In connection with the entry into force on 25 May 2018 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as ‘GDPR’), we would like to inform you about the processing of your data and the rules governing this processing from 25 May 2018.
Below you will find information about the data processed and the rules governing its processing.
1. DATA CONTROLLER
The controller of your data is Centrum Odżywek i Suplementów FitAktiv Gerard Krawczyk, ul. Wawelska 5, 02-034 Warsaw (hereinafter referred to as ‘FitAktiv’).
2. DATA COLLECTED AND PROCESSED
The data that is collected and processed is data that is collected as part of your use of our services – i.e. including its storage or analysis for the purpose of providing you with services.
This includes, in particular, data necessary for registering, browsing or ordering products, including without registration, and performing a number of other related activities in connection with the use by Customers (you) of the services offered by this online shop.
In accordance with applicable law, we are entitled to transfer your data obtained in this shop to entities processing it on our behalf, e.g. marketing agencies, subcontractors of our services, including courier companies, as well as entities authorised to obtain data under applicable law (e.g. courts) – only on a specific legal basis.
WHAT DATA DO WE COLLECT WHEN CREATING AN ACCOUNT AND MAKING PURCHASES AFTER CREATING AN ACCOUNT AND REGISTRATION
First name, surname, residential and mailing address, telephone number, IP address. This data is linked to your purchase history in the shop. We store it for as long as you have an account with us. This data is stored on the basis of your consent and the provisions on distance selling.
WHAT DATA WE COLLECT WHEN YOU MAKE PURCHASES WITHOUT CREATING AN ACCOUNT
The buyer’s address and, if applicable, correspondence address. We store this data for the duration of the order and the time needed for any return of goods. In addition, if you have agreed to receive the newsletter, we store your data until the purpose for which it was collected ceases to exist or until the data subject objects to the processing of their data, whichever occurs first. This data is stored on the basis of your consent and the provisions on distance selling.
WHAT DATA DO WE COLLECT WHEN YOU VISIT THE SHOP WITHOUT MAKING A PURCHASE OR CREATING AN ACCOUNT (data collected by the website)
Anonymous statistical data, IP address, your path through the shop, browser used, operating system, screen resolution, type of device (mobile or desktop) – we cannot and have no way of linking any of this information to a specific person. The data will be processed until the purpose for which it was collected ceases to exist or until the data subject objects to the processing of their data, whichever occurs first.
In addition, for the purposes necessary to settle transactions, we will store the data for the period during which the Administrator is obliged to retain the data and/or documents containing it in order to document compliance with legal requirements, including enabling public authorities to verify compliance, as well as due to the obligations imposed on the Controller by applicable law regarding commercial transactions and related settlement documents.
In connection with the possibility of you contacting us at the email address provided, we store the data you provide us with there for a period of up to 10 years. This data is stored for the purpose of responding to your enquiry, considering your complaint, exercising your right to withdraw from the contract, as well as for the purpose of providing other services for which you sent us an email. Sending such an email is tantamount to consenting to the processing of the data provided therein.
PLEASE NOTE! We do not store sensitive data (including data relating to the sender’s health conditions), and any email containing such data will be immediately deleted from our server.
Providing your data for the purpose of purchasing goods is necessary to carry out a purchase-sale transaction with you. If, for any reason, you do not provide this personal data, we will unfortunately not be able to conclude a contract with you. When required by law, we may require you to provide other data necessary for accounting or tax purposes, for example. In all other respects, the provision of your data is voluntary.
3. DATA SECURITY
All data collected by us is protected and secured using reasonable technical and organisational measures, as well as procedures to protect the data from unauthorised access or unauthorised use of the data provided to us.
HOW CAN YOU MANAGE YOUR DATA?
You have the following rights in relation to your data that has been provided to us:
– the right of access;
– the right to rectify your data – when your data is incorrect;
– the right to erase your data – when you withdraw your consent to its processing, when you object to its processing, when it is processed in breach of applicable law, when your data should be erased in accordance with a legal obligation, or when the data has been collected in connection with the provision of electronic services offered to a child;
– the right to restrict the processing of your data – when your data is incorrect, for the period of verification of your data; when your data is used by us in an unlawful manner, but you do not want it to be deleted; when we no longer need your data, but you do not want it to be deleted in order to pursue your claims and/or defend your rights; when you object, until the proceedings to determine whether our legitimate grounds override the grounds for your objection have been completed;
– the right to transfer them;
– the right not to be subject to automated decision-making, including direct marketing (e.g. profiling);
– the right to object – when their processing is based on a legitimate interest or for statistical purposes, and the objection is justified by the specific situation you find yourself in, including profiling, as well as at any time if personal data is processed for direct marketing purposes.
To exercise the above rights, please contact us at: admin@muscleclinic.pl
LEGAL BASIS FOR THE PROCESSING OF YOUR DATA
The processing of your data must be based on a valid legal basis. We process your data because these are transactions made through this online shop after prior registration and creation of an account, as well as for transactions without prior registration and creation of an account.
The legal basis for statistical measurements and the Administrator’s own marketing is the legitimate interest of the administrator.
RIGHT TO LODGE A COMPLAINT
You have the right to lodge a complaint regarding our processing of your personal data with the Information Commissioner, ul. Stawki 2,
00-193 Warsaw.
The Information Commissioner is the supervisory authority for the Administrator.