PRIVACY AND COOKIES POLICY
I. General provisions
1. The administrator of personal data of persons (hereinafter referred to as Users) using the website www.pizzanova.com.pl (hereinafter referred to as the Website) is Drukarnia bis s.c. with registered office in Łódź (90-102), 78 Piotrkowska Street, NIP: 7252074349; REGON: 101746098; e-mail address: pizzanova@pizzanova.com.pl; telephone: 517873461; hereinafter referred to as the Administrator, Drukarnia bis.
2. Users' personal data are collected and processed in accordance with: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC, hereinafter: RODO, the Act of 10 May 2018 on the protection of personal data and other generally applicable data protection legislation that supplements and/or implements RODO.
3. Any capitalized words or expressions in the content of this Privacy Policy shall be understood in accordance with their definitions contained in the Terms of Service.
4. This Privacy Policy applies to the website at ... with all its subpages and applies to each User using the Service.
5. The Website may contain links to other websites operated by other organisations, which have their own privacy policies. The Administrator recommends that after navigating to other sites, one should familiarise oneself with the regulations and privacy policy in force there, including cookies.
6. The Administrator makes every effort to protect the privacy of Users. The Administrator shall apply the precautions required by law to ensure that all data, including personal data, provided by Users is protected against loss, destruction, disclosure, access by unauthorised persons and misuse.
II. Data processing in connection with the use of the Website, purposes and legal basis of data processing
In connection with the use of the Website by Users, the Administrator collects data to the extent necessary for the provision of the services offered, as well as information on User activity on the Website. The detailed principles and purposes of the processing of personal data collected during the use of the Website by Users are described below.
1. Personal data is used for the purpose for which it was provided by Users. To a broader extent, it may only be used for statutory and other legitimate purposes. In particular, Users' personal data are processed on the following legal bases:
1.Article 6(1)(b) RODO - processing is necessary for the performance of a contract or to take appropriate steps prior to entering into a contract;
2.Article 6(1)(f) RODO - processing is necessary for purposes relating to the legitimate interests of the Administrator;
3.Article 6(1)(c) RODO - processing is necessary for compliance with a legal obligation to which the Controller is subject or which is otherwise lawful under applicable data protection legislation;
4.Article 6(1)(a) RODO - processing based on the consent given by the User.
1.Depending on what activities Users undertake on the Website, the Administrator may use Users' personal data for the following purposes:
1.provision of services by electronic means (within the scope of making available to Users the content collected on the Website),
2.provision of services connected with maintenance and operation of the Account on the Website and the Order Form,
3.proper execution of the Sales Agreement for Products offered on the Website,
4.provision of the Newsletter service,
5.marketing,
6.keeping records and accounting documentation,
7.possible establishment and investigation of claims or defence against them,
8.analytical and statistical research, market research and research into User behaviour and preferences, with the results of such research being used to improve the quality of the services provided.
III. Scope of data collection
The type of personal data collected depends on the relationship between the Users and the Administrator and the Services provided to the Users. The Administrator may collect the following personal data:
1.Name, e-mail address, postal address and telephone number,
2.Account credentials, such as passwords and other security data used for authentication and access purposes,
3.Financial information, such as bank account, credit or debit card numbers for payment processing,
4.Activity information, such as information about Users' activities in navigating the Service and information about their desire to place an order on the Service, wish list, preferences, interests, etc. Other information provided by Users through the Service,
5.Computer and other device information and connection information, such as IP address, browser type and version, and location.
IV. Method of data collection
1.The Administrator collects personal data from the following sources:
1.data provided voluntarily by Users;
2.data from third parties, such as information from third party websites or other information that has been made available by Users for public inspection or information provided by third parties,
3.through automated tracking technologies from which it obtains automatically collected information about Users' interactions with the Website Services, through technologies such as cookies, logs, web beacons and web tags.
2.The provision by the User of data marked as mandatory on the Website is required for the performance of the Service in question, and failure to provide such data will result in the impossibility of performing the Service. The provision of other data is voluntary and does not affect the performance of the Service.
V. Disclosure of data
1.The User's personal data shall be made available to external entities only to the extent permitted by law.
2.User's personal data is made available to service providers used by the Administrator in running the Service, among others to suppliers providing hosting services, accounting services, legal services, suppliers of marketing systems, systems for analysing traffic on the Service, systems for analysing the effectiveness of marketing campaigns, entities providing postal and courier services, and other entities authorised by law.
3.The Administrator also uses the services of suppliers who themselves determine the purposes and uses of Users' personal data. They provide, among others, electronic payment and banking services.
4.The service providers with whom the Administrator cooperates are based mainly in Poland and in other countries of the European Economic Area (EEA).
5.The Administrator transfers personal data outside the EEA only when necessary and with an appropriate level of protection, primarily by:
1.cooperating with processors of personal data in countries for which a relevant decision of the European Commission has been issued regarding the determination of an adequate level of personal data protection;
2.the use of standard contractual clauses issued by the European Commission;
3.use of binding corporate rules approved by the competent supervisory authority;
application of the provisions of Article 46(2) of the RODO.
1.In the case of a request, the Administrator shall make personal data available to authorised state authorities, in particular to organisational units of the Prosecutor's Office, the Police, the President of the Office for Personal Data Protection, the President of the Office for Competition and Consumer Protection or the President of the Office of Electronic Communications.
VI. Period of data processing
1.The period of data processing by the Administrator depends on the type of service provided and the purpose of the processing. As a rule, the data shall be processed for the duration of the service provision or order processing, until the withdrawal of the consent given or until an effective objection to the data processing is raised in cases where the legal basis of the data processing is the legitimate interest of the Administrator.
