Privacy Policy

PRIVACY POLICY

RARITYSHOP.PL

Privacy policy version 2.0 is effective as of 26/06/2023.

You can find the previous version of the privacy policy here.

§ 1 GENERAL INFORMATION

  1. The Privacy Policy of the Online Store does not constitute a source of obligations for the Visitor (including the Guest) and the Customer of the Online Store. It is for informational purposes and is not a contract or terms and conditions.
  2. All expressions and words capitalized (e.g., Online Store, Customer, etc.) shall be understood in accordance with the contents of the Online Store Regulations.
  3. In the event of any discrepancy between this Privacy Policy and the consents for the processing of personal data given by an individual, the legal basis for determining the scope of the Administrator's activities shall be the voluntarily given consents or the provisions of law that apply to the factual situation.

§ 2 PERSONAL DATA ADMINISTRATOR

  1. The administrator of your personal data is Rarity Sp. z o.o. with its registered office in Olsztyn at Franciszka Barcza 48/2L Street, 10-685 Olsztyn, KRS: 0000853881, NIP: 7393943043, REGON: 38671683100000, BDO: 000530917 (hereinafter: Administrator).
  2. For all issues related to data protection, we encourage you to contact us at the above address or via e-mail address: shop@rarity.pl.
  3. You can also send a request to the indicated address for access to information about what personal data we hold about you and for what purposes we process it.
  4. The Administrator informs you that it stores correspondence for statistical purposes and to improve the support system in the scope of RODO, as well as for the resolution of complaints and possible decisions on administrative interventions made on the basis of notifications in the indicated Customer Account. Addresses and data thus collected will not be used for communication for any purpose other than the execution of the request, in particular, they will not be used for marketing purposes and transferred to third parties.
  5. When contacting the Administrator in order to perform a specific action (e.g., filing a complaint, making a return), the Administrator may again request a person to provide data, including personal data, e.g., in the form of name, surname, home address, e-mail address, in order to confirm his/her identity and enable return contact on the matter and perform the requested action. Provision of this data is not mandatory, but may be necessary to perform an action or obtain information of interest to the person.
  6. If you have given additional consent to our use of cookies, the controllers of the data obtained from your online activity may also be our trusted partners.

