PRIVACY POLICY   

version effective from 30.11.2022 

the previous version of the Privacy Policy is available here 

 

What is a Privacy Policy? 

We would like to provide you with details concerning our processing of your personal data in order to give you full knowledge and comfort in using our website. 

Since we operate in the online sector, we know how important it is to protect your personal data. Therefore, we make particular efforts to protect your privacy and information you provide us with.  

We carefully select and apply appropriate technical measures, in particular programming and organisational measures, to ensure protection of the personal data we process. Our website uses encrypted data transmission (SSL), which ensures protection of your identity. 

 

In our Privacy Policy you will find all key information regarding our processing of your personal data.  

Please read it, we promise it won’t take more than a few minutes. 

 

Who is the administrator of the website: www.provock.com.pl? 

The administrator of the website is Oliwa Suda, conducting business activity under the business name PROVOCK OLIWIA SUDA, entered to the Central Registration and Information on Economic Activity (CEIDG) maintained by the Minister of Economy, with its registered office in Poznań, at ul. Stanisława Szczepanowskiego 3/28, 60-541 Poznań, Poland, Taxpayer Identification (NIP) Number: 4970093369, National Official Register of Business Entities (REGON) Number: 523283622 (i.e.: We). 

Personal data  

What legal act governs the processing of your personal data? 

Your personal data are collected and processed by us in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119, p. 1), commonly referred to as: GDPR. In the scope not regulated by the GDPR, the processing of personal data is governed by the Personal Data Protection Act of 10 May 2018.  

 

Who is the controller of your personal data? 

The controller of your personal data is Oliwa Suda, conducting business activity under the business name PROVOCK OLIWIA SUDA, entered to the Central Registration and Information on Economic Activity (CEIDG) maintained by the Minister of Economy, with its registered office in Poznań, at ul. Stanisława Szczepanowskiego 3/28, 60-541 Poznań, Poland, Taxpayer Identification (NIP) Number: 4970093369, National Official Register of Business Entities (REGON) Number: 523283622, phone number: + +48 502444301, e-mail: office.provock@gmail.com. 

You can contact us about your personal data using the following methods: 

 – e-mail: office.provock@gmail.com, 

 – traditional mail: ul. Stanisława Szczepanowskiego 3/28, 60-541 Poznań, Poland, 

 – by phone: +48 502444301. 

How do we process your personal data, that you provide to us? 

What personal data do we process and for what purposes? 

On our website we offer a variety of services as part of which we process different personal data on different legal grounds.  

 

Objective  Personal data  Legal basis for processing  Data retention time  
conclusion and performance of an agreement   first name, last name, address for correspondence, e-mail address, telephone number  article 6(1)(b) of the GDPR, i.e. processing in order to take action at your request, prior to conclusion of a contract, and processing necessary for the performance of a contract to which you are party  until the expiry of the limitation period for claims concerning the performance of the contract 
creating and maintaining an account   first name, last name, e-mail address, telephone number  article 6(1)(b) of the GDPR, i.e. processing in order to take action at your request, prior to conclusion of a contract, and processing necessary for the performance of a contract to which you are party   until the account is deleted 
determination, pursuit and enforcement of claims and defence against claims in proceedings conducted before courts and other state authorities 

 

first name, last name, address, PESEL number, tax identification number (NIP), national business registry number (REGON), e-mail address, telephone number, IP number, bank account number, payment card number  article 6(1)(f) of the GDPR, i.e. processing for the purpose of pursuing our legitimate interest in establishing, pursuing and enforcing claims and defending against claims in proceedings conducted before courts and other state authorities  until the expiry of the limitation period for claims concerning the performance of the contract 
fulfilling legal obligations arising from legal regulations, in particular tax and accounting regulations  first name, last name, company name, PESEL number, tax identification number (NIP) or national business registry number (REGON), e-mail address, telephone number, address for correspondence, payment card number  

 

Article 6(1)(c) of the GDPR, i.e. processing is necessary to fulfil legal obligations incumbent of the Controller, resulting from legal regulations, in particular tax and accounting regulations  until the expiry of the legal obligations imposed on the Controller which justify the processing of personal data 

 

Voluntary provision of personal data 

Provision of the required personal data is voluntary, but it is necessary for us to provide services to you.  

Recipients of personal data  

The current list of entities to which we disclose your personal data can be found here.  

Automated decision making (including profiling) 

Your personal data will not be used for profiling or for automated decision making to You.. 

