Short version – the most important information
At www.eu.samarite.eu we care about the privacy of our customers. We have prepared a short version of the most important regulations related to privacy protection.
- By creating a user account in the store, placing an order, submitting a complaint, withdrawing from the contract or simply contacting us, you provide us with your personal data and we guarantee that your data will remain confidential, secure and will not be made available to any third parties without your explicit consent.
- We entrust the processing of personal data only to verified and trusted entities providing services related to the processing of personal data.
- We use Google Analytics, which collects information about page visits, such as subpages that have been visited, time spent on the website, and transitions between individual subpages. For this purpose, Google LLC cookies are used for the Google Analytics service.
- We use marketing tools, such as Facebook Pixel, to target advertising. This is related to the use of Facebook cookies. As part of the cookie settings, you can decide whether you agree to our use of Pixel Facebook or not.
- We use our own cookies for the proper operation of the website and ensuring its safety.
If the above information is insufficient, you can read the details below.
The administrator of personal data within the meaning of the provisions on the protection of personal data is Zeme Pharm Anna Mrowińska, al. Jana Chrystiana Szucha 3 lok. 2, 00-580 Warsaw, REGON 300281484.
The purposes, legal bases and period of personal data processing are indicated separately for each purpose of data processing (see the description of the individual purposes of processing personal data below).
Permissions. GDPR (RODO) grants customers the following potential rights related to the processing of their personal data:
1) the right to access personal data,
2) the right to rectify personal data,
3) the right to delete personal data,
4) the right to limit the processing of personal data,
5) the right to object to the processing of personal data,
6) the right to transfer data,
7) the right to lodge a complaint to the supervisory body,
8) the right to withdraw consent to the processing of personal data, if you have given such consent previously.
The regulations related to the implementation of the indicated rights are described in detail in art. 16 – 21 GDPR (RODO). We encourage you to read these regulations. It should be emphasized that the abovementioned rights are not absolute and will not be entitled to the client in relation to all processing of his personal data. We have made every effort to indicate, as part of the description of individual data processing operations, the rights to which the client is entitled as part of these operations.
One of the rights indicated above, which is always available to the customer is the possibility of lodging a complaint to the supervisory body (the President of the Office for the Protection of Personal Data).
Security. We guarantee the confidentiality of all personal data provided to the Administrator. We ensure that all security measures and personal data protection required by the personal data protection regulations are taken. Personal data is collected with due diligence and properly protected against access by unauthorized persons. All entities entrusted with the processing of personal data guarantee the use of appropriate security measures and the security of personal data required by law.
Objectives and processing activities
User’s account. By creating a user account in our store, the customer must provide his/her e-mail address and define the password for the account. Providing this data is voluntary, but necessary to create an account. As part of editing the user’s profile, you can provide further data about yourself, ie your name, billing address and shipping address. Providing this data is completely voluntary. You can have an account without providing these additional data. In this situation, when placing an order, you will need to enter the data manually each time.
The data entered by the customer in the user’s account is processed solely to maintain the account and ensure the possibility of using it. Providing data in the user’s account is to facilitate placing orders in the store by automatically substituting data for the order form.
The legal basis for the processing of personal data of the customer within the user’s account is the implementation of the account agreement, which is concluded on the basis of the store regulations.
The data collected in the user’s account is processed as part of the WordPress system and stored on the server.
The user’s data will be processed as part of the account as long as he/she has an account on the website. After removing the account, the data will be removed from the database, except for data regarding submitted orders.
At any time, the user may access their personal data processed under the account by logging in to their user account. After logging in to the account, you can modify your data at any time, as well as delete it (except for data regarding submitted orders). You can also decide to delete your account at any time.
In relation to the data collected in the user’s account, the customer also has the right to transfer data.
Orders. When placing an order, the customer must provide the data necessary to execute the order, i.e. name and surname, billing address, delivery address, e-mail address, telephone number. Providing data is voluntary, but necessary for the order to be processed.
The data provided when placing an order are processed in order to fulfill the purchase, issue an invoice, include the invoice in the accounting documentation and for archival and statistical purposes.
The data contained in the order placed via the store are processed as part of the WordPress system and stored on the server.
If the customer has a user account in the store and the order has been placed via the store, then the order will be visible within the order history of the account.
Each order is documented with a receipt or invoice.
Orders are also registered in the internal database for archival and statistical purposes.
Data on orders will be processed for the time necessary to perform the contract, and then until the expiry of the period of limitation of claims under the contract. In addition, after this date, the data can still be processed for statistical purposes. It should also be mentioned that the Store has the obligation to store invoices with personal data of the customer for a period of 5 years from the end of the tax year in which the tax obligation arose.
In the case of order data, it is not possible to rectify this data after the order has been processed. You also cannot object to the processing of data and require the deletion of data until the expiry of the period of limitation of claims under the contract. Similarly, you cannot object to the processing of data and request removal of data contained in invoices. After the expiry of the limitation period for claims under the concluded contract, one may object to the processing of data by the Store for statistical purposes, as well as to demand removal of data from the Store’s database.
In relation to the order data, the customer also has the right to transfer data.
Complaints and withdrawal from the contract. When the customer submits a complaint or withdraws from the contract, he provides the Store with personal data contained in the content of the complaint or a statement of withdrawal, which includes the name, address, telephone number, e-mail address, bank account number.
The data provided in regards with the submission of a complaint or contract withdrawal are used to implement the complaint procedure or the procedure for withdrawing from the contract.
The data will be processed for the time necessary to carry out the complaint procedure or the withdrawal procedure. Complaints and contract withdrawals may also be archived for statistical purposes.
The customer cannot rectify the data enclosed in complaints and declarations of contract withdrawals. He/she also cannot object to the processing of such data and demand the deletion of data until the expiry of the period of limitation of claims under the concluded contract. After the expiry of the limitation period for claims under the contract concluded, the customer may, however, object to the processing of the data by the Store for statistical purposes, as well as demand the removal of his/her data from our database.
E-mail contact. The customer, by contacting the store via e-mail, naturally provides his e-mail address as the sender’s address. In addition, the content of the message may also include other personal data.
The data is processed in this case in order to contact the customer, and the basis for processing is his consent resulting from initiating contact with the store. The legal basis for post-contact processing is the legitimate purpose of archiving correspondence for internal needs.
The content of the correspondence can be archived and it is not possible to clearly determine when it will be deleted. The customer has the right to demand a history of correspondence that he kept with the store (if it was subject to archiving), as well as request its removal, unless its archiving is justified due to overriding interests of the store, such as defense against potential claims by the customer.
Cookie files and other tracking technologies
Cookies are small files, which are stored on the user’s end device (eg computer, tablet, smartphone), which can be read by the store’s IT system.
Cookies can be divided into domain cookies and third-party cookies.
More details can be found below.
Domain cookies. Domain cookies are used to ensure the proper operation of the store, in particular for the proper functioning of the order process, basket, user account. Cookies are also used for store security using the WordFence tool.
Marketing. The store uses marketing tools, such as Facebook Pixel, to target advertising users. This is related to the use of Facebook cookies. As part of the cookie settings, you can decide to consent to the use of Pixel Facebook.
Using the store involves sending queries to the server on which the page is stored. Each query addressed to the server is saved in the server logs.
Logs include user’s IP address, server date and time, information about the web browser and operating system used by the user. Logs are saved and stored on the server.
The data stored in the server logs are not associated with specific people using the site and are not used by us to identify them.
The server logs are only auxiliary material used to administer the site, and their content is not disclosed to anyone except those authorized to administer the server.