Privacy Policy

This privacy policy describes how we process information about you, including personal data and cookies, or "cookies".

 

1. general information

(1) This policy is an integral part of the Rules and Regulations of the Online Store operated by the Administrator at pomelody.com and applies to the principles of processing personal data collected in connection with the operation of the Store.

 

(2) The administrator of personal data is Pomelody Sp. z o. o. with its registered office in Częstochowa, 

 

M. Bojemskiego Street 25, 42-202 Częstochowa,

 

(3) contact e-mail address of the Administrator: support@pomelody.com

 

(4) the Administrator processes your data including data provided by you voluntarily, 

as well as data collected automatically during your use of the Store.

(5) the Service uses personal data (name, surname, e-mail address, address of residence, shipping address, telephone number) for the following purposes and on the following grounds

- the operation of the comment system based on the consent you gave when submitting a comment (Article 6(1)(a) of the RODO; this processing takes place until you withdraw your consent);

- preparation, packaging, and shipping of Products (Article 6(1)(b) RODO);

- performance of requested services, including the Newsletter service, in the latter case, based on your consent (Art. 6(1)(a) and (b) RODO);

- a collection of debts (Article 6(1)(f); this processing takes place until the expiration of claims on this account);

- presentation of an offer or information based on your consent (Article 6(1)(a) RODO; this processing takes place until you withdraw your consent);

- fulfillment of the Administrator's legal obligations (Article 6(1)(c) RODO).

(6) the Store performs functions of obtaining information about Users and their behavior 

in the following ways:

- through voluntary data entered in the Order Form and Registration Form, which are entered into the Administrator's systems;

- by storing cookies (so-called "cookies") in the end devices.

 

2 Selected data protection methods used by the Administrator

1. login and personal data entry sites are protected in the transmission layer (SSL certificate). As a result, personal and login data entered on the site are encrypted on the User's computer and can only be read on the target server.

(2) User passwords are stored in hashed form. The hashing function works one way - it is not possible to reverse its operation, which is the current modern standard for storing Users' passwords.

(3) To protect data, the Administrator regularly makes security copies.

(4) an important element of data protection is the regular updating of all software used by the Administrator to process personal data, which in particular means regular updates of software components.

 

3. your rights and additional information about the use of data

(1) In certain situations, the Administrator may transfer your data to other recipients if this is necessary for the performance of a contract concluded with you or for the fulfillment of obligations incumbent on the Administrator. This applies to such groups of recipients:

- hosting company on a trust basis;

- payment operators;

- companies, providing support services to the Administrator.

(2) Your data processed by the Administrator for no longer than it is necessary to perform related activities specified by separate regulations (e.g., accounting). About marketing data, data will not be processed for longer than 3 years.

(3) You have the right to request from the Administrator:

- access to personal data concerning you,

- their rectification,

- deletion,

- restriction of processing,

- and data portability.

(4) You have the right to object to the processing of your data for the purpose of carrying out the legitimate interests pursued by the Controller, including profiling, whereby the right to object will not be exercised if there are valid legitimate grounds for processing that override your interests, rights, and freedoms, in particular the establishment, assertion or defense of claims.

(5) The actions of the Administrator may be complained about to the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw.

(6) Providing personal data is voluntary, but necessary to use the Store.

(7) Automated decision-making, including profiling to provide services under the concluded agreement and for direct marketing by the Administrator, may be performed about you.

(8) Personal data is not transferred from third countries in the sense of data protection legislation. This means that we do not send them outside the European Union.

(9) You have the right to complain to the supervisory authority for the protection of personal data - the President of the Office for Personal Data Protection.

(10) The Administrator undertakes to make every effort to maintain adequate security of the Customer's data.

(11) you have the right to inspect and change your data at any time, as well as to request the Administrator to delete them immediately ("right to forget").

 

4. information in forms

(1) the Store collects information provided voluntarily by the User, including personal data, 

as long as they are provided.

(2) The store may record information about connection parameters (time stamp, IP address).

