Currently Empty: € 0
Privacy Policy
PRIVACY POLICY
MONOKOLO.EU STORE
TABLE OF CONTENTS:
-
General Provisions
-
Basis for Data Processing
-
Purpose, Basis, Duration, and Scope of Data Processing on the Website
-
Data Recipients on the Website
-
Profiling on the Website
-
Rights of the Data Subject
-
Cookies on the Website, Operational Data, and Analytics
-
Final Provisions
1. GENERAL PROVISIONS
1.1. This privacy policy of the Store is informative in nature, which means that it is not a source of obligations for the Service Users or Customers of the Store. The privacy policy contains primarily the rules regarding the processing of personal data by the Administrator on the Website, including the bases, purposes, and scope of personal data processing as well as the rights of individuals whose data is processed, and information regarding the use of cookies and analytical tools on the Website. 1.2. The administrator of personal data collected via the Store is SIARHEI TSVIRKO conducting business under the company name SIARHEI TSVIRKO, registered in the Central Register and Information on Economic Activity of the Republic of Poland, conducted by the minister competent for economic affairs, with the business address and delivery address: ul. Serwituty 40A, 02-233, Warsaw, NIP 5223228375, REGON 522333944, email address: monokolopolska@gmail.com, phone number: (+48) 798096832 – hereinafter referred to as the “Administrator” and being simultaneously the Service Provider of the Store and the Seller. 1.3. Personal data on the Website is processed by the Administrator in accordance with the applicable law, in particular, in accordance with the regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “GDPR” or the “GDPR Regulation”. The official text of the GDPR Regulation: . 1.4. Using the Store, including making purchases, is voluntary. Similarly, providing personal data by a customer using the Store is voluntary, with two exceptions: (1) conclusion of agreements with the Administrator – non-provision in the cases and scope indicated on the Store’s website and in the Store’s Regulations and this privacy policy of personal data necessary to conclude and perform a Sales Agreement or an Electronic Service agreement with the Administrator will result in the inability to conclude such an agreement. Providing personal data is, in such a case, a contractual requirement and if a person whose data concerns wishes to conclude an agreement with the Administrator, they are obliged to provide the required data. Each time, the scope of data required to conclude an agreement is indicated previously on the Store’s website and in the Store’s Regulations; (2) the Administrator’s statutory obligations – providing personal data is a statutory requirement resulting from generally applicable laws imposing on the Administrator the obligation to process personal data (e.g., data processing for the purpose of keeping tax books or accounting) and the failure to provide it will prevent the Administrator from fulfilling these obligations. 1.5. The Administrator exercises special diligence to protect the interests of persons whose personal data is processed, and in particular, is responsible and ensures that the data collected by him is: (1) processed in accordance with the law; (2) collected for specified, lawful purposes and not subjected to further processing inconsistent with those purposes; (3) factually correct and adequate in relation to the purposes for which it is processed; (4) stored in a form that permits identification of the persons to whom it relates for no longer than is necessary to achieve the purpose of processing; and (5) processed in a manner ensuring appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage, using appropriate technical or organizational measures. 1.6. Considering the nature, scope, context, and purposes of processing as well as the risk of violating the rights or freedoms of natural persons of varying probability and severity of threat, the Administrator implements appropriate technical and organizational measures to ensure that processing is carried out in accordance with this Regulation and to be able to demonstrate this. These measures are reviewed and updated as necessary. The Administrator uses technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically. 1.7. All words, expressions, and acronyms appearing in this privacy policy and beginning with a capital letter (e.g., Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Store’s Regulations available on the Store’s website.
2. BASIS FOR DATA PROCESSING
2.1. The Administrator is authorized to process personal data in cases where – and to the extent that – at least one of the following conditions is met: (1) the data subject has given consent to the processing of their personal data for one or more specific purposes; (2) processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary for compliance with a legal obligation to which the Administrator is subject; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, especially where the data subject is a child. 2.2. The processing of personal data by the Administrator requires the existence of at least one of the bases indicated in point 2.1 of the privacy policy. The specific bases for the processing of personal data of Service Users and Customers of the Store by the Administrator are indicated in the next point of the privacy policy – in relation to the given purpose of processing personal data by the Administrator.
