1. GENERAL PROVISIONS
  1. This Privacy Policy sets out the rules for the processing and protection of personal data of the Customers of the Website available at www.lovepots.pl.
  2. Terms not defined in this Privacy Policy may have the meaning given to them in the Terms and Conditions of the Store.
  3. Personal data is information about an identified or identifiable natural person to whom the data relates, i.e. one that is directly or indirectly identifiable, in particular on the basis of an identifier (characteristic) such as a name, an identification number, location data, an Internet identifier, or one or more specific factors defining the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
  4. Processing means an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, viewing, using, disclosing, sharing, matching or linking, limiting, erasing or destroying.
  5. Customers' personal data are processed in accordance with applicable regulations, in particular the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation, hereinafter: "RODO") and the Law of May 10, 2018. on personal data protection
  6. In order to ensure the security of Customers' personal data, we use appropriate technical and organizational measures for the security of personal data processing.
  1. CONTROLLER

We inform you that the Administrator of your personal data is:

LOVE POTS Katarzyna Dubicka with registered office 05-077 Warsaw, ul. Kazimierza Dąbrowskiego 18b, NIP: 5252253080, REGON: 146271036.

  1. THE SCOPE OF THE CUSTOMER'S PERSONAL DATA PROCESSED
  1. The scope of the Customer's personal data processed by the Administrator includes:
    1. Customer data provided when filling out the Registration Form: name, surname, address of residence, delivery address, e-mail address, telephone number, and in the case of Customers who are not Consumers, additionally company name and Tax Identification Number;
    2. Customer data obtained by the Administrator in connection with the use of cookies and other similar technologies (see Section 10);
    3. Customer's data regarding the Order placed by the Customer on the Website,
    4. other Customer data voluntarily provided by the Customer using electronic forms available on the Site or any other form of contact with the Administrator's consultant.
  2. Due to the fact that the services offered on the Website are dedicated to adults, the Administrator does not knowingly process the personal data of children using the services.
  1. PURPOSES AND LEGAL BASIS FOR PROCESSING CUSTOMERS' PERSONAL DATA
  1. Customers' personal data are or may be processed by the Administrator:
    1. in order to conclude and perform a sales contract concluded via the Website - processing in this case is necessary to conclude and perform a contract to which the Customer is a party, or to take action at the Customer's request, prior to concluding the contract (Article 6(1)(b) RODO);
    2. for the purpose of Registering and maintaining an Account on the Website - the processing of data in this case is necessary for the performance of the contract for the provision of services by electronic means, to which the Customer is a party, or to take action at the Customer's request, prior to the conclusion of the contract (Article 6(1)(b) RODO);
    3. for the Administrator's marketing purposes, resulting from the consent granted by the Client for the provision of commercial information (newsletter), the processing of data in this case takes place based on the Client's consent (Article 6(1)(a) RODO);
    4. in order to settle the matter described by the Client in the electronic form available on the Website and within the chat with the Client's supervisor conducted - the processing of data in this case is necessary for the conclusion and performance of the contract for the provision of services by electronic means (Article 6(1)(b) RODO), and also occurs based on legitimate interest (Article 6(1)(f) RODO) consisting in supporting sales;
    5. for the purpose of providing services electronically in terms of providing Customers with the ability to view, reproduce and read the information and materials made available on the Website - data processing in this case is necessary for the performance of the contract to which the Customer is a party (Article 6(1)(b) RODO);
    6. for the purposes of the Administrator's legitimate interests related to the operation of the Website, including analyzing the Customer's use of the Website, ensuring the security and reliability of the services provided on the Website (Article 6(1)(f) RODO);
    7. in order to pursue the Administrator's legitimate interests, which may include, but are not limited to, the following. establishment, investigation and defense of claims, prevention and investigation of crimes and related investigations, business management and further development, including risk management (Article 6(1)(f) of the DPA);
    8. for customer satisfaction surveys (e.g. through surveys sent to customers via email by the Administrator - data processing is based on the Administrator's legitimate interest (Article 6(1)(f) RODO);
    9. for the Administrator's direct marketing purposes, including the selection of goods and services to meet Customers' needs (including profiling) based on cookies and other similar technologies referred to in point 10 - data processing in this case takes place on the basis of the Administrator's legitimate interest (Article 6(1)(f) RODO);
  2. Provision of personal data on the Website is voluntary, but may be necessary to carry out one or more of the services and purposes of personal data processing specified in Section 3.1. above, which the Administrator will not be able to fulfill if personal data is not provided.
