Privacy policy

Miloni.pl - meble nowoczesne

ONLINE STORE'S PRIVACY POLICY

General

  1. This document specifies the privacy rules in the miloni.pl Online Store.

  2. Mateusz Nowotnik prowadzący działalność gospodarczą pod firmą Mateusz Nowotnik, running his business operations under the business name MILONI Mateusz Nowotnik, Struga 2, 77-121 Struga, NIP 8421601095, REGON: 222097482; e-mail address: biuro@miloni.pl, phone: (59) 822 58 46 (hereinafter "the Controller ”);

  3. This document uses the definitions included in the Terms and Conditions available here.

  4. The personal data collected by the Controller, are processed in accordance with Regulation of the European Parliament and the Council (EU) 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/WE (hereinafter GDPR), of the Act of 18 July 2002 on the provision of electronic services (consolidated text Journal of Laws 2017 item 1219 as amended), and of the Act of 16 July 2004-Telecommunication Law (consolidated text Journal Journal of Laws of 2017 item 1907 as amended).

  5. The Personal Data Controller ensures that he makes any effort to ensure that the processing of the personal data proceeds with the greatest respect for the privacy of the persons covered by the data being processed, and with the highest care for the security of the personal data being processed, and in particular, he ensures that he has undertaken any legally provided measures in order to protect the personal data being processed.

  6. Each User can choose, whether or not and to what extent they want to use the services and offer their personal information. The Controller does not keep any confidential data, such as credit card numbers or the access data to bank accounts.

  7. The Controller diligently selects and applies appropriate technical measures, including software and organizational measures, which ensure the protection of the data processed as appropriate for the hazards and the category of the data being protected, in particular he secures the data against making them available to any unauthorized persons, disclosing, losing, and destroying, any unauthorized modification, and also against being processed in breach of the binding legal regulations. Additionally, all the employees and co-workers of the Controller, who can access the personal data, have been properly trained in the processing of personal data.

  8. The Online Store uses encrypted data transmission (SSL) during the registration and logging processes, ensuring the protection of the Users' identification data, and makes it significantly difficult to obtain in an unauthorized way any User's data which may give access to their account in the Online Store.

  9. The Online Store may contain hyperlinks to other websites. The Administrator shall not bear any liability for the personal data protection policy applied by these websites. The Controller undertakes to apply due care, so that the Users (Clients and Service Recipients) are aware of using a different website which is independent from the Controller after using any hyperlink.

Scope of the Personal Data Being Processed, the Objectives and the Legal Basis

  1. The Controller collects data provided voluntarily by the Users of the Online Store. Moreover, the Controller may save the information about the connection parameters, such as the User's IP address, proxy server, session name, device name, operating system and browser, the location and the name of the Internet service providers, or the mobile service providers for technical purposes, associated with the server administration, in order to perform the contract a party to which is the person covered by the data (on the basis of Article 6 section 1 letter b of GDPR), and to generate any collective and statistical information (e.g. about the region from which the connection is made), based on which it is impossible to identify the User, as well as for the purposes of safety.

  2. The Users' data are processed with regard to:

    1. preparing and giving the answer to the Users' questions sent through the contact form, in particular to send an offer (the scope of the data: the name and surname/company name, the e-mail address, contact telephone number – due to the fact that the processing is is necessary to take actions at the request of the person the data relate to, before entering into the Contract (Art. 6 section 1 letter b of GDPR),

    2. provide services electronically by the Controller, as defined by the provisions of the Act of 18 July 2002 on the provision of electronic services (consolidated text Journal of Laws of 2019 item 123 as amended), consisting in sending a newsletter and transferring information about the Controller's products and services in this form (the scope of the data: e-mail address) – on the basis of a separately granted consent (Art. 6 section 1 letter a of GDPR);

