I. Identity of the personal data administrator
The
administrator of your personal data is Shopinbit sp. z o.o. with its
registered office in Kraków (KRS: 0000932953), which manages the
shopinbit.com website.
II. Contact details
Contact with the Administrator in matters related to personal data protection is possible through:
1) correspondence address: al. Powstania Warszawskiego 15, 31-539, Kraków
2) e-mail address: info@shopinbit.com.
III. Purposes of processing and legal basis of personal data processing
Your personal data will be processed in order to:
1) the performance of the contract for the provision of services by electronic means, which enable you to:
◦ making purchases on the shopinbit.com website and ordering the
shipment of purchased goods through carriers cooperating with the
Administrator under the terms and conditions specified in the
regulations;
◦ maintaining an account on the website, which
enables you to use the services offered by the Administrator (Article
6(1)(b) of the RODO). Thanks to your personal data, we can provide
services to you, which would not be possible without the processing of
personal data.
2) to contact you on matters related to the
Administrator's business and to answer your questions when you contact
us, which is the fulfilment of the Administrator's legitimate interest
in being able to communicate on matters related to the Administrator's
business (Article 6(1)(f) RODO). As a general rule, correspondence on
general matters and not directly related to the services provided to a
specific service recipient may be conducted anonymously. However, if the
contact relates to services provided to a specific service recipient -
then we will need to know the identity of the person contacting us so
that we can verify that the information is provided to an authorised
person.
3) to perform legal obligations related to the
performance and settlement of the contract (e.g. issuing and recording
invoices) - (Article 6(1)(c) RODO in connection with the Value Added Tax
Act (in particular Article 112) and in connection with the Tax
Ordinance, in particular Article 86). Generally applicable regulations
imply the obligation to keep records related to the performance of the
contract also after the end of the contract, so you must be aware that
your personal data will not be deleted immediately after the performance
of the contract.
4) To comply with legal obligations
relating to the provision of personal data at the request of authorised
state authorities (Article 6(1)(c) RODO in conjunction with Article
18(5) of the Act on Provision of Electronic Services in conjunction with
the relevant provision of national law, which allows state authorities
to obtain personal data for the purposes of their investigations).
Generally applicable regulations oblige us to make data on our service
recipients available if requested by an authorised authority. As a
matter of principle, however, we do not make such personal data
available to entities other than state authorities (e.g. for the
purposes of private prosecution).
5) to carry out analyses of
users' activities, as well as of their preferences in order to improve
the functionalities used, if the user agrees to this by means of a
cookie management tool (Article 6(1)(a) RODO), as well as to carry out
marketing activities based on information from cookies, if the user
agrees to this (Article 6(1)(a) RODO). The fulfilment of these purposes
is made possible by cookies, which we may collect on our website, but
only with your consent expressed by adjusting your selection via the
cookie management tool. For the sake of readability, we have prepared a
separate document describing how cookies work (Cookie Policy).
6) Satisfaction surveys and improving the quality of the services
provided, which is the Administrator's legitimate interest in being able
to improve the quality of the services provided (Article 6(1)(f) RODO).
We want our services to meet the expectations of our customers, so from
time to time we may ask for your opinion on our services - however, if
you choose not to share your opinion on our services, it is possible to
object to the processing of your personal data for this purpose.
7) to provide network security, including preventing unauthorised
access to electronic communications and preventing damage to computer
systems, which is our legitimate interest in being able to provide our
services in a secure manner (Article 6(1)(f) of the DPA).
8)
the establishment, investigation or defence of claims, which is our
legitimate interest in protecting our case in the event of a potential
dispute at a judicial or pre-court stage (Article 6(1)(f) RODO). For
this purpose, we may retain, among other things, information from
correspondence carried out, information about services provided and
other information that we consider useful in the event of a potential
dispute.
9) to send you marketing information about the
Administrator's services and activities via email, but only if you have
consented to the marketing contact (Article 6(1)(a) RODO):
◦
Newsletter - these will be messages that are not directly related to
the service provided to you, but messages containing information that
includes selected offers that we have prepared during a given period.
Your consent for such contact is completely voluntary and entirely at
your discretion. When you register for the newsletter, we save your
email address and the IP address entered by your internet service
provider, as well as the date and time of registration, in order to be
able to trace any abuse or errors later. We will ask you to confirm your
subscription to the Newsletter service in a special email.
