Privacy Policy

PRIVACY POLICY
1. This Privacy Policy sets out the rules for the processing of personal data obtained through the online store skeenLab.com (hereinafter: “Online Store”).
2. The owner of the Store and at the same time the data administrator is Henryk Fortuniak, President of the Management Board of David Sp. z o.o. with registered office in Nochów, entered in the National Court Register by the District Court in Poznań – Nowe Miasto and Wilda in Poznań, 9th Commercial Department of the National Court Register under KRS number 0000376174, share capital PLN 205,000.00, NIP number 5552097164, REGON number 221162160.
3. Personal data collected by David Sp. z o.o. via the Online Shop they are processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), also referred to as the RODO.
4. David Sp. z o.o. makes special care to respect the privacy of customers visiting the Online Store.
§ 1 Type of data processed, objectives and legal basis
1. David Sp. z o.o. collects information on natural persons conducting legal transactions not directly related to their business, natural persons conducting business or professional activity on their own behalf, and natural persons representing legal persons or organizational units that are not legal entities to whom the act grants legal capacity, conducting business activity on its own behalf or professional services, hereinafter referred to jointly as customers.
2. Customers’ personal data is collected in the case of:
a) registering an account in the Online Store, in order to create an individual account and manage this account. Legal basis: indispensability to perform the contract for the provision of the Account service (Article 6 (1) (b) of the GDPR);
b) place an order in the Online Store in order to perform a sales contract. Legal basis: indispensability to perform a sales contract (Article 6 (1) (b) of the GDPR);
c) subscribing to the newsletter (Newsletter), in order to perform the contract, the subject of which is the service provided electronically. Legal basis – the consent of the data subject to perform the contract for the provision of the Newsletter service (Article 6 paragraph 1 letter a) of the RODO);
d) use of the contact form service in the Online Store in order to perform the contract provided electronically. Legal basis: indispensability to perform the contract for the provision of the contact form service (Article 6 (1) (b) of the GDPR);
e) use the service to provide an opinion, in order to perform the contract, the object of which is the service provided electronically. Legal basis – provide an opinion on the necessity to perform a service contract (Article 6 (1) (b) of the GDPR).
3. In the case of registering an account in the Online Store, the Customer provides:
a) email address;
b) name and surname;
c) telephone number.
4. When registering an account in the Online Store, the Customer sets the individual password for access to his account. The customer can change the password at a later time, on the terms described in §5.
5. In the case of placing an order in the Online Store, the Customer provides the following data:
a) email address;
b) address details:
a. zip code and city;
b. country (country);
c. street with house / flat number;
d. province.
c) name and surname;
d) telephone number.
6. In the case of Entrepreneurs, the above data scope is additionally extended by:
a) Entrepreneur’s company;
b) NIP number.
7. If you use the Newsletter service, the customer only provides his e-mail address.
8. In the case of using the contact form service, the Customer provides the following data:
a) email address;
b) name and surname;
c) telephone number.
9. In the case of using the service, post an opinion, the Customer provides the following data:
a) name and surname.
10. Additional information may be downloaded when using the Online Store Website, in particular: the IP address assigned to the Client’s computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
11. Navigational data may also be collected from customers, including information about links and links in which they decide to click or other activities undertaken in our Online Store. Legal basis – a legitimate interest (Article 6 (1) (f) of the RODO), consisting in facilitating the use of electronic services and improving the functionality of these services.
12. In order to determine, investigate and enforce claims, certain personal data provided by the Customer may be processed as part of using the functionality in the Online Store, such as: name, surname, data on the use of services, if claims result from the manner in which the customer uses from services, other data necessary to prove the existence of a claim including the extent of the damage suffered. Legal basis – a legitimate interest (Article 6 (1) (f) of the RODO), consisting in determining, pursuing and enforcing claims and defending against claims in proceedings before courts and other state authorities.
13. Transfer of personal data to David Sp. z o.o. is voluntary, in connection with concluded sales contracts or provision of services via the Shop Website, with the reservation that failure to specify in the data forms in the Registration process prevents registration and establishment of the Customer Account, and in the case of placing an order without registering the Customer Account will prevent the submission and execution of the Customer’s order.
