SBFL.

BEANIES & SCARVES – ORDERS MADE AFTER 21.12 WILL BE DELIVERED AFTER 27.12 // SWEATERS – ORDERS MADE AFTER 20.12 WILL BE DELIVERED AFTER 03.01.2022

PRIVACY POLICY

The document sets forth conditions related to data processing (hereinafter referred to as the “data”) and cookie files within the e-shop sbfl.pl, run though the website, made available under the following URL: sbfl.pl, hereinafter referred to as the „Shop”.

TABLE OF CONTENTS

  1. HOW TO CONTACT THE DATA ADMINISTRATOR 1
  2. WHAT IS THE BASIS FOR YOUR DATA PROCESSING 1
  3. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF CONTRACT CONCLUSION AND ITS PERFORMANCE, POSSIBLE VINDICATION OF CLAIMS AND PROTECTION AGAINST THEM 2
  4. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF DIRECT MARKETING 2
  5. DATA PROCESSING FOR SECURITY REASONS 3
  6. INFORMATION ON DATA RECIPIENTS 3
  7. ABSOLUTE POWERS OF THE PERSONS WHOSE DATA IS PROCESSED 4
  8. RELATIVE POWERS OF THE PERSONS WHOSE DATA IS PROCESSED 6
  9. COOKIE FILES – INTRODUCTION 7
  10. DATA ADMINISTRATOR COOKIE FILES 7
  11. THIRD PARTIES’ COOKIE FILES. 7
  12. CONSENT TO USE COOKIE FILES AND TO MANAGE THEM 8
  13. CACHE 8
  14. REFERENCE TO OTHER WEBSITES OR SOFTWARE 8
  15. CHANGES TO PRIVACY AND COOKIE FILES POLICY 8
  1. HOW TO CONTACT THE DATA ADMINISTRATOR

Administrator of the personal data processed within the Shop is Paweł Buczek, runs business activity under the company name “SABFIL” PRODUKCJA HANDEL Paweł Buczek, having its seat in Radom (26-612) at the following address 19 Przemysłowa Street, registered in the Central Electronic Register and Information on Economic Activity kept by the Minister of Development, under the NIP no. 9481051173 and REGON (statistical identification no.): 005090261. The Data Administrator can be contacted under the following phone number: +48602647861  and the e-mail address: hello@sbfl.pl.

  1. WHAT IS THE BASIS FOR YOUR DATA PROCESSING

The legal basis for data processing are always given while the data collection. It results from the Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repeal of the Directive 95/46/WE (General Data Protection Regulation). The following are explanation of the legal terms used:

  • Art 6 point 1 letter a) of the Regulation – personal data is processed on the basis of the expressed consent,
  • Art 6 point 1 letter b) of the Regulation – the data is processed for the need to perform a contract or to take action before such a contract is concluded, resulting from a request for data processing.
  • Art 6 point 1 letter c) of the Regulation – personal data is processed in order to fulfil legal requirements,
  • Art 6 point 1 letter f) of the Regulation – personal data is processed for legitimate interests.
  1. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF CONTRACT CONCLUSION AND ITS PERFORMANCE, POSSIBLE VINDICATION OF CLAIMS AND PROTECTION AGAINST THEM
  1. Personal data may be processed in order to perform Contract concluded with you. However, before the contract is concluded we may also process the personal data which is necessary to reply to your request. The data is processed under Art 6 point 1 letter b) of the Regulation.
  2. The personal data is processed during and after the Contract termination in order to investigate and enforce possible claims. Our legitimate interests is, e.g. to answer a possible complaint. Obligation to do so results from separate provision of the civil law. In such a case, we process personal data under legitimate interest, which is to protect against possible claims and to enforce them. The data is processed under Art 6 point 1 letter f) of the Regulation.
  3. We are to store such data for the period of time necessary to implement the objectives, not longer than prescription of a claim resulting from separate provisions.
  4. You have the right to access your data, rectify it, remove it, restrict its processing, the right to transfer it and file a complaint to the supervisory body. In case of data processing set forth in point 2, you have the right to file an objection against processing your data.
  5. It is voluntary to give your data, failing to do so may hinder contract conclusion and its performance.
  6. The following are your data recipients: hosting provider, e-mail provider, IT provider, couriers, provider of accountancy and software for invoice issuance, e-payments provider, legal, counselling and vindication services provider, and other service providers that we use within the target.
  1. INFORMATION ON DATA PROCESSING FOR THE PURPOSE OF DIRECT MARKETING
  1. We may process your data for the purpose of direct marketing. It takes place, for example when we answer your e-mail, providing details of our offer.
  2. The data is processed under Art 6 point 1 letter f) of the Regulation.
  3. Your data will be stored until the time for reaching our target is met.
  4. You have the right to access your data, rectify it, remove it, restrict its processing, the right to transfer it, the right to file an objection against the data processing and the right to file a complaint to the supervisory body.
  5. It is voluntary to give this data, however failing to do so may hinder contract implementation of the direct marketing operations.
  6. The following are your data recipients: hosting provider, e-mail provider, IT provider.
  1. DATA PROCESSING FOR SECURITY REASONS
  1. From the very moment you enter our website, the following data is processed in order to provide service security: 
    • public IP of the device that was used for the enquiry, 
    • web browser type and its language, 
    • enquiry data and time, 
    • number of byte sent by the server, 
    • the URL address of the most recently visited website, in case the visit was made with the same hyperlink, 
    • information on possible errors that appeared while the enquiry. 
  1. Our legitimate interests for such processing is to run server logs and to secure the Shop against possible hacker attacks or other kinds of abuse. This include the possibility to establish the IP address of the person performing unauthorised activity within the shop, such as an attempt to hack security, person publishing prohibited content or making an attempt to perform unauthorised activities using our servers. 
  2. The data is processed under Art 6 point 1 letter f) of the Regulation.
  3. We are to store such data for the period of time necessary to implement the objectives, not longer than prescription of a claim resulting from separate provisions.
  4. You have the right to access your data, rectify it, remove it, restrict its processing, the right to file a complaint against its processing, and the right to complain to the supervisory body.
  5. The Shop can be used only when such data is provided. Failure to provide the data will make it impossible to use the Shop.
  6. The following are the data recipients: hosting provider, IT provider.
  1. INFORMATION ON DATA RECIPIENTS

