Luxury Products Cylwik General Partnership with its seat in Bialystok on Elewatorska 7b Street (15-620) Bialystok, the registration-related acts of which are kept by the District Court in Bialystok, 12th Commercial Division of the National Court Register, entered to the Register of Entrepreneurs under the following NCR no: KRS 0000516574, being the holder of the following TIN number 5423238705 and REGON number 200869111 informs you about your personal data processing in compliance with art. 13 section 1-2 of the European Parliament and Council Regulation (UE) 2016/679 of 27th April 2016 on natural person protection with regard to personal data processing, free circulation of such data, and repeal of the 95/46/WE Directive (General Data Protection Regulation, hereinafter referred to as „GDPR”):
1. Personal data administrator.
In order to obtain more information on personal data protection, you can contact us at: email@example.com or firstname.lastname@example.org, call us at: +48 660 777 937 or write to us by taking advantage of the correspondence address provided above.
2. Personal data definition and methods of data processing
Personal data are information on an identified or identifiable physical person. Personal data processing shall be understood as any operation on such data (either in an automated or manual manner), including data gathering, storage, saving, ordering, modification, browsing, utilization, limitation, deletion, or removal. Personal data shall be processed for various purposes and by using various means. There are also various legal acts relating to their use, disclosure, and storage periods.
The Administrator shall process personal data by means of using IT systems (including digital conversation tracking systems) for the purposes of concluding agreements and contracts via phone. In said case, the client shall be always informed about the fact that the conversation is recorded and that he or she can disconnect if he or she does not want to be recorded. Processed pieces of information shall be, among others: name and surname, name of the company/employer, business address, position, phone number, e-mail address, and data alike. What is more, in the case of individuals who have concluded fee-related agreements with the Administrator, data relating to payments shall also be processed, including credit card numbers and bank account numbers.
3. Goals of and bases for data processing.
The Administrator shall process your data as:
- personal data of a client;
- personal data of a person contacting the Administrator to receive vital information about a given offer or to share his or her opinions about the offered goods and services with the Administrator;
- personal data of a person contacting the Administrator to conclude an agreement with the said party:
• as a result of visiting the website managed by the Administrator and to take advantage of digitally rendered services (legal basis: art. 6 section 1 point. b of GDPR);
• to create and manage an account and to provide personalized services by means of the online shop available at: www.luxuryproducts.pl (legal basis: art. 6 section 1 point. a of GDPR);
• to fulfill the provisions of the concluded sales agreement, including the sales of offered products and vouchers (legal basis: art. 6 section 1 point. b of GDPR);
• to handle complaints, requests, warranty requests, and technical questions sent via e-mail, provided by phone, or sent via traditional mail to the address provided in section 1 above (legal basis: art. 6 section 1 point. c of GDPR);
• to undertake actions related to preventing the improper and illegal use of the offered services, including the prevention of the improper use of the rendered online services by analyzing actions of the online shop clients (legal basis: art. 6 section 1 point. f of GDPR);
• for archiving (evidence collection-related) purposes that are legally justified and have to be performed for the Administrator to be able to provide valid evidence during any legal proceedings (legal basis: art. 6 section 1 point. f of GDPR);
• to specify, identify, and defend the Administrator against the claims resulting from fulfilling Administrator’s contractual obligations (legal basis: art. 6 section 1 point. f of GDPR);
• for analytical purposes and for adjusting services to the needs of Administrator’s clients, optimizing goods basing on client’s opinions about them, as well as optimizing sales and post-sales servicing, including the fulfillment of contractual obligations of the Administrator (legal basis: art. 6 section 1 point. f of GDPR);
• to analyze customer satisfaction, allowing the Administrator to specify servicing quality and the level of customer satisfaction with the offered goods and services (legal basis: art. 6 section 1 point. f of GDPR);
• to provide the customer with advertisements of Administrator’s goods and services, including adjusting such materials to the needs of the customer basing on profiling, for which the Administrator shall obtain a separate consent of the customer (legal basis: art. 6 section 1 point. a of GDPR);
• to offer customers products and services offered by companies cooperating with the Administrator (Administrator’s partners) in a direct manner (direct marketing), including adjusting such materials to the needs of the customer basing on profiling to fulfill the contractual obligations of both the Administrator and its partners (legal basis: art. 6 section 1 point. f of GDPR).
