- Administrator – Positive Prints Sp. z o.o. (LLC) with its registered office in Warsaw, ul. Puławska 145, (post code 02-715), entered into the Register of Entrepreneurs of the National Court Register kept by The District Court for the Capital City of Warsaw in Warsaw, XIII Economic Department of The National Court Register, under the number KRS: 0000839033 (National Court Register Number), NIP: 9512500986 (Taxpayer Identification Number), REGON: 38597711 (National Business Registry Number).
- Website – Website available at http://positiveprints.com, under which the online store is available.
- User – anyone who browses through the content of the website.
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
§2. Personal Data
- According to GDPR, the administrator of the User’s personal data is the Administrator.
- The User may share their personal data with the Administrator by using the forms available on the website and the store, as well as online message applications and social media accounts.
- The lawful basis for the processing of Users’ personal data may be voluntary, specific, conscious and unambiguous consent given by the User through the applicable form on the website. Personal data may also be processed in cases where the Administrator is authorized to process personal data on the lawful basis or for the purpose of implementing the contract concluded between the parties, as well as on the basis of a legitimate interest implemented by the Administrator. Especially:
a. [ORDER FORM]
Personal data provided by the User to the Administrator as a part of the order form available in the Online Store is processed to execute the contract concluded through the Store. The legal basis for the processing is the contract and the actions undertaken at the request of the data subject before the performance of the contract (Article 6, paragraph 1(B) GDPR). Providing personal data by the User is voluntary, however, it is necessary in order for the User to conclude a contract with the Administrator. Data will be processed during the execution of the order. After completing the order, the Administrator will process personal data in order to fulfill the statutory obligations of the Administrator, e.g. tax, accounting or the obligation to consider the complaint (Article 6, paragraph 1(C) GDPR).The Administrator will process the data for a period of 5 years from the end of the tax year in which the sale took place. The Administrator will also process the data mentioned above, in case of any claims, based on the legitimate interest of the Administrator (Article 6, paragraph 1(F) GDPR), until the expiry of the limitation period for civil law claims.
b. [NEWSLETTER SUBSCRIPTION FORM]
Personal data provided to the Administrator by the User as a part of the newsletter subscription form is processed in order to send the User the newsletter containing information about products, news and special offers. Providing personal data by the User is voluntary, however, it is necessary in order for the User to subscribe and receive a newsletter. In this case data processing takes place only with the User consent (Article 6, paragraph 1(A) GDPR), which the User can give in the newsletter subscription form and may withdraw it at any time. The above mentioned data will be processed until the Administrator stops sending the newsletter or until the withdrawal of the consent by the User.
c. [CONTACT FORM]
Personal data provided to the Administrator by the User as a part of the contact form or in an email sent to the Administrator’s address provided on the Website is processed in order to answer the query sent. Providing personal data by the User is voluntary, however, it is necessary for the user to receive a response. In this case, data processing is based on a legitimate interest pursued by the Administrator (Article 6, paragraph 1(F) GDPR). The data mentioned will be processed until the end of the correspondence and also until the expiry of the limitation period for civil law claims.
d. [FEEDBACK FORM]
Personal data provided to the Administrator by the User as a part of the feedback form is processed to display the User’s feedback on the Website. Providing personal data by the User is voluntary, however, it is necessary in order for the user to provide the feedback. In this case, data processing is based on the User’s consent (Article 6, paragraph 1(A) GDPR). The data mentioned above will be processed as long as the Website will exist or until the withdrawal of the consent by the User.
e. [COMPETITION ENTRY FORM]
Personal data provided to the Administrator by the User as a part of the competition entry form is processed in order to ensure the possibility of taking part in the competition, as well as fulfilling the obligations arising from the public procurement , which is the competition, and specified in the competition regulations. Providing personal data is voluntary, however, it is necessary in order for the user to take part in the competition. In this case, data processing is based on legitimate interests of the Administrator (Article 6, paragraph 1(F) GDPR). The mentioned data will be processed for the whole time necessary to run the competition and select the winners, as well as until the expiry of the limitation period for civil law claims.
f. [SAVE MY DESIGN]
Personal data provided to the Administrator by the User as a part of the SAVE MY DESIGN service is processed to give User the access to the project created by them, by using editor available on the Website. The access will be available for a period of 30 days after of using the service. Providing personal data by the User is voluntary, however, it is necessary in order for the User to use the service. In this case, data processing is based on the User’s consent (Article 6 , paragraph 1(A) GDPR). The data mentioned will be processed for 30 days or until the User withdraws the consent.