§ 3 DATA ACQUISITION AND PURPOSE OF DATA PROCESSING

  1. We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, (hereinafter: RODO) and other data protection laws currently in force at the time of processing certain data.
  2. According to the content of the indicated legal acts, personal data is considered to be information about an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an Internet identifier or one or more specific factors that determine the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
  3. We ensure that the data we obtain from you is confidential, secure and processed only when necessary. We process data in accordance with the law, in a fair and transparent manner for the data subject. We process only such data and only with such content that is necessary for the legitimate purpose, i.e. the reason for processing. Personal data is collected with due diligence and adequately protected against access by unauthorized persons. We use appropriate and adequate security measures and state of the art technology to protect personal data from accidental loss and unauthorized access, use, alteration, or disclosure. We store personal data in a manner that allows the identification of the data subject for no longer than is necessary for the purposes for which the data are processed.
  4. The Administrator obtains information about personal data in the following ways:
    1. by making a purchase in the Store (online store) by the Customer;
    2. By registering a Customer Account;
    3. through voluntary subscription to the newsletter service;
    4. by voluntarily entering information in an e-mail message, in a chat window;
    5. by sending a complaint, application, inquiry or letter of any other nature;
    6. by voluntarily entering information in an e-mail message sent in connection with the desire to establish cooperation;
    7. by posting product reviews;
    8. through cookies, pixels or similar Internet technologies.
  5. Please be advised that the purpose and scope of the data processed by the Administrator is based on the consent of the Website Visitor or Customer or the law, and in selected cases is further specified as a result of actions taken by such persons in the Online Store or through other communication channels.
  6. Provision of personal data by the Website Visitor or Customer of the Online Store is voluntary, but necessary in order to use certain functionalities of the Online Store (e.g., placing an order by the Customer and its settlement, registering a Customer Account or using contact forms).
  7. Each time, the scope of data required to conclude a relevant contract is indicated in advance in the Online Store (we mark the data whose submission is necessary to conclude a contract/use a specific functionality), within the framework of other channels of communication with the Visitor or Customer, or in the Terms and Conditions. The consequence of not providing personal data may be the inability to effectively use the functionality of the Website, such as the inability to place an order.
  8. Your personal data is obtained by the Administrator for the following purpose:
    Purpose of processing Legal basis Legally legitimate purpose, if any
    Keeping statistics. Article 6(1)(f) RODO. To have information about the statistics of our activities, which allows us to improve our business operations.
    To conduct marketing of our own products and services without the use of electronic communications. Article 6(1)(f) RODO. Conducting marketing activities to promote our business.
    Conducting marketing activities of own products and services using electronic communication means, including profiling. Article 6(1)(f) RODO, while these activities, due to other applicable regulations, in particular the Telecommunications Law and the Act on Providing Electronic Services, are conducted only on the basis of the consents held (Article 6(1)(a) RODO). Conducting marketing activities to promote the business conducted using e-mail addresses. Presenting advertisements, customizing discounts and promotions.
    Posting reviews on the Online Store. Article 6(1)(a) RODO. Product satisfaction surveys.
    Handling requests made using the contact form, emails, complaints, other requests. Article 6(1)(a) RODO;
    Article 6(1)(c) RODO.    		 Responding to requests and inquiries made using the contact form or in any other form, including storing sensitive requests and responses provided in order to maintain accountability. Handling requests, responding to consumer complaints. Investigation of claims, including from third parties, defense by them.
    Maintenance of the Customer Account. Article 6(1)(a) of the RODO. Conclusion and execution of the Service Agreement (Account) or taking action at the request of a future Customer prior to its conclusion.
    Conclusion and execution of the Sales Agreement. Article 6(1)(b) RODO. Conclusion and execution of the Sales Agreement or taking action at the request of a future Customer prior to its conclusion.
    Archiving of sales documents. Art. 6(1)(c) RODO. Fulfillment of legal obligations under regulations, e.g. tax and accounting, especially in case of paid contracts.
  9. In the case of an adult Customer or an adult Website Visitor, with his/her additional consent, Personal Data may also be processed for the purpose of presenting, creating, granting, and executing advertisements, offers, or promotions (discounts) dedicated to a given Customer regarding the products or services of the Administrator and its partners, to the greatest extent possible, tailored to his/her preferences (profiling), as a result of automated decision-making, capable of producing legal effects with respect to him/her or significantly affecting him/her in a similar manner, e.g. by dedicating exclusively to such a person a short-term discount on a specific product he/she has recently browsed in our Online Store (option not available to persons who are not of age or are of age but have not given their consent to such action).
  10. Newsletter. If you wish to subscribe to our newsletter, it is mandatory to provide us with your e-mail address via the newsletter subscription form. Providing data is voluntary, but necessary to use the newsletter service. Subscribing to the newsletter is also possible at the stage of creating a Customer Account and from within the Customer Account.
    The data provided to us when signing up for the newsletter is used in order to send you the newsletter, in which we inform you about the company's activities, current collection, promotions and discounts. The legal basis for processing in this situation is your voluntary consent given when signing up for the newsletter.
    Your data is processed in this case for the purpose of sending the newsletter periodically, and the basis for processing is Article 6(1)(a) of the RODO, i.e. your consent resulting from your desire to receive the service.
    The data will be processed for the duration of the newsletter, unless you opt out earlier, which will permanently delete your data from the database. In addition, you can correct your data stored in the newsletter database at any time, as well as request its deletion by opting out of receiving the newsletter. You also have the right to data portability, contained in Article 20 of the RODO.
    The newsletter database is properly secured by the Administrator. The newsletter as a database is handled through an external entity. The e-mails sent include links to hidden images (the so-called tracking pixel). In addition to its primary function of counting email opens, it is also optionally used to identify the customer and conduct marketing activities.
  11. Email contact. When you contact us by e-mail, you provide us with your e-mail address as the sender address of the message. In addition, you may also include other personal data in the body of the message. Providing your data is voluntary, but necessary to contact us.
    Your data is processed in this case for the purpose of contacting you, and the basis for processing is Article 6(1)(a) of the RODO, i.e. your consent resulting from your desire to contact us. The legal basis for post-contact processing is the legitimate purpose of archiving correspondence for internal purposes (Article 6(1)(c) RODO).
    The content of the correspondence may be subject to archiving and we are not able to clearly determine when it will be deleted however, this will be for a period of no more than 5 years. You have the right to request the history of correspondence you have had with us (if it was subject to archiving), as well as to request its deletion, unless its archiving is justified due to our overriding interests.
  12. Feedback. If you wish to add your opinion about a product entry, you must fill out a form.
    Your data in this case is processed to enable you to post Opinions, and the basis for processing is Article 6(1)(a) of the RODO, i.e. your consent resulting from your desire to post your entry on our website.
    The data will be processed for the duration of the Opinion's operation on the website, unless you ask for the deletion of the Opinion beforehand, which will result in the deletion of your data related to the Opinion from the database.
    You can correct your data in the opinion at any time, as well as request its deletion. You also have the right to data portability, contained in Article 20 of the RODO.
  13. Customer Account. By creating a Customer Account on our Website, you provide us with your email address, first name and last name. This is voluntary, but necessary in order to successfully register a Customer Account. Then, in the Customer Panel, you can also provide your address and telephone number.
    Your data is processed in this case for the purpose of maintaining a Customer Account, and the basis for processing is Article 6(1)(a) of the RODO, i.e. your consent resulting from your desire to establish one.
    Your data will be processed for the duration of your Customer Account, unless you request its deletion beforehand, which will remove your data from the database.
    You can correct your data assigned to the Customer Account at any time, as well as request its deletion. You also have the right to data portability, contained in Article 20 of the RODO.
    As part of setting up a Customer Account, you may - but are not required to - agree to subscribe to the newsletter service.