4. Rights of the client relating to data processing and ways of enforcing them
You shall have the right to:
• access data stored by the Administrator and request their copies;
• change, update, and modify your personal data;
• in the case of data processing based on a consent granted – to withdraw such consent at any time;
• issue a claim against the Administrator to a supervisory body being the General Personal Data Protection Inspector (contact data: General Personal Data Protection Inspector, Stawki 2 Street, 00-193 Warsaw);
• to the extent to which the basis for personal data processing is a legally justified Administrator’s interest, to limit the scope of data processing and withdraw your consent for your data to be processed. You shall be granted the right to do so at any time. Then, the Administrator shall stop processing your personal data, unless the Administrator is able to prove that there are legal basis superior to your interests, rights, and freedoms or that your data are required for the specification, identification, and defending Administrator’s interests;
• request the Administrator for your data to be deleted or transferred.
Said rights can be enforced by sending an e-mail message to: email@example.com, calling the Administrator at: +48 660 777 937, or sending said party a traditional mail to the address provided in point 1 above. In some cases, personal data can be modified by using applications taken advantage of for registration purposes.
5. Data storage timeframe
Your personal data shall be processed by the Administrator:
• if the Administrator processes such data basing on a consent granted, up to the moment of withdrawing said consent by the user;
• if the Administrator processes such data basing on a justified interest of data administrator, up to the moment of achieving goals specified (e.g. after the limitation of claims specified in the Civil Code and other applicable legal regulations) of the user withdrawing his or her consent for data processing – providing that the user is legally allowed to withdraw said consent;
• if the Administrator processes such data to comply with the applicable legal regulations. Data processing timeframes shall be specified in the aforementioned regulations;
• in the case of the lack of specific legal or contractual obligations, the basic timeframe of keeping data and other proof-specific documentation made while fulfilling the obligations under the agreement concluded with the user shall not exceed 10 years.
6. Data collectors (third parties and third countries)
Your personal data may be disclosed to: Administrator’s partners that is to companies with which the Administrator has been cooperating to provide goods and services. The Administrator shall disclose your data only when it is justified and required by the provisions of the applicable law regulations, in compliance with said regulations. In the said scenario, in a separate agreement concluded with such third parties, the Administrator shall specify security mechanisms allowing for data protection and for the establishment of valid standards with regard to data protection, confidentiality, and utilization. The recipients of your personal data that have been processed by the Administrator may be:
• entities processing personal data basing on agreements on personal data processing;
• entities providing hosting-oriented services to the Administrator;
• entities managing marketing or sales campaigns for the Administrator;
• other Administrator’s subcontractors, including IT companies providing services based on delivering software, hardware, or servicing IT components;
• goods suppliers the Administrator cooperates with;
• legal and tax advisors;
• supervisory, regulatory, and other controlling bodies.
The administrator shall not disclose your personal data to the representatives of third countries.
7. Automated decision making
Pieces of information gathered by the Administration via the website may be processed in an automated manner (for example, by means of profiling). It is not connected with any additional legal obligations on your part and will not affect your situation as the user in any way. The administration shall point out that:
• no sensitive data are used for profiling;
• data that have underwent the process of pseudonimization, as well as e-mail address, IP, and Cookie files are used for profiling.
Profiling aims at analyzing or forecasting personal preferences and interests of users taking advantage of a website or of products and services offered by the Administrator by means of adjusting the content of such website or the offered goods to the preferences of the user. Profiling also serves marketing purposes, for it allows to adjust marketing offers to said preferences.
Cookie files-related policy
1. Administrator – Luxury Products Cylwik General Partnership with its seat in Bialystok on Elewatorska 7b Street (15-620) Bialystok, the registration-related acts of which are kept by the District Court in Bialystok, 12th Commercial Division of the National Court Register, entered to the Register of Entrepreneurs under the following NCR no: KRS 0000516574, being the holder of the following TIN number 5423238705 and REGON number 200869111, providing digital services and having the access to data stored on the end device of the User.
2. User – entity taking advantage of the provided online services.
3. End device – electronic device utilized by the User to access the Website.
4. Website – Luxury Products website available for the user at https://www.luxuryproducts.pl/, the owner and administrator of which is the Luxury Products Cylwik General Partnership.
5. Cookies – IT-specific data, including text files, which are stored on the end device of the user of the Website and allow for fully taking advantage of the Website in question. Cookies typically include the name of the website they originate from, expiry date, and a unique number. They allow the website to function properly, especially by identifying software utilized by the end device of the User. What is more, they make it possible to save User preferences, at the same time adjusting the Website to User’s needs and preferences.
