Privacy policy

1. GENERAL PROVISIONS

1.1. Data Controller and Legal Basis

The controller of personal data collected through the Online Store is Tomasz Winnicki, conducting business under the name Tomasz Winnicki, with its registered office at ul. Jagodowa 22/10, 55-080 Krzeptów, Poland, entered into the Central Registration and Information on Business (CEIDG), Tax Identification Number (NIP): 7642633147, National Official Business Register (REGON): 521676501, email address: legendary.cheetah.contact@gmail.com - hereinafter referred to as the "Controller," who is also the Service Provider of the Online Store and the Seller.

This data is processed in accordance with data protection regulations, including the General Data Protection Regulation (GDPR), for the following purposes:

  • Performance of a contract and delivery of an order (Article 6(1)(b) of the GDPR) – the following data is used: first name, last name, email address, phone number, residential or business address. Providing this data is voluntary but necessary for the performance of the contract and delivery of the order.
  • Handling potential complaints (Article 6(1)(f) of the GDPR – legitimate interest) – the following data is used: first name, last name, and contact details (email or postal address). Providing this data is voluntary but necessary to process a complaint.
  • Informing about available advice, articles, as well as news, promotions, and sales via email (newsletter) or phone (Article 6(1)(a) of the GDPR) – with the consent of the interested person, their email address or phone number is used. Providing this data is voluntary.

An interested person may at any time unsubscribe from the newsletter or phone notifications, in particular by:

  • Using the unsubscribe link located in the footer of the newsletter.
  • Sending a notification to the email address: legendary.cheetah.contact@gmail.com

Data Retention Periods:

  • Personal data used for the performance of a contract and delivery of an order will be stored for the period necessary to fulfill the order and any related claims, as well as for the period required by accounting regulations.
  • Personal data used to handle complaints will be stored for the period necessary to process the complaint.
  • Personal data used for informing about our offer will be stored until the interested person withdraws their consent.

Personal data is not shared with other entities for their marketing purposes. Users' personal data is transferred to third parties only when permitted by law, including for purposes related to the performance of a contract or billing, or with the user's prior consent. For example, as part of order processing, our collaborating service providers (e.g., carrier, logistics company, banks) receive the necessary data to fulfill the order and the commission. The data provided in this way may be used by the service providers solely for the purpose of performing their tasks.

In the case of transferring personal data to third countries (outside the European Economic Area), the transfer is carried out in accordance with the GDPR, in particular on the basis of Standard Contractual Clauses approved by the European Commission or adequacy decisions.

Every Customer has the right to submit a request to Tomasz Winnicki, with its registered office at ul. Jagodowa 22/10, 55-080 Krzeptów, Poland, regarding:

  • access to their personal data, its rectification, erasure, or restriction of processing;
  • objecting to the processing of personal data;
  • portability of personal data.

For matters concerning personal data protection, you can contact us via the dedicated email address: legendary.cheetah.contact@gmail.com

Furthermore, every Customer has the right to file a complaint with the President of the Personal Data Protection Office (PUODO) if they find that Tomasz Winnicki, with its registered office at ul. Jagodowa 22/10, 55-080 Krzeptów, Poland, is violating personal data protection regulations.

1.2. Legal Framework

The Service User's (Customer's) personal data is processed in accordance with the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000, as amended), the Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws No. 144, item 1204, as amended), and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L 119, p. 1).

1.3. Data Processing Principles

The Controller takes special care to protect the interests of data subjects and, in particular, ensures that the data collected by him is: processed lawfully; collected for specified, lawful purposes and not subjected to further processing incompatible with those purposes; factually correct and adequate in relation to the purposes for which it is processed; and stored in a form that permits identification of the persons concerned for no longer than is necessary to achieve the purpose of the processing.

1.4. Definitions

All words, expressions, and acronyms appearing on this page and beginning with a capital letter (e.g., Seller, Online Store) should be understood in accordance with their definition contained in the Terms and Conditions of the Online Store available at: Terms and Conditions.

