1.2 The Administator of personal data collected by the Online Shop is :
Firma Handlowa "BOZ" S.A. with limited liability based in Rzeszów (35-328), ul. Geodetow 3, NIP: 8133193947, REGON: 691535697, hereinafter referred to as the "Administrator" and being at the same time a Service Provider of the Online Store and the Seller.
1.3 The personal data of the recepient and the customer are processed according to the Personal Data Protection Act of August 29, 1997 (Journal of Laws 1997 No. 133, item 883, as amended) (hereinafter: the Personal Data Protection Act) and the Act on providing electronic services of July 18, 2002 (Journal of Laws 2002 No. 144, item 1204, as amended).
1.4. The Administrator takes special care to protect the interests of the subjects to which the data applies, and in particular ensures that the data they collect are processed in accordance with the law; collected for specified, legitimate purposes and not subject to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form allowing identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.
1.5. All words, expressions and acronyms appearing on this page and beginning with a capital letter (example: Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Online Store Regulations available on the Online Store website.
2. PURPOSE AND RANGE OF COLLECTED DATA, AND DATA RECEIVERS
2.1. Each time the purpose, range and recipient data processed by the Administrator result from actions taken by the Recipient or the Customer in the Online Shop.. For example, if the Customer selects personal collection instead of a courier parcel delivery during ordering, his personal data will be processed in order to conclude and execute the Sales Agreement, but will no longer be made available to the carrier performing the shipment at the request of the Administrator.
2.2. Possible goals of collecting personal data of Customers or Customers by the Administrator:
2.2.1. conclusion and implementation of a Sales Agreement or contract for the provision of Electronic Services (e.g. Account).
2.2.2. direct marketing of the Administrator's own products or services.
2.3. Possible recipients of personal data of Customers of the Online Store:
2.3.1. In the case of a Customer who uses the courier service in the Online Store, the Administrator provides the Customer's personal data collected to a selected carrier or intermediary performing the shipment at the request of the Administrator.
2.3.2. In the case of a Customer who uses the Online Store with the method of payment by credit card, the Administrator provides the collected personal data of the Customer to the selected entity servicing the above payments in the Online Store.
2.4. The Administrator may process the following personal data of the Customers or Clients using the Online Store: name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, zip code, city, country), address of residence / business / seat (if different from delivery address). In the case of Clients or Customers who are not consumers, the Administrator may additionally process the company name and tax identification number (NIP) of the Customer or the Customer.
2.5. Providing personal data referred to in the point above may be necessary to conclude and implement the Sales Agreement or contract for the provision of Electronic Services in the Online Store. Each time the scope of data required to conclude a contract is indicated previously on the Online Store website and in the Online Store Regulations.
3. COOKIES AND OPERATIONAL DATA
3.1. Cookies (cookies) are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (eg on the hard drive of the computer, laptop or on the smartphone's memory card - depending on which device is used visiting our Online Shop). Detailed information about cookies as well as the history of their creation can be found, among others here: http://en.wikipedia.org/wiki/City.
3.2. The Administrator may process data contained in Cookies when users use the Online Store for the following purposes:
3.2.1. identification of the Registered Users as logged in to the Online Store and showing that they are logged in;
3.2.2. memorizing Products added to the basket in order to place an Order;
3.2.3. remembering data from completed Order Forms, surveys or login details to the Online Store;
3.2.4. adjusting the content of the Online Store's website to the individual preferences of the Service Recipient (eg regarding colors, font size, page layout) and optimizing the use of Online Store websites;
3.2.5. keeping anonymous statistics showing how to use the Online Store website.
3.3. By default, most web browsers available on the market accept cookies by default. Everyone has the possibility to define the terms of using cookies using the own browser's settings. This means that you can, for example, partially restrict (eg temporarily) or completely disable the option of saving cookies - in the latter case, however, it may affect some functionalities of the Online Store (for example, it may not be possible to pass the order path through the Order Form due to for not memorizing the Products in the basket during the next steps of placing the Order).
