PRIVACY POLICY
RAW ART Limited Liability Company
Podmiejska Street 27/43, 62-800 Kalisz
Tax Identification Number: 618 219 6063
REGON: 524 225 207
KRS: 0001014315
Share capital: PLN 105,000.00
1. Definitions
- Administrator – RAW ART Sp. z o. o. with its registered office in Kalisz, ul. Podmiejska 27/43, correspondence address the same, conducting business activity, registered in the National Court Register under number 0001014315.
- User / Customer – a natural person, legal person or organizational unit without legal personality who uses the Administrator’s services, visits the website, makes purchases, etc.
- Personal data – any information relating to an identified or identifiable natural person that the Controller collects and processes.
- GDPR / General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
- Website / Website – a website managed by the Administrator, through which the User interacts with the company (e.g. order fulfillment, account registration, contact).
2. Purposes and legal basis of processing
The Administrator processes Users' personal data for the following purposes:
| Purpose of processing | Legal basis |
|---|---|
| Fulfillment of the contract / provision of services / delivery of products | Article 6(1)(b) of the GDPR |
| Payment processing, accounting, invoicing | Article 6(1)(b) of the GDPR |
| Sending marketing information/newsletter (if consent is given) | Article 6(1)(a) of the GDPR |
| Direct marketing of your own products or services | Article 6(1)(f) of the GDPR (legitimate interest of the Administrator), unless the User has objected |
| Handling complaints and legal disputes | Article 6(1)(c) and (f) of the GDPR |
| Maintaining the security of the website (e.g. protection against abuse) | Article 6(1)(f) of the GDPR |
3. Scope and types of data collected
Depending on the situation, the Administrator may collect the following data:
- identification data: name and surname, company name (if applicable), Tax Identification Number / Personal Identification Number (if required)
- contact details: e-mail address, telephone number, delivery/mailing address
- payment details: bank account number, invoice details
- technical data: IP address, login data, device and browser data, cookies, website activity data
- additional data: e.g. purchase history, preferences, customer reviews
4. Data Sharing
The Administrator may share personal data in the following cases:
- entities cooperating for the purpose of implementing the contract: logistics, courier, payment, accounting
- state or administrative bodies when legal provisions impose such an obligation
- IT service providers supporting the website (hosting, servers, analytical systems) who are obliged to maintain confidentiality
5. Data storage period
- Data related to the performance of the contract (e.g. transaction data, invoices) are stored for the period required by tax and accounting law (e.g. 5 years or other statutory period)
- Marketing data/newsletter – until consent is withdrawn or an objection is raised
- Website user data – until the account is closed or the data is permanently deleted, unless the law requires a longer period
6. Rights of data subjects
The user has the right to:
- access to your data
- data rectification (correction)
- deletion of data ("right to be forgotten") if there is no legal basis for further processing
- processing restrictions
- data transfer
- object to data processing, especially in cases of direct marketing
- withdraw consent at any time if the processing is based on consent
7. Cookies and similar technologies
- The website uses cookies for the proper functioning of the website, analytics, content personalization and marketing.
- The user can manage consent to the use of cookies through browser settings or appropriate tools available on the website.
- There are necessary cookies, disabling which may prevent the website from functioning properly.
8. Safety measures
The Administrator uses technical and organizational measures to protect Users' personal data against unauthorized access, loss, alteration and disclosure:
- connection encryption (e.g. SSL/TLS)
- securing access to IT systems with a password and restricted access rights
- regular backups
- data protection training for employees
9. Transfer of data outside the EEA
If data is transferred outside the European Economic Area (EEA), the Controller will provide appropriate safeguards (e.g. standard contractual clauses approved by the European Commission, adequacy decisions).
10. Changes to the privacy policy
- The Administrator reserves the right to make changes to the Privacy Policy
- Any changes will be published on the website and will come into effect on the date specified in the communication.
- Users will be informed about significant changes to the extent that their rights are affected
11. Contact
In matters relating to personal data protection and the exercise of data-related rights, please contact:
- E-mail address: [enter the correct data administration e-mail address here]
- Correspondence address: Podmiejska Street 27/43, 62-800 Kalisz
- Other contact details (telephone, fax) – if used