2. PURPOSE AND SCOPE OF DATA COLLECTION

2.1. Purpose of Data Collection

2.1.1. The purpose of collecting personal data by the Controller is to establish, shape, amend, perform, or terminate the contractual relationship between the Service Provider (Seller) and the Service User (Customer), consisting of providing electronic services through the Online Store or concluding and performing a Sales Agreement and delivering it to the Customer.

2.2. Data Sharing with Carriers

In the case of Customers who use the service of Product delivery to the Customer, the Controller transfers the collected personal data of the Customers to the selected carrier to the extent necessary to make the delivery.

2.3. Post-Sale Survey

As part of the performance of the contract with the Buyer, the Store is authorized to send an invitation to complete a post-sale survey to the Buyer's email address. The survey is used to research opinions about the transaction. The Buyer may voluntarily complete the survey. The invitation is sent only with the prior consent of the Buyer, expressed during the ordering process or in the account settings.

2.4. Scope of Processed Data

The Controller processes the following personal data of Service Users (Customers): first name and last name; email address; contact phone number; address (street, house number, apartment number, postal code, city, country). In the case of Service Users (Customers) who are not consumers, the Controller additionally processes the company name and Tax Identification Number (NIP).

2.5. Necessity of Data Provision

Providing the personal data mentioned in point 2.4 is necessary for the Service Provider to provide electronic services within the Online Store or to conclude a Sales Agreement. The scope of required data is also indicated each time in the Terms and Conditions of the Online Store and before the commencement of a specific electronic service or the conclusion of a Sales Agreement on the Online Store's website.

3. COOKIES AND OPERATIONAL DATA

3.1. What Are Cookies?

Cookies are small text files sent by a server and saved on the side of the user visiting the Online Store's website (e.g., on the hard drive of a computer, laptop, or on a smartphone's memory card – depending on the device you use to visit our Online Store). The user consents to the use of cookies through the cookie banner that appears during the first visit to the Online Store's website. Consent can be withdrawn at any time by changing browser settings or in the cookie banner.

3.2. Purpose of Using Cookies

The Service Provider processes the data contained in Cookies when visitors use the Online Store's website for the following purposes:

  • Identifying Service Users as logged in to the Online Store and showing that they are logged in;
  • Remembering Products added to the cart to place an Order;
  • Remembering data from filled-in Order Forms, surveys, or login data for the Online Store;
  • Customizing the content of the Online Store's website to the individual preferences of the Service User (e.g., regarding colors, font size, page layout) and optimizing the use of the Online Store's pages.

3.3. Managing Cookies

By default, most web browsers available on the market accept the saving of Cookies. You have the option to determine the conditions for using Cookies through your own web browser's settings. This means you can, for example, partially limit (e.g., temporarily) or completely disable the ability to save Cookies on your computer – in the latter case, however, this may affect some functionalities of the Online Store (for example, it may be impossible to go through the Order path via the Order Form).

3.4. Browser Settings and Consent

Your web browser's settings regarding Cookies are important from the point of view of consent to the use of Cookies by our Online Store – according to regulations, such consent can also be expressed through the web browser's settings.

3.5. Further Information

Detailed information on changing Cookie settings and their self-deletion in the most popular web browsers is available in the help section of the web browser.

3.6. Operational Data (Logs)

The Service Provider also collects operational data (so-called logs – IP address, domain), which are stored for an indefinite period and used to generate statistics helpful in administering the Online Store. This data is aggregate and anonymous, i.e., it does not contain features identifying persons visiting the Online Store's website. Logs are not disclosed to third parties.

4. LEGAL BASIS FOR DATA PROCESSING

4.1. Voluntary Provision of Data

Providing personal data by the Service User/Customer is voluntary, although failure to provide the personal data indicated in the Terms and Conditions necessary to conclude a Sales Agreement or an agreement for the provision of an Electronic Service results in the refusal to conclude that agreement. The data necessary to conclude a Sales Agreement or an agreement for the provision of an Electronic Service is also indicated each time on the website of the Online Store.

