OF THE EXTREMEHOBBY.COM WEBSITE
1. For the owner of this website, the protection of Users' personal data is of utmost importance. He makes every effort to ensure that Users feel safe when entrusting their personal data when using the website.
2. The user is a natural person, legal person or an organizational unit without legal personality, to which the law grants legal capacity, using electronic services available on the website.
4. The administrator uses the most modern technical measures and organizational solutions, ensuring a high level of protection of personal data being processed and protection against unauthorized access.
I. PERSONAL DATA ADMINISTRATOR
The administrator of personal data is Extreme Hobby Polska sp.z o.o. with headquarters at: ul. Szkolna 90, 62-002 Suchy Las, entered into the Register of Entrepreneurs kept by the District Court in POZNAN - NEW TOWN AND WILDA IN POZNAŃ, VIII Commercial Division, under the number KRS: 0000918609, NIP: 7792393590 (hereinafter referred to as: "Owner").
II. PURPOSE OF PROCESSING PERSONAL DATA
1. The Administrator processes the User's personal data in order to:
a. sell products
2. This means that these data are needed in particular for
a.registering on the website;
b. conclusion of the contract;
c. making settlements;
d. delivery of goods ordered by the User or performance of services;
e. use by the User of all consumer rights (e.g. withdrawal from the contract, warranty).
3. The user may also consent to receive information about novelties and promotions, as well as receiving and servicing the Newsletter as part of participation in EXTREME HOBBY CLUB, which will cause the administrator to process personal data in order to send commercial information to the User, regarding, among others, new products or services, promotions or sales.
4. Personal data is also processed as part of the fulfillment of legal obligations incumbent on the data controller and the performance of tasks, in the public interest, including to perform tasks related to security and defense or the storage of tax documentation.
5. Personal data may also be processed for the purposes of direct marketing of products, securing and pursuing claims or protection against claims of the User or a third party, as well as marketing of services and products of third parties or own marketing, which is not direct marketing.
III. DATA TYPE
1. The administrator processes the following personal data, the provision of which is necessary for:
a.registering on the website:
- first name and last name;
- e-mail address;
b. making purchases via the website:
- first name and last name;
- delivery address;
- Phone number;
- e-mail address;
c. Data provided by the User optionally:
- NIP number (in the case of a request to issue an invoice for an entrepreneur);
- data needed to participate in EXTREME HOBBY CLUB, i.e.: name, last name, and e-mail address;
2. In the event of withdrawal from the contract or acceptance of the complaint, when the refund is made directly to the User's bank account, in order to refund the amount due, we also process information regarding the bank account number.
IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
1. Personal data are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1-88, hereinafter: "GDPR Regulation".
2. The administrator processes personal data only after prior consent of the User, expressed at the time of registration on the website, to be completed in a form entitling to participate in EXTREME HOBBY CLUB and
receiving the Newsletter or at the time of confirmation made on the website during online transaction.
3. Expressing consent to the processing of personal data is completely voluntary, however, failure to grant it makes it impossible to register on the website and make purchases via the website.
V. USER RIGHTS
1. The user may at any time request the administrator to provide information on the scope of personal data processing.
2. The User may at any time request the correction or rectification of his personal data. The user can also do it himself, after logging into his account.
3. The User may withdraw his consent to the processing of his personal data at any time, without giving any reason. The request not to process data may refer to a specific processing purpose indicated by the User, e.g. withdrawal of the consent requests to receive commercial information, or relate to all purposes of data processing. Withdrawal of consent for all processing purposes will cause the User's account to be removed from the website, along with all the User's personal data previously processed by the administrator. Withdrawal of consent will not affect the activities already performed.
4. The user may at any time request, without giving any reason, removing his data. The request to delete the data will not affect the activities performed so far. The deletion of data means the simultaneous deletion of the User's account, along with all personal data saved and processed so far by the administrator.
5. The User may at any time object to the processing of personal data, both in terms of all the User's personal data processed by the administrator, as well as only to a limited extent, e.g. as regards the processing of data for a specific purpose. The objection will not affect the activities performed so far. The objection will result in deletion of the User's account, along with all personal data stored and processed so far by the administrator.
6. The user may request the limitation of the processing of personal data, either for a specified period or without a time limit, but within a specified scope, which the administrator will be obliged to fulfill. This request will not affect the activities performed so far.
