Privacy policy

§1

GENERAL PROVISIONS

  1. This document sets out the principles of the Privacy Policy in the online store www.felinoire.com , run by Dominik Franz, conducting business activity under the name MPH Dominik Franz, NIP: 6761588369, ul. Bolesława Chrobrego 37, 31-428 Kraków.

  2. The Privacy Policy regulates issues related to the protection of personal data and the security of information provided by Customers when using the Online Store.

  3. This document is an integral part of the Regulations of the online store www.felinoire.com .

§2

DEFINITIONS

The terms used in this document mean:

  1. Personal data administrator (Administrator) – Dominik Franz, running a business under the name MPH Dominik Franz, Tax Identification Number (NIP): 6761588369, ul. Bolesława Chrobrego 37, 31-428 Kraków

  2. Online Store/Shop – the website available at www.felinoire.com and all its subpages.

  3. Customer – a natural person who uses the Store and provides his/her personal data.

  4. Personal data – any information relating to a natural person who is identified or identifiable based on one or more factors determining their identity, including, but not limited to, name, surname, email address, telephone number, delivery address, order information, as well as data collected using technologies such as cookies.

  5. Product – a movable item available in the Online Store that is the subject of the Sales Agreement between the Customer and the Seller.

  6. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

  7. Terms and Conditions – Terms and Conditions of the online store www.felinoire.com .

§3

PERSONAL DATA

  1. The Administrator collects and processes personal data in accordance with applicable law, including, in particular, the GDPR. Data is processed within the scope, time, and purposes specified in each case in the information provided in the forms used to collect it.

  2. The customer is informed about the processing of personal data at the time of collection.

  3. The Administrator may transfer personal data to its subcontractors, such as:

  1. courier companies,

  2. companies dealing with the storage of Products,

  3. payment operators and banks,

  4. entities operating IT systems,

  5. accounting offices and law firms,

  6. marketing agencies (in the field of promotional activities),

  7. other entities providing programming and technology services.

  1. In justified cases, the Controller may disclose data to public authorities or third parties if this is required by applicable law and there is an appropriate legal basis for doing so.

  2. The Administrator ensures appropriate technical and organizational measures to protect the personal data being processed. In the event of a data security breach (e.g., data leak or loss), if this could result in a high risk to the rights or freedoms of the Customer, the Administrator will immediately notify the Customer in accordance with applicable regulations.

  3. The Administrator makes every effort, both technical and organizational, to ensure the protection of Customers' personal data. These measures are aimed at securing data against unauthorized access, accidental or intentional modification, loss, and disclosure. Data processing and storage are conducted in accordance with applicable law.

  4. Customer data is stored securely in secured data centers, accessible only to authorized individuals. The Administrator complies with legal requirements regarding data protection and regularly analyzes the risks associated with data processing. Only authorized employees have access to the data to the extent necessary to perform their duties.

  5. The Administrator undertakes to cooperate only with entities that ensure an adequate level of data protection and apply adequate security measures.

§4

PERSONAL DATA STORAGE RULES

  1. The data of all persons visiting the Store, including IP addresses and information collected using cookies and similar technologies, are processed by the Administrator for the purpose of:

  1. implementation of services provided electronically (legal basis: necessity to perform the contract – Article 6 paragraph 1 letter b of the GDPR),

  2. conducting statistical analyses and research (legal basis: consent – ​​Article 6(1)(a) of the GDPR),

  3. protection of the Controller’s rights, including the establishment and pursuit of claims or defense against them (legal basis: legitimate interest of the Controller – Article 6(1)(f) of the GDPR).

  1. When creating an Account or placing an order, the Customer is asked to provide the required personal data. Failure to provide this data will prevent the registration of the account or the placing of an order. Personal data is processed for the following purposes:

  1. provision of services electronically (legal basis: necessity to perform the contract – Article 6 paragraph 1 letter b of the GDPR),

  2. conducting analyses and statistics (legal basis: consent – ​​Article 6(1)(a) of the GDPR),

  3. protection of the Controller’s rights, including pursuing claims (legal basis: legitimate interest of the Controller – Article 6(1)(f) of the GDPR).

  1. Individuals who consent may receive marketing messages (e-mail, text messages) from the Administrator. Providing this data is optional, but failure to do so will prevent you from using this service. Personal data is processed for the following purposes:

  1. sending the Newsletter and SMS messages (legal basis: performance of the contract – Article 6, paragraph 1, letter b of the GDPR, in the case of additional data – the Customer’s consent – ​​Article 6, paragraph 1, letter a of the GDPR),

  2. analysis of the effectiveness of marketing activities (legal basis: consent – ​​Article 6 paragraph 1 letter a of the GDPR),

  3. protection of the Controller’s rights in the scope of pursuing claims (legal basis: legitimate interest of the Controller – Article 6(1)(f) of the GDPR),

  4. carrying out marketing activities, such as sending advertisements via e-mail or SMS messages (legal basis: legitimate interest of the Controller – Art. 6 sec. 1 letter f of the GDPR, resulting from the expressed consent to the use of marketing services).

