1.1
This document defines the privacy policy of the Jetstyle Sp.z.o.o. (hereinafter referred to as Administration) applies to any information which the Administration may obtain about the User while he or she uses the Service (hereinafter referred to as Service), services and products provided by the Administration under any agreements or contracts with the User. By signing up at the Service the User gives his or her unconditional consent with this Policy and its terms. Unless the User agrees with these terms he or she must refrain from using the Services.
1.2
This Policy complies with GDPR and applicable personal data laws of the Republic of Poland. This Policy applies to any data processing procedures, i.e. data collection, capture, organizing, accumulation, storage, updating, extraction, usage, transferring (distribution, delivering, accessing), anonymising, blocking, removing or destroying, performed either with or without any automation tools.
1.3
We strive to provide you with the most accessible and at the same time fully inform you about the information that we collect and what we will do with it.
1.4
We will use the information you provide for the purposes described in our Privacy Policy, including to provide you with the services you have requested, the products ordered, and to enhance your experience with us. We process only the required minimum of information.
1.5
If you tell us that you do not want to receive promotional messages, we will not send them to you. It goes without saying that refusal to receive promotional/advertising messages does not deprive you of the opportunity to receive important messages about the ordered product or the services provided, you will continue to receive such messages.
1.6
The information you provide needs to be protected and we will take measures to ensure it. But if something happens, and because of an intruder, our protection is violated, we will definitely let you know.
1.7
If you no longer want us to process the information you provide and let us know, we will stop doing this. But if the law obliges us to continue processing, we will act in accordance with the law. But we will definitely inform you about this
1.8
We respect your rights to exercise control over your own information.
1.9
Below is the full text of the Privacy Policy. In it we explain in more detail the types of personal information (personal data) we collect, how we collect it, what we can use it for and with whom we can share it, how you can influence it, and other important issues.
1.10
We tried to make the text of the Policy as clear as possible, but we could not avoid some legal phrases, without them a simple explanation would not be accurate, and we want to tell you the most accurate information.
1.11
If you still have questions, you can write to us at the e-mail address: orders@jet.style.
2.1
For the purpose of accessing and utilizing the Company’s software and related services, each authorized user shall be provided with a unique personal access code ("Access Code").
2.2
This Access Code is granted solely for the User’s individual use and shall remain valid exclusively for the duration specified by the Company at the time the Access Code isissued.
2.3
Upon the expiration of this period, the Access Code shall automatically become inactive and shall no longer grant access to the Software or any associated services.
2.4
The Access Code is non-transferable and must not, under any circumstances, be shared, assigned, disclosed, or otherwise made available to any third party. This prohibition applies to all forms of transmission or publication, whether oral, written, electronic, or otherwise.
2.5
The User is expressly prohibited from disclosing the Access Code to colleagues, employees, subcontractors, or any other individuals, except those employees who are directly and necessarily engaged in activities requiring access to the Software as part of their job duties and who are themselves authorized by the Company.
2.6
The User bears full responsibility for maintaining the confidentiality and security of the Access Code. The User must implement all reasonable and appropriate measures to prevent unauthorized disclosure, distribution, or use of the Access Code. In the event that the User suspects or becomes aware of any unauthorized access or potential disclosure of the Access Code, the User must notify the Company immediately.
2.7
The Company reserves the right, at its sole discretion and without prior notice, to revoke or suspend the User’s Access Code in the event that the Company has reason to believe that the Access Code has been disclosed, shared, published, or otherwise compromised, whether intentionally or unintentionally. Such revocation or suspension may occur without liability to the User and without prejudice to any other rights or remedies available to the Company under applicable law or contractual agreements.
2.8
By accepting and using the Access Code, the User acknowledges and agrees to comply fully with the foregoing terms and to ensure that the Access Code is used solely in accordance with the conditions established by the Company.
3.1
This Personal Data Privacy Policy (hereinafter – the Privacy Policy) is made in accordance with the General Data Protection Regulation (GDPR), as well as the Laws of the Republic of Poland.
3.2
In this Policy, "personal data" of a User means data that identifies you or can be used to identify you, for example, your name and contact information. There may also be other information about how you use our Service:
3.2.1
Data provided by the User when he or she submits the Service, including personal data of the User.
3.2.2
Data which is automatically sent to the Administration by the software installed on the User's device, specifications of the User's hardware and software, date and time of accessing the Services, etc.
3.2.3
Other information of the User which may be processed according to the terms and conditions of services provided by the Administration.