3. PURPOSE, BASIS, DURATION, AND SCOPE OF DATA PROCESSING on the Website
3.1. Each time, the purpose, basis, duration, and scope, and recipients of personal data processed by the Administrator result from the actions taken by the given Service User or Customer on the Website. For example, if the Customer decides to make purchases on the Website and chooses personal collection of the purchased Product instead of courier delivery, their personal data will be processed in order to perform the concluded Sales Agreement, but will not be shared with the carrier carrying out the shipments on behalf of the Administrator. 3.2. The Administrator may process personal data on the Website for the following purposes, on the following bases, for the periods, and within the following scope:
| Purpose of data processing | Legal basis for processing and period of data storage | Scope of processed data |
|---|---|---|
| Performance of a Sales Agreement or contract for the provision of Electronic Services or taking steps at the request of the data subject prior to entering into the aforementioned contracts | Article 6(1)(b) of the GDPR Regulation (performance of the contract) | Data is stored for the period necessary to perform, terminate, or otherwise expire the concluded contract. Maximum scope: name and surname; email address; contact phone number; delivery address (street, house number, apartment number, postal code, city, country), residence/business address/headquarters (if different from the delivery address). For Service Users or Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Service User or Customer. The provided scope is the maximum – for example, in the case of personal collection, it is not necessary to provide the delivery address. |
| Direct marketing | Article 6(1)(f) of the GDPR Regulation (legitimate interest of the administrator) | Data is stored for the duration of the legitimate interest pursued by the Administrator, no longer than the period of limitation of claims against the data subject in connection with the business activity conducted by the Administrator. The limitation period is specified by law, in particular the Civil Code (the basic limitation period for claims related to business activity is three years, and for a sales contract, two years). The Administrator may not process data for direct marketing purposes in the event of an effective objection to such processing by the data subject. Scope: email address. |
| Marketing | Article 6(1)(a) of the GDPR Regulation (consent) | Data is stored until the consent is withdrawn by the data subject for further processing of their data for this purpose. Scope: name, email address. |
| Expression of the Customer’s opinion on the concluded Sales Agreement | Article 6(1)(a) of the GDPR Regulation | Data is stored until the consent is withdrawn by the data subject for further processing of their data for this purpose. Scope: email address. |
| Keeping tax books | Article 6(1)(c) of the GDPR Regulation in connection with Article 86 § 1 of the Tax Ordinance of January 17, 2017 (Journal of Laws of 2017, item 201) or Article 74(2) of the Accounting Act of January 30, 2018 (Journal of Laws of 2018, item 395) | Data is stored for the period required by law imposing an obligation on the Administrator to store tax books (until the expiration of the tax obligation period, unless tax laws provide otherwise) or accounting records (5 years from the beginning of the year following the financial year to which the data pertains). Scope: name and surname; residence/business address/headquarters (if different from the delivery address), company name, and tax identification number (NIP) of the Service User or Customer. |
| Establishing, pursuing, or defending claims that may be raised by the Administrator or that may be raised against the Administrator | Article 6(1)(f) of the GDPR Regulation | Data is stored for the duration of the legitimate interest pursued by the Administrator, no longer than the period of limitation of claims against the data subject in connection with the business activity conducted by the Administrator. The limitation period is specified by law, in particular the Civil Code (the basic limitation period for claims related to business activity is three years, and for a sales contract, two years). Scope: name and surname; contact phone number; email address; delivery address (street, house number, apartment number, postal code, city, country), residence/business address/headquarters (if different from the delivery address). For Service Users or Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Service User or Customer. |
4. DATA RECIPIENTS on the Website
4.1. For the proper functioning of the Store, including the implementation of concluded Sales Agreements, it is necessary for the Administrator to use external entities (such as software providers, couriers, or payment processors). The Administrator uses only those processors who provide sufficient guarantees for implementing appropriate technical and organizational measures, so that processing meets the requirements of the GDPR Regulation and protects the rights of data subjects. 4.2. Personal data may be transferred by the Administrator to a third country, provided that such a country ensures an adequate level of protection – in accordance with the GDPR Regulation, and the data subject has the right to obtain a copy of their data. The Administrator transfers collected personal data only in cases and to the extent necessary to fulfill the specific purpose of data processing in accordance with this privacy policy. 4.3. The transfer of data by the Administrator does not occur in every instance and not to all indicated recipients or categories of recipients in the privacy policy – the Administrator transfers data only when it is necessary to achieve the specific purpose of personal data processing and only to the extent necessary to achieve it. For example, if the Customer opts for personal collection, their data will not be transferred to a carrier cooperating with the Administrator. 4.4. Personal data of Service Users and Customers of the Store may be transferred to the following recipients or categories of recipients:
