Your cart
There are no more items in your cart
GENERAL PROVISIONS
1. The Controller of personal data collected via the online Store www.mazzoni.com.pl is TRADE-GROUP.PL Limited Liability Company, KRS number: 0000600996, Tax ID (NIP): 7792439352, REGON: 363682194, share capital: 5,000.00 PLN, registered office address: ul. Sielska 17a, 60-129 Poznań, mailing address: ul. Stryczyńskiego 2a, 63-750 Sulmierzyce, email address: sklep@mazzoni.com.pl, phone number: +48 725 557 700, hereinafter referred to as the "Controller", who is also the “Service Provider”.
2. Personal data collected by the Controller via the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR.
3. Any words or expressions capitalized in this Privacy Policy shall be understood in accordance with their definitions provided in the Terms and Conditions of the Online Store www.mazzoni.com.pl.
TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION
1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes the personal data of Service Recipients of the Store www.mazzoni.com.pl in the following cases:
a) Registration of an Account in the Store in order to create an individual account and manage it, based on Article 6(1)(b) GDPR (performance of an electronic service agreement in accordance with the Store’s Terms and Conditions).
b) Placing an order in the Store, for the purpose of performing the sales agreement, based on Article 6(1)(b) GDPR (performance of a sales agreement).
c) Subscription to the Newsletter, for the purpose of sending commercial information by electronic means. Personal data are processed upon separate consent, based on Article 6(1)(a) GDPR.
2. TYPE OF PERSONAL DATA PROCESSED. In the case of:
a) Account registration, the Service Recipient provides:
> First and last name,
> Login,
> Address,
> Email address.
b) Order, the Service Recipient provides:
> First and last name,
> Address,
> Email address,
> Phone number,
c) Newsletter, the Service Recipient provides:
> First and last name,
> Email address.
3. PERIOD OF STORAGE OF PERSONAL DATA. Personal data of Service Recipients are stored by the Controller:
a) When the basis for processing is the performance of a contract — for as long as necessary to perform the contract, and thereafter for a period corresponding to the statute of limitations for claims. Unless a specific regulation states otherwise, the limitation period is six years, and for claims related to periodic services and business operations — three years.
b) When the basis for processing is consent — until the consent is withdrawn, and after withdrawal for a period corresponding to the statute of limitations for claims that the Controller may raise or that may be raised against the Controller. The standard limitation periods stated above apply unless regulations specify otherwise.
4. During the use of the Store, additional information may be collected, including: the IP address assigned to the Service Recipient’s computer or the external IP address of the Internet provider, domain name, browser type, access time, and operating system type.
5. Navigational data may also be collected from Service Recipients, including information about links and references they choose to click or other actions taken within the Store. The legal basis for such actions is the Controller's legitimate interest (Article 6(1)(f) GDPR), aimed at facilitating the use of electronic services and improving their functionality.
6. Providing personal data by the Service Recipient is voluntary.
7. Personal data will also be processed automatically in the form of profiling, provided the Service Recipient gives consent based on Article 6(1)(a) GDPR. The consequence of profiling will be assigning a profile for the purpose of making decisions concerning the Service Recipient or analyzing or predicting their preferences, behaviors, and attitudes.
8. The Controller exercises particular care to protect the interests of data subjects and ensures that data collected:
a) are processed lawfully,
b) are collected for specified, lawful purposes and not further processed in a way incompatible with those purposes,
c) are factually correct, adequate, and relevant to the purposes for which they are processed, and stored in a form that permits identification of the data subjects for no longer than necessary.
DISCLOSURE OF PERSONAL DATA
1. Personal data of Service Recipients are provided to service providers used by the Controller in operating the Store. Depending on contractual arrangements, service providers either follow the Controller’s instructions regarding the purposes and methods of processing (processors) or determine these independently (controllers).
2. Personal data of Service Recipients are stored exclusively within the European Economic Area (EEA).
RIGHT TO CONTROL, ACCESS, AND RECTIFY PERSONAL DATA
1. The data subject has the right to access their personal data, rectify them, delete them, restrict processing, the right to data portability, the right to object, and the right to withdraw consent at any time without affecting the lawfulness of processing carried out before the withdrawal.
2. Legal grounds for the Service Recipient’s requests:
a) Access to data – Article 15 GDPR
b) Rectification – Article 16 GDPR
c) Deletion (“right to be forgotten”) – Article 17 GDPR
d) Restriction of processing – Article 18 GDPR
e) Data portability – Article 20 GDPR
f) Objection – Article 21 GDPR
g) Withdrawal of consent – Article 7(3) GDPR
3. To exercise the rights mentioned in point 2, a relevant email may be sent to: sklep@mazzoni.com.pl.
4. Upon receiving such a request, the Controller fulfills or refuses to fulfill it immediately, no later than within one month of receipt. If the request is complex or numerous, the Controller may extend the deadline by up to two more months, informing the Service Recipient within one month of the reasons for the extension.
5. If the data subject believes that personal data processing violates GDPR, they have the right to lodge a complaint with the President of the Personal Data Protection Office.
"COOKIES" FILES
1. The Controller’s website uses “cookies”.
2. Installing cookies is necessary for the proper provision of services on the Store's website. Cookies contain information essential for the correct functioning of the website and enable the preparation of general statistics on website visits.
3. Two types of cookies are used:
a) Session cookies – temporary files stored on the Service Recipient’s device until logging out (leaving the website).
b) Persistent cookies – stored on the Service Recipient’s device for the time specified in cookie parameters or until they are deleted.
4. The Controller uses its own cookies to better understand user interactions with the site’s content. These cookies collect information about how users use the website, the type of page from which they were redirected, the number of visits, and the duration of visits. They do not store personal data but help compile usage statistics.
5. The Controller uses external cookies to collect general and anonymous statistical data via analytical tools such as Google Analytics (external cookie controller: Google Inc., USA).
6. The Service Recipient has the right to determine the access of cookies to their computer through browser settings. Detailed instructions on handling cookies are available in browser settings.
FINAL PROVISIONS
1. The Controller applies technical and organizational measures ensuring protection of personal data processed, appropriate to the risks and category of protected data, especially preventing unauthorized access, acquisition, processing in violation of applicable regulations, alteration, loss, damage, or destruction.
2. The Controller provides appropriate technical measures to prevent unauthorized acquisition or modification of personal data transmitted electronically.
3. In matters not covered by this Privacy Policy, GDPR and other relevant provisions of Polish law shall apply.