    3. the conclusion and performance of a contract without any registration in the service, a party to which is the User, among others issuing a VAT invoice, delivering any goods, accepting any return or examining any complaint (the scope of the data: the name and surname/company name, NIP, correspondence address, contact telephone number, e-mail address ) – due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    4. the provision by the Controller of a service electronically as defined by the provisions of the Act of July, 18 2002 on Electronic Services Provision, consisting in sharing an interactive form for placing an order without any registration in the service (the scope of the data: the name and surname/company name, NIP, correspondence address, contact telephone number, e-mail address) – due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    5. the conclusion and performance of a contract associated with registering in the website, a party to which is the User, among others issuing a VAT invoice, delivering any goods, accepting any return, or examining any complaint (the scope of the data: the name and surname/company name, NIP, correspondence address, contact telephone number, email address password) - due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    6. the provision by the Controller of a service electronically as defined by the provisions of the Act of July, 18 2002 on Electronic Services Provision, consisting in running an account at the Controller's online store, and sharing an interactive form which makes it possible to place an order as a logged-in User – due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    7. preparing and giving the answer to the Users' questions sent by means of the valuation form, in particular preparing any valuation and sending an offer (the scope of the data: the name, the last name, e-mail address, contact telephone number) – due to the fact that the processing is necessary to take actions at a request of the data subject, before entering into a contract (Art. 6 section 1 letter b of GDPR),

    8. the conclusion and performance of a cooperation contract a party to which may be architects, designers, entities running retail outlets, including settlements (the scope of the data: the name and surname/company name, e-mail address, correspondence address, contact telephone number – due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    9. preparing and giving the answer to the Users' questions sent by means of the cooperation form, in particular sending a catalogue, or a free color fan-deck (the scope of the data: the name and surname/company name, e-mail address, correspondence address, contact telephone number) – due to the fact that the processing is necessary to take actions at the request of the person the data relate to, before entering into a Contract (Art. 6 section 1 letter b of GDPR),

    10. the provision by the Controller of a service electronically as defined by the provisions of the Act of July, 18 2002 on Electronic Services Provision, consisting in sharing an interactive form which makes it possible to place a request for sending a catalogue or a free color fan-deck (the scope of the data: the name and surname/company name, e-mail address, correspondence address, contact telephone number) – due to the fact that the processing is necessary to perform a contract a party to which is the data subject (Art. 6 section 1 letter b of GDPR),

    11. uploading by the User (by e-mail, on Facebook.com, or in the Google search engine) their opinion on the miloni.pl website and its subpages, and also in promotional materials of the Controller, and on the fanpage kept on facebook.com,

    12. pursuing any receivable amounts (the scope of the data: the name and surname/company name, address, email address, contact telephone number, delivery address, other data necessary to prove the existence of the claim, or to enforce any rights) – on the basis of Article 6 section 1 letter f of GDPR i.e. due to the fact that the processing is necessary for the purposes arising from any legitimate interests pursued by the Controller or by a third party,

    13. fulfilling the Controller's legal obligations, in connection with his business operations (the scope of the data: any data obtained from the Users) – on the basis of Article 6 section 1 letter c of GDPR i.e. due to the fact that the processing is necessary to fulfill the Controller's legal obligation,

    14. conducting direct marketing (the scope of the data: the name and surname/company name, address, email address, contact telephone number, delivery address, and data related to the Users' activities registered and stored in cookie files) – on the basis of Article 6 sect. 1 letter f of GDPR, namely due to the fact that the processing is necessary for the purposes arising from any legitimate interests pursued by the Controller or by a third party,

    15. transferring any commercial information electronically according to Art. 10 section 2 of the act of July, 18 2002 on the Provision of Electronic Services (the scope of the data: the first name, last name, address, delivery address, e-mail address, telephone number) – on the basis of a separately granted consent,

    16. using terminal telecommunication devices and automatic calling systems for direct marketing purposes according to article 172 of the Act of 16 July 2004 Telecommunication Law (the scope of the data: the first name, last name, address, delivery address, e-mail address, telephone number) – on the basis of a separately granted consent.