While processing personal data we use external services. Therefore, recipients of your personal data may also be third parties:

    • Couriers.
    • IT provider.
    • Hosting and e-mail hosting provider.
    • Provider of accountancy and software for invoice issuance
    • Legal, counselling and vindication services provider.
    • E-payments provider.
  1. ABSOLUTE POWERS OF THE PERSONS WHOSE DATA IS PROCESSED

When writing about powers related to processing your personal data, the powers described below are applied. Possibility to exercise the powers and rights set hereinbelow does not depend on the legal basis for the personal data processing.

Right to access data

You hold the right to obtain confirmation, whether or not we process your personal data. If yes, you have the right to access the data and to receive additional information on:

  • processing purposes,
  • data category,
  • recipients or categories of recipients that the data is or will be disclosed to, in particular recipients from third countries or international organisations,
  • when possible, on the planned period of data processing, and when impossible on criteria for establishing this period,
  • the right to demand to rectify your data, remove it or restrict processing of your data, the right to file an objection against your data being processed and on the right to file an objection to the supervisory body,
  • the source of data, if not gathered from you,
  • automated decision making on profiling and on rules thereof, as well as on the importance and anticipated consequences related to your data processing.

Upon receipt of such a request, we are obliged to provide the person with a copy of the personal data under process. In case the request is sent in an electronic way, and no other restriction is received, information is also provided in an electronic way.

Right to rectify data

You hold the right to demand the incorrect personal data to be immediately rectified. Reflecting the processing purpose, you hold the right to demand the incomplete information to be completed, also by presenting additional declarations.

Right for data removal (to be forgotten)

You hold the right to demand the incorrect personal data that apply to you be immediately removed. Should one of the below mentioned circumstances arise, we are obliged to remove the personal data without unnecessary delay: 

  • consent for the personal data process was withdrawn and no other basis for its processing exist,
  • an effective objection against your data processing was filed,
  • your personal data was processed with infringement of a law,
  • your personal data must be removed in order to comply with the legal obligations,
  • your data was gathered in relation with the Information Society offer.

Right to restrict processing

In the following situations, you hold the right to demand restriction of the data processing: 

  • when you challenge correctness of the data – for the period allowing us to check the correctness; 
  • when the data processing is inconsistent with the law and you object to have the data removed, demanding in return restrictions of its usage;
  • when the personal data is no longer necessary for the processing activities, however you need it to determine, vindicate or secure your claims;
  • when you objected to have your personal data processed – for the period necessary to establish whether our legitimate interests are superior over the basis of your objection.

Automated decisions, including profiling

You hold the right not to be the subject of a decision which is solely based on automated processing, including profiling, and produces legal effects towards you or in a similar manner substantially influences you.

The law does not affect should the decision: 

  • be necessary to conclude or exercise a contract between you and the data administrator;
  • be in line with the law of the European Union or a member state and with the law which provides appropriate legal protection measures of your rights, freedom and your legitimate interests; or 
  • be based on your express consent.

Right to file a compliant

You hold the right to file a complaint to the supervisory body, regarding your data processing.

 

  1. RELATIVE POWERS OF THE PERSONS WHOSE DATA IS PROCESSED

When writing about powers related to processing your personal data, the powers described below are applied. Possibility to exercise the powers and rights set hereinbelow depends on the legal basis for the personal data processing.

