1. GENERAL PROVISIONS
1.2. Personal data Administrator, gathered by the E-Shop, is MATEUSZ TOMASZEWSKI running business activity under the business name D.H.U. TOMASZEWSKI MATEUSZ TOMASZEWSKI entered into the Central Registration and Information on Business of the Republic of Poland carried by the competent minister in charge of economy, having: company address, Zana 7 street, 44-270 Rybnik, NIP 6422841601, REGON 240505441 address for service: AvenueCosmetics.com, Orzechowa 8 street, 44-270 Rybnik and e-mail address: firstname.lastname@example.org hereinafter referred to as the „Administrator” who is also the E-Shop Service Provider and the Seller.
1.3. Personal Data of the Service Provider and Customers is processed in accordance with the Act of 29 August 1997 on the Protection of Personal Data (Journal of Laws [Dz.U] 1997 no. 133 item 883 as amended). (hereinafter referred to as: the Act on the Protection of Personal Data) and the Act of 18 July, 2002 on Providing Services by Electronic Means (Journal of Laws [Dz.U.] 2002 no. 144 item 1204 as amended).
1.4. The Administrator exercises due diligence in order to secure the interest of the people whose the data concern, especially assures that the data gathered by him is processed according to the relevant laws; is gathered for particular, lawful purposes and not further processed in a way that is incompatible with those purposes; is substantially correct and adequate to the purposes for which it is being processed and stored in the form allowing for identification of the people the data concerns, not longer than it is necessary to reach the aim of processing.
1.5. All and every word, expression and acronym used on the webpage and beginning with a capital letter (e.g. Seller, E-Shop, E-Service) should be understood according to their definition presented in the Terms and Conditions of the E-Shop, which is available on the E-Shop web page.
2. AIM AND SCOPE OF DATA COLLECTION AND THE DATA RECEIPIENTS
2.1. From time to time, the aim, the scope and the recipients of the data processed by the Administrator arises from the activities undertaken by a Client or a Customer in the E-Shop. For example, if a Customer making an order chooses personal collection instead of a carrier delivery, his personal data will be processed for the purpose of concluding and implementing the Contract for Sale, but will not be accessible to the carrier who renders services for the benefit of the Administrator.
2.2. Possible purposes of Clients and Customers' data collection by the Administrator:
2.2.1. conclusion and performance of the Contract for Sale or contract for Provision of Electronic Communication Services (e.g. an Account)
2.2.2. direct marketing of the Administrator's products and services.
2.3. Possible recipients of Customers' personal data:
2.3.1. Should a Customer choose a postal or carrier delivery, the Administrator gives access to the Customer's personal data to the chosen carrier or the agent who makes deliveries on the Administrators' order.
2.3.2. Should a Customer choose a card or e-payment to pay for the good in the E-Shop, the Administrator gives access to the collected data to a chosen party that processes the payment in the E-Shop.
2.4. The Administrator can process the following data of the E-Shop's Clients and Customers: name and surname; e-mail address; contact phone number; delivery address (street, house no., flat no., post code, city/town, country), domicile/ company address/ address of the company seat (if different than the delivery address). In case of Clients or Customers who are not consumers, the Administrator can process additionally Clients or Customers' company name and the tax identification number (NIP).
2.5. Providing the abovementioned data can be necessary to conclude and perform the Contract for Sale or the Contract to Provide Electronic Service in the E-Shop. The scope of data necessary to conclude the contract is indicated hereinbefore on the E-Shop web page and in the Terms and Conditions.
3. COOKIES AND PERFORMANCE DATA
3.1. Cookie files (cookies) are small bits of information in a form of text files send by a server and saved on the side of a person who visits the E-Shop web page (e.g. on the hard drive of a PC or a laptop computer or memory card of a smartphone - depending which device is used by the E-Shop visitor). Detailed information about Cookie files, as well as its history can be found, for example here: https://pl.wikipedia.org/wiki/HTTP_cookie
3.2. Administrator can process data included in Cookie files, while visitors are using the E-Shop. The purpose of the process is to:
3.2.1. identify Clients as Customers logged into the E-Shop and show them as logged in;
3.2.2. save Products that have been put into the basket to make an Order;
3.2.3. save the data used to fill in the Order Form, questionnaires or login data to the E-Shop;
3.2.4. adjust the E-Shop's web page to the individual preferences of the Client (e.g. concerning colour, font size, layout) and to optimize its usage.