§ 4 CATEGORIES OF PERSONAL DATA

  1. The Administrator may process the following categories of personal data:
    1. personal data provided in the form when registering a Customer Account, placing Orders in the Online Store, in particular: e-mail address, name and surname, telephone number;
    2. personal data completed by the user when using the Customer Account, in particular: first and last name; e-mail address; address of residence [street, house number, apartment number, postal code, city, country], and in the case of Customers who are not consumers, additionally company name and tax identification number [NIP];
    3. personal data necessary to place an order, in particular: name and surname; e-mail address; contact telephone number; address of residence [street, house number, apartment number, postal code, city, country], and in the case of non-consumer Customers additionally company name and tax identification number [NIP];
    4. Personal data provided for the purpose of using the newsletter, provided when using the chat room, posting opinions and sent via e-mail; or provided when filing complaints, claims or requests, in particular: name and surname; e-mail address; contact telephone number; address [street, house number, premises number, postal code, locality, country], bank account number;
    5. personal data provided for the purpose of participating in contests/promotional events: first and last name; e-mail address; contact telephone number; address of residence [street, house number, premises number, postal code, locality, country];
    6. other data, in particular, obtained based on the Customer's activity on the Internet, including those obtained through the Internet Store or other channels of communication with the Customer, using cookies and similar technologies.

§ 5 RECIPIENTS OF PERSONAL DATA

  1. Your personal data may be processed by our partners and subcontractors, i.e. entities whose services we use to process data and provide services to you. To the best of our knowledge, all entities to whom we entrust the processing of personal data guarantee the application of appropriate measures for the protection and security of personal data required by law.
  2. Your personal data may be transferred by the Administrator to:
    1. to state authorities or other entities authorized by law, in order to perform our obligations;
    2. The Administrator's partners may be involved in the processing of personal data to a limited extent, in particular those who technically help to run the Online Store efficiently (e.g. support us in sending e-mails, and in the case of advertising activities - also in marketing campaigns), providers of hosting or ICT services, carriers or intermediaries carrying out shipments of Orders, entities handling electronic payments or payment card payments in the Online Store, companies that service software, support the Administrator in marketing campaigns, as well as providers of legal and consulting services and external accounting;
    3. in addition, we may share fully anonymized data (data that cannot identify you) with entities with which we cooperate.
  3. As part of its marketing (advertising) activities, the Administrator uses the services of third parties that use cookies, pixels or marketing functions similar to cookies on the Online Store. The catalog of these entities is indicated in detail in § 8 of this Policy.

