The Privacy and Cookies Policy
a. Data Administrator - Crazy Pocket Katarzyna Kobylarz running a sole proprietorship with its registered seat in Krakow (31-234) at ul. Kuźnica Kołłątajowskiej 16/107 entered into the Central Register and Information on Economic Activity, NIP /Tax Identification Number/: 8661588164, REGON /Business Identification Number/: 368452620, which provides electronic services and stores and gains access to information in the User's devices.
b. Cookies - means IT data, in particular small text files, saved and stored on devices through which the User uses the Website pages.
c. Website - means a website or application under which the Administrator runs a website operating in the domain www.crazypocket.pl
d. Provisions on data protection - means any applicable European Union law as applicable, as well as the relevant local laws of its Member States, including, but not limited to, acts, directives, and regulations, concerning the protection of personal data, in particular the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and free movement these data and repealing Directive 95/46/EC (General Data Protection Regulation).
e. Device - means an electronic device through which the User gains access to the Website.
f. User (Customer) - means an entity for which electronic services may be provided in accordance with the Regulations and legal regulations or with which an Agreement for the provision of electronic services may be concluded.
2.The User hereby consents to the processing of his or her personal data by the Store for the purpose and to the extent necessary for the Store to perform the subject of the sale of goods contract in the online store: www.crazypocket.pl, shipping products, handling returns, handling complaints, and handling other matters related to the sale of goods contract in the online store: www.crazypocket.pl. Personal data is needed and processed by the Store in order to:
· Take actions at the User's request prior to the conclusion of the contract (e.g. to quote the service or to provide information about product availability – Art.6(1)(b) of the GDPR
· For the time necessary for the conclusion, performance, and settlement of the contract - Art. 6(1)(b) of the GDPR
· Execution of legal obligations incumbent on the Store (obligations under the statutory warranty for defects for the duration of liability under the warranty, obligations for withdrawal or termination of the contract for a period of limitation of claims in this respect)
· Perform duties related to issuing and storing VAT invoices, and other documents required by tax law and the Accounting Act.
· Ensuring the security of the information network over the entire period of data storage
The Store may process the Users' data also on the basis of:
the consent granted for the purposes specified in this policy
- until the consent is withdrawn,
and after the withdrawal of consent
- until the limitation of claims for the Store's actions taken on its basis thereof and the cessation of our liability for accountability and other obligations imposed by the personal data protection regulations for the purposes of establishing, defending, or enforcing such claims, creating statements, analyzes, and statistics for the Store's internal needs, ensuring network and information security (i.e. for the implementation of so-called legitimate interests – Art.6(1)(f) OF THE GDPR) and demonstrating compliance with the accountability obligations and other obligations imposed by the provisions on the protection of personal data (i.e. for the performance of legal obligations - Art.6(1)(c) of the GDPR).
As part of the processing of Users' personal data there may be undertaken activities such as: collecting, recording, organizing, ordering, storing, modifying, browsing, using, transmitting, distributing, or otherwise sharing, matching or merging, limiting, deleting, destroying, may be undertaken. These operations may be carried out in an automated manner, e.g. in IT systems or non-automated, e.g. in files, in a paper manner.
3. The data controller processes the personal data of the Store Customers in accordance with applicable law, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC – General Data Protection Regulation - hereinafter referred to as the "GDPR". The text of the GDPR is available at:http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679
4. The administrator makes every effort to protect data against unauthorized access by third parties and applies in this respect organizational and technical security measures at a high level.
5. Each person whose data is processed by the Store has the right to inspect the content and the right to update and correct (rectify) it.
6. Making purchases in the online store is voluntary, as well as providing personal data by the Customers of the Store, with the exception of the conclusion of a sale of goods contract or contract for the provision of services by electronic means and statutory obligations of the administrator (e.g. keeping account books by the Administrator). Failure to provide such data will prevent the Administrator from performing these duties.
7. The Store does not bear the consequences of providing incorrect or untrue personal data by the Customer.
8. The data will be kept for the entire duration of the contract for the provision of services by electronic means. After termination of the contract, personal data will be kept throughout the period of limitation of any claims, including tax or civil claims.
9. The Customer has the right to object to the further processing of his or her personal data, and in the event of granting consent to the processing of data, to its withdrawal. The exercise of the right to withdraw consent to the processing of data does not affect the processing that took place until the consent was withdrawn.