◦
Notification of availability of goods - we offer the possibility to
inform you by e-mail about the availability of items temporarily out of
stock in our webshop. To do so, you must provide your email address. If
you use the product availability email notification service, we will
send you a one-time email about the renewed availability of the
product(s) of your choice in the webshop. By activating the confirmation
link, you consent to the use of When you register for our product
availability email notification service, we store your IP address
entered by your Internet Service Provider (ISP) and the date and time of
registration. To increase the security of the service, we use a double
opt-in procedure. We will ask you to confirm your subscription to the
Newsletter service in a special email.
IV. Information for recipients
We
will also process the personal data of the recipients of items and
services purchased from the service, which we will obtain from the
senders at the ordering stage of the service. This includes personal
data such as (1) name/company name, (2) address, (3) email address and
(4) telephone number. The processing of this personal data is necessary
for us to provide our services in accordance with our business
objectives, whereby we pursue our legitimate interest (Article 6(1)(f)
RODO).
We process the personal data for this purpose for the
duration of the performance of the service and thereafter retain the
data for the purpose of fulfilling our legal obligations in connection
with the performance and settlement of the contract (Art. 6(1)(c) RODO
in connection with the Value Added Tax Act (in particular Art. 112) and
in connection with the Tax Ordinance, in particular Art. 86).
Recipients'
personal data will be processed for the period of the statute of
limitations for the tax liability, effective at the end of the calendar
year.
V. Carriers as recipients of personal data
The
provision of services within the shopinbit.com website is closely linked
to the cooperation of the Administrator with carriers, who are separate
controllers of your personal data and process it for the purpose of
carrying out the ordered shipment and handling the order.
When
we accept a shipment order for a shipment, we obtain the data of the
sender and recipient such as (1) name/company name, (2) address, (3)
e-mail address and (4) telephone number. We then share this personal
data with the carrier who will be responsible for transporting the
shipment, as a result of which such carrier becomes the recipient of the
personal data and a separate data controller.
We encourage you
to read the information on the processing of personal data presented by
the carrier who will be responsible for the transport of your shipment.
We use the following carriers:
- Deutsche Post, (Deutsche Post
AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, with which we process your
personal data for the purpose of providing the service. You can read
about the data processing rules here:
https://www.deutschepost.de/en/f/footer/data-protection-and-cookies.html;
- DHL (DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn; You can
read about the principles of data processing by here:
https://www.dpdhl.com/en/data-protection.html
- DHL (DHL Freight GmbH, Godesberger Allee 102-104, 53175 Bonn, Germany; https://www.dpdhl.com/en/data-protection.html
- DPD (DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg) You
can read about the data processing principles here:
https://www.dpd.com/de/de/datenschutz/
- FedEx (FedEx Express
Germany GmbH, Langer Kornweg 34 k, 65451 Kelsterbach) You can read about
the data processing principles here
https://www.fedex.com/de-de/privacy-policy.html
- GLS (General
Logistics Systems Germany GmbH & Co. OHG, GLS Germany-Strasse 1 - 7,
36286 Neuenstein) You can read about the data processing principles of
GLS here
https://gls-group.eu/DE/de/datenschutz-standard#:~:text=GLS%20Germany%20sch%C3%BCtzt%20Ihre%20personenbezogenen,eingegebenen%20Daten%20per%20SSL%2DVerschl%C3%BCsselung.
- Hermes (Hermes Logistik Gruppe Deutschland GmbH, Essener Straße 89,
22419 Hamburg): You can read about the data processing rules here
https://www.myhermes.de/datenschutz/
- Schenker (Schenker
Deutschland AG, Lyoner Straße 15, 60528 Frankfurt am Main): You can read
about the data processing principles here
https://www.dbschenker.com/de-de/meta/datenschutz.
- UPS (United
Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460
Neuss) You can read about the principles of data processing by here:
https://www.ups.com/de/de/help-center/legal-terms-conditions/privacy-notice.page?
- Inpost (Inpost sp. z o.o., ul. Wielicka 28, 30-552 Kraków) You can
read about the principles of data processing by Inpost here:
https://inpost.pl/polityka-prywatnosci.
- Poczta Polska (Poczta
Polska Spółka Akcyjna, ul. Rodziny Hiszpańskich 8, 00-940 Warsaw) You
may read about the principles of data processing by Poczta Polska here
http://bip.poczta-polska.pl/iinformacja-o-zbieraniu-danych-osobowych/.
VI. Payment processors as recipients of personal data
◦ PayPal (PayPal Europe, Sarl et Cie, SCA, 22-24 Boulevard Royal,
L-2449 Luxembourg In case of payment by PayPal, credit card by PayPal,
direct debit by PayPal or any other form of payment chosen by PayPal, we
will transfer your payment data to PayPal. The transfer is carried out
in accordance with Article 6(1)(b) RODO and only to the extent that it
is necessary for the processing of your payment.