§ 2 Who is sharing or entrusting to data and how long is it stored?
1. The Customer’s personal data is provided to service providers used by David Sp. z o.o. while running the Online Store. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, or are subject to the instructions of David Sp. z o.o. with respect to the purposes and methods of data processing (processing entities) or independently define the goals and methods of their processing (administrators).
a) Processors. David Sp. z o.o. uses suppliers who process personal data only on the recommendation of David Sp. z o.o. These include providers providing hosting services, accounting services, providing marketing systems, systems for analyzing traffic in the Online Store, systems for analyzing the effectiveness of marketing campaigns;
b) administrators. David Sp. z o.o. uses suppliers who do not act solely on instructions and set the goals and methods of using personal data of clients. They provide electronic and bank payment services.
2. Location. Service providers are based mainly in Poland and other countries of the European Economic Area (EEA).
3. Customers’ personal data are stored:
a) If the basis for the processing of personal data is consent then the personal data of the Customer are processed by David Sp. z o.o. as long as the consent is not canceled, and after the consent has been withdrawn for a period of time corresponding to the period of limitation of claims that may be raised by David Sp. z o.o. and what they can be raised against him. Unless a special provision provides otherwise, the period of limitation is six years, and for claims for periodic benefits and claims related to running a business – three years.
b) If the basis for data processing is the performance of the contract, then the client’s personal data are processed by David Sp. z o.o. as long as it is necessary for the performance of the contract, and after that for a period corresponding to the period of limitation of claims. Unless a special provision provides otherwise, the period of limitation is six years, and for claims for periodic benefits and claims related to running a business – three years.
4. In the event of purchase in the Online Store, personal data may be transferred, depending on the choice of the Customer, to the following entities to deliver the ordered goods:
a) a courier company;
b) InPost Paczkomaty Sp. z o.o. based in Krakow, providing delivery and maintenance services for a post office system (Paczkomaty);
c) Polish Post Office SA with headquarters in Warsaw.
5. If the Customer selects payment through the PayU system, his personal data shall be transferred to the extent necessary for the payment to PayU S.A. with headquarters in Poznań (60-166), at ul. Grunwaldzka 182, entered in the register of entrepreneurs kept by the District Court Poznań – Nowe Miasto and Wilda in Poznań, 8th Commercial Department of the National Court Register under the number KRS 0000274399.
6. The navigation data can be used to provide customers with better service, statistical data analysis and adaptation of the Online Store to customer preferences, as well as the administration of the Online Store.
7. If the Customer subscribes to the newsletter (Newsletter) at his e-mail address David Sp. z o.o. will send electronic messages containing commercial information about promotions and new products available in the Online Store.
8. In case of sending a request to David Sp. z o.o. provides personal data to authorized state bodies, in particular organizational units of the Prosecutor’s Office, the Police, the President of the Office for Personal Data Protection, the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communications.
§ 3 The mechanism of cookies, IP address
1. The Online Store uses small files, called cookies. They are recorded by David Sp. z o.o. on the end device of the person visiting the Online Store, if the web browser allows it. A cookie file usually contains the name of the domain it comes from, its “expiration time” and the individual, the selected number identifying this file. The information collected using these types of files help adjusting offered by David Sp. z o.o. products for individual preferences and real needs of people visiting the Online Store. They also provide the opportunity to develop general statistics of visits to the presented products in the Online Store.
2. David Sp. z o.o. uses two types of cookies:
a) Session cookies: after completing a session of a given browser or turning off the computer, stored information is removed from the device’s memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the Clients’ computers.
b) Persistent cookies: they are stored in the memory of the Customer’s end device and remain there until they are deleted or expired. The mechanism of persistent cookies does not allow the collection of any personal data or any confidential information from the client’s computer.
3. David Sp. z o.o. uses own cookies in order to:
a) authentication of the Customer in the Online Store and ensuring Customer’s session in the Online Store (after logging in), thanks to which the Customer does not have to enter the login and password on each subpage of the Online Store;
b) analysis and research and audience audits, and in particular to create anonymous statistics that help to understand how customers use the Shop Website, which allows improving its structure and content.
