Polityka prywatności EN

PRIVACY POLICY

for chlodnicze.com

1. General Information

This Privacy Policy explains how personal data is collected, processed, and protected when using the website https://chlodnicze.com (“the Website”).
The data controller is:
ARKO Jacek Kałembasiak
Wyszyńskiego 5k/27
10-455 Olsztyn
Poland
VAT: 7391001561
Email: arkoolsztyn@gmail.com
This Policy applies to:
1. visitors to the Website,
2. customers placing orders,
3. users creating Accounts,
4. business clients (B2B),
5. all interactions with the Website, including analytics and cookies.
The controller processes personal data in accordance with:
1. Regulation (EU) 2016/679 (GDPR),
2. national data protection laws,
3. telecommunications and e-commerce laws.

2. Types of Data Collected

The controller may collect the following categories of data:

A. Data provided voluntarily by the user

name and surname,
email address,
phone number,
billing and delivery addresses,
order details,
business data (company name, VAT number, address),
messages sent via contact forms or email.

B. Data collected automatically

IP address,
browser and device information,
session identifiers,
cookies (according to the Cookies Policy),
analytics data (Google Analytics 4),
advertising identifiers (Meta Pixel).

C. User Account data

login details,
saved addresses,
order history,
communication preferences.

3. Purposes and Legal Basis for Processing

Personal data is processed for the following purposes:

A. To conclude and perform a sales contract
Legal basis: Article 6(1)(b) GDPR

Includes:

accepting and processing orders,
communication about delivery and product details,
issuing invoices,
shipping goods,
handling returns and complaints.

B. To create and maintain a User Account
Legal basis: Article 6(1)(b) and 6(1)(f) GDPR

Includes:

secure login,
storing order history,
managing user settings and saved data.

C. To comply with legal obligations
Legal basis: Article 6(1)(c) GDPR

Includes:

accounting and tax obligations,
storing invoices,
consumer rights compliance.

D. Marketing and communication (only with consent)
Legal basis: Article 6(1)(a) GDPR

Includes:

sending newsletters,
marketing communications,
personalized advertising.

Consent may be withdrawn at any time.

E. Analytics and Website performance (Google Analytics 4)
Legal basis: Article 6(1)(f) GDPR

Includes:

monitoring Website traffic,
improving usability,
analyzing user behavior,
correcting Website errors.

Analytics data is anonymized. GA4 does not identify individual users.

F. Security, fraud prevention, and defending claims
Legal basis: Article 6(1)(f) GDPR

Includes:

preventing abuse,
ensuring server and Website security,
storing evidence for legal claims.

4. Cookies and Tracking Technologies

The Website uses cookies and similar technologies for:
1. essential operation (WooCommerce sessions, cart, checkout),
2. analytics (Google Analytics 4),
3. advertising (Meta Pixel, Google Ads),
4. remembering language and currency preferences.
Detailed information is provided in the Website’s Cookies Policy.

5. Data Retention Period

Data is stored for the following periods:

Contract-related data – until the limitation period for claims expires (up to 6 years).
Accounting records – 5 years, in accordance with accounting law.
User Account data – until the Account is deleted by the user.
Marketing data – until consent is withdrawn.
Technical logs and analytics – typically 1–12 months, depending on provider settings.

6. Data Recipients

Personal data may be shared with:

Courier and transport companies – for order delivery.
Accounting services – for issuing and storing invoices.
IT and hosting providers – for website operation and backups.
Payment processors and banks – when necessary.
Manufacturers or service centers – for warranty repairs.
Legal advisors – in case of disputes.
External analytics and advertising partners:
1. Google LLC / Google Ireland Ltd.
2. Meta Platforms Ireland Ltd.

The controller never sells personal data.

7. Transfer of Data Outside the EU/EEA

Storing and analyzing Website data may involve transfers to:

Google (USA),
Meta (USA).

Transfers rely on one of the following mechanisms:

EU–US Data Privacy Framework,
Standard Contractual Clauses (SCC),
additional security measures required by GDPR.

8. User Rights Under GDPR

Users have the right to:

access their personal data,
correct inaccurate data,
request deletion (“right to be forgotten”),
restrict processing,
object to processing (including profiling),
request data portability,
withdraw consent at any time,
lodge a complaint with the supervisory authority:
President of the Personal Data Protection Office (UODO)
https://uodo.gov.pl/

Requests may be made to: arkoolsztyn@gmail.com

9. Is Personal Data Required?

Providing personal data is voluntary but required to:
1. place orders,
2. create an Account,
3. receive invoices,
4. ensure delivery.
Without providing data, the controller may be unable to fulfill the order.

10. Security Measures

The controller uses industry-standard safeguards:

SSL encryption,
secure hosting infrastructure,
WordPress/WooCommerce security tools,
access control protocols,
regular updates and backups.

Users should:

protect their passwords,
use secure devices,
avoid public/unsecured networks during checkout.

11. Automated Decision-Making and Profiling

The controller does not make automated decisions that produce legal effects for users.
Advertising tools (Google Ads, Meta Pixel) may analyze user interactions, but:
1. they do not identify individuals,
2. they do not create binding decisions,
3. they are used only for marketing optimization.

12. Updates to the Privacy Policy

The controller may update this Policy due to:

changes in Website functionality,
changes in technologies used,
changes in applicable laws.

The current version is always available at https://chlodnicze.com

13. Contact Information

For questions regarding personal data, please contact:

arkoolsztyn@gmail.com
+48 601 682 046