3.3
The Administration assumes that the User provides true and sufficient personal data and keeps it updated.
3.4
The Administration shall be entitled to update this Personal Data Processing Policy. The new version of the Policy shall come into effect immediately after publication. Before using our Service, you should read the Privacy Policy, and if its conditions are unacceptable to you, refrain from transferring personal data to us.
3.5
If you transfer your personal data, it means unconditional acceptance of the terms of this Privacy Policy and the conditions for processing personal data and the purposes of processing specified in it. But you have the right to withdraw consent, more on that below.
We do not verify the accuracy of the data you provide, we trust you and assume that you are telling the truth about yourself.
4.1
The Administration only collects and keeps that personal data which is required to provide Service to the User. This Privacy Policy applies to personal data about you that we collect, use and otherwise process, not only when you are our client, but also when you are exploring our Service (as a User).
4.2
The Administration processes personal data of Users for the following purposes:
4.2.1
Identify the User.
4.2.2
Provide the User with personalized offers and fulfill agreements and contracts.
4.2.3
Communicate with the User, including notifications, requests and useful information, as well as process requests from the User.
4.2.4
Improve the Service provided by the Administration and develop new services.
4.2.5
Conduct statistical and other surveys based on anonymised data.
5
Types of personal data:
5.1
Personal data posted by Users. These may include, in particular:
5.1.1
last name, first name,
5.1.2
contact information (e-mail, phone number)
It is forbidden for the User to provide personal data of third parties without the consent received from them for such a transfer, or if such personal data of third parties were not obtained by the User himself from publicly available sources of information.
5.2
Data automatically transmitted to the Service in the process of this data using the software installed on the User's device, incl. IP-address, individual network number of the device (MAC-address, device ID), electronic serial number (IMEI, MEID), data from cookies, information about the browser, operating system, access time, search requests of the User.
5.3
We collect and process only that information about Users, incl. their personal data, which is related to the achievement of the following goals:
5.3.1
providing consultations for the selection of the most suitable services, depending on the information that the User has provided about himself;
5.3.2
to administer and protect the Service, including troubleshooting, data analysis, testing, system maintenance, support, reporting and data placement.
5.3.3
If it is necessary to use personal information about Users for purposes not provided for by the Privacy Policy, we request the User's consent to such actions.
6.1
Personal data are processed based on the following principles:
6.2
Personal data is processed on a legal and fair basis. We process your personal data only if we have a legal basis to do it. This basis will depend on the reasons for which we collect and process your personal data.
6.3
Personal data are only processed for specific, predetermined and legal purposes. Personal data may only be processed for the purposes they were collected for.
6.4
Databases containing personal data which are processed for non-conforming purposes may not be merged or combined.
6.5
Processing may only include data required for the purpose of such processing.
6.6
Content and scope of personal data being processed conform with declared purposes of such processing. Personal data being processed is not superfluous with regard to declared purposes of such processing.
6.7
Accuracy, sufficiency and relevancy (if applicable) of processed data is ensured with regard to declared purposes of such processing.
6.8
Personal data is stored in such a way that the personal data subject may only be identified for as long as it is required for the purposes of personal data processing, unless the term of storage of personal data is set out in GDPR or in a contract to which the personal data subject is a party, a beneficiary or a guarantor. Personal data being processed is subject to destruction or anonymisation as soon as purposes of such processing are achieved or such purposes become irrelevant, unless specified otherwise by a GDPR.
7.1
Personal data shall be processed in compliance with principles and rules set out in the GDPR. We will keep your information for as long as we need it for the purpose for which it is processed. For example, we store your data to fulfill the obligations under the application, and after fulfilling it, we store the data in order to be able to respond to any of your request, complaint or claim. Information may also be stored so that we can continue to improve our experience and to reward you for your loyalty. We constantly check the relevance of the need to process personal data, and in the event that there is no legal, business or customer need for keeping this information, we will safely delete it.
7.2
Personal data may be processed under the following conditions:
7.2.1
Personal data is processed with the consent of the subject of the personal data to such processing.
7.2.2
Processing of personal data is required for purposes of an international treaty or a law of the Republic of Poland.
7.2.3
Processing of personal data is required to administer justice, perform a court order or an order of another authority or an official, which is to be performed according to the legislation.
7.2.4
Processing of personal data is required to fulfill an agreement to which the personal data subject is a party, a beneficiary or a guarantor, or to conclude an agreement on behalf of the subject of the personal data, or an agreement to which the personal data subject will be a beneficiary or a guarantor.
