I. GENERAL PROVISIONS

1. The administrator of personal data collected through the Internet Shop is Czajkowski sp. z o.o. with its registered office in Wrocław (50-134) at Białoskórnicza 15-16, VAT-ID: PL 8971812319, REGON 362284020, KRS: 0000571214 telephone number: +48 734485403, e-mail: galeria@4mara.com (“Seller”, “Administrator”).
2. Any personal data provided by the Customer is processed by the Seller in accordance with the Personal Data Protection Act of 29 August 1997. (Journal of Laws No. 133, item 883 as amended) and the Act on Rendering Electronic Services of 18 July 2002. (Journal of Laws No. 144, item 1204 as amended).
3. The Administrator undertakes to exercise due diligence in protecting the personal data collected and processed.
4. The collected personal data is processed in a manner consistent with the applicable provisions of Polish law, in a manner consistent with the law for the designated, legally permissible purposes.

II. METHOD OF OBTAINING PERSONAL DATA

1. The Seller collects personal data of the Customers through (a) the Customer’s Individual Account Registration Form, (b) the Order Form, (c) Cookies.
2. The data in the forms listed in point II 1 a-b above are collected because of their voluntary introduction by the Customer.
3. Cookies are saved on terminal equipment.

III. FORMULARS

1. The Seller collects information provided voluntarily by the Client.
2. In addition, technical data such as the quality of Internet connection, IP number, time zone, date and time may also be stored.
3. Information provided by the Client in the forms are not made available to any third parties unless the Client agrees to this.

IV. PURPOSE AND SCOPE OF PERSONAL DATA COLLECTION

1.The purpose of collecting personal data by the Administrator is to:

(a) conclusion, change, performance or termination of the legal relationship consisting in free provision of Electronic Services by the Seller to the Customer via the Online Shop, as well as conclusion, change, performance or termination of the Product sales agreement and their delivery to the Customer.

(b) direct marketing of the Products on offer in the Online Shop,

(c) transferring the contact data of the Clients to the Seller’s business partners for marketing purposes

2. Recipients of personal data:

(a) in case of a Customer who uses the delivery of a parcel through a courier company, the Administrator makes available the collected personal data of the Customer, in the scope and not longer than it is necessary to make the delivery, to a selected carrier carrying out the parcel on the Administrator’s order.

(b) in the case of a Customer who uses the method of electronic payment in the On-line store, the Administrator makes the collected personal data of the Customer available, within the scope and no longer than it is necessary to make the payment, to a selected entity handling the above payments in the On-line store.

(c) The Administrator processes the following personal data of Clients:

• name and surname (in case of a natural person);

• company name (in case of a legal person);

• name and surname of the contact person (in case of a legal person);

• electronic mail address

• contact telephone number;

• address (street, house number, apartment number, post code, town, country) (in case of a natural person);

• address of the seat (in case of a legal person).

3. Providing personal data referred to in point. 2(c) above is necessary for the provision of Electronic Services by the Seller or conclusion of an agreement to sell Products.

V. COOKIES AND OPERATING DATA

1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the user visiting the website of the Internet Shop (e.g. on the hard drive of a computer, laptop, or on the memory card of a smartphone – depending on which device you use when visiting our Internet Shop).

2. The Seller processes the data contained in the Cookies files when the visitors use the website of the Internet Shop for the following purposes:

(a) identifying Customers as logged in to the Online Store and showing that they are logged in;

(b) remembering Products added to the shopping cart in order to place an order;

(c) remembering data from completed Order Forms or log-in data to the Online Shop;

(d) customize the content of the Online Store’s website to the Customer’s individual preferences (e.g. concerning colours, font size, page layout) and optimize the use of the Online Store’s pages;

(e) keep anonymous statistics showing how the pages of the Online Shop are used and research the needs of the Customers, excluding personal identification of the Customer.

3. Each user of the web browser when accessing the website of the Online Store will be informed that the site uses cookies for the purposes indicated in this Privacy Policy. Please note that most web browsers available on the market accept cookies by default. The user of the web browser has the option to disable this feature altogether or limit its duration.

4. The user when entering the website of the Internet Shop could agree to the collection and processing of Cookies files by the Seller. Please note that also the settings of your web browser must be configured to allow the Administrator to process cookies.

5. The Service Provider also processes anonymous operating data (so-called logs – IP address, domain) to generate statistics helpful in administering the Internet Shop. These data are of an aggregate and anonymous nature, i.e. they do not contain features that identify the persons visiting the website of the Internet Shop. Logs are not disclosed to third parties.

VI. BASIS OF DATA PROCESSING

1. The provision of personal data by the Service Recipient/Customer is voluntary, although failure to provide the personal data indicated in the Regulations necessary to conclude a Sales Agreement or an agreement for the provision of an Electronic Service results in a refusal to conclude the agreement. The data necessary to conclude a Sales Agreement or an agreement for the provision of an Electronic Service are also indicated each time on the website of the Online Store.

2.The basis for the processing of personal data of the recipient / customer is the need to implement the contract to which the recipient / customer is a party or act at his request before its conclusion. In the case of data processing for direct marketing of the Administrator’s own products or services, the basis for such processing is the consent of the recipient /customer.

VII. CLIENT’S RIGHTS IN RELATION TO COLLECTED PERSONAL DATA

1. The customer has the right to access, correct and change their personal data.

2.Each person has the right to control the processing of the data concerning him/her, contained in the Administrator’s data collection, and in particular the right to: request to complete, update, correct personal data, temporarily or permanently suspend their processing or delete them, if they are incomplete, outdated, untrue or have been collected in violation of the law or are no longer necessary for the purpose for which they were collected.

3.The Client executes his rights directly from the level of the Client’s Individual Account or by contacting the Administrator at the e-mail address galeria@4mara.com or sklep@4mara.com.

VIII. FINAL PROVISIONS

1.This Privacy Policy applies only to the Online Shop. If the website of the Internet Shop contains a link to an external website operated by a third party, the Administrator shall not be liable for the processing of personal data on that website.

2.The Administrator applies technical and organizational measures to ensure the protection of processed personal data appropriate to the risks and categories of data covered by protection, and in particular, protects the data against unauthorized access, taking away by unauthorized persons, processing in violation of applicable laws and change, loss, damage or destruction.

3. The Service Provider shall make available the following technical measures to prevent the acquisition and modification by unauthorized persons of personal data sent electronically:

(a) securing the data set against unauthorized access, including an SSL certificate.

(b) access to the Account only after providing an individual login and password.