10. The Administrator is responsible and ensures that the data collected by him or her is collected for designated, legitimate purposes; processed in accordance with the law and not subject to further processing incompatible with those purposes, stored in a form which allows for identification of the persons whom such data concerns, no longer than it is necessary to achieve the purpose of processing and is processed in a manner that ensures adequate security of personal data (including protection against their unlawful processing, loss, destruction by means of appropriate measures, e.g. technical ones)
11. The User has the right to transfer data (in particular, historical data).
12. The User has the right to lodge a complaint to the supervisory body.
13. The data provided by the Customer will not be subject to disclosure to third parties, except for those indicated in item (17) of this policy and to institutions authorized by law.
14. The personal data provided by the Customer will be processed in an automated manner (including in the form of profiling), however, it will not cause any legal effects to Customers of the online store or in a similar way significantly affect their situation. Personal data profiling involves the processing of data (also in an automated way), by using such data to assess certain information about the Customer, in particular to analyze or forecast personal preferences and interests.
15. The entities entrusted with the processing of personal data are: data administrator, Google, and Facebook.
16. The Administrator implements appropriate technical and organizational measures for the processing to be carried out in accordance with this Regulation and to be able to evidence such activities. These measures are subject to review and updating where necessary. The Administrator uses technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically.
17. In order to properly perform the contract with Customers, the Store uses the services of external entities, including courier services, postal service, payment service provider, programming providers, e-mail providers, IT service providers, entities providing legal, accounting or auditing services, to marketing agencies. The Administrator forwards the personal data of the Store Customers only if it is necessary to perform the given purpose of data processing and only to the extent necessary for its implementation. Personal data may also be transferred to entities authorized to obtain them on the basis of applicable law.
18. The data administrator transfers personal data outside the European Economic Area (EEA) where necessary, while maintaining an adequate level of protection.
- remembering Goods/Products added to the basket in order to execute the Order,
- identifying the Store Customers as logged in to the online Store and indicating that they are logged in,
- adapting the content of the Store’s website to the preferences of the Customers, e.g. as to the page layout, font size, colours,
- memorizing data from completed Order Forms, surveys, or login data to the Online Store;
- running anonymous statistics showing how to use the Online Store website;
- remarketing, e.g. research on the behaviour of visitors to the Online Store through anonymous analysis of their activities (e.g. repeated visits to specific pages, keywords, etc.) in order to create their profile and provide them with advertisements tailored to their expected interests, also when they visit other websites on the Google Inc. and Facebook.
20. The User may at any time block the collection of such information by disabling the cookies option in the browser settings. Most of the web browsers available on the market by default accept saving Cookies. Every person has the possibility to determine the conditions of using Cookies by means of the settings of their own web browser. The administrator does not guarantee, however, the correct operation of the website if Cookies have been disabled.
22. Detailed information on changing the Cookies settings
and their deleting in the most popular web browsers is available in the help
section of the web browser and on the following pages (just click the link):
in the Chrome browser
in the Firefox browser
in Internet Explorer
in the Opera browser
in the Safari browser
in the Microsoft Edge browser
23. The Administrator may use in the Online Store Google Analytics services and the Facebook Pixel service provided by Facebook. It is possible to easily stop Google Analytics from sharing information about its activity on the Online Store website - you may install the browser plug-in provided by Google Inc. for this purpose, available here:https://tools.google.com/dlpage/gaoptout?hl=pl
25. Our website uses the so-called social plugins ("plug-ins") of social networking sites such as Facebook and Google+ as well as Instagram microblogging services. These services are provided by Facebook Inc., Google, and Instagram LLC ("Service Providers").
Facebook is supported by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
Google+ is supported by Google Inc., 1600 Parkway Amphitheater, Mountain View, CA 94043, USA ("Google").
Instagram is supported by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram").
By accessing our website containing such plugin, the User's browser establishes a direct connection to Facebook, Google, or Instagram servers. The content of the plugin is sent directly from the relevant provider to the browser and integrated on the site. When integrating plugins, service providers receive information that the browser has called the relevant page of our website, even if you do not have a profile or you are not currently logged in. This information (including the IP address) is transferred directly from the browser to the relevant provider’s server in the USA and stored there. If you are logged in to one of the services, operators may immediately assign your visit to our website to your Facebook, Google+, or Instagram profile. In the case of interaction with plugins, e.g. the "Like", "+1", "or" Instagram "button, relevant information is also sent directly to the provider’s server and stored there. This information is also published on social networking sites in your account on Instagram and displayed in your contacts.
The purpose and scope of data collection as well as further processing and use of data by providers, as well as relevant rights and options for privacy settings may be found in the information on the protection of providers' data.
If a user does not want Google, Facebook or Instagram to link data collected through our website directly to his or her profile in a given service, they must log out of the service before visiting our website. You can also completely block the loading of plugins using browser add-ons, e.g. by using the "NoScript" script lock (http://noscript.net/).