2.The period of data processing may be extended where the processing is necessary for the establishment and assertion of possible claims or the defence against claims, and thereafter only if and to the extent required by law. After the expiry of the processing period, the data shall be irreversibly deleted or anonymised.
VII. Users' data protection rights.
1.Users have the following rights:
1.the right of access to their personal data (Article 15 RODO), including obtaining a copy of the data (Article 15(3) RODO),
2.the right to rectify (amend) or complete incomplete personal data (Article 16 RODO),
3.the right to request the erasure of personal data in cases provided for by law (Article 17 RODO),
4.the right to request the restriction of the processing of your personal data (Article 18 RODO),
5.the right to receive your data in a structured commonly used format and to have it ported when the processing is based on your consent and when the processing is carried out by automated means (Article 20 RODO),
6.the right to object to the processing of personal data where the processing is carried out for the legitimate interest of the Controller, on grounds relating to a particular situation (Art. 21 RODO),
7.in cases where the processing of data is based on the consent given, Users have the right to withdraw the consent given at any time, but without affecting the lawfulness of the processing before its withdrawal.
8.in cases where the processing of the User's personal data is considered to be in breach of the provisions of the RODO, the User has the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection, based in Warsaw. Details on how to lodge a complaint can be found on the website of the DPA, at: https://uodo.gov.pl/pl/83/155.
1.The request to exercise the above-mentioned rights can be made in writing to: Pizzanova, ul. Piotrkowska 78, 90-102 Łódź, by e-mail to: pizzanova@pizzanova.com.pl
2.The request will be answered within one month of its receipt. If it is necessary to extend this period, the Administrator shall inform the requester of the reasons for this action.
3.Where the request has been addressed to the Administrator electronically, a response shall be provided in the same form, unless the applicant has requested a response in a different form. In other cases, the response shall be given in writing. Where the timing of the request makes it impossible to respond in writing and the extent of the applicant's data processed by the Administrator allows for electronic contact, the response shall be provided electronically.
4.The Controller shall store information concerning the request made and the person who made the request, in order to ensure that compliance can be demonstrated and for the purpose of establishing, defending or asserting possible claims by data subjects. The log of requests shall be stored in a manner that ensures the integrity and confidentiality of the data contained therein.
VIII. Information about cookies.
1.The Website uses cookies.
2.Cookies (so-called "cookies") are IT data, in particular text files, which are stored in the Service User's terminal equipment and are intended for use on the Website. Cookies usually contain the name of the website from which they originate, the time of storing them on the terminal equipment and a unique number.
3.The Administrator is the entity placing and accessing cookies on the terminal equipment of Service User.
4. Cookies are used for the following purposes:
1.creating statistics, which help to understand how users of the Website use websites, which enables improving their structure and content;
2.maintaining a session of the Website user (after logging in), thanks to which the User does not have to re-enter his/her login and password on each subpage of the Website;
3.determining a profile of a User in order to display him/her customised materials in advertising networks, in particular the Google network.
1.The Website uses two basic types of cookies: "session" cookies and "permanent" cookies (persistent cookies). "Session" cookies are temporary files that are stored on the User's terminal equipment until they log out, leave the website or switch off the software (web browser). "Permanent" cookies are stored on the User's terminal device for the time specified in the parameters of the cookies or until they are deleted by the User.
2.The web browsing software (web browser) usually allows the storage of cookies on the User's terminal device by default. The User can change the settings in this respect. The web browser allows the User to delete cookies. It is also possible to block cookies automatically. Please refer to the help or documentation of your Internet browser for details.
3.Restrictions on the use of cookies may affect some of the functionalities available on the Website.
4.Cookies placed on a User's terminal equipment may also be used by advertisers and partners cooperating with the Website Operator.
5.It is recommended to read the privacy policy of these entities to learn about the principles of using cookies used in statistics.
6.Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the User's use of the Website. For this purpose, they may retain information about the User's navigation path or the length of time they stay on a particular page.
7.With regard to the information on User preferences collected by the Google advertising network, the User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
IX. Server Logs.
1.Information about certain behaviour of Users is subject to logging at the server layer. This data is used exclusively for the administration of the Website and to ensure the efficient operation of the hosting services provided.
2.The resources viewed are identified by URLs. In addition, the following may be recorded:
1.time of arrival of the request,
2.the time of sending the response,
3.the name of the user station - identification via the HTTP protocol,
4.information about errors which occurred during the HTTP transaction,
5.URL address of a page previously visited by the User (referer link), if the Website was accessed via a link,
6.information about your browser,
7.information about your IP address.
1.The above data is not associated with specific visitors.
2.The above data is used only for the purpose of server administration.
X. Cookie management
1.If the User does not wish to receive cookies, they can change their browser settings. Disabling cookies necessary for authentication processes, security, maintenance of user preferences may make it difficult and, in extreme cases, impossible to use the Website.
2.In order to manage cookie settings, the User should select the appropriate web browser/system and follow the instructions contained in its settings.
XI. Final provisions
1.This Privacy Policy shall enter into force on 1.12.2020.
2.The Administrator shall be entitled to amend the provisions of the Privacy Policy for important reasons, in particular in the event of: extending or changing the functionality of the Service, introducing new services or changing the scope of services; the need to make changes to the Privacy Policy of a technical nature that do not affect the content of the rights and obligations of Users, in particular the removal of mistakes, errors and typos and the need to adapt the Privacy Policy to the applicable law.
3.Notice of changes to the Privacy Policy shall be given by posting information about the change to the Privacy Policy on the Website.