- Personal data administrator - MISS TI UNIVERSE SP. Z OO with its registered office in Częstochowa, at ul. Bojemskiego 25, 42 - 202 Częstochowa, entered into the National Court Register by the DISTRICT COURT FOR KRAKÓW ŚRÓDMIEOŚCI IN KRAKOW, XI COMMERCIAL DEPARTMENT OF THE NATIONAL COURT REGISTER under KRS number: 0000864585, with NIP: 6762586651 and REGON: 387278 942nd also referred to as " Administrator ".
- GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
- Regulations - terms and conditions for purchasing Products or ordering Services via the Ou7side Online Store available at: www.miss-ti.com , including the rights and obligations of the Seller (Administrator) and the Customer concluded in connection with the Product Sales Agreements via the Online Store .
- Personal data - information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, online identifier and information collected via cookies and other similar technology.
The User may contact the Administrator by e-mail correspondence: email@example.com
PRINCIPLES, PURPOSES, LEGAL BASIS FOR PERSONAL DATA PROCESSING
- The Administrator makes every effort to protect Customers' Personal Data against unauthorized access by third parties and in this respect applies organizational and technical security measures at a high level. The administrator does not provide personal data to any unauthorized recipients in accordance with the mandatory provisions of law in this respect. The Administrator may entrust another entity, by way of an agreement concluded in writing, with the processing of personal data on behalf of the Administrator. The data may be made available only to entities authorized to receive them under the mandatory provisions of law.
- The Administrator has the right to share Users' Personal Data with entities authorized under applicable law (e.g. law enforcement authorities).
- In connection with the provision of services provided by the Administrator via the Online Store, the Administrator has the right to transfer Customers' Personal Data, in particular to subcontractors, i.e. entities whose services the Administrator uses for data processing and the provision of a number of services to the Customer and the execution of Orders for Products and Services . In connection with the provision of services provided electronically, Customers' Personal Data may be disclosed to external entities, including in particular suppliers responsible for operating IT systems.
- The policy is verified on an ongoing basis and updated if necessary.
- Customers' personal data are processed:
- in accordance with the provisions on the protection of personal data,
- in accordance with the implemented Policy,
- to the extent and for the purpose necessary for the proper use of the functionality of the Online Store, in particular placing an Order by completing the Order Form, sending a query to the Administrator (Service Provider/Seller) via the Contact Form, using the Newsletter service,
- The Administrator has the right to share Customers' personal data with entities authorized under applicable law (e.g. law enforcement authorities).
- The Administrator does not provide Personal Data to entities other than those authorized under the relevant provisions of law.
- In the case of processing data that Users indicate in the Order Form and Contact Form - the purposes of processing are related to:
- with providing Customers with access to use all functionalities of the Online Store, for the proper provision of services by the Administrator and with the conclusion and implementation of the Product Supply Agreement, the Product Sales Agreement or the Agreement for the provision of online consultation services and making tax settlements and keeping accounting records - based on:
- an agreement concluded with the Customers by the Administrator (Article 6(1)(b) of the GDPR) as a result of placing and paying for the Order, in accordance with the Regulations, the performance of which justifies the processing of Customers' Personal Data for the purpose of concluding and implementing the Agreement;
- legitimate interest pursued by the Administrator - art. 6 sec. 1 lit. f GDPR; the legitimate interest is, among others, contact with the Customer related to the proper implementation of the submitted Product or Service Order and the concluded Agreement, research and analysis of the quality of services provided in order to improve them and develop the functionality of the Online Store;
- legal obligation imposed on the Administrator - art. 6 sec. 1 lit. c GDPR - the processing of Customers' Personal Data is necessary to make tax settlements and keep accounting records, which obligations result from legal provisions;
- with the archiving of documents, statistics and possible pursuit of claims or defense against claims related to the provision of services by the Administrator - the basis for such processing is the necessity of data processing to pursue the Administrator's legitimate interests - art. 6 sec. 1 letter f GDPR. The legitimate interest is the archiving of documents, keeping statistics, pursuing claims or defending against claims.
- with the implementation of marketing and promotional activities of the services provided by the Administrator, which may include, among others, on sending Customers marketing content tailored to their preferences or corresponding to their interests, sending e-mails containing commercial information, as well as other activities related to direct marketing of goods and services - based on the voluntary consent expressed by the Customer (Article 6(1)(a) a of the GDPR), and the Administrator's legitimate interest in marketing its services to customers (Article 6(1)(f) of the GDPR).
