{"id":370,"date":"2025-10-01T18:03:18","date_gmt":"2025-10-01T18:03:18","guid":{"rendered":"https:\/\/scoiattolo.pl\/privacy-policy\/"},"modified":"2025-10-01T18:03:18","modified_gmt":"2025-10-01T18:03:18","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/scoiattolo.pl\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"

Privacy and Cookie Policy of the Online Store https:\/\/scoiattolo.pl\/<\/a> Last update: October 10, 2025 Table of contents:<\/p>\n

    \n
  1. \u00a71. General provisions and definitions <\/li>\n
  2. \u00a72. Personal Data Administrator <\/li>\n
  3. \u00a73. Purposes, legal basis and data processing period <\/li>\n
  4. \u00a74. Data recipients and data transfer to third countries <\/li>\n
  5. \u00a75. Rights of data subjects <\/li>\n
  6. \u00a76. Cookies and other tracking technologies <\/li>\n
  7. \u00a77. Server logs <\/li>\n
  8. \u00a78. Final provisions <\/li>\n<\/ol>\n

    \u00a71. General provisions and definitions <\/p>\n

      \n
    1. This privacy policy sets out the rules for the processing and protection of personal data provided by Users in connection with their use of the services offered by the online store https:\/\/scoiattolo.pl\/<\/a> (hereinafter referred to as the “Store”).<\/li>\n
    2. This document also describes the rules for the use of cookies and other tracking technologies.<\/li>\n
    3. Definitions: o Administrator \u2013 Barbara Zalisz, conducting a classic business activity entered in the CEIDG under the name Scoiattolo Barbara Zalisz with its registered office at ul. Brunona Kici\u0144skiego 34, 06-400 Ciechan\u00f3w, NIP: 5662029471, REGON: 520745750. o User \u2013 any natural person visiting the Store or using one or more services or functionalities described in this Policy. o Store \u2013 website operated by the Administrator at https:\/\/scoiattolo.pl\/<\/a>. o GDPR \u2013 Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC. <\/li>\n<\/ol>\n

      \u00a72. Personal Data Administrator <\/p>\n

        \n
      1. The controller of your personal data within the meaning of the GDPR is Barbara Zalisz, operating under the name Scoiattolo Barbara Zalisz.<\/li>\n
      2. In matters related to your personal data, you can contact the Administrator via: o E-mail: scoiattolo.biuro@gmail.com<\/a> o Traditional mail: ul. Brunona Kici\u0144skiego 34, 06-400 Ciechan\u00f3w <\/li>\n
      3. The Administrator declares that it processes personal data with due diligence and applies appropriate technical and organizational measures to ensure the protection of the processed data and protects it against unauthorized disclosure, removal by an unauthorized person, processing in violation of the GDPR, and alteration, loss, damage or destruction.<\/li>\n
      4. The Administrator has not appointed a Data Protection Officer (DPO).<\/li>\n<\/ol>\n

        \u00a73. Purposes, Legal Basis, and Data Processing Period: We process your personal data for various purposes, on various legal bases, and for various periods. Detailed information on this topic can be found below. <\/p>\n