  3. The Customer's personal data collected through the Customer's direct contact with persons acting on behalf of the Administrator, including through the hotline or through contact with the Customer's supervisor, is used solely for the purpose of contacting the Customer and providing information and advice to the Customer.
  1. PERIOD OF PROCESSING OF CUSTOMER'S PERSONAL DATA
  1. The Administrator processes the Customer's personal data in the manner and for the period that is necessary to fulfill the purposes for which the data was collected.
  2. In the case of data processing:
    1. for the purpose of concluding and performing a contract (including a sales contract) - the Customer's data will be processed for the duration and performance of the contract;
    2. Based on the Client's consent - the Client's data will be processed until the consent is withdrawn;
    3. in order to ensure compliance with the legal obligations imposed on the Administrator - the Client's data will be processed for the period required by law;
    4. for the purposes of direct marketing of the Administrator, including the selection of goods and services to meet the needs of Customers (profiling) - the Customer's data will be processed until the Customer raises an objection;
    5. for the purposes of realization of other legitimate interests of the Administrator - the data will be processed until the objection raised by the Client is taken into account or the period of limitation of claims expires, unless otherwise provided for in the detailed provisions of this policy.
  3. At the end of the processing period, the data is deleted or anonymized.
  1. CUSTOMER RIGHTS AND OBLIGATIONS
  1. If the processing of personal data is carried out on the basis of the Client's consent, such consent is voluntary and may be withdrawn at any time, without affecting the legality of the processing carried out before the withdrawal of consent. The statement on withdrawal of consent should be submitted via e-mail, to the Administrator's e-mail address.
  2. The customer also has the following rights:
    1. To delete their personal data;
    2. To restrict the processing of your personal data;
    3. access to the content of their data as well as rectification (amendment);
    4. to receive a copy of their data or to have it transferred, and this right shall not adversely affect the rights and freedoms of others (including trade secrets or intellectual property rights) and shall be exercised to the extent technically feasible;
    5. to object to the processing of your personal data when the processing is based on the legitimate interests of the controller or a third party.
  3. The Administrator will realize the Customer's rights, subject to the exceptions set forth in the provisions of the RODO.
  4. The registered customer, may also correct or update his personal information regarding the Account on his own. To do this, log into the Account, go to the "Account Settings" tab and make the appropriate changes in the Personal Data field.
  5. In order to exercise the rights set forth in Section 6.1 and 6.2, please send a letter to the mailing address: LOVE POTS Katarzyna Dubicka or a message to the e-mail address: biuro@lovepots.pl.
  6. The customer is entitled to file a complaint with the supervisory authority: President of the Office for Personal Data Protection, if he believes that the processing of data concerning him violates the provisions of the RODO.
  1. ENTITIES TO WHICH CUSTOMERS' PERSONAL DATA ARE SHARED
  1. The Administrator provides personal data of the Clients if it has a legal basis for doing so, in particular when it is necessary to perform the services provided to the Clients.
  2. Customers' personal data may also be made available at the request of public authorities or other entities entitled to such access under the law, in particular when it is necessary to ensure the security of the Administrator's systems.
  3. Recipients of Customers' personal data may be, in particular:
    1. Entities entitled to obtain the Customer's data under applicable laws;
    2. entities whose services are used by the administrator to provide goods and services to customers, in particular:
      • Entities that provide operation or access to ICT systems for the administrator;
      • Entrepreneurs providing services for the supply and maintenance of software, used to operate the Website;
      • payment system operators;
      • entities providing postal and courier services;
      • Law firms, consulting companies with which the Administrator cooperates;
  1. TRANSFER OF DATA OUTSIDE THE EOG
  1. The Administrator transfers personal data outside the European Economic Area (EEA) only when necessary, and with an adequate degree of protection, primarily through:
    1. cooperation with processors of personal data in countries for which a relevant decision of the European Commission has been issued;
    2. Use of standard contractual clauses issued by the European Commission;
    3. application of binding corporate rules approved by the relevant supervisory authority;
    4. in the case of data transfers to the US, cooperation with entities participating in the Privacy Shield program, approved by Commission Implementing Decision (EU) 2016/1250 of July 12, 2016. on the adequacy of protection provided by the EU-US Privacy Shield (a list of US entities participating in this program is available at: https://www.privacyshield.gov/list).
  2. When applicable, the controller shall always inform of its intention to transfer personal data outside the EEA at the stage of collection. At the request of the Client, the Administrator shall provide the Client with a copy of his/her data, which will be transferred outside the EEA.
  1. SOCIAL NETWORKS