PayPal reserves the
right to carry out a credit check for late payment purchase methods. For
this purpose, payment data may be passed on to credit agencies in
accordance with Article 6(1)(f) RODO on the basis of PayPal's legitimate
interest in determining your solvency. For exact information on how
PayPal processes your personal data, please refer to PayPal's Privacy
Policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full;
VII. Other categories of recipients of your personal data
Your
personal data will furthermore be processed by the following entities
with whom we cooperate in pursuit of the legitimate interests of the
Controller on the basis of Article 6(1)(f) RODO:
hosting provider
(dogado GmbH, Antonio-Segni-Straße 11, 44263 Dortmund, Germany) and
email provider (STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin);
1) the service evaluation provider ShopVote (Blickreif GmbH,
Schulstraße 46, 80634 Munich), which serves to protect the
Administrator's overriding legitimate interests in the optimal marketing
of the offer in accordance with Article 6 (1) sentence 1 lit. f RODO.
The web server automatically saves a so-called server log file, which
contains, for example, your IP address, the date and time of the
connection, the amount of data transferred and the source of the
connection (access data) and documents the call. This access data is
deleted no later than seven days after the end of your visit to the
website. The ShopVote plug-in does not record or store any other
personal data.
2) Entities providing legal services, accounting
services, tax services and other advisory, analytical and marketing
services;
3) banks and financial services intermediaries.
4) video plug-in service providers: Youtube (Google Ireland Limited,
Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This
plug-in uses the YouTube embed feature to display and play videos from
the provider "Youtube", which is owned by Google Ireland Limited. If you
start playing embedded videos from YouTube, the provider "Youtube" uses
cookies to collect information about your behaviour. According to
"Youtube", they are used to, among other things, collect video
statistics, improve user-friendliness and prevent abuse. If you are
logged into Google, your data will be assigned directly to your account
when you click on a video. If you do not want to be associated with your
YouTube profile, you must log out before activating the button. Google
stores your data (even if you are not logged in) as user profiles For
more information on data protection, see "YouTube" in the YouTube Terms
of Use at https://www.youtube.com/static?template=terms.
VIII. Period of storage of your personal data
Your personal data processed for:
1) the performance of the contract for the provision of services by
electronic means, will be processed until all services under the
contract have been provided and, if you have an account with
shopinbit.com, until it is deleted. We would also like to remind you
that we may delete your account on our own under the terms and
conditions set out in the terms and conditions.
2) To contact
you on matters related to the Administrator's business and to answer
questions from customers and potential customers, your personal data
will be processed for a period that allows for the continuity of the
correspondence. Thereafter, this personal data may be archived and
stored in accordance with the retention period for the purpose of
establishing, investigating or protecting against claims.
3)
to perform legal obligations related to the performance and settlement
of the contract (e.g. issuing and recording invoices), will be processed
for the period of the statute of limitations of the tax liability,
effective at the end of the calendar year.
4) to comply with
legal obligations related to the provision of personal data at the
request of authorized state authorities, will be processed on an ad hoc
basis and then in accordance with the purpose in the form of contact in
matters related to the activities of the Administrator.
5)
Conducting analyses of users' activities, as well as their preferences
in order to improve the functionality used, as well as conducting
marketing activities based on information from the so-called cookies,
will be processed for the period indicated in the cookie management
tool, as a rule not longer than one year. It is also possible to
withdraw consent for this purpose of processing in advance, which will
result in the discontinuation of the processing of personal data.
6) Satisfaction surveys and improving the quality of the services
provided will be processed on an ad hoc basis and then in accordance
with the purpose of contacting you on matters related to the
Administrator's activities, unless you object in advance to the
processing of your personal data for this purpose.
7) to
ensure network security, including the prevention of unauthorised access
to electronic communications and the prevention of damage to computer
systems, will be processed on an ad hoc basis, allowing us to ensure an
adequate level of security.
8) establishing, investigating or
defending against claims, will be processed until the claims are
time-barred or until the possibility of an administrative fine is
barred.
9) to send you information about the Administrator's
services and activities via email, will be processed until you withdraw
your consent. We may also decide to stop sending this type of
information earlier when we consider that this type of communication is
not effective. It is also possible to withdraw consent for this purpose
of processing earlier, which will result in the cessation of the
processing of personal data.
10) to send information on
product availability via email, will be processed until the service is
provided. It is also possible to withdraw consent for this purpose of
processing in advance, which will result in the cessation of the
processing of personal data.
