- The Administartor of personal data gathered by the Online Store is KONRAD KUDRASZOW, running his economic activity under the company name of KOOKU KONRAD KUDRASZOW, inscribed into Central Electronic Register and Information on Economic Activity of Poland, chaired by the Minister Of Economy, containing: the address of running the aforementioned acivity and the correspondence address: Włókiennicza 9/6, 15-464 Białystok, NIP 9661371413, REGON 51973177, electronic mailbox address: firstname.lastname@example.org, hereinafter called the „Administrator“ and at the same being the service provider of the KOOKU Online Gallery and a Salesman.
- Personal data of the Customer or Client are processed in accordance with the law on personal data protection from August the 29th 1997 (Journal of Laws 1997 No. 133, item 883 with the changes)(hereinbelow: the law on personal data protection) and the act on electronic services from July the 18th 2002 (Journal of Laws 2002 No. 144, item 1204 with the changes).
- Adinistrator will do his utmost to protect the users, whose the data concerns, and particularly he ensures, that the data he gathers are processed according to the applicable law; collected for the specific, lawful purposes and not being further manipulated nor converted in a way that is noncompliant with these purposes; substantively accurate and used adequately to the purposes in which these are processed and stored in a form that allows an identification of persons whom these concern, not longer than it is necessary to reach the goal of the processing action.
- Every word, expression and acronym that appears on this website and beginning with the capital letter (e.g. Salesman, Online Gallery, Electronic Service) should be understood according to its definition stated in the Rulebook of The Online Gallery available on the pages of the Online Gallery.
PURPOSE AND SCOPE OF DATA COLLECTION AND RECIPIENTS OF THE DATA
- Each and every time the purpose, scope and recipients of the data processed by the Administrator are the effect of the actions taken by the Customer or Client in the Online Gallery. For example, if the Client during an order placement chooses a collection in person option instead of courier delivery, his/her personal data will be processed in order to make and contract a Sales Agreement, but won't be shared with a carrier delivering shipments at the Adminstrator's request.
- Possible purposes for collecting Customers or Clients personal data by the Administrator:
- conclusion and implementation of the Purchase Agreement or contract having to do with Electronic Services (e.g . Account).
- direct marketing of the Administrator's own products or services.
- expressing an opinion concluded in a Purchase Agreement by the Client.
- Possible recipients of the Online Gallery's Clients personal data:
- In the case of a Client who uses the Online Gallery and selects a method of delivery by mail or courier, the Administrator provides collected personal data of the Customer to the selected carrier or intermediary that is executing the package on behalf of the Administrator.
- In the case of the customer who uses the Online Gallery and chooses the method of electronic payment or credit card payment, the Administrator provides collected personal data of the Client to the entity that deals with the aforementioned payments for the Online Gallery.
- In the case of a Client who agreed to express an opinion about the concluded Purchase Agreement, the Administrator provides Client's personal data to the entity dealing with an opinion focused survey system that is handling Purchase Agreements contracted within the Online Gallery.
- The Administrator may process the following personal data of Clients or Customers using the Online Gallery website: first name and last name; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city, country), address of residence / business / establishment (if different from delivery address). In case of the Customers or Clients who are not consumers, the Administrator can also process the company name and tax identification number (NIP) of a Customer or Client. Providing personal data referred to in the paragraph above may be necessary for the conclusion and implementation of the Purchase Agreement or Contract for the Provision of Electronic Services in the Online Gallery. Each time the range of the data required to contract an Agreement is previously indicated in the Online Gallery and in the Online Gallery Rulebook.
COOKIES AND OPERATIONAL DATA
- Cookie files are small text pieces of information in a form of text files, sent by a server and stored by the person who visits our website (e.g. on a hard drive of a PC, laptop or on a smartphone's memory card, depending on a type of an appliance used to visit our Online Gallery). Detailed information on Cookies , as well as the history of their formation can be found , among other sources, here: https://en.wikipedia.org/wiki/HTTP_cookie.
