Security Policy for the Processing of Personal Data
We would like to inform you that the Administrator of personal data, obtained in the florempol.com internet warehouse is Florempol Company, Przemysław Albin, based in Sulejów (97-330), at ul. Góra Strzelecka 21.
Personal data will be processed by Florempol to:
1. Implementation of the order process placed in the store.
2. Considering possible complaint processes.
3. For marketing purposes – sending the newsletter – if the customer during the registration process indicated his desire to receive it.
The period for which personal data will be kept:
The collected data is used by the Seller for an indefinite period of time, solely for the purpose of administering the Shop. They are not transferred to third parties, with the exception of the circumstances described in the Security Policy for the Processing of Personal Data, point 10, subpoint 10.3. (Personal data may be made available only to entities authorized to receive them under the law and to the persons concerned).
Rights of the person to whom the personal data relates:
- the right of access to the content of his personal data, i.e. the right to obtain confirmation whether the Administrator is processing data and information concerning such processing;
- the right to rectify data if the data processed by the Administrator is incorrect or incomplete;
- the right to request the Administrator to delete the data;
- the right to demand from the Administrator to restrict data processing;
- the right to transfer the data, i.e. the right to receive personal data provided to the Administrator and send it to another Administrator;
- the right to lodge a complaint with the Polish supervisory authority or with the supervisory authority of another Member State of the European Union, competent for the data subject’s habitual residence or work or for the place of the alleged breach of the GDPR (General Data Protection Regulation) rules;
- the right to withdraw consent at any time (without affecting the lawfulness of the processing that was carried out on the basis of consent before withdrawal);
- the right to obtain human intervention on the part of the Administrator, to express his or her views and to challenge a decision based on automated data processing.
The rights listed in points 1 – 8 above (excluding point 6) can be exercised, among other things, by contacting the data Administrator (address given in the introduction, with the note: “Data protection”) or by contacting the data Administrator by email: florempol.eu@gmail.com
Categories of data recipients (entities processing personal data on behalf of Florempol): telecommunication entrepreneurs, debt collection companies, banks, postal operators, carriers, business information offices, customer survey companies, partners providing technical services (for example, development and maintenance of IT systems and websites).
* Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
PRIVACY AND USE POLICY OF COOKIES on the florempol.com website
§ 1 General provisions
1. The privacy and use of cookies on the website florempol.com (hereinafter referred to as the “Policy”) was created and adopted by Florempol.
2. The terms used in the Policy mean: Service: internet service pierwszagwiazdka.pl.
1) User: entity using the publicly available Service;
2) Owner: Florempol, ul. Góra Strzelecka 21, 97-330 Sulejów, NIP 7712627093;
3) Cookies: text files, sent by the Website and saved on the User’s end device, which the User uses while browsing the Website. Files contain information necessary for the proper functioning of the Website. Cookies most often contain the domain name of the website from which they originate, their storage time on the terminal device and number.
3. The purpose of the Policy is in particular:
1) providing Users with information regarding the use of Cookies in the Service, required by law, including the Telecommunications Law;
2) providing Users with privacy protection to the extent that meets the standards and requirements set out in applicable law.
4. The owner restricts the collection and use of information concerning Users to the minimum necessary to provide services to them.
5. In order to gain full access through the Service to the content and services offered by the Owner, it is advisable to accept the rules resulting from the Policy. Acceptance may be made by means of software settings installed in the device or service configuration used by the User.
6. The following legal provisions, among others, shall apply:
1) Act of 16 July 2004, Telecommunications Law (Journal of Laws 2017.1907, consolidated text as amended);
2) Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2017.1219, consolidated text as amended);
3) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), (Journal of Laws L 119, 4.5.2016) together with the Polish regulations on personal data protection.
4) Act of 10 May 2018 on personal data protection (Journal of Laws 2019, item 1781, consolidated text).
§ 2 Protection of privacy and personal data
Data concerning the Users are processed by the Owner in accordance with the law. The personal data of the Users obtained by the Owner shall be processed on the basis of the consent given by the User or the occurrence of other prerequisites entitling to data processing according to the regulations, in particular the Regulation.
2. The Owner takes special care to protect the interests of data subjects, and in particular ensures that these data are:
1) processed in accordance with the law, reliably and transparently for the Clients and other data subjects;
2) collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;
3) adequate, relevant and limited to what is necessary for the purposes for which they are processed;
4) correct and updated if necessary;
5) stored in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
6) processed in a manner ensuring adequate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organisational means.
3. The Owner shall take appropriate technical and organisational measures to ensure the protection of personal data processed, appropriate to the nature, scope, context and purpose of the processing and the risks of infringement of the rights or freedoms of individuals.
4. The Owner strives to systematically modernise the IT, technical and organisational measures for the protection of these data, in particular the Owner shall ensure that the IT protection measures are updated to protect against viruses, unauthorised access and other threats resulting from the operation of the IT system and telecommunications networks.
5. The Owner may – among other cases arising from the provisions of law – process the following personal data of the Customer, necessary to establish, shape the content, change or terminate the contract:
1) the Customer’s surname and forenames;
2) the permanent address of residence;
3) the address for correspondence, if different from the address of residence;
4) the right to object to processing or to limit processing;
5) the Client’s email addresses;
6) the telephone number.
6. The Owner may process, with the consent of the Customer and for the purpose of advertising, market research and customer behavior and preferences, for the purpose of the results of this research to improve the quality of services provided by the Owner, other data relating to the Customer, which are not necessary to provide the service electronically.