- The Administrator may share personal data to third parties, with the help of which he achieves the goals indicated in previous points (e.g. to companies providing hosting services, payment service providers, printing houses that print orders made by the User, Call Center, external Marketplace portals, accounting company , shipping companies, a company providing an email application).
- User’s personal data may be disclosed to competent public authority if applicable law requires it.
- User’s personal data will not be shared with the recipients from third countries or international organizations that do not provide an adequate degree of protection. The suitable degree of protection must be confirmed by the appropriate decision of the European Commission or another binding legal instrument.
- The Administrator guarantees the confidentiality of all personal data provided to them
- Personal data is collected with due diligence and properly protected against access by unauthorized persons. Data processing takes place in accordance with conditions specified in:
a. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC,
b. The Act of July 18, 2002 on Providing Services by Electronic Means,
c. The Act of 10 May, 2018 on the Protection of Personal Data.
§3. User Rights
- The User has the rights related to the processing of their personal data including
- The right of access the data
- The right to rectification
- The right to restriction of processing
- The right to object
- The right to erasure (‘right to be forgotten’)
- The right to data portability
- The right to lodge a complaint with a supervisory authority in relation to the processing of personal data by the Administrator
- The User has the right to withdraw their consent at any time if the user has previously consented.
- In order to execute their rights, the User should direct an adequate request to: [email protected]
§4. Cookies and Other Information
1. The User’s data is automatically collected while the User is browning through the Website. These data include i.e. IP address, domain name, type of browser, and type of operating system. The data might be collected by cookies and may also be saved in the server log files.
2. Cookies are files sent to a computer or other devices (e.g. laptop, smartphone, tablet) of the user and saved there when browsing the Website. Cookies remember the User’s preferences and browsing behaviors, which allows to improve the quality of services provided, improve search results and accuracy of displayed information, including advertising, and anonymous tracking of the User preferences. The current list of cookies used on the Website is available in the cookie tab shared on the Website.
3. The User can give consent and accept cookies through the cookie tab available on the Website. It can also be done by using the browser settings installed on the User’s device. The User can withdraw their consent at any time or change its scope in the same way.
4. The User may also delete existing cookies from their device by using the appropriate browser functions, programs designed for this purpose or tools available as part of the operating system used by the User.
5. Data saved in the server log files or by using cookies is not linked by the Administrator to the particular Website Users and is not used by the Administrator to identify the User. Server log files are used to manage the Website. Their content is not disclosed to anyone but people authorized to manage the server.
6. The Website uses technologies to anonymously register actions undertaken by the User while using the Website. These include:
a. Google Analytics – used to analyze Website statistics,
b. Facebook Pixel – used to manage and optimize advertisements on Facebook.
The full list of third-party cookies is available in cookie settings.
The data obtained by these tools will not be linked by the Administrator to the particular Website Users in any way and is not used by the Administrator to identify the User without their consent. However, it should be borne in mind that this data is processed by the parties providing the technologies mentioned above and can combine them with the User’s data, which these parties collected from other sources.
§5. Purpose of Data Usage
2. The Administrator uses the data listed in the previous point for:
a. proper functioning, configuration, Website safety,
b. User authentication in relation to their use of the store’s services and maintaining the User’s session after logging in,
c. analyses, research and audit of Website views,
d. as well as for statistical and marketing purposes.
§6. Final Provisions
1. There might be changes made in this document in the future, influenced by the development of internet technology, changes in the law in the field of personal data protection and the development of our Website and Store. All changes will be communicated to the Users in a timely, visible and understandable manner.