Skip to content Skip to footer
0 items - PLN 0 0
Package of 12 Attractions 😍
0 items - PLN 0 0
Package of 12 Attractions 😍
0 items - PLN 0 0
Close

PRIVACY POLICY 🔒

WEBSITE PRIVACY POLICY

1. For the Owner of this website, data protection

Users is of paramount importance. It makes great efforts to

Users felt safe entrusting their personal data when using the website.

(2) A user is a natural person, a legal person or an organisational unit,

an unincorporated entity, to which legal capacity is granted by law, using the electronic services available on the website.

This privacy policy explains the principles and scope of the processing of the User's personal data, his/her rights as well as his/her obligations.

controller of this data and also informs them of the use of cookies.

4. the controller shall use state-of-the-art technical means and solutions

organisational arrangements ensuring a high level of protection for the data processed

personal data and protection against unauthorised access

I. CONTROLLER OF PERSONAL DATA

The administrator of the personal data is Sofi Sp. z o.o, based at: Krakow

31-137 ul.Siemiradzkiego 19/1, NIP: 6762501838, Regon: 363748680 (hereinafter: "Owner").

II. PURPOSE OF PROCESSING PERSONAL DATA

1. the Administrator processes the User's personal data in order to:

Processing of orders for products and services. We collect and store personal data voluntarily provided to us in connection with the use of the websites and services. We use the contact and payment information provided to us in order to deliver the products and services that you have ordered on our websites.

2 This means that the data is needed in particular forII.

PURPOSE OF PROCESSING PERSONAL DATA

1 The Administrator processes the User's personal data for the purpose of: Processing orders for products and services. We collect and store personal data voluntarily provided to us in connection with the use of the Websites and services. We use the contact and payment information provided to us in order to provide the products and services that have been ordered on our Websites.

This means that the data is needed in particular for 2/5 a. To conclude a contract; b. To carry out billing; c. To deliver the goods or services ordered by the User

(3) The User may also agree to receive information on news and promotions, which will also result in the controller processing personal data in order to send the User commercial information concerning, among other things, new products or services, promotions or sales.

4 Personal data shall also be processed in the framework of the fulfilment of legal obligations incumbent on the controller and the performance of tasks in the public interest, inter alia, for the performance of tasks relating to security and defence or the storage of tax records.

(5) Personal data may also be processed for the purposes of direct marketing of products, securing and enforcing claims or protecting against claims by the User or a third party, as well as for the marketing of services and products of third parties or for our own marketing which is not direct marketing.

III. TYPE OF DATA

(1) The administrator processes the following personal data, the provision of which is necessary for: a. making purchases via the website: - name; - gender; - delivery address; - telephone number; - e-mail address; b. Optional data provided by the User: - date of birth; - PESEL number (if an invoice is requested); - VAT number (if an invoice is requested for an entrepreneur). 3/5

IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

(1) Personal data shall be processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1-88, hereinafter: the "RODO Regulation".

(2) The Administrator processes personal data only with the prior consent of the User at the time of confirming a transaction made on the website. (3) The granting of consent for the processing of personal data is entirely voluntary, however, the lack of such consent prevents the user from making purchases, via the website.

V. USER RIGHTS

(1) The user may at any time request information from the controller on the extent of the processing of personal data.

(2) The user may request the correction or rectification of his/her personal data at any time.

The User may withdraw his or her consent to the processing of his or her personal data at any time, without giving reasons. The request not to process the data may concern a specific purpose of processing indicated by the User, e.g. withdrawal of consent to receive commercial information, or concern all purposes of data processing. The withdrawal of consent regarding all processing purposes will result in the User's account being deleted from the website, together with all of the User's personal data previously processed by the Administrator. The withdrawal of consent will not affect the activities already carried out.

The user may, at any time, without giving reasons, request the administrator to delete his/her data. The request for deletion of data shall not affect any actions already performed. Deletion of data means the simultaneous deletion of the User's account, together with all personal data stored and processed to date by the administrator.

(5) The User may at any time object to the processing of 4/5 personal data, both with regard to all processing of the User's personal data by the controller, as well as only to a limited extent, e.g. with regard to the processing of data for a specifically indicated purpose. The objection will not affect the activities performed so far. The raising of an objection will result in the deletion of the User's account, together with all personal data stored and processed to date by the administrator.

(6) The user may request the restriction of the processing of personal data, either for a specific period of time or without a time limitation but to a specific extent, which the controller will be obliged to comply with. This request will not affect the activities already carried out.

(7) The User may request that the controller transfers the User's processed personal data to another entity. For this purpose, he/she should write a request to the administrator, indicating to which entity (name, address) the User's personal data should be transferred and which specific data the User wishes the administrator to transfer. After the User confirms his/her request, the administrator will transfer, in electronic form, the User's personal data to the indicated entity. Confirmation of the request by the User is necessary for the security of the User's personal data and to be sure that the request comes from an authorised person.

(8) The Administrator shall inform the User of the action taken, within one month of receiving one of the requests mentioned in the previous paragraphs.

VI. RETENTION PERIOD OF PERSONAL DATA

(1) As a general rule, personal data shall only be stored for as long as necessary to fulfil the contractual or statutory obligations for which it was collected. The data will be deleted immediately when storage is no longer necessary, for evidential purposes, in accordance with civil law or in connection with a statutory retention obligation.

(2) The information, which relates to the contract, shall be stored for evidence purposes for a period of three years, starting from the end of the year in which the business relationship with the User was terminated. Deletion of the data will take place after the expiry of the statutory limitation period for the assertion of contractual claims.

(3) Furthermore, the administrator may retain archival information concerning the concluded transactions, as their storage is related to the user's claims, e.g. under warranty.

(4) If no contract has been concluded, between the User and the Owner, 5/5 the User's personal data is stored until the deletion of the User's account on the website. The deletion of the account may take place as a result of a request by the User, withdrawal of consent to the processing of personal data, or objection to the processing of such data.

VII. OUTSOURCING DATA PROCESSING TO OTHER ENTITIES

(1) The administrator may entrust the processing of personal data to entities cooperating with the administrator to the extent necessary for the completion of the transaction, e.g. for the preparation of the ordered goods and delivery of shipments or the transmission of commercial information originating from the administrator (the latter applies to Users who have agreed to receive commercial information).

(2) Other than for the purposes indicated in this Privacy Policy, the Users' personal data will not be shared in any way with third parties or transferred to other entities for the purpose of sending marketing material to these third parties.

(3) The personal data of Website Users shall not be transferred outside the European Union. 4 This Privacy Policy complies with the provisions arising from Article 13(1) and (2) of the RODO Regulation.

4 This Privacy Policy complies with the provisions arising from Article 13(1) and (2) of the RODO Regulation.

en_GBEnglish
pl_PLPolish arArabic en_GBEnglish