3.5. Detailed information on changing cookies settings and their self-removal in the most popular web browsers are available in the help section of the web browser and on the following pages (just click on the link):
• in the Chrome browser
• in the Firefox browser
• in the Internet Explorer browser
• in the Opera browser
• in the Safari browser
3.6. The Administrator also processes anonymised operational data related to the use of the Online Store (so-called logs - IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store. Logs are not disclosed to third parties.
4. BASIS OF DATA PROCESSING
4.1. Providing personal data by the Service Recipient or Customer is voluntary, but failure to provide the personal data indicated in the Online Store website and in the Online Store Regulations necessary for the conclusion and implementation of the Sales Agreement or contract for the provision of Electronic Services results in the inability to conclude this Agreement.
4.2. The basis for the processing of personal data of the Customer or the Customer is the need to perform the contract to which he is a party or to take action on its request before its conclusion. In the case of data processing for direct marketing of the Administrator's own products or services, the basis for such processing is (1) prior consent of the Customer or Client or (2) fulfillment of legally justified purposes carried out by the Administrator (in accordance with Article 23 paragraph 4 of the Act on personal data protection) legally justified purpose is in particular the direct marketing of the Administrator's own products or services).
5. THE RIGHT TO CHECK, ACCESS THEIR CONTENT AND MAKE IMPROVEMENT
5.1. The Service Recipient or the Customer has the right to access their personal data and correct it.
5.2. Each person has the right to control the processing of data related to him, contained in the Administrator's data file, in particular the right to: request supplementing, updating, rectifying personal data, temporary or permanent suspension of their processing or their removal if they are incomplete, out of date, false or have been collected in violation of the Act or are no longer necessary to achieve the purpose for which they were collected.
5.3. If the Customer or the Customer grants consent to the processing of data for direct marketing of the Administrator's own products or services, the consent may be revoked at any time.
5.4. In the event that the Administrator intends to process or process data of the Service Recipient or Customer for direct marketing of the Administrator's own products or services, the data subject is also entitled to (1) submit a written motivated request to cease processing of his data due to its special situation or (2) object to the processing of its data.
6. GOOGLE ANALYTICS, OPTIMIZELY AND HOTJAR WEB ANALYTICS
6.1. The administrator uses the Google Analytics services provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA), HotJar services provided by Hotjar Ltd (Malta) and Optimizely services provided by Optimizely Inc. (631 Howard Street, Suite 100, San Francisco, CA 94105). These services help the Administrator analyze how to use the Online Store.
6.3 Information obtained through cookies files is stored on servers used by Google Inc, HotJar Ltd and Optimizely Inc., including in the United States. If you activate the anonymisation of an IP address while using the Online Store, the IP address will be shortened even in the Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to the United States and shortened there.
6.4 At the request of the Administrator of Google Inc., HotJar Ltd and Optimizely Inc. will use this information to assess the use of the Online Store by the User, create reports on website traffic and provide other services related to the use of e-Store.
6.5 The data collected is processed as part of the above services in an anonymised way (these are so-called operational data that make it impossible to identify a person). These data are aggregate and anonymous, i.e. they do not contain features identifying people using the Online Store.
6.8 HotJar can record mouse clicks, mouse movements, scroll activity and entered information that is not personal data.
6.9 It is also possible to generally prevent the transmission of data from the User's device to Google Analytics, HotJar Ltd and Optimizely using cookies (including IP forwarding) by downloading the browser plug-in available from Google Inc, HotJar Ltd and Optimizely Inc. at the following address. And its installation: https://tools.google.com/dlpage/gaoptout?hl=en, https://www.hotjar.com/contact and http://www.optimizely.com/opt_out.
6.10 Detailed information about the principles under which the above services operate, including the rules for data collection and processing are available here: www.google.com/intl/pl/policies/privacy/partners/.
7. FINAL PROVISIONS
7.2. The Administrator uses technical and organizational measures to ensure that personal data being processed is protected against hazards and categories of data protected, in particular, protects data against unauthorized access, being taken by an unauthorized person, processing in violation of applicable laws and changes, loss, damage or destruction.
7.3. The Administrator appropriately provides the following technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons:
7.3.1. Securing the data set against unauthorized access.
7.3.2. Access to the Account only after providing an individual login and password.
7.3.3. SSL certificate.