§ 1 General provisions
§ 2 Personal Data Controller
The Controller of the personal data of Store Customers is the owner of the www.triggy.gg Online Store, and the Controller of personal data is TRIGGY EUROPE SP. Z O.O. with its registered office in Warsaw (address: ul. Postępu 14, 02-676 Warszawa), REGON: 386169300, NIP: 5213897732, entered in the Register of Entrepreneurs of the National Court Register under KRS: 0000842924, hereinafter referred to as the “Controller”.
§ 3 Contact detailsThe Controller may be contacted by e-mail at firstname.lastname@example.org or by mail at: Triggy Europe Sp. z o.o., ul. Postępu 14, 02-676 Warszawa.
§ 4 Principles of personal data processing
1. The Controller processes the personal data of their Customers according to the provisions of the GDPR.
2. The Controller uses the technical and organisational measures required by the EU law to protect the processing of personal data and prevent the data from being provided to unauthorised persons, taken over by unauthorised persons, processed in violation of the law or modified, lost or destroyed.
3. The Controller declares that providing the data indicated at the Online Store as required is voluntary, but it is necessary to use the available functions, including the creation and maintenance of the customer account and placement and processing of the order.
4. The Customer may consent to receive commercial information from the Controller, including by electronic communication media, and agree to the use of telecommunications terminal devices for marketing purposes. The above-mentioned consents are voluntary, they are not required to process the order or maintain the customer account at the Online Store.
§ 5 Purposes and legal basis for personal data processing
1. Personal data of the Customers will be processed for the following purposes:
• maintaining the customer account at the Online Store (Article 6(1)(b) of the GDPR),
• processing orders at the Online Store (Article 6(1)(b) of the GDPR),
• sending the Newsletter (Article 6(1)(b) of the GDPR),
• direct marketing of the Controller’s own services and products, excluding the newsletter service, which is a legitimate interest of the Controller (Article 6(1)(f) of the GDPR),
• processing complaints or withdrawals from the contract (Article 6(1)(b) of the GDPR),
• analytical research, including, in particular, studies and analysis of traffic on our website to keep statistics, which is a legitimate interest of the Controller (Article 6(1)(f) of the GDPR),
• archiving (collecting evidence) in case it is necessary to prove certain facts due to legal reasons, which is a legitimate interest of the Controller (Article 6(1)(f) of the GDPR),
• establishment, exercise or defence against any claims in order to pursue the Controller’s legitimate interest (Article 6(1)(f) of the GDPR).
§ 6 Personal data retention period
1. The data of the Customers will be retained for the following period:
• data concerning the maintenance of the customer account – for as long as the customer account is maintained at the Online Store, but in any case not later than when the Customer requests that the customer account be deleted,
• data concerning orders – for 5 years from the end of the year of the sale, unless further retention of data is warranted due to the limitation period for claims,
• sending the Newsletter – until the Customer unsubscribes from the Newsletter,
• data connected with marketing activities – until an objection is made,
• data connected with replies to enquiries – for as long as the correspondence is exchanged or until the consent is withdrawn, unless further retention is warranted by an overriding interest of the Controller, e.g., to defend against potential claims,
• data connected with complaints or withdrawal from the contract – for 5 years from the end of the year in which the complaint was considered or the contract was withdrawn from,
• keeping statistics – until an objection is made, but in any case not longer than 50 months from the last activity of the Customer on the website,
• archiving – for the period required for this purpose,
• establishment, exercise or defence against claims – for the period required for this purpose.
§ 7 Personal data categories
1. The Controller collects, processes and keeps the following data of the Customers:
• in connection with the creation of the customer account: e-mail address, first name and last name, address and phone number, and if the Customer is an entrepreneur – also the Tax Identification Number (NIP) and company name;
• in connection with order placement: e-mail address, first name and last name, address and phone number, and if the Customer is an entrepreneur – also the Tax Identification Number (NIP) and company name;
• in connection with the Newsletter service: e-mail address.
2. During the use of the Online Store, the Controller automatically collects information such as the following: IP address, URL address of the request, ID of the device, time spent on the individual pages, browser type, browser language, date and time of using the website, screen resolution, type and version of the operating system and other similar information.
§ 8 Cookies
1. The Online Store uses small files referred to as cookies. They are saved on the terminal device of the person visiting the Online Store if the web browser allows this.
2. Cookies are computer data, particularly text files, stored on the terminal device of the Customer and designed for the purposes of using the Online Store. Cookies usually contain the name of the web page they are taken from, the time of storage on the terminal device and a unique number.
3. Cookies are used for the following purposes:
• identifying the device used by the Customer to accordingly display the contents of the website,
• creating statistics to help in understanding the way the Customers use the web pages and improve their structure and contents,
• maintaining the session of Online Store Customers to prevent them from having to re-enter their login and password on every web page of the Online Store,
• adapting the contents and functioning of the Online Store by matching an anonymous, randomly generated tracking identifier that enables, in particular, checking how the Customer using the browser arrived at the website, what link they clicked, what keywords they entered and at what point they stopped using the Online Store.
• zbierania ogólnych i anonimowych danych do realizacji akcji reklamowych za pośrednictwem list remarketingowych, pozwalających na wyświetlanie treści reklamowych dopasowanych do preferencji Klienta.
• collecting general and anonymous data to run advertising campaigns using remarketing lists that enable displaying advertising contents tailored to the Customer’s preferences.
4. Web browsers usually permit storing cookies on the terminal device of the Customer by default. The Customer may change these settings. The web browser enables the removal of the cookies saved on the device, and it can block them automatically. Further information about this can be found in the help section or documentation of the web browser.
§ 9 Data sharing
1. The personal data of the Customers may be provided to parties the Controller engages to process personal data according to agreements and parties competent to receive the personal data according to provisions of the law.
2. To perform a contract entered into via the Online Store and ensure the correct functioning of the Store, the Controller provides the personal data of the Customers, in particular, to parties providing the following services:
• postal services,
• electronic payments,
• IT and software delivery,
• marketing activities connected with the Online Store.
§ 10 Rights of the Customers
1. The Customer has the right to access their data and request that they be rectified or erased as well as the right to restriction of processing. Where the basis for personal data processing is the Controller’s legitimate interest, the Customer may object to the processing of their personal data.
2. Where the basis for the processing of the Customer’s personal data is their consent, the Customer may withdraw the consent. The withdrawal of the consent will not affect the lawfulness of any processing done based on the consent before its withdrawal.
3. Where the Customer’s data are processed to enter into and perform the contract or where they are processed based on the Customer’s consent, the Customer will also have the right to data portability, i.e., to receive the personal data from the Controller, in a structured, commonly used, machine-readable format. The Customer may send these data to another data controller.
4. The Customer may also lodge a complaint with the supervisory authority competent for personal data protection.