7. Everyone User who has made his or her data available to the Owner in any way, the Owner shall provide access to the data and the exercise of other rights to the data subjects in accordance with the applicable laws, including those persons have:
1) the right to withdraw consent to the processing of personal data;
2) the right to information concerning their personal data;
3) the right to control the processing of data, including their completion, updating, rectification, erasure;
4) the right to object to or to limit the processing;
5) the right to complain to the supervisory authority and to use other legal remedies to protect their rights.
8. The Owner may process personal data in an automated manner, including through profiling, under the terms of the Regulation. In such a case, the purpose of the Owner’s actions is marketing purposes or the need to personalize the messages sent to the Users (including matching the information to the User’s needs or expectations). The User has the right to object to such processing of his data – this objection may be expressed by sending a message to the Owner’s address.
9. The person who has access to the personal data, processes it only on the basis of the Owner’s authorization or agreement to entrust the processing of personal data and only on the order of the Owner.
10. In connection with the operation of the Service, the Owner uses the services of other entities, including, in order to perform the contract with the User. Personal data of the Users may be transferred a:
1) hosting company,
2) provider of software to operate Service,
3) Internet service provider,
4) companies providing courier or postal services,
5) provider of the electronic payment platform,
6) supplier of invoicing software,
7) entities providing accounting services,
8) marketing or advertising service provider.
§ 3. Cookies
1. Cookies identify the User, which allows adjusting the content of the website he uses to his needs. By remembering his preferences, he allows to tailor the content addressed to him, including ads. The Owner uses cookies to guarantee an appropriate standard of Website convenience, and the collected data is used only inside the company to optimize operations.
2. Cookies are used to:
1) adjusting the content of the Website to the User’s preferences;
2) optimizing the use of the Website, in particular by recognizing the User’s end device;
3) creating statistics;
4) maintaining the User’s session;
5) providing the User with advertising content.
3. The Owner processes statistical information on the use of the Service, including information about the session, IP number, the amount of time spent on individual pages and subpages, the use of individual service functionalities, information about the device and the Internet browser. These data are processed in accordance with Article 6, Act 1, letter f of the Regulation, in the legally justified interest of the Administrator, consisting in facilitating the use of the Service, improving the quality and functionality of the services provided, and the processing of these data does not violate the rights and freedoms of the Users. Information about Users is not used for any additional purposes.
4. These data are processed as part of the Owner’s ongoing activities, but no longer than 60 days after receiving the information. After this time, the Owner may further process general statistical data, which will be deprived of any information concerning individual Users.
5. Please note that in some cases, the software installed by the User on the terminal device for browsing the web (for example, a web browser) introduces a default storage of Cookies in the User’s terminal device. Users can change their Cookies settings at any time. These settings may be changed, among other things, in such a way as to block automatic Cookie settings or to inform you of their placement on your terminal device each time. Detailed information in this regard is available in the settings and instructions for the software (web browser).
6. The User may at any time disable or restore the option of collecting Cookies by changing the settings of his device and web browser in the field of using Cookies or other similar technologies.
7. Changing the settings constitutes an objection, which in the future may cause difficulties in the use of the Service. The complete disabling of the Cookies option will not mean that you will not be able to browse the content of the Service, except for those to which access requires logging in.
8. Failure to change the settings means that the data will be placed in the User’s terminal device (use of the Service will cause automatic placement of Cookies in the User’s terminal device).
9. Cookies are stored on the User’s devices not longer than 12 months.
10. The stored data, placed in the User’s end device, does not cause any configuration changes in the User’s end device or the software installed in this device.
11. The information about Cookies also applies to other similar technologies used in the Service.
§ 4 Complaints
1. Complaints can be sent to the Owner, in electronic form to the address: florempol.eu@gmail.com
2. There is a possibility to use out-of-court ways of handling complaints and pursuing claims in legal relations with Consumers, including:
1) the possibility to resolve disputes electronically via the ODR (online dispute resolution) platform, available at:
2) the possibility of conducting amicable proceedings before a common court or other organs.
3. The Owner undertakes to consider the complaint within 14 days.
4. If the complaint is accepted, the Owner will take appropriate action.
5. In order to process the complaint, the Owner processes the personal data of the Users submitting the complaint, in particular the email address, name, surname, content of the complaint, circumstances of the event giving rise to the complaint, information obtained in the course of processing the complaint, including explanation of the event giving rise to the complaint. In the course of processing the complaint, the Owner may process a number of other information, including information about the User’s use of the Services, cookies or other similar technologies, information about devices. These data are processed in accordance with Article 6, Act 1, letter b of the Regulation, for the purpose of processing the complaint and are processed for the time necessary to consider the complaint and after the complaint procedure is completed for archiving purposes, in accordance with the Accounting Act, if necessary to defend against possible claims against the service provider.
6. If an investigation is undertaken into a possible violation of the provisions of the Regulations, Policy or law, rules of social coexistence or good manners, the Owner may process the User’s personal data until the end of the pending proceedings and until the expiry of the limitation period for claims, which usually is 3 years, but in special cases provided for by law, it may be longer. These data will then be processed, including the data made available in accordance with Article 6, Act 1, letter f of the Regulation, i.e., in the legally justified interest of the Administrator in pursuing its claims against the User. The legally justified interest of the Administrator shall then be the overriding objective in relation to the rights and freedoms of the User.
§ 5 Final provisions
1. The Policy was adopted by order of the Owner and enters into force on 14.04.2020. The change of the content of the Policy may be made in the same way.
2. Any deviation from the Policy must be made in writing under pain of nullity.
3. The law applicable to the Policy is the law of the Republic of Poland.
4. In matters not regulated in the Policy, the relevant provisions of law shall apply.