Pokaż wszystkie produkty typu:

 

 

Privacy policy for customers of the www.jettstudio.pl website  

 

  1. Information about the Personal Data Controller

 

We kindly inform you that the controller of your personal data is Jett Studio Sp. z o.o. [a limited liability company] with its registered office in Warsaw at ul. Trakt Lubelski 414A, NIP [tax identification number]: 952-13-31-069, Regon [National Business Registry Number] 012347898, KRS [National Court Register Number] 0000126614 hereinafter referred to as the "Company". Contact with the Company regarding the protection of personal data is possible at the email address: administrator@jettstudio.pl.

 

  1. Purposes and basis of personal data processing

 

To provide services in accordance with the business profile, the Company processes your personal data — for various purposes, but always in accordance with the law. Below you will find the specified purposes for processing personal data together with the legal basis.

 

  1. In order to register in the online store, we process personal data such as:
  • Name,
  • e-mail address,
  • phone number

 

The legal basis for such data processing is Art. 6 (1)(a) of the GDPR and Art. 6 (1)(b) of the GDPR, which allows to process personal data on the basis of voluntary consent if it is necessary to perform the contract or take actions to conclude the contract;

 

  1. In order to send e-mail notifications about messages in the client's panel, we process personal data such as:
  • e-mail address,
  • name
  • order number

The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed, if, in this way, the Personal Data Controller realises its legitimate interest (in this case the Company's interest is to inform the client about activities related to the realisation of the order to increase the comfort of using the e-store);

 

  1. For the purpose of phone contact in matters related to the realisation of the order, we process personal data such as:
  • phone number,
  • order number

— if you are interested in the form of telephone contact. The legal basis for such data processing is Art. 6 (1)(a) of the GDPR, which allows personal data to be processed on the basis of a voluntary consent;

 

  1. In order to issue an invoice and fulfill other obligations resulting from tax law regulations, i.e. storage of accounting records for 5 years, we process personal data such as:
  • name,
  • company name,
  • address of residence or registered office,
  • (NIP) Tax Identification Number,
  • order number.

The legal basis for such data processing is Art. 6 (1)(c) of the GDPR, which allows personal data to be processed if such processing is necessary for the Personal Data Controller to fulfill the obligations arising from the law;

 

  1. In order to store unpaid (credited) orders, we process personal data such as:
  • name
  • e-mail address,
  • order number
  • registered office address
  • (NIP) Tax Identification Number

 The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed if in this way the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to enable payment for the goods and the performance of the contract)

 

  1. In order to create registers and records related to the GDPR, including for example the register of clients who raised objections in accordance with the GDPR, we process personal data such as:
  • e-mail address,

because, firstly, the provisions of the GDPR impose specific documentation obligations on us to demonstrate compliance and accountability, and secondly, if you object, e.g. to the processing of your personal data for marketing purposes, we need to know towards whom not to use direct marketing because they do not wish it.

The legal basis for such data processing is firstly Art. 6 (1)(c) of the GDPR, which allows personal data to be processed if such processing is necessary for the Personal Data Controller to fulfill the obligations arising from the law; secondly, Art. 6 (1)(f) of the GDPR, which allows personal data to be processed if in this way the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to have knowledge about persons who exercise their rights under the GDPR);

 

  1. In order to establish, investigate or defend against claims, we process personal data such as:
  • name or company name,
  • residence address,
  • PESEL [Resident Identification Number] or NIP [Tax Identification Number],
  • e-mail address,
  • IP address,
  • order number.

The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed, if, in this way, the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to hold personal data that can identify, assert or defend against claims, including customers and third parties);

 

  1. For archival and evidentiary purposes, we process personal data such as:
  • name,
  • e-mail address,
  • order number

— for the purpose of securing information that may be used to demonstrate facts of legal significance. The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed if, in this way, the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to hold personal data that will allow to prove certain facts related to the realisation of orders, e.g. when requested by a state authority);

 

  1. For analytical purposes, i.e. research and analysis of activities on the website belonging to the Company, we process personal data such as:
  • date and time of visiting the website,
  • the type of the operating system,
  • approximate location,
  • type of web browser used to browse the site,
  • time spent on page,
  • visited subpages.