Right to withdraw consent on your data processing 

In the case when your personal data is processed on the basis of a consent given by you, you hold the right to withdraw this consent at any time. Withdrawing your consent does not however influence the previous right to process your data. 

Right to transfer data

You hold the right to receive the personal data you delivered to us. The data will be transferred to you in a structured and commonly used format that is machine readable. You also hold the right to transfer the data to a different administrator without objections from our side, if the processing activities take place:

  • on the basis of a consent or a contract, and 
  • in an automated manner.

Exercising the right to transfer the data, you hold the right to request the data to be sent immediately to another administrator, if technically possible. The right cannot adversely affect rights and freedom of others.

Right to object

In case we process your personal data under Art 6 point 1 letter f) of the Regulation, you have the right to file an objection against the data processing for the purpose connected with your particular situation.

In such a situation, we cannot process your data unless existence of the following is demonstrated: 

  • there are important, legitimate interests for the process, whereby the basis must be superior to your interests, rights and freedom, or 
  • there are basis to establish, vindicate or secure claims

Also, should you file an objection against your personal data being processed for direct marketing purposes, we cannot process your data for such a purposes.

  1. COOKIE FILES – INTRODUCTION

The Shop website uses cookie files. Those are commonly used small files containing a string of characters. The files are sent by and saved on a terminal device (e.g. computer, laptop, tablet, smartphone) used by the User to visit the website. Such information is send to a memory of the used browser, which sends it back at the next visit at the website. Cookie files can be divided into three categories.

With respect to the purpose for collecting the cookie files three categories can be distinguished, i.a.:

  • Essential cookies – those enable correct work of the Shop and its functionalities, e.g. authentication cookies or security cookies. It is not possible to use the Shop, without storing them on your device.
  • Analytic cookies.
  • Social media cookies.

With respect to validity, two categories of cookie files can be distinguished:

  • Session Cookies – exist until the session is over.
  • Permanent Cookies – exist after the session expires.

With respect to the Cookie files’ Administrator, the following can be distinguished:

  • our Cookie Files,
  • Third parties’ Cookie files.
  1. DATA ADMINISTRATOR COOKIE FILES 

The cookie files we manage allow us to: 

  • authorise access,
  • keep session after logging out,
  • secure the Shop against hacker attacks,
  • allow a web browser to “remember” content of fields in the filled in forms (optional),
  • allow a web browser to “remember” content of the basket.

Thanks to that using functionality of the Shop is easier and smoother.

  1. THIRD PARTIES’ COOKIE FILES.

We use Cookie files employed by Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. The files can be used to process activities you perform in the Facebook app using the “Share” and “Like it” buttons. Processing of such data can be public. Using the cookie files by the third parties depends on provisions of the privacy and the cookie files policy, used by the entities..  

  1. CONSENT TO USE COOKIE FILES AND TO MANAGE THEM

The consent to process cookie files is voluntarily and may be withdrawn at any time. Failure to give the consent for the cookie files to be used can limit possibilities to use the Shop and its functions, or even prevent you from using the Shop.

You can give consent to process the cookie files in the following ways:

  • using settings of the software which is installed on the terminal device you use,
  • by clicking the button which consists declaration of consent for the cookie files to be processed or confirmation that you have read and understood the conditions.

Usually browsers’ settings by default allow storage of cookie files and other information on the terminal device. Should you disagree to save the files, it is necessary to change adequate settings in the web browser. It is possible to enable saving cookie files for all connections. It can be done for a particular web browser or for a particular website. Removal of cookie files is also possible. The way the files are managed depends on the software. 

  1. CACHE

When using the Shop’s website you can automatically use the cache installed on your device. It is possible to store the inter-session data within the local memory, i.e. between subsequent visits at the Shop’s website. The cache is used to improve the speed of using the Shop. It is performed by eliminating situation when the same data was downloaded repeatedly from the Shop, overloading at the same time the user’s Internet connection. The cache may also store such data as the login password.

  1. REFERENCE TO OTHER WEBSITES OR SOFTWARE

The Shop can include links to other websites or software. We do not bear any responsibility towards provisions concerning the privacy and cookie files policy applicable on the websites or in software. It is strongly advised to get acquainted with the provisions of privacy and the cookie files policy after entering a website or before installing software. 

  1. CHANGES TO PRIVACY AND COOKIE FILES POLICY
  1. The Privacy Policy and the Cookie Files Policy come into force on the day they are published on the Shop’s website.
  2. Changes to the Privacy Policy and the Cookie Files Policy take place by posting new versions thereof on the Shop’s website
  3. Information about the changes to the Privacy Policy and the Cookie Files Policy is published within the Shop’s website, not later than three (3) days before publishing their new wording.
Powiadomienie o dostępności Powiadomimy Cię, gdy produkt będzie dostępny