Politique de confidentialité

PRIVACY POLICY OF THE WEBSITE

http://sylviacrystals.com

1. For the Owner of this website, protecting the personal data of the Users is a matter of utmost importance. The Owner makes a tremendous effort to ensure that the Users feel safe when they share their personal data while using the website.

2. The User is a natural person, legal person or unincorporated entity with statutory legal capacity using the electronic services available on the website.

3. This privacy policy explains the rules and scope of the processing of the personal data of the Users, their rights and the obligations of the data controller, and it also advises on the use of cookies.

4. The controller uses the latest technical and organisational measures to ensure a high level of security of the processed personal data and protection against unauthorised access.

I. PERSONAL DATA CONTROLLER

The personal data controller is Sylvia Crystals Spółka z ograniczoną odpowiedzialnością with its registered office in/at: ul. Chłodna 51, entered in the Register of Entrepreneurs maintained by the District Court in: Warsaw, Commercial Division, under KRS (National Court Register Number): 0000907008, NIP (tax identification number): 5272961992

(“Owner”).

II.PURPOSE OF PERSONAL DATA PROCESSING

1. The controller processes the personal data of the User for the following purpose:

To correctly manage sales at the store: http://sylviacrystals.com (also referred to as the “Store”)

2. This means that the data are needed, in particular to:

a. create a user account in the Store and subscribe to the newsletter;

b. enter into a contract;

c. make payments;

d. deliver the goods ordered by the User or perform the services;

e. enable the User to exercise all consumer rights (e.g., withdrawal from the contract, implied warranty).

3. The User may also agree to receive information about new products and special offers, in which case the controller will also process the personal data to send commercial information about new products or services, special offers or discounts, among other things, to the User.

4. The personal data are also processed to fulfil the legal obligations of the data controller and perform duties in the public interest, e.g., duties connected with security and defence or the keeping of tax documentation.

5. The personal data may also be processed for the purpose of the direct marketing of the products, establishing and exercising claims or defending against claims of the User or a third party and the marketing of the services and products of third parties or own marketing other than direct marketing.

III.TYPE OF DATA

1. The controller processes the following data, which must be provided to:

a. create a user account in the Store:

 

- first name and last name;

- e-mail address;

b. subscribe to the newsletter:

- e-mail address;

c. make purchases via the website:

- first name and last name;

- sex;

- delivery address;

- phone number;

- e-mail address;

d. Data provided optionally by the User:

- date of birth;

- PESEL number (if the User requests an invoice);

- NIP number (if an entrepreneur requests an invoice).

2. If the User withdraws from the contract, or a complaint is admitted, if the receivables are refunded directly to the bank account of the User, we also process information about the bank account number to make the refund.

IV.LAWFUL BASIS FOR PROCESSING

Personal data are processed according to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive95/46/EC (General Data Protection Regulation), OJ L 119, 4/5/2016, pp. 1–88, hereinafter referred to as: “GDPR”.

We process personal data for the following purposes and according to the following legal grounds (legal basis – Article 6(1)(a–c, f) of the GDPR):

• executing and performing the individual contracts, including the assurance of appropriate service quality – Article 6(1)(b) of the GDPR) – “performance of the contract”,
• fulfilling legal obligations, e.g., issuing and keeping invoices or replying to complaints (legal basis – Article 6(1)(c) of the GDPR) – “legal obligation”,
• exercise claims (legal basis – Article 6(1)(f) of the GDPR) – “legitimate interest”,
• marketing and sending the newsletter if you agree to the use of the data for this purpose (legal basis – Article 6(1)(a) of the GDPR) –“consent”.

Personal data recipients may include entities providing the following services:

• marketing services,
• payment services,
• accounting services,
• legal services,
• logistics services,
• and public authorities to which the personal data are provided under the law.

Where the data are processed based on consent, the controller will process them only after obtaining the User’s consent given at the time of registration on the website or confirmation of a transaction made on the website.

The consent to personal data processing is entirely voluntary, but the refusal to give consent will prevent the User from signing up and making purchases on the website.

V.RIGHTS OF THE USER

1. The User can demand information about the scope of personal data processing at any time.

2. The User can request that the controller correct or rectify their personal data at any time. The User can also do this themselves after logging in to their account.

3. The User can withdraw their consent to the processing of their personal data at any time, without stating the reasons therefor. The request not to process the data may concern a specific purpose of processing indicated by the User, e.g., withdrawing the consent to receive commercial information, or all purposes of data processing. If the consent is withdrawn for all purposes of processing, the User’s account will be deleted from the website, including all personal data previously processed by the controller. The withdrawal of the consent will not affect any activities performed earlier.

4. The User may request that the controller erase their data at any time without stating the reasons therefor. The request to erase the data will not affect any actions already performed. The erasure of the data is equivalent to the simultaneous erasure of the User’s account, including all the personal data saved and processed by the controller by that time.

5. The User can object to personal data processing at any time, both with respect to all the personal data of the User processed by the controller or only to a specific extent, e.g., the processing of data for a specific purpose. The objection will not affect any actions already performed. The objection is equivalent to the simultaneous erasure of the User’s account, including all the personal data saved and processed by the controller by that time.

6. The User may request the restriction of processing of the personal data, either for a specific time or without any time limit but to a specific extent, and the controller will be obliged to comply with the User’s request. The request will not affect any actions already performed.

7. The User may demand that the controller provide the personal data of the User it processes to another entity. To do so, the User should write a request to the controller, indicating the entity (name, address) to which their personal data should be provided and the specific data the User wants the controller to provide. After the User confirms their request, the controller will provide the User’s personal data, in electronic form, to the indicated entity. The User’s confirmation of the request is required due to the security of the personal data of the User and to be certain that the request was submitted by an authorised person.

8. The controller notifies the User of the actions taken within one month of receiving the requests listed in previous paragraphs.

VI.PERSONAL DATA RETENTION PERIOD

 

1. In general, personal data are retained for as long as necessary to fulfil the contractual or statutory obligations for which they were collected. The data will be removed immediately if they do not have to be kept for evidentiary purposes, according to the Civil Law or due to a statutory obligation to keep the data.

2. The information concerning the contract is kept as evidence for a period of three years from the beginning of the year in which the business relationship with the User was terminated. The data will be erased after the lapse of the statutory limitation period for contractual claims.

3. Also, the controller may retain archival information concerning past transactions if they are kept in connection with the claims to which the User may be entitled, e.g., under the implied warranty.

4. If no contract has been signed between the User and the Owner, the User's personal data are kept until the User’s account on the website is deleted. The account may be deleted as a result of the User’s request, withdrawal of consent to personal data processing or objection to the processing of the data.

VII.PROCESSING BY A PROCESSOR

 

1. The controller may share the personal data to be processed by entitiescooperating with the controller, to the extent required for the fulfilment of the transaction, e.g., to prepare the ordered goods and deliver packages or provide commercial information from the controller (the latter applies to Users who have consented to receive commercial information).

2. In addition to the purposes indicated in this Privacy Policy, the personal data of the Users will not in any way be provided to third parties or other parties in order to send the marketing materials of such third parties.

3. This Privacy Policy is consistent with the provisions of Article 13(1) and (2) of the GDPR.

 

VIII. COOKIES

The entity placing information in the form of cookies on the terminal device of the Customer (e.g., computer, laptop, smartphone or Smart TV) and obtaining access to the cookies is the controller.

Cookies are pieces of IT data, small text files sent by the server and saved on the device of the user of our website (e.g., on the hard drive of the computer, laptop or memory card of the smartphone).

Cookies usually contain the name of the domain of the website they are taken from, the time of storage on the terminal device and a unique number. Cookies are not used to identify the Customers or determine their identity.

WHY WE USE COOKIES

We use cookies to:

• customise the content of our website to the preferences of the Customer and improve the use of the website; e.g., cookies can be used to identify the Customer’s device and correctly display the website in a way customised to the Customer’s individual needs – e.g., in the relevant language;
• show advertisements in such a way that they are customised to the Customer’s interests or their place of residence (personalised advertising) and with a guarantee of preventing the repeated display of the same advertisement to the Customer;
• to improve the performance of the website and make it easier to use.
• Cookies used by the website are safe and do not affect the configuration of the device or software of the Customer.

TYPES OF COOKIES

The page uses the following types of Cookies:

• “session” cookies – temporary files stored on the Customer’s terminal device until they log out, leave the web page or close their web browser;
• “persistent” cookies – stored on the terminal device of the Customer for the period specified in their parameters or until they are deleted by the Customer.

COOKIE MANAGEMENT

The web browser usually permits storing cookies on the Customer’s terminal device by default.

Website users may change the cookie settings at any time.

The failure to do so means that the information mentioned above may be placed and kept on their terminal devices and that we will thus keep information on the terminal device of the Customer and access it. The Customer can manually manage cookies via the web browser they use. The most popular browsers offer the option to:

• Accept cookies, which enables the Customer to fully use the options offered by the websites;
• Manage cookies for individual websites selected by the Customer;
• Define settings for different cookie types, e.g., accepting persistent cookies, session cookies, etc.;

Blocking or deleting cookies.

The Customer can change the settings of their web browser. If the Customer restricts or disables cookies and other similar technologies, this may affect certain functions available on the website.

Additional information about Cookies and other technologies can be found on websites such as youronlinechoices.com or in the Help section in the browser menu.

LINKS TO OTHER WEBSITES

The website may contain links to other websites. The controller is not liable for the privacy policies of such websites. We suggest reading the privacy policy of such other websites after leaving our website.