4. David Sp. z o.o. does not use external cookies.
5. The cookie mechanism is safe for the Customers of the Online Store. In particular, this way it is not possible to get viruses or other unwanted software or malicious software onto your computers. However, in their browsers, Customers have the option of limiting or disabling access to cookies on their computers. If you use this option, the use of the Online Store will be possible, in addition to the functions which, by their nature, require cookies.
6. Below, we present how you can change the settings of popular web browsers in the use of cookies:
a) Internet Explorer browser;
b) Microsoft EDGE browser;
c) Mozilla Firefox browser;
d) Chrome browser;
e) Safari browser;
f) Opera browser.
7. David Sp. z o.o. can collect customer IP addresses. An IP address is a number assigned to the computer of the visitor of the Online Store by the ISP. The IP number allows access to the Internet. In most cases, it is assigned to the computer dynamically, i.e. it changes every time you connect to the Internet. The IP address is used by David Sp. z o.o. when diagnosing technical problems with the server, creating statistical analyzes (eg determining in which regions we note the most visits), as information useful in administering and improving the Online Store, as well as for security purposes and possible identification of server-loading, unwanted automated programs for browsing content Online Store.
8. The Online Store contains links and links to other websites. David Sp. z o.o. is not responsible for the privacy practices applicable to them.
§ 4 Rights of data subjects
1. Right to withdraw consent – legal basis: art. 7 par. 3 RHODE.
a) The customer has the right to withdraw any consent granted by David Sp. z o.o.
b) Withdrawal of consent has effect since the withdrawal of consent.
c) Withdrawal of consent does not affect the processing performed by David Sp. z o.o. in accordance with the law before withdrawing it.
d) Withdrawal of consent does not entail any negative consequences for the customer, but it may prevent further use of services or functionality which, according to the law of David Sp. z o.o. can only provide with consent.
2. Right to object to data processing – legal basis: art. 21 THE RHODE.
a) The customer has the right to object at any time – for reasons related to his special situation – to the processing of his personal data, including profiling, if David Sp. z o.o. he processes his data based on a legitimate interest, e.g. marketing of products and services David Sp. z o.o. keeping statistics on the use of individual functionalities of the Online Store and facilitating the use of the Online Store, as well as a satisfaction survey.
b) Opting out in the form of an e-mail from receiving marketing messages concerning products or services will mean the Customer’s objection to the processing of his personal data, including profiling for these purposes.
c) If the Customer’s objection turns out to be legitimate and David Sp. z o.o. will not have a different legal basis to process personal data, the client’s personal data will be removed, the client has objected to processing.
3. The right to delete data (“rights bout being forgotten “) – legal basis: art. 17 THE RHODE.
a) The customer has the right to request the removal of all or some personal data.
b) The customer has the right to request the deletion of personal data if:
a. personal data are no longer necessary for the purposes for which they were collected or processed;
b. withdrew a specific consent to the extent to which personal data were processed based on his consent;
c. he objected to the use of his data for marketing purposes;
d. personal data are processed unlawfully;
e. personal data must be removed in order to comply with the legal obligation provided for by Union law or the law of a Member State to which David Sp. z o.o. subject;
f. personal data have been collected in connection with the offering of information society services.
c) Despite the request to delete personal data, in connection with filing an objection or withdrawing consent, David Sp. z o.o. may retain certain personal data to the extent that processing is necessary to establish, assert or defend claims, as well as to fulfill a legal obligation requiring processing under Union law or the law of the Member State to which David Sp. z o.o. This applies in particular to personal data including: name, surname, e-mail address, which data is retained for the purpose of handling complaints and claims related to the use of the services of David Sp. z o.o., or additionally, the address / address of the correspondence, order number, which data are kept for the purpose of handling complaints and claims related to the concluded sales contracts or provision of services.