  3. Within the process of registering accounts in the Online Store, placing an order without registering an account, placing an inquiry through the contact form or the valuation form, subscribing to the services consisting in sending a newsletter or sending a single catalogue or free color fan-deck, transferring their data for the purpose of establishing cooperation through the cooperation form, the User receives the information mentioned in Art.13 sect. 1 and 2 of GDPR, and can express their consent to collecting and processing their personal data by the Controller in a way and for the purposes described in the expressed consent, and in this document. The User's personal data are provided voluntary, but it is required to:

    1. prepare and give the answer to any inquiry sent through the contact form, in particular to prepare an offer, and the failure to provide the data makes it impossible for the Controller to process the inquiry,

    2. prepare and give the response to your inquiry sent by means of the valuation form, in particular to prepare a valuation and send an offer, and the failure to provide the data makes it impossible for the Controller to process the inquiry

    3. send the newsletter, and the failure to provide the data makes it impossible for the Controller to provide the newsletter,

    4. conclude and perform an electronic services provision contract consisting in sharing an interactive form which makes it possible to place an order, and the failure to provide the data makes it impossible to place the order,

    5. conclude and perform an electronic services provision contract consisting in running an account at the Controller's Online Store, and in sharing an interactive form for placing an order as a logged-in User, and the failure to provide the data makes it impossible to create an individual account at the Controller's online store and place orders as a logged-in User;

    6. conclude and perform a sales contract, and the failure to provide the data makes it impossible to conclude this contract;

    7. establish cooperation, send a catalogue or a free color fan-deck, and the failure to provide the data makes it impossible for the Controller to establish the cooperation, or to send the catalogue, or the free color fan-deck;

    8. ​​​provide a service electronically by the Controller, as defined by the provisions of the Act of 18 July 2002 on the Electronic Services Provision, consisting in sharing an interactive form which makes it possible to place a request for sending a catalogue or a free color fan-deck, and the failure to provide the data makes it impossible for the Controller to send the catalogue, or the free color fan-deck;

    9. upload an opinion on the magsteron.pl website and its sub-websites, promotional materials, and the fanpage kept on facebook.com, and the failure to provide the data makes it impossible for the Controller to upload the opinion.

  4. The User shall be liable for providing untrue personal data.

  5. Reviewing the Online Store's content does not require the User to provide any personal data other than the data obtained automatically about the connection parameters, unless accessing them is dependent upon creating an account. Without registering an account, the use of the Online Store's functionalities is limited.

  6. The Controller does not process a Users' personal data with the use of automated decision making tools, including profiling.

  7. The personal data of the Online Store's Users are not transferred to other recipients, unless the Users have expressed their consent to this, or when the requirement to disclose any information collected results from the binding legal regulations.

Personal Data Processing Time

  1. The personal data will be processed for a period of:

    1. any correspondence initiated by an inquiry transferred through the contact form or the valuation form – until the expiry of 4 months from the time of its completion;

    2. necessary for the Controller to provide electronic services consisting in sharing an interactive form which makes it possible to send a request for a catalog or a free color fan-deck – for a period of 6 months from the date of delivering the catalogue or the free color fan-deck, or the end of any correspondence associated with this, depending on whichever is the last contract with the User;

    3. necessary for the Controller to provide any electronic services consisting in running an account at the Controller's Online Store, and sharing an interactive form for placing orders or performing any concluded sales contracts and cooperation contracts, also after their completion due to the possibility that the parties could exercise their rights related to the contracts concluded, as well as due to pursuing any possible amounts payable – until the elapse of the limitation term for the User's claims, or the cancellation of their account in the Online Store, whichever of the events occurs later,

    4. until the consent expressed is revoked, or any objection is submitted against the data processing (which shall take place as a result of terminating any contract for the provision of an electronic service consisting in sending a newsletter) – in the cases of the processing of the User's personal data based on a separate consent to publish the content of an opinion, to send the newsletter and transfer any information regarding the Controller's products and services, or on the basis referred to in Article 6 section 1 letter e, or f of GDPR, including for direct marketing purposes.

    5. corresponding to the life cycle of the cookie files saved on the User's devices – in the case of the processing of the User's personal data who only views the content of the Online Store.

  2. The Controller keeps the personal data of Users after they cancel their accounts in the Online Store, terminate any cooperation or correspondence, also when this is required to fulfill any legal obligations, to amicably settle any disputes, enforce any liabilities of the User resulting from any contracts concluded, maintain security, prevent frauds and abuses.

