- Processing personal data
The personal data submitted by the Consumer during the registration procedure and when visiting the online shop using the domain www.kanu.com.pl (hereinafter the Shop) are processed by Kanu Nature Sp. z o.o., 76-024 Świeszyno 39, NIP 4990658610, the company being a data controller (hereinafter DC) as stipulated Regulation of the European Parliament and of the Council (UE) 2016/679 of 27 April 2016 in the case of the protection of individuals with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46 / WE – hereinafter referred to as RODO.
The personal data entrusted to the Shop are stored and secured in accordance with the rules stipulated in the following
– Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 in the case of the protection of individuals with regard to the processing of personal data and the free movement of such data and the repeal of directive 95/46 / EC – hereinafter referred to as RODO;
– Act of 10/05/2018 on the protection of personal data;
– Act on Rendering Electronic Services of 18 July 2002 (published in Dziennik Ustaw [Journal of Laws] 2017, Item 1219);
The personal data processed by DC, in particular the first name and surname, the billing address and delivery address, e-mail address and phone/mobile number are processed in order to present the offer of the Shop, discuss the terms and condition of a remote agreement, amend the stipulations thereof, terminate it, meet the requirements concerning appropriate rendering of electronic services, fulfill the orders placed by Consumers, as well as to process complaints by the Consumer, should they arise, and to reimburse the monies in the case of a withdrawal from an agreement (return of the merchandise), the legal base for processing the data gathered during these procedures being Art. 6 par. 1 b) RODO.
The personal data entrusted to the store can become available to entities with whom ADO has a personal data entrustment agreement only if it is necessary to achieve the purpose indicated when collecting the data.
When the User decides to make a payment via Dotpay, online payments provider, they will be redirected to the website of Dotpay Sp. z o.o., the company authorising the transaction, using the domain www.dotpay.pl. The Shop has no access to credit card data and does not store any data concerning credit cards. When the User opts for this payment method, the data necessary for the payment processing are submitted to the Payment Authorisation Centre. The shop has no access to nor stores the data necessary to log to a bank account used to make a payment.
Personal data will be held until the order is processed. This period may be extended by the time for which ADO is obliged to process data by law.
The user submits their personal data voluntarily, but their failure to do it may result in our inability to render electronic services and the User’s inability to purchase merchandise in the Shop.
The consumer has the right to request the administrator to access their personal data, rectify them, delete or limit them, as well as the right to transfer the data. The customer also has the right to place a complaint to the President of the Personal Data Protection Office in the case of processing personal date by ADO in a way that is not compliant with the law.
The personal data submitted by the Consumer can be edited by them (using the tab “My Account”). The Consumer can contact the DC to order a removal of the complete Customer Account. In order to do it the Consumer has to send an appropriate request to the e-mail address of the Shop (firstname.lastname@example.org), using an e-mail address recorded in the Shop.
ADO does not intend to transfer personal data to third parties and does not carry out an automated decision-making as well as profiling.
- List of newsletter recipients
The Shop has a list of newsletter recipients (a periodical publication issued by the Shop with information on the company products, promotional offers, competitions, events related to the Shop functioning and other marketing actions of the Shop). By signing up to this list voluntarily, the User agrees to being sent marketing materials. The Shop does not sell to or share with third parties the e-mail addresses from its database. The Shop may entrust processing personal data related with e-mail addresses to third parties, when preparing its marketing initiatives with the use of the IT systems of external entities. The e-mail addresses entrusted for this purpose are used solely for the needs of the Shop. Protection of Users’ e-mail addresses does not differ from protection of other personal data. The User can resign from newsletter subscription at any time, using the appropriate link in an e-mail. The data gathered by the Shop are processed in accordance with as states Art. 6 par. 1 letter b) and f). The administrator has a legitimate interest in implementation of the direct marketing of his own products.
- Safety rules
Kanu Nature Sp. z o.o. guarantees safety of personal data thanks to using appropriate technical and organisational solutions which prevent illegal data processing or accidental loss, devastation and damage. The Shop also makes every effort in order to guarantee the personal data being:
- correct and processed as stipulated in legal regulations;
- obtained only for specified purposes and not processed further with intents differing from them;
- adequate, appropriate and not redundant;
- accurate and up-to-date;
- store no longer than necessary.
- Safety of data transfers
The Shop has the SSL certificate, a tool installed to guarantee safety of a website and protection of the privacy of data transmitted electronically. The protection is obtained by encoding the data before their being sent from the User’s browser and decoding them after a safe transfer to the server of the Shop. Information sent from the Shop’s server to the Customer is also encoded and decoded in the User’s device.
After a connection with a safe website is made the Customer is informed about it as follows.
- Internet Explorer: in the right-hand part of the status bar a padlock is seen; after clicking the padlock, the Customer will see the authenticity certificate (digital signature) of the particular website;
- Firefox and Opera: the padlock is displayed on the navigation bar; after clicking the padlock, the Customer will see the authenticity certificate of the particular website.
For the purpose of safety the Customer should remember about:
- choosing a user’s name and making a difficult, 8-digit alphanumeric password used to log on to the customer’s account that can not be easily guessed by third parties; in particular it is advisable to use special symbols, uppercase and lowercase letters in the password;
- log out of the www.kanu.com.pl website after a session (after buying merchandise); closing the browser window is not equivalent to logging out of the www.kanu.com.pl website; in order to log out, the button “Log out” in the “My Account” tab must be used;
- keeping the User’s name and password secret, in particular not sharing these data with any third party;
- using antivirus software, including regular disc scanning;
- using the www.kanu.com.pl website and the Shop only with the use of trusted computers with tested software; using computers belonging to other parties may result in a risk of stealing the user’s name, password or other submitted data.
- Shop’s policy regarding IPs
Customers using the Shop are anonymous until they decide to change it. The IP address of the Customer is processed by the Shop only for statistical purposes. The address is not shared with third parties. However, the Shop reserves the right to give the IP address of a Customer to law enforcement agencies upon detecting an action aiming at destroying the data contained in the Shop or having another potential effect of hindering the Shop’s operations.
6. Final provisions
Because of constant development and technical progress the rules specified herein may be subject to change. The Shop will inform about it in good time, no later than seven days before implementation, publishing the new content of this Policy on its website.