Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2017 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC, hereinafter referred to as GDPR and in accordance with the Act of May 10, 2018 on the protection of personal data, KarT Sp. z o.o. (www.e-bikestuff.com) protects the personal data of Users (Customers) in the manner specified in the above provisions.
This document explains the rules and the method of collecting, processing and using information about website users, as well as specifies the rules for the use of "cookies" and contains information about users' rights to process their personal data.
I. Personal data controller:
The administrator of your personal data is:
KarT Sp. z oo, address: gen. Władysława Andresa 40 D, 15-113 Białystok, NIP: 966-209-09-52, REGON: 200829206, KRS: 0000496253, e-mail: firstname.lastname@example.org, www. e-bikestuff.com
II. Type of personal data collected:
The data we process are only ordinary data (Article 6 of the GDPR), i.e .:
a) name and surname,
b) address of residence (seat),
c) telephone number,
d) e-mail address.
KarT Sp. z o.o. it never asks the Users to provide their login or password.
III. Purpose of collecting personal data:
The data is collected and processed only for the purpose of fulfilling an order placed via our website and possibly for the execution of claims arising from the sales contract (e.g. warranty). We treat personal data provided to us by the Buyer (name and surname, address, telephone number, e-mail address) as highly confidential information and no outsiders have access to them, i.e. data obtained from the website's customers are not transferred, sold, made available to third parties, companies or organizations. They are used only for the implementation of the order and communication between the company and the customer, and the collected data are only those that are necessary to perform the contract.
IV. Period of personal data storage:
The data is stored for the period in which the parties may pursue claims arising from legal provisions. The data processed in connection with placing orders and concluding Agreements will be stored for the period of limitation of claims under sales contracts or the expiry of warranty periods. Part of this personal data will be stored for a period of 6 years from the date of implementation of individual Agreements, in order to fulfill the obligations arising from tax and accounting law. In addition, the data of persons who have created an "account" in the online shop are stored until the customer requests the deletion of his data. In this case, the customer data collected in the "account" file is deleted immediately.
Personal data for the purposes of contacting the Administrator will be processed during the period of this contact, and later will be archived for a period of 3 years from the end of contact, which is justified by the need to recreate the content of such contact in connection with the pursuit of possible claims. In the event that the Customer has not made a purchase despite consenting to the processing of personal data, or has not created a user account, and does not correspond with the Administrator, personal data is deleted automatically and immediately.
V. The basis for the collection and processing of personal data:
In addition, each user who decides to shop at www.e-bikestuff.com has the option of creating his own account. Having your own account in the online store allows you to skip the "step" associated with entering personal or company data of the Buyer for subsequent purchases. It is possible to delete the account at the user's request, as well as change the data. To do this, the user sends an e-mail to the following address: email@example.com with a request to delete data or change the data. The data controller does so immediately.
VI. Potential recipients of the client's personal data:
The persons who will read and process your personal data will be: our employees and associates (e.g. courier companies, accounting), entities authorized to receive them under applicable law (e.g. tax administration authorities), and entities enabling the technical service of the store , eg Google Analitycs, and in the event of disputes, also law firms.
If you use the method of electronic payments or with a payment card, the Administrator provides the collected personal data to the selected entity servicing the above payments on the Website, on the basis of a separate agreement on the processing of personal data.
Selected companies are obliged to process personal data in accordance with the law and only for the purposes of the contract. The administrator provides the Customer, at his request, with detailed information about the entity entrusted with data processing, the scope of the entrusted data and the date of their transfer. The administrator does not transfer data to a recipient in a third country (outside the EU) or international organizations.
VI. Cookies Policy:
1. The service does not automatically collect any sort of information, except information stored in cookies.
2. Cookies are packets of data, text files mostly, which are stored on the device of the User and are used during browsing of the Service’s websites. Cookies commonly contain the name of the website they originated from, the length of the time they’re stored on a device, and a unique number.
3. Placing the cookies on the browsing device of the User and accessing them is the responsibility of the Website’s operator, KarT Ltd., whose principal place of business is at ul. gen. Wł. Andersa 40d, 15-113 Białystok.
4. Cookies are used for:
a) providing anonymous website traffic data (using Google Analytics)
b) improving browsing experience
5. The Website uses two fundamental types of cookies: session cookies and persistent cookies. Session cookies are temporary files stored on the User’s browsing device until the User logs off, leaves the website, or closes the browsing application. Persistent cookies are stored on the User’s device for a specific time which is defined by the file’s parameters or until the file itself is deleted by the User.
6. The Website also uses additional types of cookies:
b) functionality cookies which allow the Website to “remember” the settings choices made by the User and to personalize the User’s interface, e.g. display a welcome banner only during the User’s first visit on the site.
7. In many cases, Internet browsing software allows cookies to be stored on the User’s browsing device by default. Users can choose, at any given time, to modify the cookie settings. These changes might include prohibiting the browser from handling cookies automatically or forcing it to inform the User each time a cookie is placed on the browsing device. Detailed information about the options and methods of handling cookies are available in the settings of the browser software.
8. The Website’s operator informs that restricting or disabling cookies can affect certain functionalities available on the Website’s pages.
9. You can find more information about cookies in the “Help” menu of your browser.
VIII. Technical standards:
Customer data is transferred using the secure SSL transmission protocol with the use of a 256 bit key. The transmission of encrypted data is checked by displaying encrypted keys or key symbols in the lower status bar of the browser.
IX. User rights in connection with the provision of personal data
Each user has the right to access and correct their personal data collected by the Administrator (e.g. by contacting us by e-mail, by letter or by phone).
The customer may also process his personal data in a commonly used, machine-readable format and send it in this format to another Administrator.
The data used for the purchase transaction cannot be changed or deleted, as they are used to document the sale, and thus they are part of the bill or invoice, unless the law allows for the correction of data being the basis for issuing an invoice. However, the data is deleted automatically after the period specified in point. 4.
In order to exercise his rights, the Administrator allows the Customer to access his personal data at any time, correct his personal data, request the deletion of his personal data or limit their processing, the right to object to the processing of personal data. The above rights are exercised by the Customer by sending an appeal, objection, rectification or other request regarding data processing in the form of an e-mail to the dedicated address to the personal data administrator: firstname.lastname@example.org
Upon revocation of consent or objection, the User's personal data will no longer be used for these purposes. The User may change / supplement personal data by sending an e-mail application to the following address: email@example.com
Withdrawal of consent does not affect compliance with the law with regard to activities performed by the Administrator prior to the withdrawal of consent.
Contact with the person supervising the processing of personal data is possible by e-mail at the following e-mail address: firstname.lastname@example.org or by phone at: +48 85 743 30 64.
X. Right to appeal:
The Administrator also informs that in the event of irregularities in the processing of data by the Administrator, the Customer has the right to lodge a complaint with the supervisory body (the President of the Office for Personal Data Protection).