterest Inc. with its registered office in the USA).
  8.  APACHETA may collect Customers’ IP addresses. The IP address is the number assigned to the computer of the person visiting the Online Store by the internet service provider that allows access to the Internet. In most cases, the IP address is assigned to your computer dynamically, i.e. it changes every time you connect to the Internet and is therefore commonly treated as non-personal identifying information. The IP address is used by APACHETA in diagnosing technical problems with the server, creating statistical analyzes (e.g. determining from which regions we record the most visits), as information useful in administering and improving the Online Store, as well as for security purposes and possible identification burdening the server, unwanted automatic programs to view the content of the Online Store.
  9.  The cookies mechanism is safe for computers of Online Store Customers. In particular, it is not possible for viruses or other unwanted software or malware to enter your clients’ computers in this way.
  10.  In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies on the User’s end device. Website Users can change cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about them every time they are placed on the Website User’s device.
  11.  In their browsers, customers have the option of limiting or disabling cookie access to computers, including completely blocking or deleting the collection of cookies. If you use this option, you will be able to use the Store, in addition to functions that by their nature require cookies. Restrictions on the use of cookies may affect some of the functionalities available on the Website.
  12.  Cookies placed on the Website User’s end device may also be used by advertisers and partners cooperating with the Website operator. The Administrator is not responsible for the security of cookies from Website partners.
  13. More information about cookies is available in the “Help” section of the web browser menu.

§ 5 Rights of data subjects

  1. The right to withdraw consent at any time without affecting the lawfulness of the processing that was carried out on the basis of consent before its withdrawal – legal basis: art. 7 item 3 GDPR
  2. Right to object to data processing – legal basis: art. 21 GDPR
  3. The right to delete data (“right to be forgotten”) – legal basis: art. 17 GDPR
  4. The right to limit data processing – legal basis: art. 18 GDPR
  5. Right of access to data – legal basis: art. 15 GDPR
  6. The right to rectify data – legal basis: art. 16 GDPR
  7. Right to data portability – legal basis: art. 20 GDPR
  8. In the situation where the Customer has the right resulting from the above rights, APACHETA fulfills the request or refuses to comply with it immediately, but not later than within one month after receiving it. However, if – due to the complicated nature of the request or the number of requests – APACHETA will not be able to fulfill the request within a month, it will meet them within the next two months informing the Customer within one month of receipt of the request – about the intended extension of the deadline and its reasons.
  9. The Customer may submit to the Administrator complaints, queries and requests regarding the processing of his personal data and the exercise of his rights.
  10. The customer has the right to lodge a complaint to the President of the Office for Personal Data Protection, regarding the violation of his rights to the protection of personal data or other rights granted under the GDPR.

§ 6 Security management

  1. Taking care of the security of the APACHETA website as the website owner, he changes his access passwords from time to time, and also updates the software on the website.
  2. Links to other websites may appear on the Website. Such websites operate independently of the Website and are not supervised by the smartleds.pl website in any way. These websites may have their own privacy policies and regulations, which we recommend to read.

§ 7 Changes to the Privacy Policy

  1. We reserve the right to change the Privacy Policy, which may be affected by the development of internet technology, possible changes in the law in the field of personal data protection and the development of our website. We will inform you about any changes 7 days in advance.
  2. If in doubt as to any of the provisions of this privacy policy, please address any questions via the contact form or email address provided on the website https://magicstairlighting.com/contact/