  1. The Website may include features that allow you to share content via third-party social media applications, such as, but not limited to. Facebook "Like" button or widgets on Instagram. All of these social media applications may collect and use data on user activity on the Website. Any personal information provided by the Customer through such social applications may be collected and used by other users of the aforementioned social applications, and interactions conducted through them are subject to the privacy policies of the companies that provide the applications. We have no influence on and take no responsibility for the above entities and their use of customer data.
  1. COOKIES AND OTHER SIMILAR TECHNOLOGIES
  1. In accordance with the practice of most websites, when using the Website, the Customer's personal data may be collected automatically in system logs, by cookies ("cookies"), Google Analytics system.
  2. Cookies are files stored on the Customer's terminal device, used to identify Customers and provide statistical information about Customer traffic, Customer activity and use of the Website. They allow, among other things. to tailor content and services to customers' preferences.
  3. The Website uses session cookies, which are deleted when the browser window is closed, as well as persistent cookies, which are stored for a specific period of time (specified in the parameters of cookies or until they are deleted by the Client) in the final devices used by the Client.
  4. The administrator uses the following types of cookies:
    1. necessary for the use of services, such as those used for services that require authentication;
    2. used to facilitate login to the Account via social media;
    3. used to ensure security;
    4. Enabling the collection of information about how services are used;
    5. allowing to save the settings selected by the Customer and to personalize the Customer's interface;
    6. enabling us to provide customers with content more tailored to their preferences and interests.
  5. The Customer may independently and at any time change the settings for cookies, specifying the conditions for storing and accessing by cookies to the Customer's terminal device, through the settings of the Internet browser.
  6. The customer can delete cookies at any time using the available functions in the web browser they use. However, this may affect the limitation of certain functionalities available on the Website.
  7. The use of the Website involves sending requests to the server on which the Website operates. Each request to the server is recorded in the server logs. Logs include, among others. IP address, date and time of the server, information about the web browser and operating system the customer is using. Logs are saved and stored on the server. Data recorded in server logs are not associated with specific individuals using the Website and are not used by them for identification purposes. Server logs are only auxiliary material for the administration of the Website, and their contents are not disclosed to anyone except those authorized to administer the server.
  1. PROCESSING OF PERSONAL DATA OF THIRD PARTIES
  1. If the Client places any personal data of Third Parties on the Website, he may do so only under the condition that he does not violate the provisions of the applicable law and the personal rights of such persons. Third parties are individuals whose personal information the Customer posts on the Website.
  2. The Administrator may process the personal data of Third Parties entrusted to him by the Customer, if the Customer confirms that he is authorized to transfer the personal data of the Third Party.
  3. In cases where the Customer posts data of Third Parties on the Website, in the course of activities other than purely personal or domestic, the Customer acts as a controller of such data within the meaning of the provisions of the RODO.
  4. In the case referred to in clause 11.3 above, the Customer shall enter into an agreement with the Administrator for entrusting the processing of Third Party data under the terms of clause 11.6. - Paragraph 11.10. below.
  5. Data of Third Parties, entrusted by the Customer, will be processed by the Administrator for the purpose of proper execution of the agreement for the provision of electronic services concluded with the Customer - in connection with the Customer's use of the Website or execution of the Order.
  6. The scope of entrusted data, includes all personal data of Third Parties entrusted in connection with the Customer's use of the Website or in connection with the Order placed, in particular name, address, gender, image, date of birth or age.
  7. The Client agrees to further entrust the processing of Third Parties' data (so called sub-trusting), in order to perform the contract concluded with the Client.
  8. The personal data of Third Parties entrusted by the Client, will be processed by the Administrator in accordance with Art. 28 RODO.
  9. Personal data of Third Parties may also be processed by the Administrator in order to possibly establish and assert claims or defend against them - the legal basis for the processing is the Administrator's legitimate interest (Article 6(1)(f) RODO) in protecting their rights.
  10. If the Administrator determines that the personal data of Third Parties is being processed in violation of the provisions of the RODO, the provisions of applicable law or the personal rights of Third Parties, the Administrator shall take measures to delete such data as soon as possible.
  1. FINAL PROVISIONS
  2. This Privacy Policy is reviewed on an ongoing basis and updated as necessary to reflect any changes in the way we process personal data.
  3. The current version is available on the Website.
  4. This Privacy Policy is applicable from 28.11.2022.
ready

Hassle-free shopping and returns

secure payment

Secure payments

standard shipping

Fast delivery

support

Excellent support

handmade

Satisfaction guaranteed

Subscribe to our newsletter

 

Sign up for our newsletter. Enjoy special discounts, stay tuned to us and don't miss any promotions!