- GENERAL TERMS
- The controller of personal data collected via the Online Store is Venom S.C. Michał and Piotr Smentoch entered into the Central Registration and Information on Economic Activity kept by the Minister of Economy, Business Statistical No. (REGON) 220507266, Tax ID No. (NIP): 958-157-51-31 hereinafter referred to as the "Controller" and being at the same time the Online Shop Service Provider and the Seller.
- Personal data of the Service Recipient and the Customer shall be processed in accordance with the Personal Data Protection Act of August 29, 1997 (Journal of Laws 1997 No. 133, item 883, as amended) (hereinafter referred to as the Personal Data Protection Act) and the Act on provision of services by electronic means of July 18, 2002 (Journal of Laws 2002 No. 144, item 1204, as amended).
- The Controller shall exercise special care to protect the interests of data subject, and in particular, to ensure that the data it collects is processed in accordance with law; is collected for specified and legitimate purposes and is not subject to further processing which is incompatible with these purposes; is factually correct and adequate to the purposes for which it is processed; and is kept in a form which permits identification of data subjects, for no longer than it is necessary for the purpose for which it is processed.
- Any words, expressions and acronyms appearing on this page and beginning with a capital letter (e.g. Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Regulations of the Online Store available on the web pages of the Online Store.
PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS
- Each time, the purpose, scope and recipients of data processed by the Controller results from actions taken by the Service Recipient or the Customer in the Online Store. For example, if the Customer chooses a personal collection instead of a courier shipment during the Order placement, his or her personal data shall be processed in order to conclude and execute the Sales Agreement, but it shall not be made available to the carrier performing the shipment at the request of the Controller.
- Possible purposes for collecting personal data of the Service Recipients or Customers by the Controller:
- conclusion and implementation of a Sales Agreement or an agreement for the provision of an Electronic Service (e.g. Account);
- direct marketing of the Controller's own products or services.
- Possible recipients of personal data of the Online Store Customers:
- in the case when the Customer uses the courier shipment method in the Online Store, the Controller shall provide collected personal data of the Customer to the selected carrier or intermediary executing the shipment on behalf of the Controller;
- in the case when the Customer uses the credit card payment method in the Online Store, the Controller shall disclose collected personal data of the Customer to the selected entity operating these payments in the Online Store.
- The Controller may process the following personal data of Service Recipients or Customers using the Online Store: first name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city, country), residence address/business address/seat (if different from the delivery address). In the case of Service Recipients or Customers who are not consumers, the Controller may additionally process the company's name and tax identification number (NIP) of the Service Recipient or the Customer.
- Providing personal data referred to in the point above may be necessary to conclude and implement the Sales Agreement or the agreement for the provision of an Electronic Service in the Online Store. Each time, the scope of data required to conclude the agreement is indicated beforehand on the Online Store website and in the Regulations of the Online Store.
COOKIES AND OPERATIONAL DATA
- Cookies are small text information in the form of text files, sent by the server and saved on the side of the person visiting the website of the Online Store (e.g. on the hard drive of the computer, laptop or on the smartphone's memory card – depending on which device is used by the person visiting our Online Store). Detailed information about cookies as well as the history of their creation can be found e.g. here: https://en.wikipedia.org/wiki/HTTP_cookie.
The Controller may process data contained in cookies when visitors use the Online Store for the following purposes:
- identifying the Service Recipients as logged in to the Online Store and showing that they are logged in;
- remembering Products added to the cart in order to place an Order;
- remembering data from completed Order Forms, surveys or details of logging to the Online Store;
- adjusting the content of the Online Store page to the individual preferences of the Service Recipient (e.g. regarding colours, font size, page layout) and optimising the use of the Online Store pages;
- keeping anonymous statistics showing the manner of use of the Online Store website.
- Typically, most Internet browsers available on the market accept the saving of cookies by default. Everyone has the possibility to define the terms of using cookies using their own browser's settings. This means that you can, for example, partially restrict (e.g. temporarily) or completely disable the option of saving cookies – in the latter case, however, it may affect some functionalities of the Online Store (for example, it may be impossible to complete the ordering process through the Order Form due to failure to store the Products in the cart during the subsequent steps of submitting the Order).