The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed if, in this way, the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to know the clients' activity on the website);

 

  1. In order to use cookies on the website, we process such text information (cookies will be described in a separate section). The legal basis for such data processing is Art. 6 (1)(a) of the GDPR, which allows personal data to be processed on the basis of a voluntary consent (the first time you enter the website, you will be asked for permission to use cookies);

 

  1. In order to administer the website, we process personal data such as:
  • IP address,
  • date and time of the server,
  • information about the browser,
  • information about the operating system

— this data is automatically saved in the so-called server logs, whenever using a page belonging to the Company. It would not be possible to administer the website without using the server and without this automatic saving. The legal basis for such data processing is Art. 6 (1)(f) of the GDPR, which allows personal data to be processed if, in this way, the Personal Data Controller realises its legitimate interest (in this case, the Company's interest is to administer the website);

 

      III. Cookies

  1. The Company on its website, like other entities, uses the so-called cookies, i.e. short text information saved on a computer, phone, tablet or other user device. They can be read by our system, as well as by systems belonging to other entities, whose services we use (e.g. Facebook, Google).
  2. Cookies perform many functions on the website, usually useful ones, which we will try to describe below:
  • ensuring security — cookies are used to authenticate users and prevent unauthorized use of the client's panel. Hence, they are used to protect the user's personal data against unauthorized access;
  • impact on the processes and efficiency of using the website — cookies are used to ensure that the website works efficiently and that you can use the features available on it, which is possible, among others, due to saving settings between subsequent visits on the website. Thanks to them, you can efficiently navigate the website and individual subpages;
  • state of the session — cookies often contain information about how visitors use the website, for example which subpages are displayed most often. They also enable identification of errors displayed on some subpages. Cookies used to save the so-called "session state" help, therefore, improve services and increase the comfort of browsing;
  • maintaining the state of the session — if the client logs in to his panel, cookies allow the session to be sustained. This means that after switching to another subpage, you do not have to enter your login and password again each time, which contributes to the comfort of using the website;
  • creating statistics — cookies are used to analyze how users use the website (how many open the website, how long do they stay on the website, which content attracts the most interest, etc.) Thanks to this, you can constantly improve the website and adapt its operation to the preferences of users. In order to track activity and create statistics, we use Google tools, such as Google Analytics; in addition to reporting website usage statistics, the Google Analytics Pixel can also be used, along with some cookies described above, to help display more relevant content to the user in Google services (e.g. Google search engine) and across the web;
  1. Your web browser allows cookies to be used on your device by default, that is why we ask for your consent for using cookies at the first visit. However, if you do not wish to use cookies while browsing the website, you can change the settings in your web browser — completely block the automatic support of cookies or request notification whenever cookies are placed on the device. Settings can be changed at any time.
  2. While respecting the autonomy of all people using the website, we feel obliged, however, to notify you that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, e.g. in the form of having to log in to each subpage, a longer period of page loading, restrictions on the use of functionality.
  3. Cookies can also be used by websites to which Jett Studio Sp. z o.o. refers to at www.jettstudio.pl, such as for example (Facebook, Instagram, YouTube). The use of cookies by the websites listed above are subject to a different privacy policy that they apply.
  1. The right to withdraw your consent
  1. If processing of personal data is carried out on the basis of consent, you have the right to withdraw this consent — at any time at your own discretion.
  2. If you would like to withdraw your consent to the processing of personal data, it is sufficient to:
  1. If the processing of your personal data has been performed on the basis of consent, such withdrawal does not make the processing of personal data to that point illegal. Until your withdrawal of consent, we may process your personal data and its revocation does not affect the lawfulness of the processing performed so far.
  1. Requirement to provide personal data
  1. Providing any personal data is voluntary and depends on your decision.
  2. To place an order in the store, it is necessary to provide the email address and company details - without this data we are not able to conclude and perform the contract.
  3. To be able to receive an invoice for an order, it is necessary to provide all the data required by the tax law, that is the company name, registered office address, tax identification number — without this data we are not able to properly issue an invoice.
  4. In order to be able to contact you by phone in matters related to the realisation of the order, it is necessary to provide a telephone number — otherwise we are not able to make a phone contact.

 

  1. Automated decision-making and profiling

We kindly inform you that we do not conduct automated decision-making, including on the basis of profiling. The proposed price of the product is by no means the result of an assessment made by any IT system.

 

VII. Recipients of personal data

  1. Like most entrepreneurs, we use help of other entities in our operations, which often involves the necessity to transfer personal data. In connection with the above, if necessary, we transfer your personal data to companies cooperating with us that process quick payments, to an accounting company, debt collection company, hosting company.
  2. In addition, it may happen that, for example, on the basis of an applicable law or decision of the competent authority, we will have to transfer your personal data also to other entities, public or private. That is why, it is extremely difficult for us to predict who may apply for the disclosure of personal data. Nevertheless, we assure you that every request to disclose your personal data is analyzed very carefully and very thoroughly in order not to inadvertently transfer the information to an unauthorized person.