AUTHORIZATIONS RELATED TO THE PROCESSING OF PERSONAL DATA
- Customers have the following rights:
- the right to information about the processing of Personal Data - on this basis, the Administrator provides the Customer submitting the request with information about the processing of data, including in particular about the purposes and legal grounds for processing, the scope of data held, entities to which they are disclosed, and the planned date of data removal;
- the right to obtain a copy of the data - on this basis, the Administrator provides the Customer submitting the request with a copy of the processed data concerning the Customer;
- the right to rectification - the Administrator is obliged to remove any inconsistencies or errors in the processed Personal Data and supplement them if they are incomplete;
- the right to delete data - on this basis, the Customer may request the removal of data whose processing is no longer necessary to achieve any of the purposes for which they were collected;
- the right to limit processing - in the event of such a request, the Administrator ceases to perform operations on Personal Data - with the exception of operations to which the Customer has consented - and their storage, in accordance with the adopted retention rules or until the reasons for limiting data processing cease to exist (e.g. decision of the supervisory authority allowing further data processing);
- the right to transfer data - the Administrator issues to the Customer, at his request, the data provided by him, in a format that allows the data to be read by a computer. It is also possible to request that these data be sent to another entity, provided that there are technical possibilities in this respect both on the part of the Administrator and the indicated entity;
- the right to object to the processing of data for marketing purposes - the Customer may object to the processing of Personal Data for marketing purposes at any time, without the need to justify such an objection;
- the right to object to other purposes of data processing - the Customer may at any time object - for reasons related to his particular situation - to the processing of Personal Data, which is carried out on the basis of the Administrator's legitimate interest (e.g. for analytical or statistical purposes or for reasons related to protection of property); an objection in this respect should contain a justification;
- the right to withdraw consent - if the data is processed on the basis of consent, the Customer has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before its withdrawal;
- the right to complain - if it is found that the processing of Personal Data violates the provisions of the GDPR or other provisions regarding the protection of Personal Data, the Customer may submit a complaint to the body supervising the processing of Personal Data. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.
- A request regarding the implementation of Customers' rights related to Personal Data can be submitted in electronic form to the following e-mail address: firstname.lastname@example.org
- The request should, if possible, precisely indicate what the request concerns, i.e. in particular: what right the person submitting the request wants to exercise, what processing the request concerns, what processing purposes the request concerns.
- If the Administrator is unable to identify the Customer based on the submitted request, he will ask him for additional information. Providing such data is not mandatory, but failure to provide it will result in refusal to fulfill the request.
- The response to the application should be provided within one month of its receipt. If it is necessary to extend this period, the Administrator will inform the Customer about the reasons for this action.
PERIOD OF PROCESSING PERSONAL DATA
- In the case of data processing based on the Administrator's legitimate interest - the data is processed for a period enabling the implementation of this interest or until an effective objection to data processing is submitted.
- In the case of data processing to the extent necessary to implement the Agreement concluded between the Customer and the Administrator - the data is processed until its termination, with the proviso that the Administrator may store Customer data for a longer period, if it is necessary to establish, investigate or defend against any claims or if required by applicable law.
- If the Customer withdraws consent, objects to the processing of Personal Data, the data will be blocked and their processing will be suspended. The period of data processing may be extended if the processing is necessary to establish and pursue any claims or defend against claims, and after that time only if and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.
- Withdrawal of consent does not affect the lawfulness of the processing that was made on the basis of consent before its withdrawal. If the Customer exercises the right to withdraw consent, Personal Data may be processed until the consent is withdrawn, and after such withdrawal, for the period of limitation of any claims to which the Administrator is entitled and directed against them.
- The Administrator may store Customer data for a longer period if it is necessary to establish, investigate or defend against possible claims or if it is required by applicable law.
- Cookies are used to:
- adapting the content of the Online Store websites to the Customer's preferences and optimizing the use of websites; in particular, these files allow to recognize the device of the Customer of the Online Store and properly display the website, tailored to his individual needs,
- creating statistics that help to understand how the Online Store Customer uses the Online Store websites, which allows improving their structure and content, and thus the quality of services provided.
- The Online Store website uses, among others: session cookies (deleted automatically after the end of the web browser session), persistent cookies (enabling recognition of the Customer's browser the next time he visits the Online Store website), own cookies (read by the Administrator's ICT system) and third party cookies (read by the ICT system third parties).
- Due to the multitude of technological solutions, it is not possible to provide precise guidelines on how to specify the conditions for storing or accessing cookies using the settings of all available telecommunications end devices and installed software. Nevertheless, in most cases, select the "Tools" or "Settings" option and find the section responsible for configuring cookie settings or managing privacy when browsing the Internet. Detailed information is usually provided by the manufacturer of a given device or browser in the instructions for use or on its website.
- Google may also transfer this information to third parties if it is obliged to do so under applicable law or if these third parties process such information on Google's behalf. Google will not associate the Customer's IP address with any other data in its possession.