ONLINE SHOP – NEOCOUTURE.COM
1.2. The administrator of the personal data collected via the Online Shop is is operated by Rocari Trading Limited with the registered office at 9 Vyzantiou Str. 3065 Limassol, Cyprus, entered into tax identification number CY10332224A, e-mail address: firstname.lastname@example.org – hereinafter referred to as the ”Administrator” and acting simultaneously as the Online Shop Service Provider and Seller.
1.3. The personal data of the Service Recipient and Customer is processed pursuant to the Personal Data Protection Act of 29 August 1997 (Journal of Laws of 1997, No. 133, item 883 as amended) (hereinafter referred to as the Personal Data Protection Act) and the Act on Rendering Electronic Services of 18 July 2002 (Journal of Laws of 2002 No. 144, item 1204 as amended).
1.4. The Administrator shall protect the interests of the data subjects with due care, and in particular, shall make sure that: the data is collected lawfully; the data is collected for specified and lawful purposes and not subjected to further processing which is non-compliant with these purposes; the data is relevant and adequate to the purposes for which it is processed and the data is stored in the form that allows for the identification of the data subjects, no longer than it is necessary for the achievement of the purpose of the processing.
1.5. Any words, phrases and acronyms on this website which are written in capitals (e.g. Seller, Online Shop, Electronic Service) shall be construed in accordance with their definition included in the Terms and Conditions of the Online Shop available on the Online Shop website.
2. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS
2.1. Each time, the purpose, scope and recipients of the data processed by the Administrator result from the activities undertaken by the Service Recipient or Customer in the Online Shop. For instance, if the Customer selects the personal collection instead of the courier shipment whilst placing an order, then their personal data shall be processed for the purpose of conclusion and performance of the Sales Agreement, but shall not be made available to the carrier that delivers the shipments on behalf of the Administrator.
2.2. Possible purposes of collection of the personal data of Service Recipients or Customers by the Administrator:
2.2.1. conclusion and performance of the Sales Agreement or Agreement for Rendering Electronic Service (e.g. Account).
2.2.2. direct marketing of the Administrator’s own products or services.
2.3. Potential recipients of the personal data of Online Shop Customers:
2.3.1. In the case of the Customer who uses courier shipment as the method of delivery in the Online Shop, the Administrator makes the collected personal data available to the carrier or agent that delivers the shipments on behalf of the Administrator.
2.3.2. In the case of the Customer, who uses electronic payments or payment card as methods of payment in the Online Shop, the Administrator makes the collected personal data of the Customer available to a selected entity that processes the aforementioned payments in the Online Shop.
2.4. The Administrator may process the following personal data of the Service Recipients and Customers who use the Online Shop: name and surname; e-mail address; contact phone number; delivery address (street, house number, premises number, postal code, town/city, country), home/business/registered seat address (if it is different than the delivery address). In the case of Service Recipients or Customers who are not consumers, the Administrator may additionally process the company name and the tax identification number [NIP] of the Service Recipient or Customer.
2.5. The provision of the personal data referred to in the aforementioned section may be necessary for the conclusion and performance of the Sales Agreement or the Agreement on Rendering the Electronic Service in the Online Shop. Each time, the scope of the data required to conclude an agreement is indicated on the Online Shop website and in the Online Shop Terms and Conditions.
3. COOKIES AND OPERATIONAL DATA
3.1. Cookies are small text files sent by the server and saved by the visitor of the Online Shop (e.g. on the hard drive of a PC, laptop or smartphone’s memory card – depending on the type of the device used by the visitor of the Online Shop). Detailed information regarding the Cookies, as well as their history can be found, for instance, here: https://en.wikipedia.org/wiki/HTTP_cookie
3.2. The Administrator may process the data included in the Cookies during the use of the Online Shop website by the visitors for the following purposes:
3.2.1. to identify the logging of Service Recipients and to show that they are logged in;
3.2.2. to save the Products added to the shopping cart for the purpose of placement of an Order;
3.2.3. to save the data from the completed Order Forms, questionnaires or login data to the Online Shop;
3.2.4. to adjust the content of the Online Shop website to the individual Service Recipient preferences (e.g. regarding colours, font size and website layout) and to optimise the use of the Online Shop service;
3.2.5. to maintain anonymous statistics that present the manner of use of the Online Shop website
3.3. Typically, the majority of commercially available web browsers accepts the saving of Cookies by default. Everyone can determine the conditions for using the Cookies by means of settings in their own web browser. This means, e.g. that it is partly (temporarily) possible to limit or completely exclude the possibility of saving Cookies – in the latter case, however, this may affect certain Online Shop functionalities (for instance, it may turn out to be impossible to complete the ordering process using the Order Form, in view of the failure to save the Products in the shopping cart during the respective steps Order placement).
3.4. The web browser settings for Cookies are important from the point of view of consent to the use of the Cookies by our Online Shop – in accordance with the legal regulations, such a consent may also be expressed by the web browser settings. In the case of lack of such consent, the web browser settings with regards to the Cookies must be changed accordingly.
