Privacy policy

Privacy Policy

Introductory issues

1. This Privacy Policy is effective as of May 25, 2018. The provisions of the Privacy Policy have been adapted to the requirements of the Regulation of the European Parliament and of the Council (EU) 2016/672 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC and national regulations.

Glossary

1. For the purposes of this document:

1. “Personal Data Administrator ‘ means UNIQUE spółka z ograniczoną odpowiedzialnością with its registered office in Warszawska 53, 05-300, post office Minsk Mazowiecki, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, XIV Economic Department - National Court Register under the number: 0000607934, NIP 8222352962, REGON 363981100, (hereinafter also as ’Store”);
2. “personal data ‘ means information about an identified or identifiable natural person (’data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular on the basis of an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
3. means a natural person with full or limited legal capacity, a legal person or an organizational unit without legal personality but with legal capacity, placing an order on the Store www.unique-meble.pl;
4. "Personal data breach ” means a breach of security leading to the accidental or unlawful destruction, loss, modification, unauthorized disclosure of or unauthorized access to personal data transmitted, stored or otherwise processed;
5. means a natural or legal person, public authority, entity or other entity to which personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the context of a specific proceeding in accordance with Union law or the law of a Member State are not considered recipients; the processing of such data by these public authorities must comply with the data protection laws applicable according to the purposes of the processing;
6. "restriction of processing ” means the marking of stored personal data for the purpose of restricting its future processing;
7. “supervisory authority” means the independent public authority established by a Member State pursuant to Article 51 of the Ordinance, which is the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw, Poland;
8. "processor ” means a natural or legal person, public authority, entity or other entity that processes personal data on behalf of the controller;
9. "data confidentiality ” means the property that ensures that data are not made available to unauthorized entities;
10. means an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collection, recording, organizing, structuring, storing, adapting or modifying, retrieving, viewing, using, disclosing by transmission, dissemination or otherwise making available, matching or linking, limiting, erasing or destroying;
11. “Regulation” means Regulation 2016/679 of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: “RODO”);
12. “Law” means the Law of May 10, 2018 on the Protection of Personal Data;
13. “data erasure ‘ means the destruction of personal data or such modification of personal data that does not allow the identification of the data subject (’anonymization”);
14. means an action whose purpose is to verify the declared identity of the subject;
15. "consent of the data subject ” means a voluntary, specific, informed and unambiguous demonstration of will by which the data subject, in the form of a statement or explicit affirmative action, consents to the processing of personal data concerning him or her.

Personal Data Administrator. Aims, scope and basis of processing

1. The Administrator of the Personal Data of the Customers of the online store www.unique-meble.pl is UNIQUE spółka z ograniczoną odpowiedzialnością with its seat in Warszawska 53 Street, 05-300, post office Mińsk Mazowiecki, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw, XIV Economic Department - National Court Register under the number: 0000607934, NIP 8222352962, REGON 363981100.
2. Contact with the Personal Data Administrator on any matter related to the protection of the Customer's personal data is possible via email: info@unique-meble.pl with the note “Personal Data” or by phone at: +48257587811
3. The Customer's personal data are processed solely for the purpose of the Customer's contact with the Personal Data Administrator and further correspondence. The data are collected through the contact form located on the Store's website.
4. The basis of data processing for the Customer's contact with the Personal Data Administrator via the contact form is Article 6(1)(a) of the Regulation, i.e. expressed consent. Provision of personal data by the Customer is a prerequisite for making contact with him/her electronically or by telephone. Failure to provide personal data by the Customer and failure to give consent to their processing will prevent the realization of contact.
5. The basis for processing personal data for marketing and promotional purposes is the Customer's voluntary consent, collected in accordance with the provisions of the Act of 18 July 2002 on the provision of electronic services and the Act of 16 July 2004 - Telecommunications Law. The Customer's consent to receive commercial and marketing information is not required to process the order.
6. The Personal Data Administrator processes the following personal data of the Customer:
   1. first and last name;
   2. address
   3. e-mail address;
   4. contact telephone number.