- Detailed information on changing cookies settings and their removal on your own in the most popular web browsers is available in the help section of the web browser and on the following pages (just click on the link):
- The Controller shall also process anonymised operational data related to the use of the Online Store (so-called logs – IP address, domain) to generate statistics helpful in administering the Online Store. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store website. Logs are not disclosed to third parties.
LEGAL BASIS FOR DATA PROCESSING
- Providing personal data by the Service Recipient or the Customer is voluntary, however, failure to provide the personal data indicated on the Online Store website and in the Regulations of the Online Store necessary to conclude and execute a Sales Agreement or an agreement for the provision of an Electronic Service results in the inability to conclude such an agreement.
- The basis for the processing of personal data of the Service Recipient or the Customer is the necessity to perform the agreement to which he or she is a party or to take actions on his or her request prior to its conclusion. In the case of data processing for the purpose of direct marketing of the Controller's own products or services, the basis for such processing is (1) prior consent of the Service Recipient or Customer or (2) fulfilment of legally justified purposes carried out by the Controller (pursuant to Article 23 sec. 4 of the Personal Data Protection Act, the legitimate aim is in particular the direct marketing of the Controller's own products or services).
RIGHT TO CONTROL, ACCESS, AND CORRECT YOUR PERSONAL DATA
- The Service Recipient or Customer has the right to access the content of his or her personal data and correct it.
- Every person has the right to control the processing of the data concerning him or her contained in the Controller’s database, in particular, the right to: request supplementing, updating, correcting personal data, temporary or permanent suspension of its processing or its deletion, if it is incomplete, outdated, false, or has been collected with violation of the act or is no longer required to complete the purpose for which it was collected.
- Should the Service Recipient or Customer give his or her consent to data processing for the purposes of direct marketing of the Controller’s own products or services, the consent may be withdrawn at any time.
- Where the Controller intends to process or processes personal data of the Service Recipient or Customer for direct marketing of the Controller's own products or services, the data subject has also the right (1) to file a written, justified request to stop processing his or her personal data due to his or her special situation or (2) to object to the processing of his or her personal data.
GOOGLE ANALYTICS, YANDEX METRICA
- The Controller uses Google Analytics services provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA) and Yandex Matrica services provided by Yandex LLC (16 Lva Tolstogo St., Moscow 119021, Russia). These services help the Controller analyse the manner of use of the Online Store.
- Information obtained by means of cookies is stored on servers used by Google Inc. and Yandex LCC, including in the United States and Russia. If the anonymisation of the IP address during the use of the Online Store is active, the IP address shall be shortened already in Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to the United States or Russia and shortened there.
- At the request of the Controller, Google Inc. and Yandex LCC shall use this information to assess the use of the Online Store by the User, create reports on website activity and provide other services related to the use of the Online Store.
- The data collected shall be processed as part of the above services in an anonymised way (these are the so-called operational data that make it impossible to identify a person). These data are aggregate and anonymous, i.e. they do not contain features that identify users of the Online Store.
- Typically, most Internet browsers and devices available on the market accept the saving of cookies by default. Everyone has the possibility to define the terms of using cookies using settings of their own browser or device. This means that you can, for example, partially restrict (e.g. temporarily) or completely disable the option of saving cookies – in the latter case, however, it may affect some functionalities of the Online Store.
- Yandex Matrica can register mouse clicks, mouse movements, scrolling activity and entered information that is not personal data.
- It is also possible to generally prevent the transmission of data from the User's device to Google Analytics and Yandex Matrica using cookies (including the transmission of the IP address) by downloading and installing the browser plug-in provided by Google Inc and Yandex Matrica available at the following address: https://tools.google.com/dlpage/gaoptout and https://yandex.com/support/metrica/general/opt-out.html.
- Detailed information about the principles under which the above-mentioned services operate, including the principles of data collection and processing are available at: https://policies.google.com/technologies/partner-sites.
- The Controller shall apply technical and organisational measures to ensure protection of the processed personal data that is appropriate for the hazards and categories of data subject to protection and, in particular, protect the data against unauthorised access and takeover, processing with violation of existing law as well as modification, loss, damage, or destruction.
- The Controller shall provide the following technical measures to prevent the unauthorised access and modification of personal data sent electronically:
- Securing the data set against unauthorised access.
- Access to the Account only after providing an individual login and password.
- SSL Certificate.