6. Administrator’s Cookies – Cookie files published on the website by the Administrator and connected with the provided digital services.
7. Other Cookies – Cookie published on the Website by Administrator’s partners, being predominantly advertising-oriented servers, as well as servers of entities offering their goods and services via the Website.
Uses of Cookie files
Administrator’s Cookies are utilized to:
a) ensure full safety and trustworthiness of the Website,
b) adjust the subpages of the Website to the individual needs of the User,
c) optimize and increase the efficiency of services provided via the Website,
d) identify the User within the Website and to maintain his or her session after logging in, which eliminates the necessity of entering User login and password during every visit,
e) prepare anonymous statistics with personal data of the User excluded.
Types of Cookie files utilized within the scope of the Website
1. Utilized Cookie files do not cause any damage to the end device of the user, do not affect the way of its operation, as well as do not change any settings or modify any software installed on said device.
2. Within the scope of the Website, the following Cookie file types are utilized:
a) session specific – temporary files saved on the end device of the User that are kept on said device till the end of the session or closing the utilized Internet browser; in both cases, files are permanently deleted from the memory of the end device; the specificity of session-specific Cookie files do not allow for saving or storing any personal or sensitive pieces of information on the User of the end device,
b) permanent – files that are saved on the end device of the User and are kept there till they are deleted. Ending the current session or closing the utilized Internet browser do not cause them to be deleted; the specificity of permanent Cookie files do not allow for saving or storing any personal or sensitive pieces of information on the User of the end device; said files are kept on the end device of the User until they are manually deleted.
3. Within the scope of the Website, the following kinds of Cookie files are utilized:
a) authorization-oriented ones – used by the services requiring User identification within the Website,
b) security-specific ones – utilized, among others, to identify safety breaches within the scope of the Website,
c) performance-oriented ones – allowing for gathering data on the way Users utilize the Website,
d) functional ones – making it possible to save settings selected by the User and to personalize User interface with regard to, among others, language, region, font, Website layout, etc.,
e) advertisement-oriented ones – allowing for providing the User with promotional content adjusted to his or her personal preferences.
Cookie files-related management
1. User can, at any time, change the settings of the Cookie files by specifying the conditions of their storage and changing pieces of information such Cookie files are granted access to:
a) User can change Cookie file settings by changing Internet browser-specific settings or by configuring the service. Settings can be changed in such a way to block the automatic management of Cookie files by the Internet browser or to delete such files after every session. To access more detailed information on Cookie file modification, check the settings your piece of software (i.e. Internet browser used);
b) user can delete Cookie files at any time by taking advantage of specific functions of the utilized Internet browser. What is more, the User have the possibility of limiting or disabling the storage and processing of Cookie files on his or her end device by changing Internet browser settings.
2. Administrator informs that the limitation of the use of Cookie files may affect some functions of the Website. It may result in the inability to take advantage of some services or options available on the Website.
Other Cookie files
1. Other Cookie files may be utilized by and saved on the end device of the User by Administrator’s partners. Such Cookie files are utilized in compliance with policies set forth by said partners.
2. Administrator should not be held accountable for the content of Cookie files sent by the websites of the partners, links to which are published on the Website.
3. Cookie files of the Administrator saved on the end device of the User may be utilized by Administrator’s partners.
Cookie files and personal data
1. Personal data may be collected, to a limited extent, in an automated manner by means of utilization of website-specific Cookie files.
2. Personal data are gathered to provide the User with certain services only.
3. Personal data are encoded in such a way to make it impossible for unauthorized entities to access them.
4. Personal data gathered during the use of the Website:
a) Account registration and shopping – the User is asked to provide his or her personal data, as well as general pieces of information. The provision of personal data and expressing consent for them to be processed are both optional,
b) data provision in the administration panel – the User is asked to provide such personal data as: place of residence, phone number, and e-mail address. Such pieces of information will be then visible to all other users visiting the Website,
c) data gathered automatically – during each and every visit, such data as: IP address, domain name, Internet browser type, and operating system type are gathered automatically,
d) data gathered when the User wants to contact the Administration – to perform certain actions (such as complaint handling) via the Website, phone, or e-mail, certain personal data are needed to verify user’s identity and make it possible for the Administration to reply.
Changes to the Cookie file-related policy
1. Changes to this Cookie file-related policy may be introduced by modifying the content of this document.
2. Newest version of the policy will always be available on the Website, together with a proper notification.