GENERAL PROVISIONS 1.
The administrator of personal data collected via the Online Store is
MOOD NOOK sp. z o.o.
Juliusza Słowackiego 35
. e-mail address: email@example.com - hereinafter referred to as the "Administrator" and being at the same time the Online Shop Service Provider and the Seller.
2. Recipient personal data is processed in accordance with the GDPR.
3. The Administrator shall pay particular attention to protect the interests of data subjects, and in particular shall ensure that the data collected is processed in accordance with the law; collected for specified, lawful purposes and not subjected to further processing in a way incompatible with the intended purposes; correct and adequate in relation to the purposes for which it is processed and stored in a form enabling to identify the persons it is related to, no longer than it is necessary to achieve the purpose of the processing.
All words, expressions and acronyms on this webpage starting with a capital letter (e.g. Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Regulations of the Online Store available in the Regulations section.
PURPOSE AND SCOPE OF DATA COLLECTION
1. The purpose of collecting personal data by the Administrator is:
1.1. Establishing, shaping content, changing, executing, or terminating the contractual relationship between the Service Provider (Seller) and the Customer (Client) consisting in the provision of Electronic Services via the Online Store or concluding and implementation of the Product Sales Agreement and delivery to the Customer.
1.2. Direct marketing of the Administrator's own products or services.
2. In the case of Customers who use the services delivering the Product to the Customer, the Administrator provides the collected personal data of the Customers to the extent necessary for delivery by the selected carrier:
2.1. Apaczka and DPD Polska Sp. z o.o. with its registered office in Warsaw (address: ul. Mineralna 15, 02-274 Warsaw) number in the Register of Entrepreneurs KRS: 0000028368.
3. In the case of Clients who use electronic payments or a payment card, the Administrator transfers the collected personal data of Customers only to the intermediary chosen by the Customer and only to the extent that is necessary for the Customer to perform the payments via that intermediary. The intermediary available in the Online Store is:
3.1. Dotpay SA, with its registered office in Kraków, 30-552 Kraków, at 72 Wielicka St., registered by the District Court for Kraków-Śródmieście in Kraków, 11th Commercial Division of the National Court Register under number 0000296790, with NIP number 634-26-61-860, NIP EU PL6342661860, REGON no. 240770255
4. The Administrator processes the following personal data of the Customers: name and surname; e-mail address; contact phone number; address (street, house number, apartment number, zip code, city, country). In the case of Clients (Customers) who are not also consumers, the Administrator additionally processes the company name and the tax identification number (NIP).
5. Providing personal data mentioned in p. 2.4. is necessary to provide the Electronic Services by the Service Provider as part of the Online Store or conclude a Product Sales Agreement.
COOKIES AND OPERATING DATA
1. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (e.g. on the hard drive of a computer, laptop, or on the smartphone's memory card – depending on which device is used for visiting our Online Store). Detailed info concerning Cookies and the history of their creation can be found at: https://en.wikipedia.org/wiki/HTTP_cookie
2. The Service Provider processes the data contained in Cookies when users use the Online Store website for the following purposes:
2.1 Identifying the Registered Users as logged in to the Online Store and showing that they are logged in;
2.2. remembering Products added to the cart in order to place an Order;
2.3. remembering data filled out in Order Forms, surveys or login details to the Online Store;
2.4. adjusting the content of the Online Store's website to the individual preferences of the Service Recipient (for example regarding colors, font size, page layout) and optimizing the use of Online Store websites;
2.5. keeping anonymous statistics showing the manner of using the Online Store website and examining the needs of Clients, excluding the Client's personal identification.
3. As standard, most of the internet browsers available on the market accept saving Cookies by default. You can specify the conditions of using cookies by changing the settings of your web browser. This means that you can, for example, partially restrict (for example temporarily) or completely disable the option of saving cookies on your computer - in the latter case, however, it may affect some functionalities of the Online Shop (for example, it may not be possible to pass the Order path through the Form Orders).
5. Detailed information on changing cookies settings and their self-removal in the most popular web browsers are available in the help section of the web browser and on the following pages (just click on the link):
· in the Chrome browser
· in the Firefox browser
· in the Internet Explorer browser
· in the Opera browser
· in the Safari browser
6. The service provider also collects operating data (so-called logs - IP address, domain) that are stored indefinitely and used to generate statistics helpful in administering the Online Store. This data is collective and anonymous, i.e. does not contain features that identify visitors to the Online Store website. Logs are not disclosed to third parties
BASIS OF DATA PROCESSING
1. The submission of personal data by the Service Recipient/Customer is voluntary, but failure to provide the personal data required to conclude a Sales Agreement or a contract for the provision of Electronic Services indicated in the Regulations shall result in the refusal to conclude the Agreement. Data necessary for the conclusion of the Sale Agreement or contract for the provision of Electronic Services is also indicated in each case on the website of the Online Store before the conclusion of the contract.
2. The basis for processing the personal data of a Service Recipient or Customer is the necessity to perform the contract in which the Customer is a party, or to take action on the Customer's request before its conclusion. In the case of data processing for the purposes of direct marketing of the Administrator's own products or services, the basis for such processing is additionally agreed by the Customer.
THE RIGHT TO CHECK, ACCESS, AND CORRECT PERSONAL DATA
1. The Service Recipient has the right to access his or her personal data and correct it.
2. Every person has the right to control the processing of data concerning them, contained in the database of the Administrator, and in particular the right to request to amend, update, or correct personal data, temporary or permanent suspend its processing or remove if it is incomplete, outdated, untrue or collected in violation of the law, or is no longer necessary for the purpose for which it was collected.
3. In the case of processing data for the purpose of direct marketing of the Administrator's own products or services, the person whom the data concerns is also authorised to submit a written and motivated request to stop processing his or her data due to a particular situation and to object to the processing of his or her data.
4. In order to exercise the rights referred to above, you can use the options in terms of the Account or send a proper message by e-mail to the following address: firstname.lastname@example.org or in writing to the Administrator's address.
2. The Administrator uses technical and organizational measures to protect personal data, appropriate to the risks and category of data being protected, in particular to protect data against their unauthorized disclosure, takeover by an unauthorized person, processing with the violation of existing regulations, alteration, loss, damage or destruction.
3. The service provider provides the following technical measures to prevent the collection and modification by unauthorized persons of personal data sent electronically:
3.1. Securing the data set against unauthorized access.
3.2. Account access only after providing an individual login and password.