The controller of personal data is responsible for its processing:
POLSHOP.eu Dorota Gwizdek, Janusz Gwizdek Spółka Cywilna
ul. Unii Lubelskiej 3
phone: 61 653 14 00
Thank you for your interest in our online shop. Protecting your privacy is very important to us. Below you will find detailed information on the processing and protection of your personal data.
1. Access data and hosting
You can visit our websites without providing personal information. Each time a website is visited, the server automatically saves only the logs of the server, e.g. the name of the requested file, your IP address, the date and time of the visit, the amount of data transmitted and the Internet service provider ( the access logs) and documents the visit.
This data is only analysed for the purpose of ensuring the proper functioning of our website and improving our offer. The purpose of this is to safeguard our legitimate interest in the optimal, correct presentation of our website and our offer in accordance with Article 6, paragraph 1, GDPR. All access data is deleted within seven days after your visit to the website.
Hosting services provided by an external service provider
2. Collection and processing of data for the purpose of the contract and the creation of a customer account
We only collect personal data if you voluntarily give it to us by placing an order or contacting us (e.g. by means of a contact form or by e-mail). Mandatory fields are marked as such because they relate to data that are necessary for the execution of a contract or the handling of a case in which you contact us. Without them you cannot complete your order or contact us. What data is collected results directly from the forms into which the data is entered. We use the data you provide us in accordance with Article 6(1)(a) of the GDPR in order to fulfil the contract and to answer your enquiries. In addition, if you give your consent to the creation of a customer account pursuant to Article 6 paragraph 1(a) of the GDPR, we will process the necessary personal data for this purpose.
Once the contract has been fully executed or your customer account has been deleted, the processing of your data will be restricted and, after the expiration of the storage periods specified in tax and accounting legislation, your data will be deleted unless you expressly consent to the further use of your data for other purposes. Your customer account may be deleted at any time. To do so, please send a message to our contact address as indicated under "Our contact details and your rights" or use the appropriate function in your customer account settings.
3. Transmission of data
Data sharing with couriers
If you give us your clear permission during or after placing an order (Art. 6(1)(a) GDPR), we will provide your e-mail address and telephone number to the courier company selected during the ordering process so that they can contact you before delivering the order in order to advise you or arrange a delivery date.
The above permission may be revoked at any time by sending us an appropriate message to our contact address indicated under "Our contact details and your rights" or by sending a message directly to a courier company to the contact address indicated below. Upon withdrawal of your consent, we will delete the data you have provided for this purpose, unless you expressly consent to the continued use of the data for other purposes.
DPD Polska Sp. z o.o.
ul. Mineralna 15
DHL Express Poland Sp. z o.o.
ul. Wirażowa 37
4. Integration with Trusted Shops Trustbadge
The Trusted Shops Trustbadge is integrated into our website in order to display our Trusted Shops Trustmark as well as the customer reviews collected and the Trusted Shops offer available to buyers after the order has been placed.
The purpose of this is to protect our legitimate interest in the optimal marketing of our offer in accordance with Art. 6(1)(f) GDPR by enabling safe purchases. The Trustbadge and the services advertised through it are offered by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.
When a Trustbadge call is made, the server automatically remembers so-called server logs (log files), containing e.g. your IP address, the date and time of the call, the amount of data transferred and the Internet service provider submitting the request (access logs) and documents the call. Access logs and server logs are stored for security gap analysis and are automatically deleted at the latest 90 days after their generation.
5. Cookies and web analysts
If you give us your consent in accordance with Article 6, paragraph 1, letter a of the GDPR, we will also use the so-called DoubleClick cookies within the framework of Google Analystics (see below) for the purpose of analysing your use of our website, which enable us to recognise your browser when you use other websites. The information generated automatically by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. Due to the IP anonymisation activated on this website, your IP address is shortened before it is transmitted within the member states of the European Union or other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser within the scope of Google Analytics will not be combined with other data from Google.
Google will use this information to compile a report on your activity on our website and to provide other services related to the use of the website. Google will transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Once the purpose of the processing is achieved and we have ceased using Google DoubleClick, the collected data will be deleted.
Google Double Click is an offer by Google Ireland Limited, a company incorporated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.com). If Google transfers and stores information on servers located in the United States, the US company Google LLC is EU-U.S. Privacy Shield certified. The current certificate is available at this link. Within the framework of an agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies with a Privacy Shield certificate.
Use of Google (Universal) Analytics for web analytics purposes
Our website uses Google (Universal) Analytics, a web analytics tool from Google Ireland Limited, an Irish law firm based in Gordon House, Barrow Street, Dublin 4, Ireland (www.google.com). This serves, in accordance with Article 6(1)(f) of the GDPR, to protect our legitimate interest in the optimal presentation of our offer. Google (Universal) Analytics uses methods that make it possible to analyse your use of the website (e.g. cookies). The information automatically collected about your use of this website is generally transmitted to a Google server in the United States and stored there. Due to the IP anonymisation activated on this website, your IP address is truncated before being transmitted within the member states of the European Union or other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser within the scope of Google Analytics will generally not be combined with other Google data. Once the purpose of the processing is fulfilled and we have ceased using Google Analytics, the collected data will be deleted.
If Google transfers and stores information on servers in the United States, Google LLC is certified as an EU-U.S. Privacy Shield. The current certificate is available at this link. Within the framework of an agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies with a Privacy Shield certificate.
You can prevent the data collected by the cookie about your use of our website (including your IP address) from being recorded by Google and from being processed by Google if you download and install the browser plug-in that is located under the link.
6. Advertising with e-marketing tools
7. Social networking plug-ins
Our activity on Facebook social networks
If you ask the social network concerned (e.g. using the checkbox) for your consent to the processing of your personal data, then the legal basis for the processing will be Article 6(1)(a) GDPR. For social networking sites based in the USA, the EU-US Privacy Shield agreement applies. Under the agreement between the US and the European Commission, the latter has established an adequate level of data protection for companies with a Privacy Shield certificate. The current certificate of a social networking site based in the US can be found at this link.
Opportunity to object (Opt-Out):
8. Sending a request for a review of a purchase in the e-shop
Rating reminder sent by Trusted Shops
If, during or after placing an order, you have given your consent (Article 6 paragraph 1(a) of the GDPR) to evaluate your purchase in our e-shop, we will forward your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (www.trustedshops.pl) in order to send you an electronic reminder to evaluate your purchase.
You can revoke your consent at any time by sending an appropriate message to our contact address under "Our contact details and your rights" or directly by making a statement to Trusted Shops.
9. Your rights
Being the data subject, you have the following
rights according to:
• art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
• art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
• art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
- to exercise the right of freedom of expression and information;
- for compliance with a legal obligation;
- for reasons of public interest or
- for establishing, exercising or defending legal claims;
• art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful, but you refuse their erasure;
- we no longer need the data, but you need it to establish, exercise or defend legal claims, or
- you have lodged an objection to the processing in accordance with art. 21 GDPR;
• art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machinereadable format or to request its transmission to another controller;
• art. 77 GDPR, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your habitual place
If you have any questions about the collection, processing and use of your personal data, as well as if you request information, rectification, restriction of processing or deletion of your data, or if you wish to revoke your consent or object to the processing of your data, please contact the personal data controller directly.
Right to object
After you have exercised your right to object, we will not continue the processing of your personal data unless we can demonstrate that there are valid, legitimate grounds for processing and these take precedence over your interests and rights, or if the processing is to serve to assert, exercise or defend claims.
This sentence does not apply if the data processing is carried out for direct marketing purposes. In this case, after you have expressed your objection, we will always stop further processing your personal data.