4.4.1. Carriers / Forwarders / Courier Brokers – in the case of a Customer who uses the postal or courier delivery method on the Website, the Administrator provides the collected personal data of the Customer to the selected carrier, forwarder, or intermediary performing the shipments on behalf of the Administrator to the extent necessary to deliver the Product to the Customer. 4.4.2. Entities processing electronic payments or payment cards – in the case of a Customer who uses electronic payment or card payment methods on the Website, the Administrator provides the collected personal data of the Customer to the selected entity processing the above payments on the Website on behalf of the Administrator to the extent necessary to handle the payment made by the Customer. 4.4.3. Credit / Leasing entities – in the case of a Customer who uses installment or leasing payment methods on the Website, the Administrator provides the collected personal data of the Customer to the selected credit or leasing entity servicing the above payments on the Website on behalf of the Administrator to the extent necessary to handle the payment made by the Customer. 4.4.4. Survey system providers – in the case of a Customer who agreed to express an opinion on the concluded Sales Agreement, the Administrator provides the collected personal data of the Customer to the selected entity providing the survey system for Sales Agreements concluded on the Website on behalf of the Administrator to the extent necessary for the Customer to express their opinion using the survey system. 4.4.5. Service providers supplying the Administrator with technical, IT, and organizational solutions, enabling the Administrator to conduct business activities, including the Store and the Electronic Services provided through it (in particular, software providers for running the Store, email and hosting providers, and software providers for managing the company and providing technical support to the Administrator) – the Administrator provides the collected personal data of the Customer to the selected service provider acting on his behalf only in the case and to the extent necessary to achieve the specific purpose of data processing in accordance with this privacy policy. 4.4.6. Accounting, legal, and advisory service providers ensuring the Administrator’s accounting, legal or advisory support (in particular, an accounting office, law firm, or debt collection company) – the Administrator provides the collected personal data of the Customer to the selected service provider acting on his behalf only in the case and to the extent necessary to achieve the specific purpose of data processing in accordance with this privacy policy.
5. PROFILING on the Website
5.1. The GDPR Regulation imposes on the Administrator the obligation to inform about automated decision-making, including profiling, referred to in Art. 22(1) and (4) of the GDPR Regulation, and – at least in these cases – significant information about the rules for making such decisions, as well as the significance and expected consequences of such processing for the data subject. Considering this, the Administrator provides information regarding possible profiling in this point of the privacy policy. 5.2. The Administrator may use profiling on the Website for direct marketing purposes, but decisions based on it made by the Administrator do not concern the conclusion or refusal to conclude a Sales Agreement, or the possibility of using Electronic Services on the Website. The result of using profiling on the Website may be, for example, granting a discount to a person, sending them a discount code, reminding them of unfinished purchases, sending a product proposal that may match the interests or preferences of that person, or offering better conditions compared to the standard offer of the Store. Despite profiling, the person freely decides whether they want to take advantage of the received discount or better conditions and make a purchase on the Website. 5.3. Profiling on the Website involves automatic analysis or prediction of a person’s behavior on the Store’s website, for example, by adding a specific Product to the cart, browsing a specific Product page on the Website, or analyzing the purchase history made on the Website. The condition for such profiling is that the Administrator has personal data of that person to be able to send, for example, a discount code. 5.4. The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
6. RIGHTS OF THE DATA SUBJECT
6.1. Right of access, rectification, restriction, erasure, or portability – The data subject has the right to request from the Controller access to their personal data, its rectification, erasure (“the right to be forgotten”), or restriction of processing, as well as the right to object to processing, and the right to data portability. Detailed conditions for exercising these rights are specified in Articles 15-21 of the GDPR. 6.2. Right to withdraw consent at any time – A data subject whose data is processed by the Controller based on expressed consent (under Article 6(1)(a) or Article 9(2)(a) of the GDPR) has the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. 6.3. Right to lodge a complaint with a supervisory authority – A data subject whose data is processed by the Controller has the right to lodge a complaint with a supervisory authority in the manner and procedure specified in the GDPR and Polish law, especially the Act on Personal Data Protection. The supervisory authority in Poland is the President of the Personal Data Protection Office. 6.4. Right to object – A data subject has the right to object, at any time, on grounds relating to their particular situation, to processing of their personal data based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the Controller), including profiling based on these provisions. In such a case, the Controller may no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims. 6.5. Right to object to direct marketing – If personal data is processed for direct marketing purposes, the data subject has the right to object at any time to processing of their personal data for such marketing, including profiling to the extent that it is related to such direct marketing. 6.6. To exercise the rights referred to in this section of the privacy policy, you can contact the Controller by sending an appropriate message in writing or by email to the address provided at the beginning of the privacy policy or using the contact form available on the Store’s website.
