ONLINE SHOP PRIVACY POLICY

I. General information

This policy applies to the website, functioning at the url: roomgaga.pl
The Operator of the service and the Administrator of personal data is: RG Maciej Jędrzejczak
Osiedle Rusa 126/38 61-245 Poznań, Poland.
Operator’s e-mail contact address: shop@roomgaga.pl
The Operator is the Administrator of your personal data in relation to the data provided voluntarily in the Service.
The Service uses your personal data for the following purposes:
Preparation, packing, shipment of goods
Performance of ordered services
Debt collection
The service performs the functions of obtaining information about users and their behaviour in the following way:
Through the data voluntarily entered in the forms, which are entered into the Operator’s systems.
By storing cookies (so-called “cookies”) in the terminal equipment.

II. Selected data protection methods used by the Operator

The places for logging in and entering personal data are protected in the transmission layer (SSL certificate). This ensures that the personal and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
Personal data stored in the database is encrypted in such a way that only the operator holding the key can read it. This protects the data in case the database is stolen from the server.
The Operator periodically changes his administrative password.
In order to protect the data, the Operator regularly makes security copies.
An important element of data protection is regular updating of all software used by the Operator for personal data processing, which in particular means regular updates of programming components.

III. Hosting

The service is hosted (technically maintained) on the operator’s server: cyberfolks.pl
Registration data of the hosting company: H88 S.A. with its registered office in Poznań, Franklina Roosevelta 22, 60-829 Poznań, entered into the National Court Register by the District Court Poznań – Nowe Miasto and Wilda in Poznań, VIII Commercial Department of the National Court Register under the number KRS 0000612359, REGON 364261632, NIP 7822622168, share capital 210,000.00 PLN fully paid in.
At https://cyberfolks.pl you can learn more about hosting and check the privacy policy of the hosting company.
Hosting company:
applies data loss protection measures (e.g. disk arrays, regular security copies),
apply appropriate measures to protect processing sites in the event of fire (e.g. special fire-fighting systems),
applies adequate measures to protect processing systems in the event of a sudden power failure (e.g. dual power lines, generators, UPS backup systems),
apply measures to physically protect access to data processing sites (e.g. access control, monitoring),
applies measures to ensure appropriate environmental conditions for servers as elements of the data processing system (e.g. control of environmental conditions, specialist air-conditioning systems), applies organisational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, password policies, etc.), has appointed a Data Protection Officer.
In order to ensure technical reliability, the hosting company maintains logs at the server level. The logs may be subject to registration:
resources defined by the URL identifier (addresses of requested resources – pages, files),
time for the inquiry to arrive,
time to send the answer,
client station name – identification implemented by the HTTP protocol,
information on errors that occurred during the execution of HTTP transactions,
the URL of the page previously visited by the user (referer link) – in the case where the access to the Service was made via a link,
information about your browser,
IP address information,
Diagnostic information related to the process of self-ordering services through recorders on the website,
information related to the handling of electronic mail addressed to and sent by the Operator.

IV. Your rights and additional information on the use of your data

In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfil the Administrator’s obligations. This applies to such groups of recipients:
-curators
-postal operators
-Law offices and debt collectors
-payment operators
– Authorized employees and associates who use the data in order to achieve the purpose of the website Your personal data is processed by the Administrator no longer than it is necessary to perform the related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
You have the right to request from the Administrator:
– access to personal data concerning you,
-their corrigenda,
-removals,
-Processing restrictions,
-and data transfer.
You have the right to object to the processing indicated in point 3.3 c) to the processing of personal data for the purpose of exercising legitimate interests pursued by the Administrator, including profiling, but the right of objection shall not be exercised if there are important legitimate grounds for processing, interests, rights and freedoms superior to you, in particular to establish, pursue or defend your claims.
The Administrator’s actions may be complained about to the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.
Providing personal data is voluntary, but necessary to operate the Service.
Activities consisting in automated decision making, including profiling, may be undertaken with respect to you in order to provide services under the concluded agreement and to conduct direct marketing by the Administrator.
Personal data is not transferred from third countries within the meaning of data protection regulations. This means that we do not send them outside the European Union.