§ 6 ARCHIVING OF PERSONAL DATA

  1. The Administrator will retain your personal data only as long as necessary for the purposes set forth in this Privacy Policy and/or to comply with legal and regulatory requirements. After this period, the Administrator will securely delete your personal data.
  2. We will retain your data for the periods indicated below:
    Data associated with the sales procedure. 8 years
    Data for marketing purposes. In case of data processing based on consent - until the consent is withdrawn.
    In case of data processing on the basis of a legitimate purpose - until you object.
    Data transferred using chat, e-mail. For a period of 3 years to maintain the principle of accountability.
    Data contained in opinions. In the case of data processing on the basis of consent - until its withdrawal. In the case of data processing on the basis of a legitimate purpose - until you raise an objection.
    Personal data associated with cookies and similar functions. Until the deletion of these files using the settings of the site / browser / device (while deletion of files is not always the same as the deletion of Personal Data obtained through these files - in which case Personal Data will be deleted until an objection is raised).
    Data provided in the course of the complaint procedure and other procedures related to customer claims. 6 years.
    The remaining category of data (except for data from cookies, about which more in our Cookies Policy). 5 years.
  3. In any case, personal data will also be kept if legal regulations (e.g. accounting or tax regulations) oblige the Administrator to process them; we will keep personal data longer in case the Customer has any claims against the Administrator, in order for the Administrator to assert claims, or in order to assert or defend against third-party claims, for the period of their limitation period specified by law, in particular the Civil Code.
  4. Thus, depending on the scope of personal data and the purposes of their processing, they may be stored for different periods. In each case, the longer period of storage of personal data is decisive.

§ 7 RIGHTS, ACCESSING AND UPDATING PERSONAL DATA, COMPLAINTS

Pursuant to Article 15 of the RODO, you have the right to obtain information from the Controller as to whether your personal data is being processed.

If the Administrator processes your personal data, then you have the right to:

  1. access your personal data;
  2. obtain information about the purposes of processing, the categories of personal data processed, the recipients or categories of recipients of such data, the intended period of storage of your data or the criteria for determining that period, your rights under the RODO and your right to lodge a complaint with a supervisory authority, the source of such data, automated decision-making, including profiling, and the safeguards applied in connection with the transfer of such data outside the European Union;
  3. obtain a copy of your personal data.

In addition, you may ask for the correction of your personal data (Article 16 of the RODO), the deletion of your personal data (Article 17 of the RODO), object to the processing of your personal data (Article 21 of the RODO), and, where technically feasible, ask for the transfer of the personal data provided to another organization (Article 20 of the RODO).

In connection with the right to be forgotten, the Administrator will update or delete your data, unless it has a legal obligation to retain it for business purposes or to comply with the law. In some cases, you have the right to request the restriction of the processing of your personal data (Article 18 RODO). You may also contact the Administrator if you have concerns about the collection, storage or use of your personal data.

The Administrator endeavors to promptly process any requests regarding the aforementioned operations on your personal data, but no later than within 30 days of receiving the request. Due to the complex nature of the request, the Administrator has the right to consider your requests in excess of 30 days, of which it will inform you in advance.

The Administrator strives to resolve complaints conclusively, but if you are still dissatisfied with the response you receive, you may file a complaint with your local data protection supervisory authority. In Poland, the supervisory authority under the RODO is the President of the Office for Personal Data Protection.