IX. Rights in relation to the processing of your personal data
In connection with the processing of your personal data, you have the right to:
1) access to the content of your data (Article 15 RODO)
2) rectification of your data (art. 16 RODO)
3) erasure of your data (art. 17 RODO)
4) restriction of data processing (Art. 18 RODO)
5) data portability (Art. 20 RODO)
6) to object to the processing (art. 21 RODO)
7) not to be subject to decisions taken under automated data processing conditions, including profiling (Article 22 RODO)
Whenever
the legal basis for the processing of your personal data is consent,
you may withdraw it at any time, but this does not affect the lawfulness
of the processing carried out before the withdrawal of consent.
Exercising these rights is possible under the terms of the RODO, after contacting the Administrator in advance.
X. Transfer of personal data outside the European Economic Area
As
a general rule, we do not transfer personal data outside the European
Economic Area. Your privacy is our highest priority and we do not
transfer data to countries that do not apply the highest privacy rules.
XI. Right to lodge a complaint
If
you consider that the processing of your data is unlawful, you have the
right to lodge a complaint with the supervisory authority - the
President of the Office for Personal Data Protection. Nevertheless, we
would like to inform you that we respect the privacy of our users and it
is one of the most important values of our company, so we recommend
that you contact us before taking such action - we will certainly find a
solution.
COOKIE POLICY
I. Basic information about cookies
We
use cookies on our website. Cookies are small pieces of text which a
website sends to your browser and which your browser sends back the next
time you visit the website. Cookies do not normally allow direct
identification of the user. There are three types of cookies:
1) Session cookies - temporarily stored in the browser's memory until
the browser is closed. These are necessary for the correct functioning
of certain applications and functionalities;
2) Permanent -
facilitate the use of websites (they remember the user's preferences).
They remain in the browser's memory for a longer period of time;
If
the above information is of interest to you and you want to know how
cookies work in detail, we encourage you to read the information about
cookies on Wikipedia. You can also find information about cookies at
wszystkoociasteczkach.pl. You are also welcome to contact us by e-mail.
II. Purposes for storing and accessing cookies. Information on third party tools.
Purpose
Example use of cookies
Remembering your settings
Store information about the settings selected by the user of the website. For example: "NID" and "cookies_accepted".
Analytics
They
help to understand how users use the website by collecting information
and generating reports with statistics. These cookies may also, in
conjunction with other cookies, allow more relevant advertising to be
displayed. For example: "_ga".
Security
Restrict data collection
if the website receives too many user requests. In this situation, some
user requests are subject to blocking. For example: "SID" and "HSID".
Session status
They
store information about how users use the website. They store the
session ID and group together the activity of the entire session for the
website user. They help to improve services and enhance the website
user experience. For example: "PHPSESSID"
Advertising
Allow you to
tailor advertising to users and obtain reports on the effectiveness of
an advertising campaign. For example: "IDE", "NID", "ANID" and "SID"
provided by Google.
The scope and purpose of the cookies we use
depends on your consent, which is given via the cookie management tool
(Article 6(1)(a) RODO). You can withdraw this consent at any time, but
this does not affect the lawfulness of the processing carried out before
the withdrawal of consent. Since, within the framework of cookies, part
of the information may constitute personal data, we also suggest you
read our Privacy Policy, in which we describe the principles on which we
process personal data.
As part of the use of cookies, part of
the information may be transferred to service providers that are based
outside the European Economic Area, i.e. in the United States. The legal
basis for the transfer will be the Standard Contractual Clauses. The
content of these clauses is publicly available online in the EUR-lex
electronic database of European Union legislation. Privacy laws in the
United States may not provide the protections of the RODO, so we do not
transfer relevant information about you (so-called content) to these
entities. Due to potential access to your data by services from the
United States, we have safeguards in place to ensure the security of
such transfers. If you would like to know more about such a transfer,
please contact us. You may also choose not to consent to the use of such
tools.
III. Ability to specify the conditions for storing and accessing cookies through your software settings
It
is also possible to determine the conditions for storing and accessing
cookies by means of the software settings installed on the device you
are using. Please refer to the instructions for the most popular web
browsers.
1) Chrome https://support.google.com/chrome/answer/95647?hl=pl
2)
Firefox:https://support.mozilla.org/pl/kb/wzmocniona-ochrona-przed-sledzeniem-firefox-desktop?redirectlocale=pl&redirectslug=W%C5%82%C4%85czanie+and+you%C5%82%C4%85control+obs%C5%82ug+cookies
3) Opera https://help.opera.com/pl/latest/web-preferences/#cookies
4) Safari https://support.apple.com/de-de/guide/safari/sfri11471/mac
5) Microsoft Edge https://privacy.microsoft.com/pl-pl/privacystatement