          \n
        1. Placing and fulfilling orders: o Purpose of processing: Fulfillment of the sales contract, including order acceptance, shipment of goods, issuance of sales documents (invoice\/receipt), and contact regarding matters related to the order. o Scope of data: First and last name, delivery address, email address, telephone number, billing details (if applicable), Tax Identification Number. o Legal basis: Art. 6 section 1 letter b of the GDPR (necessity to perform the contract). o Retention period: For the time necessary to fulfill the order and until the expiry of the limitation period for civil law claims. Data contained on invoices will be stored for the period required by tax law (i.e. 5 years from the end of the calendar year in which the tax payment deadline expired). <\/li>\n
        2. Creating and maintaining a User account in the Store: o Purpose of processing: Providing an electronic service consisting of maintaining an account, storing order history, and facilitating future purchases. o Scope of data: First and last name, email address, password, address details. o Legal basis: Art. 6, section 1, letter b of the GDPR (necessity for the performance of a service contract). o Retention period: Until the User deletes the account. Deleting an account does not delete data about placed orders, which are stored for archival and tax purposes. <\/li>\n
        3. Complaints and withdrawal handling: o Purpose of processing: Consideration of a complaint or acceptance of a declaration of withdrawal from the contract. o Scope of data: First and last name, email address, correspondence address, bank account number, order details. o Legal basis: Article 6 paragraph 1 letter c of the GDPR (fulfilment of a legal obligation) and Article 6 paragraph 1 letter f of the GDPR (legitimate interest of the Controller \u2013 defense against claims). o Retention period: For the time necessary to complete the complaint or return procedure, and then until the expiry of the warranty period or limitation period for claims. <\/li>\n
        4. Contact by email or contact form: o Purpose of processing: Responding to inquiries and conducting correspondence. o Scope of data: Name, email address, and other data provided voluntarily in the message. o Legal basis: Art. 6 paragraph 1 letter f of the GDPR (legitimate interest of the Controller \u2013 communication with Users). o Retention period: For the time necessary to resolve the matter, and then for archival purposes until the expiry of the limitation period for any claims. <\/li>\n
        5. Newsletter: o Purpose of processing: Sending commercial and marketing information regarding the Controller’s products and services. o Scope of data: E-mail address. o Legal basis: Art. 6 paragraph 1 letter a of the GDPR (User’s consent), which can be withdrawn at any time. o Retention period: Until the User withdraws consent. <\/li>\n
        6. Analytical and statistical purposes: o Purpose of processing: Analysis of website traffic, User preferences and improvement of the Store’s operation. o Scope of data: IP address, location, device type, operating system, demographic data (anonymized data). o Legal basis: Art. 6 sec. 1 letter f GDPR (legitimate interest of the Controller \u2013 Store optimization). o Retention period: In accordance with the policy of the analytical tool provider (e.g. Google Analytics). <\/li>\n
        7. Marketing and remarketing: o Purpose of processing: Targeting personalized ads on social media and advertising networks. o Scope of data: Data collected by cookies and marketing tools (e.g., Meta Pixel). o Legal basis: Art. 6, paragraph 1, letter a, GDPR (User consent). o Retention period: In accordance with the policy of the advertising tool provider. <\/li>\n<\/ol>\n

          \u00a74. Data recipients and data transfer to third countries <\/p>\n

            \n
          1. For the proper functioning of the Store, including the execution of sales agreements, the Administrator uses the services of external entities. Personal data may be transferred to the following categories of recipients: o Hosting provider: SEOHOST Sp. z o.o., ul. Obornicka 330, 60-689 Pozna\u0144, NIP: 9721323212 \u2013 for the purpose of storing data on the server. o Courier and postal companies: InPost, DPD, DHL, Poczta Polska \u2013 for the purpose of delivering the parcel. o Payment operators: PayU, Przelewy24, Stripe, PayPal, Blue Media \u2013 for the purpose of processing payments. o Accounting office: Accounting office (data available upon request) \u2013 for the purpose of fulfilling accounting and tax obligations. o Analytical and marketing tool providers: Google LLC, Meta Platforms, Inc. o Newsletter software provider: GetResponse. o Law firm: “The law firm that serves the company” \u2013 to provide legal assistance if necessary. <\/li>\n
          2. Your personal data may be transferred outside the European Economic Area (EEA), mainly to the USA, in connection with the use of services provided by entities such as Google or Meta.<\/li>\n
          3. The legal basis for data transfer in this case are the Standard Contractual Clauses (SCCs) approved by the European Commission, which ensure an adequate level of data protection in accordance with the GDPR. We do not base data transfers on any Privacy Shield program that has been invalidated.<\/li>\n
          4. You can obtain more information about the security measures applied by writing to: scoiattolo.biuro@gmail.com.<\/a><\/li>\n<\/ol>\n

            \u00a75. Rights of data subjects In connection with the processing of your personal data, you have the following rights:<\/p>\n

              \n
            1. The right to access your data (Article 15 of the GDPR) \u2013 the right to obtain confirmation as to whether we are processing your data and to obtain a copy of it.<\/li>\n
            2. The right to rectification (Article 16 of the GDPR) \u2013 the right to request the correction of incorrect data.<\/li>\n
            3. The right to erasure (“the right to be forgotten”) (Article 17 GDPR) \u2013 you can request the deletion of your data, unless we are legally obliged to continue storing it (e.g. due to tax obligations).<\/li>\n
            4. The right to restrict data processing (Article 18 of the GDPR) \u2013 you can request that we limit the processing of your data only to storing it or performing activities agreed with you.<\/li>\n
            5. Right to object (Article 21 GDPR) \u2013 you may object to the processing of your data based on our legitimate interest. In such a case, we will cease processing your data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms.<\/li>\n
            6. The right to data portability (Article 20 of the GDPR) \u2013 you have the right to receive from us, in a structured, commonly used format, the personal data you have provided to us on the basis of a contract or consent.<\/li>\n
            7. The right to withdraw consent \u2013 \u200b\u200bif processing is based on consent (Article 6(1)(a) of the GDPR), you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.<\/li>\n
            8. The right to lodge a complaint with a supervisory authority \u2013 if you believe that we are processing your data unlawfully, you may lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).<\/li>\n<\/ol>\n