§ 8 PROCESSING OF PERSONAL DATA BY AUTOMATED MEANS,
COOKIES POLICY

  1. Our Website, like almost all other websites, uses cookies, i.e. cookies. The Cookie Policy applies to both Customers of the Online Store and Visitors to the Online Store, i.e. users who browse the contents of the Store but do not make purchases.
  2. The Cookie Policy is a document that is an integral part of this Privacy Policy. The contents of the Cookie Policy can be found here.
  3. The Website also uses functionality similar to cookies. Accordingly, the individual provisions of the Cookie Policy should also be referred to these technologies accordingly.
  4. Selected cookies process your personal data. Processing of personal data from cookies or similar technologies on our Website is carried out for the purposes of ensuring the functioning of the Website, customization of the Website to the preferences of Visitors and Customers, or analytical purposes. The processing is carried out on the basis of our legitimate interest. The legal basis for the processing of personal data for advertising purposes will be your additional consent, expressed by making a selection and checking the checkbox during the cookie consent process.
  5. When a Visitor uses the Online Store, cookies are used to identify his/her browser or device - cookies collect various types of information, which, as a rule, do not constitute personal data. However, some information, depending on its content and use, may be associated with a specific person - the attribution of certain behaviors to a specific Visitor or Customer, e.g. by linking them to the data provided when registering an Account with the Online Store, or a specific e-mail address - and thus be considered personal data.
  6. In relation to information collected by cookies that can be linked to a specific person, the provisions of the Internet Shop's Privacy Policy relating to personal data shall apply, in particular those relating to the rights of the data subject.
  7. The Web Store uses profiling. Thanks to the cookies used in the Online Store, it is possible for the Administrator to learn about the preferences of the Visitor/Customer - e.g. by analyzing how often they visit the Online Store and whether and what products they buy. Analyzing online behavior helps to better understand the habits and expectations of Customers and Visitors and to adapt to their needs and interests. Thanks to this technology, it is possible to present Visitors with advertisements tailored to their needs and interests and to prepare better promotions and surprises for adult Visitors who have agreed to do so.

§ 9 CHANGES TO THE PRIVACY POLICY

  1. This Privacy Policy 2.0. is effective as of 26/06/2023.
  2. The Administrator declares that he has the right to make changes to this document for important reasons, including but not limited to:
    1. changes in applicable regulations, in particular in terms of RODO, telecommunications law, electronic services and regulating consumer rights, affecting the rights and obligations of the Administrator or the rights and obligations of the data subject;
    2. development of functionality or electronic services due to advances in Internet technology, including the implementation of new IT, technological or technical solutions on the Website, affecting the scope of this Privacy Policy.
  3. The Administrator undertakes to inform Users of any changes well in advance, allowing them to familiarize themselves with the content of the amended document, e.g. by posting the consolidated text of the Privacy Policy on the homepage of the Website.
  4. In the case of users using the newsletter function, if the Administrator makes substantial changes to the content of the Privacy Policy, the Administrator will inform the Users about them via e-mail. In case of any objections to the change of the Policy, the User has the right to stop using the newsletter by sending a request to unsubscribe from the newsletter or by requesting the deletion of his/her personal data.

This website uses its own and third-party cookies to improve our services and show you advertising related to your preferences by analyzing your browsing habits. To give your consent to its use, press the Accept button.

More information Customize cookies

Cookie preferences
Consent

Functional cookies
No
Yes
Cookie Provider Purpose Expiry
PHP_SESSID rarityshop.pl The PHPSESSID cookie is native to PHP, and allows websites to store serialized state data. On a website, it is used to establish a user session and transmit state data via a temporary cookie, which is commonly known as a session cookie. These cookies will only remain on your computer until you close your browser. Session
PrestaShop-# rarityshop.pl This is a cookie that Prestashop uses to save information and keep the user session open. It allows storing information such as currency, language, customer ID among other data necessary for the proper functioning of the store. 900 hours
Advertising cookies
No
Yes
Analytical cookies
No
Yes
Performance cookies
No
Yes
Other cookies
No
Yes