condition from May 25, 2018
The provisions of 11.1 are amended in the Lolly Woven Regulations. and is replaced by the following:
1. Unless otherwise stated in this document, individual phrases have the meaning given to them in the content of the Sendit Website Regulations.
2. The administrator of Users' personal data is Lolly Woven with its registered office in Wałcz, 1 Maja 14/49 78-600, NIP: 7651655094, with which Users can contact the following e-mail address: firstname.lastname@example.org
3. Users' personal data are processed by the Administrator in accordance with the provisions on the protection of personal data, in particular Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ("RODO").
4. Users' personal data are processed by the Administrator in order to:
1. performance of the contract for the provision of services defined in the Regulations by the website www.lollywoven.com (pursuant to Article 6 (1) (b) of the GDPR);
2. fulfillment of the Administrator's legal obligation (pursuant to Article 6 paragraph 1 letter c and paragraph 3 of the GDPR);
3. marketing of own products or services, (pursuant to Article 6 (1) letter f of the RODO);
4. investigation or securing of claims (pursuant to Article 6 (1) letter f of the RODO).
5. Providing personal data is voluntary, however, the consequence of not providing personal data will be the inability to perform the contract for the provision of services set out in the Lolly Woven Regulations. In order to gain access to services provided within the website, it is necessary to provide data. By rallies on the store or when ordering. Necessary data for the contract
3. a mobile phone number;
4. paypal address
5. mailing address
6. Personal data processed for the purposes of marketing products or services based on a legitimate interest will be processed until the opponent complains.
7. The Administrator provides Users with the right to access their data and the right to rectify, delete, limit processing, the right to data transfer, the right to object to data processing on the basis of the Operator's legitimate interest or processing for direct marketing purposes.
8. The administrator may refuse to delete personal data if the further processing of these data by the Administrator is acceptable under the law.
9. The Administrator may refuse to delete personal data if further processing of such data by the Administrator is allowed under the law.
10. The User has the right to lodge a complaint to the supervisory body when he / she considers that the processing of his personal data violates the provisions of the GDPR.
11. Users' personal data may be transferred to entities authorized to receive them under applicable law, including the competent judicial authorities. Users' personal data may also be transferred to third parties indicated by the Administrator in connection with services provided to Users as part of shipments of goods, ie Carriers (in accordance with paragraph 12 below), payment operator (in accordance with section 13 below), as well as entities processing personal data at the request of the Admnistrator, it is partners that provide:
1. technical services, including hosting (including data storage in the so-called cloud), concerning the development and maintenance of IT systems and websites,
2. marketing services,
3. debt collection services,
4. accounting and accounting services,
5. consulting and consultancy services.
6. Transport services
11. Users' personal data using the services provided via Lolly Woven are forwarded to Carriers indicated each time by Users in the process of commissioning the Service. The list of Carriers together with their full data is attached as Appendix 2 to the Regulations of the Sendit Website. The transfer of personal data takes place:
1. on the basis of agreements concluded between the Administrator and Carriers,
2. immediately after the User has performed all the actions described in the Regulations and the Carrier's Regulations required for sending the parcel,
3. in order to handle the process of sending the shipment given by the User.
13. Personal data of Users making online payments for the Services provided by the Administrator are transferred to the payment operator by Paypal to the Administrator's account, ie email@example.com
4. bank account number;
13. Users' personal data will not be transferred to a third country / international organization.
14. Users' personal data are protected by the Administrator before they are made available to unauthorized persons, as well as other cases of their disclosure or loss and against destruction or unauthorized modification of indicated data and information, through appropriate organizational safeguards, as well as technical and programming safeguards, in particular data encryption systems.
15. Users' personal data will not be processed in an automated manner.
16. If the User enters third party data for the purposes of communicating, recommending, using the Operator's services, in particular the conclusion or performance of the contract concluded through tools within the store, depending on the given situation, the User provides the Administrator with personal data of third parties or entrusts data processing personal information. The user declares that he has the right to enter third-party data when placing the order, for example, he has the relevant consent of a third party.
17. If the User makes personal data of third parties available, the store becomes the administrator of personal data in relation to the entered data and in the cases provided by law meets the secondary information obligation for the data obtained in a different way than the person they refer to (in accordance with Article 14 RODO).
18. If the User does entrust the processing of personal data, points 21 to 26 below shall apply, constituting the contract for entrusting the processing of personal data. The User may contact the Adminitrator to negotiate and change the content of the personal data processing agreement.
19. The User entrusts the Administrator in the mode of art. 28 RODO, processing of personal data for the purpose resulting from the introduction of third-party data by the User in the Store and in the scope resulting from the data entered. The store administrator may process the personal data entrusted to him only to the extent and purpose specified in the preceding sentence, including for the purpose and scope necessary to provide services specified in the Lolly Woven Store Regulations.
20. The shop administrator undertakes
1. exercise due diligence in the processing of entrusted personal data and to process personal data in accordance with the provisions of applicable law, in particular the GDP;
2. granting authorization to process personal data to all persons who will process the data entrusted;
3. ensure confidentiality (referred to in Article 28 (3) (b) of the GDPR) of the data being processed by persons who authorize the processing of personal data;
4. to secure personal data through the use of appropriate technical and organizational measures ensuring an adequate level of security corresponding to the risks related to the processing of personal data referred to in art. 32 RODO;
5. to help the User to meet the obligations of the data subject and to fulfill the obligations specified in art. 32-36 RODO;
6. upon completion of the processing services, return all personal data or delete any existing copies thereof, unless Union or Member State law requires the storage of personal data.
7. provide the User with information necessary to demonstrate fulfillment of obligations under art. 28 of the GDP and enable the User to carry out audits after prior appointment of the audit date.