7. The User may request the administrator to transfer the processed personal data of the User to another entity. For this purpose, he should write a request to the administrator, indicating to which entity (name, address) the User's personal data should be provided and what specific data the User would like the administrator to provide. After the User confirms his request, the administrator will provide the selected entity with the User's personal data in electronic form. The User's confirmation of the request is necessary due to the security of the User's personal data and ensuring that the request comes from an authorized person.
8. The administrator informs the User about the actions taken, within one month of receiving one of the requests mentioned in the previous points.
VI. PERIOD OF STORAGE OF PERSONAL DATA
1. In principle, personal data is only kept for as long as necessary to fulfill the contractual or statutory obligations for which it was collected. These data will be deleted immediately, when their storage is not necessary for evidence purposes, in accordance with civil law, or in connection with a statutory obligation to store data.
2. Information regarding the contract is stored for evidence purposes for a period of three years, starting from the end of the year in which the business relationship with the User was terminated. The data will be deleted after the statutory limitation period for pursuing contractual claims has expired.
3. In addition, the administrator may keep archival information regarding concluded transactions, when their storage is related to the User's claims, e.g. under warranty.
4. If no contract has been concluded between the User and the Owner, the User's personal data is stored until the User's account is deleted from the website. The account may be deleted as a result of the User's request, withdrawal of consent to the processing of personal data, or objection to the processing of such data.
VII. ENTRUSTING THE PROCESSING OF DATA TO OTHER ENTITIES
1. The administrator may entrust the processing of personal data to entities cooperating with the administrator, to the extent necessary for the implementation of the transaction, e.g. to prepare the ordered goods and deliver shipments or provide commercial information (the latter applies to Users who have agreed to receive commercial information).
3. Personal data of website users are not transferred outside the European Union.
2. Cookies are pieces of information that contain a unique reference code that is linked to the website, sent to the User's device in order to store and track information about the device used. Usually, they do not allow the identification of the User. Their main task is to personalise the website for the User.
3. Some of the cookies that appear on the website are available only for the duration of the given internet session and expire after closing the browser. Other cookies are used to remember the User and recognize him after returning to the website. They are retained for a long time.
4. The cookies used on this website are:
PHPSESSID: deleted after closing the browser
PrestaShop: removed after 6 months
hjSessionUser: removed after 12 months
ajs_anonymous_id: removed after 12 months
ajs_user_id: removed after 12 months
categoryListing: deleted after 12 months
tripleedit: removed after 12 months
_dc_gtm: removed after 2 hours
_fbp: removed after 6 months
_ga: removed after 3 hours
_gcl_au: removed after 6 months
_gid: removed after 3 hours
cookie_ue: deleted after 12 months
5. All cookies that appear on the website are set by the administrator.
6. All cookies used by this website are compliant with the applicable European Union law.
7. Most Users and some mobile browsers automatically accept cookies. If the User does not change the settings, cookies will be saved in the device's memory.
8. The user may change the preferences regarding the acceptance of cookies or change the browser in order to be able to receive an appropriate notification each time the cookie function is set. To change the cookie acceptance settings, you must adjust the settings in your browser.
9. It is worth remembering that blocking or deleting cookies may affect the full use of the website.
10. Cookies will be used for the necessary session management, including:
a. Creating a special login session for the User of the website so that the website remembers that the User is logged in and that his requests are delivered in an efficient, secure and consistent manner;
b. Recognizing a User who has previously visited the website, which allows identifying the number of unique users who have used the website and makes it possible to ensure that the website has sufficient capacity for the number of new users;
c. Identifying whether a website visitor is registered on the website;
d. Registering information from the User's device, including cookies, IP address and information about the browser used, in order to diagnose problems, administer and track the use of the website;
e. Customizing the layout elements of the website layout or content;
f. Collecting statistical information on how the User uses the website in order to improve the website and determine which areas of the website are the most popular for Users.
When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires, or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of consent
- Your anonymised IP address
- Information about your Browser
- Information about your Device
- The date and time you have visited our website
- The webpage URL where you saved or updated your consent preferences
- The approximate location of the user who saved their consent preference
- A universally unique identifier (UUID) of the website visitor that clicked the cookie banner