  1. The Administrator may process personal data for the purpose of conducting marketing activities, such as:

  1. adapting the content of advertisements to the customer's interests,

  2. sending commercial information electronically,

  3. profiling, i.e. analyzing customer behavior in order to match marketing content to their preferences.

  1. The legal basis for data processing for marketing purposes is the Customer's consent (Article 6, paragraph 1, letter a of the GDPR), which may be withdrawn at any time.

  2. Customers may contact the Administrator via email, the contact form available in the Store, or traditional mail. Personal data provided in this communication is used solely to respond to the inquiry and resolve the matter to which the contact relates. The basis for processing this data is:

  1. the legitimate interest of the Controller – Article 6(1)(f) of the GDPR (maintaining communication related to the conducted business activity),

  2. the need to perform a contract or provide services – Article 6(1)(b) of the GDPR (if the contact concerns a concluded contract or service).

  1. The duration of data processing depends on the purpose and legal basis:

  1. In the case of the provision of services, data is stored for the duration of the contract or order fulfillment.

  2. When processing is based on consent, data is stored until the consent is withdrawn.

  3. In the case of data processed on the basis of the Controller's legitimate interest, storage lasts until an objection is effectively raised.

  1. The retention period may be extended if the data is necessary to establish, pursue, or defend legal claims, to the extent required by law. After this period, the data is permanently deleted or anonymized.

§5

COOKIE POLICY

  1. The Administrator uses cookies, which are small text files stored on the Customer's end device (e.g., computer, smartphone). These files are used to provide services electronically, improve the operation of the Store, conduct statistical analyses, tailor its functionality to individual Customer needs, personalize content and advertising, and information regarding use of the Store may be shared with trusted partners.

  2. The Store uses two types of cookies:

  1. Session cookies – temporary files that remain on the Customer's device until the session ends (e.g. logging out, leaving the website or closing the browser).

  2. Persistent cookies – files stored for a specified period of time, resulting from their settings, or until they are manually deleted by the Customer.

  1. The Administrator uses the following categories of cookies:

  1. Necessary: ​​enable the use of basic functionalities of the Store (Article 6, paragraph 1, letter b of the GDPR),

  2. Functional: they remember the Customer's choices (Article 6, paragraph 1, letter aif, GDPR).

  3. Analytical: collect data on the number of visits and traffic sources (Article 6 (1) (aif) GDPR).

  4. Advertising: enable the presentation of advertising content tailored to the Customer’s interests (Article 6, paragraph 1, letter aif, GDPR).

  5. The Administrator obtains the Customer's consent, provided via a dedicated form during the first visit to the Store. The Customer has the right to withdraw or modify consent.

  1. The Website may use the Hotjar tool, which monitors and records user behavior on the website. This tool records data about user behavior, such as navigation, page scrolling, and cursor movement. Information about location, device used, operating system, browser, and cookies is also collected. Hotjar does not collect or store personal information (including personal data) from users. More information about Hotjar's privacy policy can be found at: https://www.hotjar.com/privacy. If you do not want your activity on the website to be tracked by Hotjar, please use the following link: https://www.hotjar.com/opt-out.

§6

LOGGS

The Administrator stores server logs, which contain information about HTTP requests sent to the server, including Client IP addresses, the time the request was received, and the time the response was sent. The logs also contain the name of the client station identified by the HTTP protocol, data about Client browsers, the URL of the previously visited page (referrer link), and any errors that occurred during query execution. The collected data is used to administer the Store and is stored for an indefinite period, without being disclosed to unauthorized persons. Logs may also be used to create statistics to assist in Store management; however, these statistics do not contain data that identifies Clients. The information contained in the logs is processed for administrative, technical, system security, and analytical and statistical purposes. The legal basis for data processing is the Controller's legitimate interest in accordance with Article 6(1)(f) of the GDPR.

§7

DATA TRANSFERS OUTSIDE THE EEA

  1. Due to the use by the Controller of tools supporting current activities, e.g. those provided by Google, Customers' Personal Data may be transferred to countries outside the European Economic Area (EEA).

  2. The Controller transfers Personal Data outside the EEA only when necessary.

§8

FINAL PROVISIONS

  1. The privacy policy may be updated based on ongoing analysis of the technical and legal conditions related to the processing of personal data.

  2. The Customer may contact the Administrator in matters relating to the processing of personal data:

  3. Correspondence address: MPH Dominik Franz, NIP: 6761588369 ul. Bolesława Chrobrego 37, 31-428 Kraków

  4. E-mail address: info@felinoire.com.