7.2.5
Processing of personal data is required to protect life, health or other vital interests of the subject of the personal data, when it is impossible to secure his or her consent.
7.2.6
Processing of personal data is required to exercise rights and lawful interests of the operator or third parties, or for purposes of public importance provided that in so doing the rights and liberties of the personal data subject are not violated.
7.2.7
Personal data is processed for statistical or other research purposes, provided that such personal data is anonymised. An exception is the processing of personal data for the purpose of promotion of products, works or services via direct contact with a potential consumer via communication channels, as well as for purposes of political campaigns.
7.2.8
Processing covers personal data which was made available to the general public by the subject of the personal data or at his request (hereinafter referred to as personal data disclosed by the subject).
7.2.9
Processing covers personal data which must be made available or disclosed according to a GDPR.
7.3
The Administration shall not process biometric personal data (physiological and biological details of a person which make it possible to identify him or her and which are used by the operator to identify the subject of the personal data).
7.4
Your personal data may be sent and stored by us and / or third parties in countries outside the country in which you are located and outside the European Economic Area. For example, we may transfer your data outside the country in which you are located in order to provide services to us. This may involve sending your data to countries where, according to their local laws, you may have fewer legal rights.
7.5
If your personal information is transferred outside the European Economic Area because we are using a service provider in a third country, we will take precautions to ensure that your data is still protected in accordance with the standards set out in this Privacy Policy.
7.6
Decisions which may produce legal consequences for the subject of the personal data or otherwise affect his or her rights or lawful interests shall never be made based solely on automated processing of personal data.
7.7
When there is no written consent from the subject of the personal data required to process his or her personal data, such consent shall be deemed given when personal data are voluntarily provided by the subject of the personal data or on their behalf.
7.8
The Administration shall be entitled to delegate processing of personal data to another party based on an agreement with such party (hereinafter referred to as the operator's delegation) unless prohibited by a GDPR. In the event of such delegation the Administration shall bind such a processing party with the legal responsibilities to adhere to data processing principles and rules set out in GDPR.
7.9
Should the Administration delegate processing of personal data to another party, the Administration shall bear full responsibility to the subject of the personal data for any actions of such party. The party processing data on behalf of the Administration shall bear responsibility to the Administration.
7.10
The Administration shall not (and ensure that other parties given access to personal data do not) disclose or distribute personal data to third parties without the consent of the subject of the personal data, unless specified otherwise by a GDPR.
8.1
The Administration has the following responsibilities:
8.1.1
Provide the subject of the personal data, on his or her request, with information related to processing of his or her personal data, or refuse to provide such information on legal grounds.
8.1.2
Update personal data, block or remove personal data which is incomplete, outdated or inaccurate, was obtained illegally or is not required for the declared purpose of processing, on the request of the subject of the personal data.
8.1.3
Notify the subject of the personal data of processing of his or her personal if such data was obtained from any source other than the subject of the personal data, except for the following circumstances:
8.1.3.1
The subject was notified of processing of his or her personal data by the corresponding operator.
8.1.3.2
Personal data was obtained by the Administration according to a GDPR or in order to fulfill an agreement to which the subject of the personal data is a party, a beneficiary or a guarantor.
8.1.3.3
Personal data was made publicly available by the subject of the personal data or was obtained from a publicly available source.
8.1.3.4
The Administration processes personal data for statistical or other research purposes, for professional journalistic purposes, or for other scientific, literary or creative purposes, provided that in doing so the rights and lawful interests of the personal data subject are not violated.
8.1.3.5
Providing the subject of the personal data with details contained in the Notification of personal data processing violates the rights and lawful interests of third parties.
8.1.4
Immediately stop processing of personal data and destroy such personal data within thirty days of the purposes of personal data processing being completely achieved, unless specified otherwise by an agreement to which the subject of the personal data is a party, a beneficiary or a guarantor, or by another agreement between the Administration and the subject of the personal data, or if the Administration may not process personal data without the consent of the subject of the personal data based on GDPR.
8.1.5
Stop processing personal data and destroy such personal data within thirty days of the subject of the personal data revoking his or her consent for such processing, unless specified otherwise by an agreement between the Administration and the subject of the personal data. The Administration shall notify the subject of the personal data of the destruction of his or her personal data.
8.1.6
Immediately stop processing of personal data if the subject of the personal data requests a stop to such processing for the purposes of promotion of products, works or services.