Information clauses

1. Whenever a Customer consents to the Store's processing of his or her personal data, such consent is given voluntarily and may be withdrawn at any time. Withdrawal of the expressed consent does not affect the legality of the processing, which was performed on the basis of the consent expressed by the Customer before its withdrawal.
2. The Customer has the right to request access to his/her personal data, he/she is entitled to obtain from the Store confirmation of their processing and information regarding: the purpose of processing, the categories of data processed by the Store, information about the recipients or categories of recipients to whom the data have been or will be disclosed, the planned period of data processing, the Customer's rights regarding the processing and protection of the processing of his/her personal data. The Store will provide a copy of the personal data subject to processing at the request of the Customer.
3. The Customer has the right to request the Personal Data Administrator to promptly rectify data concerning him/her that is incorrect and to request the completion of incomplete data, including by providing an additional statement.
4. The Customer has the right to delete his/her data (“right to be forgotten”), and the Personal Data Administrator is obliged to delete it immediately if:
   • the Customer's personal data are no longer necessary for the purposes for which they were collected,
   • The Customer has withdrawn the consent on the basis of which the processing of his/her data is based,
   • The Client has objected to the processing of personal data concerning him/her,
   • the Customer's personal data is processed unlawfully,
   • deletion of the Customer's personal data is required in order to comply with a legal obligation under the law,

the above does not apply if the processing of the Customer's personal data is necessary to establish, assert or defend claims and fulfill the obligations of the Personal Data Administrator under the provisions of the Regulation and national legislation. In particular, the Personal Data Administrator may refuse to delete personal data if the Customer has not paid all amounts due to the Personal Data Administrator or has violated obligations under applicable laws, and the Customer's personal data is necessary for the Personal Data Administrator to clarify these circumstances and establish the Customer's liability.

1. The Customer has the right to restrict the processing of his/her personal data in cases where the Customer questions the correctness of the processed data, the processing is unlawful and the Customer objects to the deletion of the data, the Personal Data Administrator no longer needs the Customer's data, however the data are needed by the Customer to establish, assert or defend claims, and where the User has objected to the processing.
2. The Customer has the right to object at any time to the processing of personal data concerning the Customer, and the Personal Data Administrator is no longer allowed to process the Customer's personal data unless the Customer demonstrates a valid legitimate basis for further processing.
3. The Customer also has the right to data portability, in which case the Personal Data Administrator is obliged to make the data available to the Customer in a structured, commonly used machine-readable format. The Customer has the right to send the data thus obtained to another entity without hindrance from the Personal Data Administrator in accordance with the terms of the Regulation.
4. The Customer's personal data will be processed by the Personal Data Administrator for the period required to complete the undertaken contact, and for the period required to assert possible claims - with the Personal Data Administrator processing only those data which are necessary for the mentioned purpose. Exceptions to the above-mentioned period are described in paragraph 12.
5. The Customer has the right to file a complaint to the supervisory authority: President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw, in case of any violation of personal data protection by the Personal Data Administrator or processing of the Customer's data contrary to the regulations on personal data protection.
6. The Personal Data Administrator ensures that he/she makes every effort to ensure that the processing of personal data by him/her is carried out with the greatest respect for the privacy of the persons whose data are processed and with the utmost care for the security of the processed personal data and, in particular, ensures that he/she has taken all legally prescribed physical, ICT and organizational protection measures aimed at securing personal data sets, which are described in detail in the Personal Data Administrator's implemented: Personal Data Protection Policy and IT System Management Manual. The physical, ICT and organizational measures applied by the Personal Data Administrator to ensure the protection of the processed personal data appropriate to the risks and categories of data under protection, and in particular protects the data from being disclosed to unauthorized persons, from being taken by an unauthorized person, from being processed in violation of the Regulation, and from being altered, lost, damaged or destroyed.

Sharing of Customers' personal data

1. The Personal Data Administrator has the right to share the Customer's personal data, without the Customer's consent, only with entities authorized under specific legislation (e.g. courts, law enforcement agencies).
2. The Store does not share Customer's personal data with other entities, with the exception of entities performing postal and shipping services on behalf of the Store, or other services necessary for order processing, to the extent necessary for order processing.

Customer's responsibility

1. The customer is responsible for the accuracy and compliance with the facts of the personal data provided.