Will we transfer your personal data outside the EEA or to an international organisation? 

Your personal data will not be transferred outside the European Economic Area or to an international organisation. 

What rights do you have with regard to our processing of your personal data? 

Pursuant to the GDPR, you have the right to:  

If you submit any of the above requests, without undue delay – and in any case within one month from receipt of the request – we will inform you of the actions taken in connection with your request.  

If necessary, we can extend the one-month period by another two months due to the complexity of the request or the number of requests.  

In any case, we will inform you within one month from receiving your request about any extension and give you the reasons for the delay.  

Right of access to personal data (Article 15 of GDPR) 

You have the right to be informed whether we are processing your personal data 

If we process your personal data, you have the right to: 

If you wish to request access to your personal data, please send your request to office.provock@gmail.com. 

Right to correct your personal data (Article 16 of GDPR) 

If your personal data are incorrect, you have the right to ask us to correct your personal data immediately. You also have the right to request that we supplement your personal data.  

If you wish to request correction or supplementation of your personal data, please send your request to office.provock@gmail.com. 

The right to have your personal data deleted, i.e. the so-called “right to be forgotten” (Article 17 GDPR) 

You have the right to request that your personal data be deleted when: 

Despite your request to delete your personal data, we may process your data further for the purpose of determining, pursuing or defending claims, of which you will be informed.  

If you wish to request deletion of your personal data, please send your request to office.provock@gmail.com. 

Right to submit a request to restrict processing of your personal data (Article 18 of GDPR) 

You have the right to request restriction of the processing of your personal data when: 

If you wish to request restricted processing of your personal data, please send your request to office.provock@gmail.com. 

Right to submit an objection to the processing of your personal data (Article 21 of GDPR) 

You have the right to object to the processing of your personal data at any time, including profiling, in connection with: 

If you wish to submit an objection to the processing of your personal data, please send your request to office.provock@gmail.com. 

Right to request transfer of your personal data (Article 20 of GDPR)  

You have the right to receive your personal data from us in a structured, commonly used machine-readable format and to send data to another personal data controller. 

As standard, we will provide you with your personal data in CSV format. If you prefer to have your data provided to you in a different format, please indicate your preferred format in your request. As far as possible, we will try to provide your data in your preferred format.  

You can also request that we send your personal data directly to another controller (if technically possible).  

If you wish to request transfer of your personal data, please send your request to office.provock@gmail.com. 

Can you revoke your consent to personal data processing? 

You may revoke your consent to the processing of your personal data at any time.  

Withdrawal of consent to personal data processing does not affect the legitimacy of processing carried out by us on the basis of your consent before it was withdrawn.  

If you wish to withdraw consent to the processing of your personal data, please send your request to office.provock@gmail.com. 

 

 

Complaint to the supervisory authority  

If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, your place of work or where the alleged infringement was committed. 

In Poland, the supervisory authority within the definition of the GDPR is the President of the Office for the Protection of Personal Data, who replaced the GIODO as of 25 May 2018.  

You can find more information here. 

COOKIES 

General information 

 

While browsing the web pages of the Online Shop, HTTP cookies are used, hereinafter referred to as cookies, in other words small text data files, saved on your end-device while using the Online Shop. Their use is aimed at facilitating the operation of our Online Shop website. 

These files allow us to identify the software you are using and tailor our Online Shop to your needs.  

Cookies usually contain the name of the domain from which they come, duration of their storage on the device and values assigned to them. 

 

Safety  

Cookies we use are safe for your devices. Therefore, no viruses and no unwanted or malicious software can affect your devices via cookies.  

 

Types of cookies 

We use two types of cookies: 

This mechanism does not allow the acquisition of any personal data or confidential information from your device. 

Persistent cookies: stored and kept on your device until deleted. Closing the web browser or switching off the device does not cause them to be removed from your device. This mechanism does not allow the acquisition of any personal data or confidential information from your device.  

 

Aims  

We also use cookies of external entities for the following purposes:  

To be familiar with rules for the use of cookies, we recommend that you read the privacy policies of the company mentioned above. 

Through the settings of the browser or through the service configuration, you may individually and at any time change the Cookies settings by defining the conditions of their storage and their ways to access your device. You may change those settings in a way to block the automatic use of Cookies in the browser settings or to inform you each time they are being stored on your device. Detailed information about possibilities and ways to use Cookies are available in the settings of your browser.