User's Rights

  1. The Controller makes it possible for each User to exercise the rights listed below. The User can pursuit their rights by reporting a demand by electronic mail: biuro@miloni.pl.

  2. The User is entitled to:

    1. access the content of the data – according to Article 15 of GDPR,

    2. correct/update the data – according to Article 16 of GDPR,

    3. delete the data – according to Article 17 of GDPR,

    4. process the data – according to Article 18 of GDPR,

    5. transfer the data – according to Article 20 of GDPR,

    6. submit an objection against the processing of the data – according to Article 21 of GDPR,

    7. revoke any consent, at any time, provided that the withdrawal of the consent is without effect on the compliance with the law of any processing which was carried out based on the consent prior to its withdrawal – according to article 7, passage 3 of GDPR,

    8. file a complaint to the supervisory authority, namely the President of the Personal Data Protection Office – according to Article 77 of GDPR.

  3. The Controller examines any demand submitted immediately, no later, however, than within one month from its receipt. However, if – due to the complex character of any demand – the Controller is not able to examine the User's demand within the aforementioned deadline, they shall examine it within the successive two months, by notifying the User in advance of the intended extension of the deadline.

  4. The Controller notifies each recipient, who has received the personal data, of rectifying or removing any personal data or restricting their processing, in accordance with the User's request, unless this proves to be impossible or requires disproportionately great efforts.

Cookies Policy

  1. When using the website, the User expresses their consent to use the Controller's cookie files for the purposes specified in this policy.

  2. When viewing the Online Store, cookies are used, namely short text information pieces, which are saved on the User's terminal device in relation to using the Online Store. Cookies usually contain the name of the website they originate from, their storage time on the terminal device and a unique number. These files allow to identify the software used by the User and adjust the Online Store.

  3. The cookies used by the Controller are safe for the User's devices.

  4. The Controller uses the following types of cookie files:

    1. session cookies, which are stored in the device of the Online Store's User, and are left there until the browser's session is finished. The information recorded is then permanently removed from the memory of the User's device,

    2. permanent cookies, which are stored in the device of the Online Store's User, and are left there for the time defined in the cookie files parameters until their deletion. Terminating the browser's session or turning off the User's device does not delete them.

    3. statistical cookies, for tracking the traffic in the Online Store.

  5. The Controller uses the cookies for the following purposes:

    1. to configure and to adapt the Online Store to the Users' preferences, to enable access to the accounts and services, as well as to make it possible to navigate the Online Store's websites and subpages smoothly, and also for the advertising purposes,

    2. to create statistics, which help to understand, how the Users of the Online Store use the websites, this makes it possible to improve their structure and content.

  6. The User may independently and at any time change the cookie files, by defining the terms of storing the cookies and accessing the cookie files in the User's device. Changes in the settings referred to in the previous sentence can be performed using the settings of the online browser being used by the User. These settings can be changed in particular so as to block automatic handling of any cookie files in the browser's settings or notify each time about posting cookies in the User's Device. Detailed information about the possibilities and methods of handling the cookie files is available in the settings of the software used by the User (web browser, e.g. Internet Explorer, Edge, Chrome, Firefox, Opera).

  7. Any limitations in the application of any cookie files can affect some functionalities available in the Online Store. Therefore, it is recommended to use any software with cookie files handling turned on.

Changing the privacy policy

  1. The Controller has the authority to change this document, of which the User will be notified in a way that makes it possible to become familiar with the changes before they come into force, e.g. by posting the respective information on the home page of the Online Store, and in the case of significant changes, also by sending a notification to the e-mail address specified by the User.

  2. In the case of any complaints from the User regarding any changes made, they can demand the cancellation of their account in the Online Store. Any further use of the Online Store after the publication or sending the notice of changes in this document is considered to be the consent to collect, use, and disclose the User's personal data according to the updated contents of the document.

  3. The Privacy Policy does not reduce any rights granted to the User according to the commonly binding legal regulations.