V. Information in the forms

The service collects information voluntarily provided by the user, including personal data, if any.
The service may save information about the connection parameters (time stamp, IP address).
The service may, in some cases, save information to facilitate linking the data in the form with the e-mail address of the user filling in the form. In this case, the user’s e-mail address appears inside the url of the page containing the form.
The data provided in the form are processed for the purpose resulting from the function of a particular form, e.g. to handle the service request or business contact, register services, etc. Each time the context and description of the form clearly indicate what it is used for.

VI. Administrator’s logs

Information about user behavior on the site may be subject to login. This data is used to administer the service.

VII. Important marketing techniques

The operator uses statistical analysis of website traffic through Google Analytics (Google Inc., USA). The operator does not pass on personal data to the operator of this service, but only anonymised information. The service is based on the use of cookies on your terminal equipment. In terms of information on user preferences collected by the Google advertising network, the user can view and edit the information resulting from the cookies using the tool: https://www.google.com/ads/preferences/.
The Operator uses remarketing techniques that allow for matching advertising messages with the user’s behaviour on the website, which may give the illusion that the user’s personal data is used to track the user, but in practice there is no transfer of any personal data from the Operator to the advertising operators. The technological condition for such actions is that cookies are enabled. The Operator uses the Facebook pixel. This technology causes Facebook (Facebook Inc. with its seat in the USA) to know that the person registered with it uses the Service. In this case, the Operator does not pass on any additional personal data to Facebook, for which he is the administrator. The Service is based on the use of cookies in the user’s terminal device.

VIII. Information about cookies

The website uses cookies.
Cookies (so-called “cookies”) are IT data, in particular text files, which are stored in the final device of the Service User and are designed to use the Website’s websites. Cookies usually contain the name of the website from which they come, the time they are stored on the terminal equipment and a unique number.
Entity placing on the terminal equipment of the Service User cookies and obtaining access to them is the operator of the Service.
Cookies are used for the following purposes: maintenance of the Service User session (after logging in), so that the user does not have to re-enter the login and password on each page of the Service;
to achieve the objectives set out above in the section “Important marketing techniques”.
The Service uses two basic types of cookies: “session” cookies (session cookies) and “permanent” (persistent cookies). Session” cookies are temporary files, which are stored in the user’s terminal device until logging out, leaving the website or turning off the software (web browser). “Persistent” cookies are stored in the User’s terminal equipment for the time specified in the parameters of cookies or until they are deleted by the User.
Software for web browsing (web browser) usually by default allows storing cookies in User’s device. Service users can change settings in this area.
Internet browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser.
Restrictions on the use of cookies may affect some features available on the Website.
Cookie files placed in the final device of the Service User may also be used by entities cooperating with the Service Operator, in particular companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).The website uses cookies.
Cookies (so-called “cookies”) are IT data, in particular text files, which are stored in the final device of the Service User and are designed to use the Website’s websites. Cookies usually contain the name of the website from which they come, the time they are stored on the terminal equipment and a unique number.
Entity placing on the terminal equipment of the Service User cookies and obtaining access to them is the operator of the Service.
Cookies are used for the following purposes: maintenance of the Service User session (after logging in), so that the user does not have to re-enter the login and password on each page of the Service;
to achieve the objectives set out above in the section “Important marketing techniques”.
The Service uses two basic types of cookies: “session” cookies (session cookies) and “permanent” (persistent cookies). Session” cookies are temporary files, which are stored in the user’s terminal device until logging out, leaving the website or turning off the software (web browser). “Persistent” cookies are stored in the User’s terminal equipment for the time specified in the parameters of cookies or until they are deleted by the User.
Software for web browsing (web browser) usually by default allows storing cookies in User’s device. Service users can change settings in this area.
Internet browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser.
Restrictions on the use of cookies may affect some features available on the Website.
Cookie files placed in the final device of the Service User may also be used by entities cooperating with the Service Operator, in particular companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

IX. Cookie management – how to give and withdraw consent in practice?

If you do not want to receive cookies, you can change your browser settings. We reserve the right to disable the use of cookies necessary for authentication processes, security, maintenance of user preferences may make it difficult, and in extreme cases may prevent the use of websites.