(3) The store, in some cases, may record information to facilitate the linking of data 

in the form with the e-mail address of the user filling out the form. In this case, the e-mail address of the User appears inside the URL of the page containing the form.

(4) The data provided in the form are processed for the purpose resulting from the function of the specific form, such as to perform the process of service request or business contact, registration of services, etc. Each time the context and description of the form informs what it is used for.

 

5 Administrator Logs

Users' behavior information on the site may be subject to logging. This data is used to administer the site.

 

6 Relevant marketing techniques

(1) The Administrator uses statistical analysis of site traffic, through Google Analytics (Google Inc. based in the USA). The operator does not transmit personal data to the operator of this service, but only anonymized information. The service is based on the use of cookies on the User's terminal device. In terms of information about the User's preferences collected by the Google advertising network, the User can view and edit the information resulting from cookies using the following tool: https://www.google.com/ads/preferences/.

(2) The Administrator uses remarketing techniques to match advertising messages to the User's behavior on the site, which may give the illusion that the User's personal information is being used to track the User, but in practice, there is no transfer of any personal information from the Administrator to advertising operators. A technological prerequisite for such activities is that cookies are enabled.

(3). the Administrator uses automated marketing systems aimed at creating a personalized marketing message for each User. For this purpose, the Administrator processes the following personal data: Name; Email; Phone; Address; IP address; Gender; data related to the Data Subject's activity on the Customer's digital surfaces (e.g., identifiers of products or product categories viewed by the Data Subject); technical browser and device information (“user-agent”); 

The basis for the processing of personal data is the exercise of the Administrator's legitimate interests (Article 6(1)(f) RODO).

(4) The Administrator uses the Facebook pixel. This technology causes Facebook (Facebook Inc. based in the USA) to know that a person registered with it is using the Service. In this case, it relies on data in relation to which it is itself an administrator; the Administrator does not transfer any additional personal data from itself to Facebook. The service is based on the use of cookies on the User's terminal device.

(5) The Administrator uses a solution to study the behavior of Users by creating heat maps and recording behavior on the site. This information is anonymized before it is sent to the operator of the service so that he does not know which individual it concerns. In particular, typed passwords and other personal information are not recorded.

 

7 Information about cookies

1. the Store uses cookies.

(2) Cookies (so-called "cookies") are computer data, in particular, text files that are stored on the Store's User's terminal equipment and are intended 

for the use of the Store's websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.

(3) The entity placing cookies on the Store User's terminal device and accessing them is the Administrator.

(4) Cookies are used for the following purposes:

- maintaining the session of the Store User (after logging in), thanks to which the User does not have to re-enter his/her login and password on each sub-page of the Store;

- to carry out the purposes specified above in the section "Important marketing techniques";

(5) The Store uses two main types of cookies: "session" (session cookies) and "permanent" (persistent cookies). "Session" cookies are temporary files that are stored on the User's terminal device until the User logs out, leaves the website, or shuts down the software (web browser). "Permanent" cookies are stored on the User's end device for the time specified in the parameters of the cookies or until they are deleted by the User.

(6) Web browsing software (web browser) usually allows the storage of cookies on the User's final device by default. Users of the Store can change their settings in this regard. The web browser makes it possible to delete cookies. It is also possible to automatically block cookies Detailed information on this subject is contained in the help or documentation of the Internet browser.

(7) Restrictions on the use of cookies may affect some of the functionality available on the Store's websites.

8. cookies placed on the Store User's end device may also be used by entities cooperating with the Administrator, in particular, this applies to companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

 

8 Managing cookies - how to give and withdraw consent in practice?

(1) If you do not want to receive cookies, you can change your browser settings. We stipulate that disabling cookies necessary for authentication processes, security, and maintenance of user preferences may hinder, 

and in extreme cases may make it impossible to use the websites.

(2). To manage your cookie settings, select the web browser you are using from the list below and follow the instructions:

- Edge

- Internet Explorer

- Chrome

- Safari

- Firefox

- Opera

 

Mobile devices:

- Android

- Safari (iOS)

- Windows Phone