VIII. Transfer of personal data to third countries

  1. Like most entrepreneurs, we use various popular services and technologies offered by such entities as Facebook, Microsoft, Google. These companies are based outside the European Union, and therefore in the light of the provisions of the GDPR are treated as third countries.
  2. The GDPR imposes certain restrictions on transfer of personal data to third countries, because, since European legislation does not apply there, as a rule, the protection of personal data of European Union citizens may unfortunately be insufficient. Therefore, each personal data controller is required to establish the legal basis for such transfer.
  3. While using the services and technologies, we ensure that we transfer personal data to entities only from the United States, and only to those who joined the Privacy Shield Program, pursuant to the European Commission Implementing Decision of July 12, 2016 — more information on this subject can be found on the European Commission website available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_pl. Entities that have joined the Privacy Shield Program guarantee that they will comply with the high standards of personal data protection that are in force in the European Union, that is why, using their services and offered technologies in the processing of personal data is legal.
  4. We will provide you with additional explanations regarding the transfer of personal data at any time, in particular when this issue raises your concern.
  5. You have the right to obtain a copy of personal data transferred to a third country at any time.

 

  1. The period of personal data processing
  1. In accordance with applicable law we do not process your personal data "indefinitely," but for the time that is necessary to achieve the set purpose. After this period, your personal data will be irretrievably deleted or destroyed.
  2. Regarding individual periods of personal data processing, we kindly inform you that we process personal data for:
  • the duration of the contract — in relation to personal data processed in order to conclude and perform the contract;
  • 3 years - in relation to personal data processed in order to determine, assert or defend claims (the length of the period depends on whether both parties are entrepreneurs or not);
  • 5 years - in relation to personal data related to compliance with tax law obligations;
  • the period until the consent is withdrawn or the purpose of processing is achieved, but not longer than for 5 years - in relation to personal data processed on the basis of consent;
  • the period until the moment of filing an objection or achieving the purpose of processing, but no longer than for five years — in relation to personal data processed on the basis of the legitimate interest of the Personal Data Controller or for marketing purposes;
  • the period until the time of obsolescence or loss of usefulness, however, not longer than for three years — in relation to personal data processed mainly for analytical purposes, the use of cookies and the administration of the website.
  1. Periods in years are counted from the end of the year in which we started processing personal data to improve the process of removing or destroying personal data. Separate calculation of the deadline for each concluded contract would entail significant organizational and technical difficulties, as well as significant financial outlay, therefore establishing one date of removing or destroying personal data allows us to manage this process more efficiently. Of course, if you exercise the right to be forgotten, such situations are considered individually.
  2. The additional year associated with the processing of personal data collected for the performance of the contract is dictated by the fact that you can hypothetically claim a moment before the expiry of the limitation period, the request may be delivered with a significant delay or you may incorrectly determine the limitation period of your claim.

 

  1. Personal data subject rights
  1. We kindly inform you that you have the right to:
  • access your personal data;
  • correct your personal data;
  • delete your personal data;
  • restrict processing of personal data;
  • object to processing of personal data;
  • transfer personal data.
  1. We respect your rights resulting from the provisions on the protection of personal data and we strive to facilitate their implementation to the highest possible extent.
  2. We indicate that these rights are not absolute, and therefore we may legally refuse to comply with the law in certain situations. However, if we refuse to accept the request, it will take place only after careful analysis and only if the refusal thereto is necessary.
  3. Regarding the right to raise an objection, we explain that at any time you have the right to oppose the processing of your personal data based on the legitimate interest of the Personal Data Controller (which are listed in point III) in relation to your particular situation. However, you must remember that in accordance with the law, we may refuse to take into account the objection if we prove that:
  • there are legitimate grounds for processing that override your interest, rights and freedoms or
  • there are grounds for establishing, investigating or defending claims.
  1. In addition, you may object to processing of personal data for marketing purposes at any time. In such a situation, after receiving an objection, we will cease processing for this purpose.
  2. You can exercise your rights by:

 

  1. Securing the website www.jettstudio.pl

 

Jett Studio Sp. z o. o. makes every effort to secure your data and protect it against undesirable actions of third parties. We use all necessary protection safeguards for servers, connections and websites to protect your data. In particular, we use SSL technology (encrypted data transmission) in order to ensure secure data transmission during registration, logging in and placing orders via the www.jettstudio.pl website. Recognizing whether a given connection is secure is possible by checking that the address of the www.jetstudio.pl website when entering registration data, logging in or using the shopping cart begins with https: // and the closed padlock symbol appears in the browser. All connections related to your electronic payments, if you choose this option, will also take place via a secure encrypted connection.

The actions taken by the Personal Data Controller may, however, prove to be insufficient if you do not observe the security rules yourself. In particular, you must keep your login and password confidential and not disclose them to third parties. Jett Studio Sp. z o.o. will not request for providing them, except when you log in to www.jettstudio.pl. In order to prevent unauthorized persons from using your account, please log out after each use.

 

XII. Right to file a complaint

If you believe that the personal data provided are processed contrary to applicable law, you may file a complaint with the President of the Personal Data Protection Office.

 

XIII. Final provisions

  1. To the extent not covered by this Privacy Policy, the provisions regarding the protection of personal data apply.
  2. This Privacy Policy is effective as of May 25, 2018.