              \u00a76. Cookies and other tracking technologies<\/p>\n

                \n
              1. The store uses cookies. These are small text files stored on your end device (e.g. computer, tablet, smartphone).<\/li>\n
              2. Cookies are used for the following purposes: o Necessary \u2013 for the proper functioning of the Store, handling the shopping cart, the ordering process and maintaining the User’s session. They are necessary and processed on the basis of Art. 6 ust. 1 lit. f RODO. o Functional \u2013 to remember your settings and preferences (e.g. language, region) to make it easier for you to use the Store. Their use requires your consent. o Analytical \u2013 to create anonymous statistics on how the Store is used, which allows us to optimize its operation (e.g. using Google Analytics). Their use requires your consent. o Marketing \u2013 to provide you with personalized advertisements based on your interests and activity (e.g. using the Meta Pixel). Their use requires your consent.<\/li>\n
              3. During your first visit to the Store, a message about the use of cookies is displayed. Using the tool provided, you can manage your consent to specific types of cookies.<\/li>\n
              4. You can also change cookie settings in your web browser. Please remember, however, that disabling necessary cookies may prevent you from using the Store properly.<\/li>\n
              5. More information about cookies can be found at wszystkoociasteczkach.pl.<\/li>\n<\/ol>\n

                \u00a77. Server logs<\/p>\n

                  \n
                1. Using the Store involves sending queries to the server on which the Store is located.<\/li>\n
                2. Each query sent to the server is saved in the server logs, which include, among others: User’s IP address, server date and time, information about the web browser and operating system.<\/li>\n
                3. The data stored in the server logs is not associated with specific people using the website and only serves as auxiliary material for server administration. Their content is not disclosed to anyone except persons authorized to administer the server.<\/li>\n<\/ol>\n

                  \u00a78. Final provisions<\/p>\n

                    \n
                  1. The Administrator reserves the right to make changes to this Privacy Policy. Changes may be dictated by technological developments, changes in the law or the development of the Store.<\/li>\n
                  2. Users will be informed of any changes in a visible and understandable manner.<\/li>\n
                  3. This Privacy Policy is effective from October 10, 2025.<\/li>\n<\/ol>\n

                    Additional information about providers and transfers (informative): \u2022 Hosting provider details: SEOHOST Sp. z o.o., ul. Obornicka 330, 60-689 Pozna\u0144, NIP: 9721323212. \u2022 Cloud Provider Data: Data about the entity providing the cloud computing service (e.g. Dropbox International Unlimited Company, One Park Place Floor 5 Upper Hatch Street, Dublin 2 or Dropbox, Inc., San Francisco, California). \u2022 Law firm details: “Law firm that serves the company”. \u2022 G\u2011Suite Provider Data: Google G\u2011Suite provider data (e.g. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). \u2022 Link Privacy Shield Google: https:\/\/www.privacyshield.gov\/participant?id=a2zt000000001L5AAI.<\/a> \u2022 Link Privacy Shield Dropbox: https:\/\/www.privacyshield.gov\/participant?id=a2zt0000000GnCLAA0<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

                    Privacy and Cookie Policy of the Online Store https:\/\/scoiattolo.pl\/ Last update: October 10, 2025 Table of contents: \u00a71. General provisions and definitions \u00a72. Personal Data Administrator \u00a73. Purposes, legal basis and data processing period \u00a74. Data recipients and data transfer to third countries \u00a75. Rights of data subjects \u00a76. Cookies and other tracking technologies \u00a77. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"class_list":["post-370","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/pages\/370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/comments?post=370"}],"version-history":[{"count":0,"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/pages\/370\/revisions"}],"wp:attachment":[{"href":"https:\/\/scoiattolo.pl\/en\/wp-json\/wp\/v2\/media?parent=370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}