7. COOKIES ON THE WEBSITE, OPERATING DATA AND ANALYTICS
7.1. Cookies are small text information in the form of text files sent by the server and stored on the side of the person visiting the Store’s website (e.g., on the hard drive of a computer, laptop, or on a smartphone’s memory card – depending on the device used by the visitor to our Online Store). Detailed information about cookies and their history can be found, among others, here: . 7.2. The Controller may process data contained in cookies when visitors use the Store’s website for the following purposes: 7.2.1. Identifying Service Users as logged in on the Website and showing that they are logged in; 7.2.2. Remembering Products added to the basket for placing an Order; 7.2.3. Remembering data from completed Order Forms, surveys, or login data to the Store; 7.2.4. Adjusting the content of the Store’s website to the individual preferences of the Service User (e.g., regarding colors, font size, page layout) and optimizing the use of the Store’s website; 7.2.5. Conducting anonymous statistics presenting the way the Store’s website is used; 7.2.6. Remarketing, which is studying the characteristics of visitors to the Online Store through anonymous analysis of their activities (e.g., repeating visits to certain pages, keywords, etc.) to create their profile and deliver them ads tailored to their predicted interests, even when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. 7.3. By default, most web browsers available on the market accept the saving of cookies. Each person has the possibility to specify the conditions for using cookies through their own web browser settings. This means that it is possible, for example, to partially limit (e.g., temporarily) or completely disable the ability to save cookies – in the latter case, however, this may affect some functionalities of the Store (e.g., it may be impossible to go through the Order path via the Order Form due to not remembering Products in the basket during subsequent steps of placing the Order). 7.4. Web browser settings regarding cookies are important from the perspective of consent to use cookies by our Online Store – in accordance with the regulations, such consent may also be expressed through web browser settings. If no such consent is given, the web browser settings regarding cookies should be accordingly changed. 7.5. Detailed information on changing the settings regarding cookies and their independent removal in the most popular web browsers are available in the help section of the web browser and on the following pages (just click on the given link): in Chrome browser in Firefox browser in Internet Explorer browser in Opera browser in Safari browser in Microsoft Edge browser 7.6. The Controller may use Google Analytics and Universal Analytics services provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) and Facebook Pixel service provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the Website. These services help the Controller analyze traffic on the Website. The data collected is processed within these services in an anonymized manner (these are so-called operational data that prevent identification of the person) to generate statistics helpful in administering the Online Store. This data is collective and anonymous, i.e., it does not contain identifying characteristics (personal data) of visitors to the Store’s website. By using the above services on the Website, the Controller collects data such as the sources and medium of obtaining visitors to the Online Store and their behavior on the Store’s website, information about devices and browsers used to visit the site, IP and domain, geographical data, and demographic data (age, gender) and interests. 7.7. It is possible to block Google Analytics from sharing information about a person’s activity on the Store’s website easily – to do this, you can install a browser add-on provided by Google Ireland Ltd. available here: . 7.8. Managing the operation of Facebook Pixel is possible through ad settings in your account on Facebook.com: .
8. FINAL PROVISIONS
8.1. The Online Store may contain links to other websites. The Controller encourages you to familiarize yourself with the privacy policy established there after transitioning to other sites. This privacy policy applies only to the Controller’s Store.