3.5. Detailed information on changes in the Cookie settings and their independent deletion in the most popular web browsers is available in the online help of the web browser and on the following websites (just click the link given below):
3.6. The Administrator also processes the anonymised operational data related to the use of the Online Shop (IP address, domain) to generate statistics useful in the administration of the Online Shop. The nature of this data is aggregate and anonymous, i.e. it does not contain features that identify the visitors of the Online Shop. The data is not disclosed to any third parties.
4. THE BASIS FOR DATA PROCESSING
4.1. The provision of personal data by the Service Recipient or Customer is voluntary, however, if the personal data indicated on the Online Shop website and Online Shop Regulations, necessary for the conclusion and performance of the Sales Agreement or Agreement for Rendering Electronic Services, is not provided this shall result in the impossibility to conclude the said Agreements.
4.2. The basis for the processing of the personal data of the Service Recipient or Customer is the necessity to perform the Agreement to which they are a Party, or to undertake activities upon their request before its conclusion. In the case of processing of the data for direct marketing purposes related to the Administrator’s own products or services, the basis for such processing is (1) the prior consent of the Service Recipient or Customer or (2) the accomplishment of legally justified objectives by the Administrator (pursuant to article 23, section 4 of the Personal Data Protection Act, the legally justified objective covers, in particular, direct marketing of the Administrator’s own products or services).
5. THE RIGHT TO CONTROL, ACCESS AND CORRECT THE DATA CONTENT
5.1. The Service Recipient or the Client shall have the right to access their personal data and to correct it.
5.2. Each person shall have the right to control the processed personal data included in the Administrator’s database, especially the right to demand the complementation, update and correction of the personal data, the temporal or permanent suspension of its processing or data deletion, if it is incomplete, outdated, untrue or if it was collected in violation of the Act or is no longer required for the purpose for which it was collected.
5.3. In the event that the Service Recipient or Customer gives their consent to data processing for the purpose of direct marketing of the Administrator’s own products or services, the granted consent may be cancelled at any time.
5.4. In the event that the Administrator intends to process or processes the data of the Service Recipient or Customer for the purpose of direct marketing of the Administrator’s own products or services, the data subject shall also have the right to (1) file a written, justified request to stop processing their data because of their special situation or (2) object to the processing of their data.
6. FINAL PROVISIONS
6.2. The Administrator shall use technical and organisational measures which ensure the protection of the processed personal data that is adapted to the risks and data categories covered by the protection, and in particular, the Administrator protects the data from disclosure to unauthorised persons, takeover by an unauthorised person, processing in violation of the applicable legal regulations and modification, loss, damage or destruction.
6.3. The Administrator shall accordingly provide access to the following technical measures which prevent the acquisition and modification of the electronically transmitted personal data by unauthorised persons:
6.3.1. Protection of the personal data from unauthorised access.
6.3.2. Access to the Account only after entering an individual login and password.
We would like to kindly inform you that on May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data comes into effect. Directive 95/46 / EC (“RODO”). In connection with the performance of tasks related to the day-to-day administration of data on the contract and the resulting obligations in the processing of personal data, fulfilling the obligation under Art. 13 para. 1 and item 2 of the GDPR, we would like to inform you that:
1. The administrator of your personal data is Rocari Trading Ltd, Reg No. HE332224, Address: Vyzantiou 9, 3065 Limassol, Cyprus. The data will be processed in order to perform the order for the provision of services.
2. We entrusted personal data to our technology partners, that is, entities that provide us with services such as hosting, e-mailing and provide us with statistical services, social networking services and software development and maintenance only in connection with the implementation of our goals. In addition, the data can be entrusted to partners who assist us in the processes of all kinds of advertising campaigns only in connection with the implementation of our objectives. Data can also be made available to law and public administration authorities in cases that are legally justified.
3. Rocari Trading Ltd, Reg. HE332224, Address: Vyzantiou 9, 3065 Limassol, Cyprus has established a section on data-related matters, which is available by phone: 00 357 99 919020 and e-mail: email@example.com
4. At any time consent to the processing of personal data may be withdrawn. Withdrawal of consent to the processing of data does not affect the lawfulness of processing of your data by Rocari Trading Ltd on the basis of consent before its withdrawal.
5. Withdrawal of consent may take place by sending an appropriate statement to the e-mail address: firstname.lastname@example.org. Below is an example statement: “Acting on behalf of (name of the entity) with its registered office in (address) or, I – surname and first name, address – I hereby withdraw my consent to the processing of my personal data by Rocari Trading Ltd with its registered office in Limassol.”
6. Rocari Trading Ltd informs you that you have the right to access your data and rectify, delete, limit their processing, the right to transfer data, the right to raise objections, the right to withdraw consent to their processing at any time without affecting the compliance with the right of processing made on the basis of consent before its withdrawal.
7. You have the right to lodge a complaint with the supervisory authority.