- The administrator, that is KOOKU Online Gallery, may process the data contained in cookie files during the visitors' usage of our gallery's site for the following purposes:
- identifying clients as logged into the Online Gallery and showing them as logged in;
- saving the products that have been added to the Shopping Cart to place an Order;
- saving the data from filled Order Forms, surveys and the data used to log into the Online Gallery;
- adjusting the content of the Online Gallery website to meet the needs and individual preferences of our Client (can relate to, e.g. colors, font size, website visual composition) as well as an optimization of our Online Gallery's wesite usage;
- keeping anonymous statistics showing the way our Online Gallery website is being used.
- As a standard, the majority of web browsers available on the market accepts saving Cookie files by default. Everybody has a possibility to set the terms and conditions of using Cookie files by using the web browser's individual settings. It means that you can, for example, partially restrain (e.g. set the time limit) or turn off the option to save Cookie files altogether. By doing the latter though, you may hinder some of the functionality of our Intenet Gallery (for example, it may turn out to be impossible to complete the full Ordering path through the Order Form due to an inability to save the Products in a Shopping Cart during all the consecutive Order placing steps).
- Web browser's settings regarding Cookie files are substantial in terms of our Online Gallery's Cookie files usage agreement: according to effective regulations, this kind of agreement may also be made by way of web browser's settings. In case of declining the aforementioned terms, appropriate changes relating to Cookie files should be made in web browser's settings as well.
- Detailed information regarding Cookie files settings and possible changes that can be made, along with an option to delete them individually, is available under „help“ in most popular web browsers as well as on the following web sites (just click the corresponding hyperlink):
- The administrator also processes anonymous operating data connected with a use of the Online Gallery (IP address, the domain) in order to generate statistics supportive in administrating the Online Gallery. The data stored are collective and anonymous, i.e. not containing any individual features nor traces that might be used to identify the person visiting the Online Gallery. The data aren't revealed to any third party.
LEGAL BASIS FOR THE DATA PROCESSING
- Providing personal data by the Customer or the Client is voluntary, but not providing the personal data pointed out on the Online Gallery website and in the Online Gallery Terms&Conditions Rulebook that are necessary for the conclusion and implementation of the Sales Agreement or Contract for the Provision of Electronic Services will result in the inability to conclude the above mentioned Agreement.
- The basis for the processing of Client or Consumer's personal data is a necessity to implement the Agreement that the Client is a party of, or to take actions on the Client's request before it is concluded. In the case of data processing for a direct marketing of the Administrator's own products or services, the basis for such processing is (1) a prior consent of a Customer or Client, or (2) the fulfillment of the legitimate objectives pursued by the Administrator (in accordance with the article .23 paragraph .4 of the Act on the Protection of Personal Data, as a lawfully justified interest is considered, in particular, a direct marketing of the Administator's own products or services).
- In the case of data processing in order to express the opinion of the Customer regarding the contracted Purchase Agreement the basis for such processing is the consent of a Customer or Client.
THE RIGHT TO CONTROL, ACCESS AND CORRECT THE PERSONAL DATA
- A Client or Customer has the right to access the personal data and correct them.
- Every person has the right to control the processing of data that concerns him/her contained in the data set of the Administrator, and in particular the right to request to supplement, update, or correct personal data, temporary or permanent suspension of their processing or removal if they are incomplete, untrue or collected in violation of the law or are no longer necessary for the purpose for which they have been collected.
- In the case of granting by the Consumer or Client's consent for the processing of data for the purpose of a direct marketing of the Administrator's own products or services, the consent may be revoked at any time.
- If the Administrator intends to process or is processing the data of the Consumer or the Client for the purpose of a direct marketing of the Administrator's own products or services, the person whose data it concerns is entitled also to (1) filing of a written, reasoned request to cease the processing of the data because of its special situation or (2) to object to the processing of its data.
- The Administrator uses technical and organizational measures to ensure the protection of personal data processed appropriate to the risks and category of data being protected, and in particular protects data against their unauthorized disclosure, takeover by an unauthorized person, processing with the violation of existing regulations or change, loss, damage or destruction.
- The administrator shall suitably provide the following technical measures to prevent the data transmitted electronically from the acquisition and modification by unauthorized persons:
- Securing a set of data against an unauthorized access.
- Access to the account only after an individual username and password are provided.
- SSL certificate.