How do we get your personal data?
We use your personal data because you have decided to make purchases in our online store www.plispliz.pl (“Store”). The store operates based on the Terms & Conditions, which you can read here.
Who is the administrator of your personal data?
The administrator of personal data is Adrian Zwierzyński, who runs a sole proprietorship, with registered office: Al. Jerozolimskie 85 lokal 21, 02-001 Warszawa entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw Warsaw in Warsaw, having NIP 5492163028, hereinafter referred to as the “Administrator”.
How we process your personal data?
If you use our Store, we will process your personal data for the following purposes:
a) In order to perform contracts for the sale of goods from the Store concluded with you – the basis for the processing of your data will be in this case, the contract concluded with the Administrator by accepting the Shop’s rules. In this respect, we will require the largest amount of data from you, but only to the extent necessary to implement the contract of sale and delivery of purchased goods to you; providing your personal data for this purpose is not mandatory but necessary for the performance of the contract,
b) In order to run your account on the Store’s website – the basis for the processing of your data will be in this case the contract concluded with the Administrator by creating an account and accepting the Shop’s rules.
c) For statistical purposes for internal needs of the Administrator – in this case, the basis for processing will be the legitimate interest of the Administrator consisting in collecting information enabling the development of activities and adapting services to the needs of the Store’s users.
Is the provision of personal data mandatory?
It is up to you to decide whether and what data you provide us with, but remember that when making purchases in the store, providing certain data will be mandatory to perform the sales contract, because without them we will not be able to process your order.
Failure to provide the data required by us results in the failure to place an order.
Who will we share your personal information with?
We will transfer your data to entities that cooperate with us in the performance of the contract for the sale of goods purchased by you
a) Depending on how you choose the delivery method, we will share your data necessary for the delivery of goods to one of the following entities:
DPD Poland Sp. z o.o.,
DHL Express (Poland) Sp. z o.o.
Poczta Polska SA,
EPAKA.PL Sp. z o.o.
Other entities that will provide delivery services for goods purchased by you in the store in the future.
b) Depending on the payment method chosen by you for the purchased goods, we will share your data necessary for collection or payment for the purchased goods to the following entities:
One of the aforementioned courier companies, if as a method of payment for selected goods you chose “cash on delivery”,
PayU S.A.- if you have chosen the PayU payment system as the payment method
Other payment operators with whom we will work together to receive a price for the goods you have purchased.
c) In addition, your data will be transferred to entities that process our clients’ personal data at our request, to the extent necessary to host the Store’s websites: pl sp. z o.o.
d) We may also share your personal data with other entities in the above categories with which we will establish cooperation.
How long will we process your personal information?
The personal data provided by you will be processed in the period:
a) Necessary for the performance of the contract of sale, as well as your claims, as well as confirmation of our obligations and pursuing claims or defending against claims that may be directed against us – however not longer than 10 years from the day you provided us with your data,
b) In the event that you submit a request to delete your account in the store, we may process your data within the time necessary to confirm the performance of our obligations and assertion or defend against claims that may be directed against us – however, not longer than 10 years from the date of transfer to us You your data.
How do we protect your data?
We use a range of IT and organizational security measures aimed at minimizing the risk of data leakage, their destruction and disintegration, such as: firewall system, anti-virus and anti-spam systems, internal access procedures, data processing and emergency recovery, as well as a multi-level backup system. Our Store provides a very high level of security thanks to the use of a DDoS security system, we use a high level of HTTPS / SSL encryption in accordance with accepted best practices, we work with a carefully selected hosting provider who has ISO 9001 quality management certificates and AQAP requirements -2110, as well as the information security management certificate according to ISO / IEC 27001. Remember, however, that using the Internet always brings with it the risk of occurrence of certain security incidents, but we assure you that thanks to the implemented procedures of regular IT systems updates we want to reduce this risk as much as possible by actively monitoring critical points of the system.
What rights do you have in connection with the processing of your data by us?
According to the RODO, you have a number of rights in connection with the transfer of your personal data to us, such as:
a) The right to know how your personal data is processed – if you have questions about whether and how we process your data, please contact us using the contact form provided on this page or by sending information to email@example.com.
b) The right to access and update data – you always have access to your personal data on your account in the store. You can edit the data provided to us and update it. If you have not set up an account in the store, please contact us via the contact form on this page or write to our Data Protection Officer requesting access to your data – we will provide you with information about your data and update it at your request,
c) Under the rules set out in the GDPR, you also have the rights to:
– Deletion of data – if you want us to stop processing your data, you can delete your account in the store or report such a request to us. Remember, however, that this is not an absolute right and we may refuse to delete your data about which we have a basis for its processing (eg the implementation of a legal obligation or pursuing claims or defending against claims that may be directed against us),
- Requests to limit the processing of your data
- Submit an objection to the processing of your data if the basis for processing is a legitimate interest of the Administrator or performance of tasks in the public interest,
- Revocation of consent, if the data is processed on the basis of your consent,
- Data transfer, if the processing is based on a contract or your consent.