4. The right to limit data processing – legal basis: art. 18 RHODE.
a) The customer has the right to demand the restriction of the processing of his personal data. Submission of a request, until its consideration prevents the use of certain functionalities or services, the use of which will involve the processing of data covered by the request. David Sp. z o.o. he will not send any messages, including marketing messages.
b) The customer has the right to demand limitation of the use of personal data in the following cases:
a. when he questions the correctness of his personal data – then David Sp. z o.o. limits their use for the time needed to verify the correctness of data, but no longer than for 7 days;
b. when data processing is unlawful, and instead of deleting data, the Customer will demand restriction of their use;
c. where personal information is no longer necessary for the purposes for which it was collected or used but is needed by the Customer to establish, assert or defend claims;
d. when he objected to the use of his data – then the restriction occurs for the time needed to consider whether – due to the special situation – protection of the client’s interests, rights and freedoms outweighs the interests that the Administrator carries out while processing the client’s personal data.
5. Right of access to data – legal basis: art. 15 THE RHODE.
a) The Customer has the right to obtain from the Administrator confirmation whether he processes personal data, and if so, the Customer has the right to:
a. get access to your personal data;
b. obtain information about the purposes of processing, categories of personal data being processed, recipients or categories of recipients of the data, planned period of customer data storage or criteria for determining this period (when it is not possible to determine the planned data processing period) about the rights of the Customer under RODO and the right to lodge a complaint to the supervisory body, the source of these data, about automated decision-making, including profiling and about safeguards applied in connection with the transfer of these data outside the European Union;
c. obtain a copy of your personal data.
6. The right to rectify data – legal basis: art. 16 THE RHODE.
a) The Customer has the right to demand from the Administrator an immediate correction of his personal data which is incorrect. Taking into account the purposes of processing, the Customer whose data relates has the right to request supplementing incomplete personal data, including by submitting an additional statement, directing the request to the e-mail address in accordance with § 6 of the Privacy Policy.
7. The right to data transfer – legal basis: art. 20 RHODE.
a) The Customer has the right to receive his personal data, which he provided to the Administrator, and then send them to another, selected by him, personal data administrator. The Customer also has the right to demand that personal data be sent by the Administrator directly to such an administrator, if it is technically possible. In this case, the Administrator will send the Customer’s personal data in the form of a file in csv format, which is a widely used, machine-readable format that allows sending data to another admin personal data keeper.
8. In the situation when the Customer comes from the rights resulting from the above rights, David Sp. z o.o. it complies with the request or refuses to meet it without delay, but no later than one month after its receipt. However, if – due to the complexity of the request or the number of requests – David Sp. z o.o. will not be able to meet the request within a month, meet it within the next two months, informing the Customer in advance within one month of receiving the request – about the intended extension of the deadline and its reasons.
9. The Customer may submit complaints to the Administrator, inquiries and requests regarding the processing of his personal data and the exercise of his rights.
10. The customer has the right to demand from David Sp. z o.o. providing copies of standard contractual clauses by directing the inquiry in the manner specified in § 6 of the Privacy Policy.
11. The Customer has the right to lodge a complaint to the President of the Office for Personal Data Protection in the scope of violation of his rights to the protection of personal data or other rights granted pursuant to the GDPR.
§ 5 Security management – password
1. David Sp. z o.o. provides customers with a secure and encrypted connection when sending personal data and when logging in to the Customer Account on the Website. David Sp. z o.o. uses an SSL certificate issued by one of the world’s leading companies in the field of security and encryption of data transmitted via the Internet.
2. In the event that the Customer who has an account in the Online Store has lost any access password in any way, the Online Store allows you to generate a new password. David Sp. z o.o. does not send a password reminder. The password is stored in an encrypted form in a way that prevents its reading. To generate a new password, please enter your e-mail address in the form available under the link “Forgot your password” provided at the login form for the account in the Online Store. The customer to the e-mail address provided during registration or saved in the last change of the account profile will receive an e-mail containing a redirection to a dedicated form provided on the Shop Website, where the customer will be able to set a new password.
3. David Sp. z o.o. he never sends any correspondence, including electronic correspondence, with a request to provide login data, in particular an access password to the Customer’s account.
§ 6 Changes to the Privacy Policy
1. The Privacy Policy may be subject to change, of which David Sp. z o.o. will inform customers 7 days in advance.
2. Questions related to the Privacy Policy should be addressed to: store@skeenlab.com.
3. Last modified: 08/05/2019