PRIVACY POLICY
PRIVACY POLICY
-
The purpose of this Privacy Policy is to comprehensively define the activities in the field of processing and protection of personal data collected in connection with the provision of services or the sale of products, undertaken by Ramsay&Co Natalia Gogolinski. with its registered office in Obręb, 05-530 Góra Kalwaria, ul. Kasztanowa, No. 2, NIP: 1231416959, Regon: 381842790.
-
The administrator of personal data is: Ramsay&Co Natalia Gogolinski. with its registered office in Obręb, 05-530 Góra Kalwaria, ul. Kasztanowa, No. 2, NIP: 1231416959, Regon: 381842790.
-
The administrator processes personal data:
a) in accordance with the Act of May 10, 2018 on the protection of personal data (Journal of Laws of 2018, item 1000) and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the GDPR, the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws of 2018, item 1000), as well as other legal provisions regarding the protection of personal data;
b) complying with the principles of lawfulness, fairness, transparency, data minimization, accuracy, limited storage, integrity and confidentiality, and accountability;
c) in order to perform the contract concluded with the Customer and on the basis of the consent granted in order to:
setting up and maintaining a User Account as part of the Online Store operating on the Internet platform available at the Internet address www.ramsayandco.pl or
take action at the Customer's request before concluding the contract and/or performance of the contract for the purchase of goods or
implementation of the Newsletter service.
d) after written notification of the processing of personal data in accordance with art. 13 GDPR. -
The basis for the processing of personal data is art. 6 sec. 1 point a, b and f GDPR.
-
Personal data provided in any form available on the website www.ramsayandco.pl are treated as confidential and are not visible to unauthorized persons.
-
The administrator selects and applies appropriate technical and organizational measures to ensure the protection of personal data being processed with due diligence. Personal data concerning Users and Customers and other persons whose data was reported by the Customer are protected by the Administrator against their disclosure to unauthorized persons, as well as other cases of their disclosure or loss or unauthorized modification of the indicated data and information.
-
The recipients of personal data are entities processing data on behalf of the Administrator on the basis of concluded data processing agreements (e.g. companies providing Internet delivery services, entities providing the server, IT specialists, accountants, couriers). The recipient of the data may also be Poczta Polska S.A. (if you choose the option of delivery of purchased products via Poczta Polska).
-
Recipients may also be entities authorized to receive data under applicable law, including competent judicial authorities.
-
Providing personal information is voluntary. However, failure to provide data may make it difficult or impossible to:
a) setting up and maintaining a User Account as part of the Online Store operating on the Internet platform available at www.ramsayandco.pl,
b) taking action at the Customer's request before concluding the contract and/or performance of the contract for the purchase of goods and their delivery,
c) implementation of the Newsletter service. -
Personal data is also processed on the basis of the Administrator's legitimate interest in the processing of data in order to defend against claims or in the case of third-party data provided by customers - indication of another person's delivery address.
-
In the event that the Customers provide data of third parties, the Customer, by entering such data, declares that he has obtained from the person whose data he enters the necessary consent to share his data with the Administrator.
-
Everyone whose personal data is processed by the Administrator has the right to request the Administrator to access their personal data, rectify it, delete the "right to be forgotten" or limit the processing of personal data, object to such processing, transfer data, lodge a complaint to the authority supervisory board.
-
Personal data processed by the Administrator may be transferred to recipients in countries outside the European Union ("third countries"). It is possible for the Administrator to transfer personal data to a third country, territory or a specific sector or sectors in this third country for which the Commission has found that this third country, territory or specific sector or sectors in this third country provide an adequate level of protection (Art. 45 GDPR), or when appropriate safeguards are provided, and subject to enforceable data subject rights and effective legal remedies (Article 46 GDPR).
-
Personal data is stored for the period necessary to maintain Accounts and perform sales contracts or the Newsletter service. After this period, the data may be processed based on the Administrator's legal obligations (e.g. in the scope of storing accounting documents or legally justified interest (defense against claims that may be due against the Administrator). The Administrator stores data whenever he is obliged to do so by national or EU regulations or international law.
-
The personal data processed by the Administrator are not subject to automated decision-making, including profiling,