3.2.5. prepare anonymous statistics presenting the way the E-Shop web page is used.
3.3. Majority of Internet browsers available on the market accept Cookie files by default. However, everybody has the possibility to set rules for Cookie files usage in the browser's settings. It means that you can, for example, partially restrict Cookies (e.g. temporarily) or switch off the possibility to save such files completely. The last choice could however, influence some of the E-Shop's functions (e.g. you will not be able to make order due to the fact the Order Form did not save the bag's content in the next steps of the Order making process).
3.4. Cookies settings in an Internet browser facilitate file usage by the E-shop. According to the law such a consent can be expressed also by Internet browser's settings. Should you refuse to give the consent, the Internet browser settings concerning the Cookie files need to be changed appropriately.
3.5. Detailed information on Cookie files Settings and its manual deletion, can be accessed in the help section of an Internet browser and on the following web sites (just click the link):
3.6. The Administrator also processes anonymised performance data concerning the E-Shop usage (i.e. logs - IP address, domain), in order to generate statistics that help in the E-Shop administration. Such data is of collective and anonymous nature, i.e. it does not contain any features characterising a particular person visiting the E-Shop web page. Logs are not disclosed to the third parties.
4. GROUNDS FOR DATA PROCESSING
4.1. It is voluntary for Clients or Customers to give the personal data however, failure to provide data designated on the E-Shop web page and the Terms and Conditions, results in the inability to conclude and render the Contract for Sale or contract for the Provision of Electronic Communication Services.
4.2. We may use your e-mail address to send you information about products or services that are the same as or similar to those that you have ordered from us and that we think you may find useful. We will do so only if you have indicated that you do not object to being contacted for these purposes. At
any stage you have the right to ask us to stop using your personal data for direct marketing purposes by contacting with us or using the function of deregistration in marketing e-mail.
4.3. Newsletter - using the Newsletter service commences at the moment of providing an e-mail address to which the succeeding editions of the Newsletter are to be sent, and clicking the action field. The abovementioned activities should be performed after choosing the "Newsletter" tab. One can sign up for a Newsletter also by clicking the right checkbox while creating an Account or making an Order - a Customer is signed up for the Newsletter upon creating an Account or making an Order.
4.3.1. Newsletter, an Electronic Service, is rendered free of charge, for an indefinite period of time. It is possible for a Customer to sign out from the Newsletter (resignation), at any time and without giving reasons thereof, by sending an appropriate request to the Service Provider. It can be done, in particular, by sending an e-mail to the following e-mail address: info@AvenueCosmetics.com, or using the function of deregistration in marketing e-mail.
5. THE RIGHT TO CONTROL, ACCES TO PERSONAL DATA AND ITS CORRECTION
5.1. Clients or Customers hold the right to access and correct their personal data.
5.2. Each person has the right to control processing of their data, included in the Administration base, especially to: demand completion, update or correction of their personal data, temporary or permanent suspension of its process or its deletion, should they be incomplete, out-of-date, false or were collected with violation of the act, or no longer serve the purpose of its collection.
5.3. Should Clients or Customers give their consent to render their personal data for the purpose of direct marketing of the Administrator's own products and services, the consent may be withheld at any time.
5.4. Should the Administrator intent to process or processes Client or a Customer's personal data for the purpose of direct marketing of the Administrator's own products or services, the person who is the data subject is also entitled to (1) submit a written, grounded demand for his/her personal data processing to be discontinued due to his/her specific situation or to (2) challenge the data processing.
6. FINAL PROVISIONS
6.2. The Administrator uses technical and organisational means to provide an adequate level of security of the processed personal data against threats and depending of the category of the data under security it is included in. The Administrator especially secures the data against being disclosed to or obtained by an unauthorised person, processed in breach of the governing provisions and changed, lost, damaged or destroyed.
6.3. The Administrator facilitates the following technical means preventing the personal data, sent by an e-mail, from being accessed and modified by unauthorised people:
6.3.1. Safeguarding the data set against unauthorised access,
6.3.2. Access to an Account only upon providing an individual login and password.