9.1
The Administration shall take any required legal, organizational or technical measures to protect personal data being processed from unauthorized or inadvertent access, destruction, modification, blocking, copying, disclosure, distribution or other illegal actions.
9.2
In most cases, personal data is processed automatically without employees having access to it. If such access is available, then it can be provided to those persons who need it to perform their tasks. For the security of internal data, all persons must comply with the rules and procedures regarding data processing. They must also follow all technical and organizational security measures in place to protect personal data.
9.3
The Administration shall take the following measures to ensure the security of personal data:
9.3.1
Identify security risks for personal data processed in personal data processing systems.
9.3.2
Take organizational and technical measures to ensure the security of personal data being processed in personal data processing systems, which are required to ensure personal data security levels.
9.3.3
Enforce data protection tools which were assessed for compliance according to established procedures.
9.3.4
Assess efficiency of personal data protection measures before the personal data processing system is put into operation.
9.3.5
Identify any unauthorized access to personal data and take corrective measures.
9.3.6
Restore personal data modified or destroyed due to unauthorized access.
9.3.7
Monitor measures taken to ensure security of personal data and security levels of personal data processing systems.
9.3.8
anti-virus protection with updated databases;
9.3.9
information backup;
9.3.10
limiting the circle of persons with access to personal data.
9.4
We may be forced to transfer your personal data because we must comply with legal or regulatory obligations in any jurisdiction, including when this obligation arises from our voluntary action or decision (for example, our decision to operate in a country or related to solutions).
9.5
We do not sell personal information, including personal data, to third parties.
10.1
The personal data protection laws of the EU and Poland give you a number of rights. To implement them, most often you just need to contact us in writing (by mail or email), it's free. We will reply to you within 30 days, but we will do our best to make it much faster.
10.2
Sometimes we will have to deny your request (in whole or in part), because we are obliged to comply with the applicable law. But we will definitely explain in our answer to you why we cannot fulfill your request.
10.3
You can ask us to stop sending you promotional materials. will not deprive you of the opportunity to receive messages about the progress of the provision of services and our performance of the contract.
10.4
You can ask us to stop processing your personal information for marketing purposes, including analytics for targeted marketing purposes, including online advertising.
10.5
You can ask for information regarding the processing of your personal data, including confirmation of the fact of processing, place and purpose of processing, types of data, to which third parties this data is disclosed, storage period and source of receiving.
10.6
You can ask us to correct the personal data that you have provided to us if this information is inaccurate or out of date.
10.7
You can ask to delete your personal data.
10.8
But we must warn you that some of the data will be archived to meet our obligations to law enforcement, national authorities and legal proceedings. We will give you a full answer which information will remain saved. When the storage period expires in accordance with the applicable law that obliges us to store this data, we will delete the data.
10.9
Ask us to provide a free electronic copy of personal data to another company.
10.1
The personal data protection laws of the EU and Poland give you a number of rights. To implement them, most often you just need to contact us in writing (by mail or email), it's free. We will reply to you within 30 days, but we will do our best to make it much faster.
10.2
Sometimes we will have to deny your request (in whole or in part), because we are obliged to comply with the applicable law. But we will definitely explain in our answer to you why we cannot fulfill your request.
10.3
You can ask us to stop sending you promotional materials. will not deprive you of the opportunity to receive messages about the progress of the provision of services and our performance of the contract.
10.4
You can ask us to stop processing your personal information for marketing purposes, including analytics for targeted marketing purposes, including online advertising.
10.5
You can ask for information regarding the processing of your personal data, including confirmation of the fact of processing, place and purpose of processing, types of data, to which third parties this data is disclosed, storage period and source of receiving.
10.6
You can ask us to correct the personal data that you have provided to us if this information is inaccurate or out of date.
10.7
You can ask to delete your personal data.
10.8
But we must warn you that some of the data will be archived to meet our obligations to law enforcement, national authorities and legal proceedings. We will give you a full answer which information will remain saved. When the storage period expires in accordance with the applicable law that obliges us to store this data, we will delete the data.
10.9
Ask us to provide a free electronic copy of personal data to another company.
You have the right to send us requests, suggestions or questions regarding this Privacy Policy by email orders@jet.style or Jetstyle Sp.z.o.o., ul. Kalwaryjska 69/9, 30-504 Kraków, Poland.
KRS 0000613458
REGON 364242942
NIP 6793126560
We make every effort to handle your information responsibly. But if something is not clear to you or something worries you, please contact us at the indicated address.