4.2. Basis for Processing

The basis for processing the personal data of the Service User/Customer is the necessity to perform a contract to which the Service User/Customer is a party or to take action at their request before its conclusion. In the case of data processing for the purpose of direct marketing of the Controller's own products or services, the basis for such processing is additionally the consent of the Service User/Customer.

5. RIGHT TO CONTROL, ACCESS, AND RECTIFY YOUR DATA

5.1. Right of Access and Rectification

The Service User has the right to access the content of their personal data and to rectify it.

5.2. Right to Control Processing

Every person has the right to control the processing of data concerning them, contained in the Controller's data set, and in particular the right to: demand the completion, updating, or rectification of personal data, temporary or permanent suspension of its processing, or its deletion if it is incomplete, outdated, untrue, or has been collected in violation of the law, or is no longer necessary for the purpose for which it was collected.

5.3. Right to Object

In the case of data processing for the purpose of direct marketing of the Controller's own products or services, the data subject is also entitled to submit a written, motivated request to cease processing their data due to their particular situation and to object to the processing of their data.

5.4. Exercising Your Rights

To exercise the rights mentioned above, you can use the options within your Account or by sending an appropriate message by e-mail to the address: legendary.cheetah.contact@gmail.com or in writing to the Controller's address.

6. FINAL PROVISIONS

6.1. Links to Other Websites

The Online Store may contain links to other websites. The Controller encourages you to read the privacy policy established there after switching to other sites. This privacy policy applies only to this Online Store.

6.2. Security Measures

The Controller applies technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular, secures the data against its disclosure to unauthorized persons, seizure by an unauthorized person, processing in violation of applicable regulations, and change, loss, damage, or destruction.

6.3. Technical Safeguards

The Service Provider provides the following technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically:

  • 6.3.1. Securing the data set against unauthorized access.
  • 6.3.2. GeoTrust Inc. SSL Certificate. Furthermore, our websites and other systems are secured through ongoing technical and organizational measures against loss, destruction, access, modification, or distribution of user data by unauthorized persons.
  • 6.3.3. Access to the Account only after providing an individual login and password.
  • 6.3.4. Web Analysis.
    To constantly optimize and improve our offer, we use so-called tracking technologies. For this purpose, we use the services of Google Analytics.

    This website uses the web analytics tool Google (GA4) from Google Inc. (www.google.com). Analytics uses methods that allow for an analysis of the user's use of the website, for example, cookies, which are text files saved on the user's computer. The information generated in this way regarding visits to this website is usually transferred to a Google server in the USA and stored there. If IP anonymization is activated on this site, the user's IP address is shortened by Google before being transmitted within the member states of the European Union or other signatory states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. The anonymized IP address transmitted by the user's browser as part of Google Analytics is not combined with other Google data.

    Retargeting and data collection by third parties for banner advertising purposes

    We also use the data collected during the user's visit to display so-called banner advertising. These are advertisements that redirect to third-party websites. This advertising mostly uses cookies or pixels. Our goal is to develop an advertising offer that will be attractive and useful to the user, so as part of banner advertising, the user may see primarily products that they have already viewed on our site or products similar to those previously viewed (so-called retargeting). In banner advertising, we only use pseudonymized data; direct information about the user (e.g., name or email address) is not saved in cookies.

    Our websites use so-called retargeting technology. We use this technology to be able to offer users a more attractive internet offer. It allows users who have been interested in our store and our products to be shown relevant advertising on our partners' websites. We are convinced that displaying personalized, interest-related advertising is generally more attractive to the user than advertising that does not have such an individual connection. The display of these advertising materials on our partners' sites is based on cookie technology and an analysis of the user's previous behavior. This form of advertising is carried out completely anonymously.

    When using our website, cookies are used to collect, save, and use data about the user's behavior. In addition, user data contained in cookies is stored after the end of the browser session and, for example, used during the next visit to the website.

    As part of retargeting and banner advertising, we use the services of third parties who use cookies on our site. These are the following companies: