1. GENERAL PROVISIONS
- The administrator of personal data collected via the Online Store is LAST by Katarzyna Janocha company, hereinafter referred to as the “Administrator” and who is also the Online Store Service Provider and the Seller.
- The personal data of the Customer and the Customer are processed in accordance with the Personal Data Protection Act of August 29, 1997 (Journal of Laws 1997 No. 133, item 883, as amended) (hereinafter: the Personal Data Protection Act) and the Act on providing electronic services of July 18, 2002 (Journal of Laws 2002 No. 144, item 1204, as amended).
- The administrator takes special care to protect the interests of the data subjects and, in particular, ensures that the data they collect are processed in accordance with the law; collected for specified, legitimate purposes and not subject to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form allowing identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.
- All words, expressions and acronyms appearing on this page and beginning with a capital letter (eg Seller, Online Shop, Electronic Service) should be understood in accordance with their definition contained in the Online Store Regulations available on the Online Store website.
2. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECEIVERS
- Each time the purpose, scope and recipient of data processed by the Administrator results from actions taken by the Customer or the Customer in the Online Store. For example, if the Customer selects a personal collection instead of a courier parcel during the order placement, her/his personal data will be processed in order to conclude and execute the Sales Agreement, but they will no longer be made available to the carrier performing the shipment at the request of the Administrator.
- Possible goals of collecting personal data of Customers or Customers by the Administrator: conclusion and implementation of a Sales Agreement or contract for the provision of Electronic Services (e.g. Account); direct marketing of the Administrator’s own products or services.
- Possible recipients of personal data of Customers of the Online Store: in the case of a Customer who uses the courier delivery method in the Online Store, the Administrator provides the Customer’s personal data collected to a selected carrier or intermediary performing the shipment at the request of the Administrator; in the case of a Customer who uses the Online Store with the method of payment by credit card, the Administrator provides the Customer’s personal data collected to the selected entity servicing the above payments in the Online Store.
- The Administrator may process the following personal data of the Customers or Clients using the Online Store: name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, zip code, city, country), address of residence / business / seat (if different from delivery address). In the case of Clients or Customers who are not consumers, the Administrator may additionally process the company’s name and tax identification number (NIP) of the Customer or the Customer.
- Providing personal data referred to in the point above may be necessary to conclude and implement the Sales Agreement or contract for the provision of Electronic Services in the Online Store. Each time the scope of data required to conclude a contract is indicated previously on the Online Store website and in the Online Store Regulations.
3. COOKIES AND OPERATING DATA
- Cookies (cookies) are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (eg on the hard drive of the computer, laptop or on the smartphone’s memory card – depending on which device is used visiting our Online Shop). Detailed information about cookies as well as the history of their creation can be found, among others here: http://en.wikipedia.org/wiki/HTTP_cookie.
- The Administrator may process data contained in Cookies when users use the Online Store for the following purposes: identification of the Registered Users as logged in to the Online Store and showing that they are logged in; memorizing Products added to the basket in order to place an Order; remembering data from completed Order Forms, surveys or login details to the Online Store; adjusting the content of the Online Store’s website to the individual preferences of the Service Recipient (eg regarding colors, font size, page layout) and optimizing the use of Online Store websites; keeping anonymous statistics showing how to use the Online Store website.
- By default, most web browsers available on the market accept cookies by default. Everyone has the possibility to define the terms of using cookies using the own browser’s settings. This means that you can, for example, partially restrict (eg temporarily) or completely disable the option of saving cookies – in the latter case, however, it may affect some functionalities of the Online Store (for example, it may not be possible to pass the order path through the Order Form due to for not memorizing the Products in the basket during the next steps of submitting the Order).
- Detailed information on changing cookies settings and their self-removal in the most popular web browsers are available in the help section of the web browser.
- The Administrator also processes anonymised operational data related to the use of the Online Store (so-called logs – IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store. Logs are not disclosed to third parties.
4. BASIS OF DATA PROCESSING
- Providing personal data by the Service Recipient or Customer is voluntary, but failure to provide the personal data required in the Online Store and in the Online Store Regulations to conclude and execute the Sales Agreement or contract for the provision of Electronic Services results in the inability to conclude this Agreement.
- The basis for the processing of personal data of the Customer or the Customer is the need to perform the contract to which she/he is a party or to take action on its request before its conclusion. In the case of data processing for direct marketing of the Administrator’s own products or services, the basis for such processing is (1) prior consent of the Customer or Client or (2) fulfillment of legally justified purposes carried out by the Administrator (in accordance with Article 23 paragraph 4 of the Act on personal data protection) legally justified purpose is in particular the direct marketing of the Administrator’s own products or services).
5. THE RIGHT TO CONTROL, ACCESS THEIR CONTENT AND MAKE IMPROVEMENT
- The Service Recipient or the Customer has the right to access their personal data and correct it.
- Each person has the right to control the processing of data related to him, contained in the Administrator’s data file, in particular the right to: request supplementing, updating, rectifying personal data, temporary or permanent suspension of their processing or their removal if they are incomplete, out of date, false or have been collected in violation of the Act or are no longer necessary to achieve the purpose for which they were collected.
- If the Customer or the Customer grants consent to the processing of data for direct marketing of the Administrator’s own products or services, the consent may be revoked at any time.
- In the event that the Administrator intends to process or process data of the Service Recipient or Customer for direct marketing of the Administrator’s own products or services, the data subject is also entitled to (1) submit a written motivated request to cease processing of his data due to its special situation or (2) object to the processing of its data.
6. GOOGLE ANALYTICS
- The administrator uses Google Analytics services provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA), services This service helps the Administrator analyze how to use the Online Store.
- Information obtained through cookies is stored on servers used by Google Inc, including in the United States. If you activate the anonymisation of an IP address while using the Online Store, the IP address will be shortened even in the Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to the United States and shortened there.
- At the request of the Google Inc. Administrator will use this information to evaluate the use of the Online Store by the User, create reports on website traffic and provide other services related to the use of e-Store.
- The data collected is processed as part of the above services in an anonymised way (these are so-called operational data that make it impossible to identify a person). These data are aggregate and anonymous, i.e. they do not contain features identifying people using the Online Store.
- It is also possible to generally prevent the transmission of data from the User’s device to Google Analytics using cookies (including IP forwarding) by downloading the browser plug-in available from Google Inc. at the following address and installing it: https://tools.google.com / dlpage / gaoptout? hl = en
Detailed information about the principles under which the above services operate, including the principles of data collection and processing are available here: www.google.com/intl/pl/policies/privacy/partners/.
7. FINAL PROVISIONS
- The Administrator uses technical and organizational measures to ensure that personal data being processed is protected against hazards and categories of data protected, in particular, protects data against unauthorized access, being taken by an unauthorized person, processing in violation of applicable laws and changes, loss, damage or destruction.
- The Administrator appropriately provides the following technical measures to prevent the collection and modification of personal data sent electronically by unauthorized persons:
- Securing the data set against unauthorized access.
- Access to the Account only after providing an individual login and password.
- SSL certificate.
- COOKIES: The Website of the Service Provider uses “cookies”. The lack of changes in the browser settings on the part of the Client is tantamount to consenting to their use. The installation of “cookies” is necessary for the proper provision of services on the website. The “cookies” files contain information necessary for the proper functioning of the website, in particular those requiring authorization. The website uses the following types: a. Session cookies. “Session cookies” are temporary files that are stored in the end device of the User for the time of logging out (leaving the website). The user has the right to decide on the access of “cookies” to his computer by selecting them in the window of his browser. Detailed information about the possibilities and ways of handling “cookies” are available in the software (web browser) settings.
- The administrator of your personal data is LAST by Katarzyna Janocha with its registered office in Warsaw at Zajecza 7/1 providing personal data is voluntary, but determines the possibility of making a purchase; you have the right to access your data and rectify it, delete it, and limit processing.
- The given data will be processed on the basis of art. 6 par. 1 lit. b and in accordance with the General Data Protection Regulation; personal data will be transferred to the entities that process data on our behalf and to the companies delivering the parcels personal data will be stored until the expiry of the limitation period for claims under the concluded contract or for the period required by separate regulations regarding tax and accounting obligations – depending on which period ends later; you have the right to lodge a complaint with the President of the Office for the Protection of Personal Data.
- In order to exercise the rights, the person whose data relates can send an appropriate e-mail to the following address: (office(at)last-skincare.com).
- Providing personal data is voluntary, but conditions the possibility of receiving the newsletter; you have the right to access your data and rectify it, delete it, limit processing, the right to transfer data, the right to withdraw your consent at any time without affecting the lawfulness of processing.
- The given data will be processed on the basis of art. 6 par. 1 point a) and in accordance with the General Data Protection Regulation for the purpose of sending a newsletter; personal data will be transmitted to the data processor on behalf of us outside the EEA based on a decision of the European Commission; personal data will be kept until you opt out of receiving the newsletter; you have the right to lodge a complaint to the President of the Office for the Protection of Personal Data; In order to exercise the rights, the person whose data relates can send an appropriate e-mail to the following address: (office(at)last-skincare.com) or click the deactivation link.
- We use Mailchimp as our marketing platform. By clicking to subscribe to newsletter, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.
11. RECRUITMENT PROCESSES
- Providing personal data is voluntary and conditions the possibility of participation in recruitment; you have the right to access your data and rectify it, delete it, limit processing, The data provided will be processed pursuant to art. 6 par. 1 lit. b and c RODO. personal data will be transferred to the entities processing data on our behalf; personal data will be stored until you resign from participation in recruitment or finish the recruitment process; you have the right to lodge a complaint to the President of the Office for the Protection of Personal Data; In order to exercise the rights, the person whose data relates can send an appropriate e-mail to the following address: (office(at)last-skincare.com).