- Main page
1 Data controller and definitions
- 1.1 Personal Data Controller of Customers / Users of the Online Store is: Glam Fighters s.c., NIP: 5252872624, REGON: 389603642.
- 1.2 The data controller shall be contacted:
- 1.2.1 at the correspondence address: Topiel 11/53, 00-342 Warszawa;
- 1.2.2 at the e-mail address: email@example.com
- 1.3 User - a natural person entering the website / pages of the Online Store or using the services or functionalities described in this Policy.
- 1.4 Customer - a natural person with full legal capacity, a natural person who is a Consumer, a legal person or an organizational unit without legal personality, to whom the legal capacity is granted, which conclude a Distance Sale Agreement with the Seller.
- 1.5 Online Store - a website operated by the Seller, available at the following electronic addresses (websites): www.glamfighters.com through which the Customer / User may obtain information about the Product and its availability and purchase the Product or order a service.
- 1.6 Newsletter - information, including commercial information within the meaning of the Act of July 18, 2002 on the provision of electronic services (i.e. Journal of Laws of 2019, item 123) from the Seller, sent to the Customer / User by electronic means; its receipt is voluntary and requires the consent of the Client / User.
- 1.7 Account - a set of data stored in the Online Store and in the Seller's IT system regarding a given Customer / User as well as orders placed by him and concluded contracts, with the use of which the Customer / User may place orders and conclude contracts.
2 Purposes, legal basis and time of data processing
2.1 In order to implement the Distance Sale Agreement, the Seller processes:
- 2.1.1 information about the User's device to ensure the correct operation of the services: computer IP address, information contained in cookies or other similar technologies, session data, web browser data, device data, data on activity on the Website, including on individual subpages.
- 2.1.2 information about geolocation, if the User has consented to the access of the service provider to geolocation. Geolocation information is used to provide you with more customized product and service offers
- 2.2 This information does not contain data on the identity of the Users, but in combination with other information may constitute personal data and therefore the Controller covers them with full protection under the GDPR.
- 2.3 These data are processed in accordance with Art. 6(1) (b) GDPR, in order to provide the service, i.e. a contract for the provision of electronic services in accordance with the Regulations and in accordance with art. 6 (1)(a) GDPR in connection with the consent to the use of certain cookies or other similar technologies, expressed by the appropriate settings of the web browser in accordance with the Telecommunications Law or in connection with the consent to geolocation. The data is processed until the end of the User's use of the Online Store.
- 2.1 In order to implement the Distance Sale Agreement, the Seller processes:
3 Controller's marketing activities
- 3.1 On the Online Store website, the Controller may post marketing information about its products or services. Displaying this content is made by the Controller in accordance with art. 6 (1) (f) of the GDPR, in accordance with the Controller's legitimate interest in the publication of the content related to the services provided and the content of promotional campaigns in which the Controller is involved. At the same time, this action does not violate the rights and freedoms of Users, Users expect to receive information of similar content, and are even willing to receive it or it is their direct purpose while visiting the website / pages of the Online Store.
4 Recipients of user data
- 4.1 The Controller discloses personal data of users only to processing entities under the concluded contracts for entrusting the processing of personal data in order to provide services to the Controller, e.g. hosting and operating the Website, IT services, marketing and PR services.
5 Sending personal data to third countries
- 5.1 Personal data will not be processed in third countries.
6 Rights of the person whose personal data is collected
6.1 Each person whose data is collected has the right to:
- 6.1.1 access (Article 15 of the GDPR) - obtaining confirmation from the data Controller whether or not personal data is processed. If data of a person is processed, he is entitled to access them and obtain the following information: about the purposes of processing, categories of personal data, recipients or categories of recipients to whom the data has been or will be disclosed, about the period of data storage or the criteria for determining them, on the right to request rectification of the data, deletion or limitation of the processing of personal data and to object to such processing;
- 6.1.2 to receive a copy of the data (Article 15 (3) of the GDPR) - to obtain a copy of the data subject to processing, the first copy being free of charge, the subsequent copies charged by the Controller with a reasonable fee resulting from administrative costs;
- 6.1.3 to rectification (Article 16 of the GDPR) - requesting rectification of incorrect personal data or supplementing incomplete data;
- 6.1.4 to delete data (Article 17 of the GDPR) - request to delete their personal data, if the Controller no longer has a legal basis for their processing or the data is no longer necessary for the purposes of processing;
6.1.5 to limit processing (Article 18 of the GDPR) - request to limit the processing of personal data, when:
- 18.104.22.168 the accuracy of the personal data is contested by the data owner - for a period enabling the Controller to check the correctness of such data,
- 22.214.171.124 the processing is unlawful and the data owner opposes their removal, requesting the restriction of their use,
- 126.96.36.199 The Controller no longer needs these data, but they are needed by the data owner to establish, assert or defend claims,
- 188.8.131.52 the data owner has objected to the processing - pending verification whether the legitimate grounds of the controller override those of the data owner;
- 6.1.6 to transfer data (Article 20 of the GDPR) - to receive personal data provided to the Controller in a structured, commonly used machine-readable format and request to send this data to another Controller, if the data is processed on the basis of the consent of the data owner or the contract concluded with him and if the data is processed in an automated manner;
- 6.1.7 to object (Article 21 of the GDPR) - to object to the processing of their personal data for the legitimate purposes of the Controller, for reasons related to its particular situation, including profiling. Then the Controller assesses the existence of valid, legitimate grounds for processing, overriding the interests, rights and freedoms of data owner, or grounds for establishing, investigating or defending claims. If, according to the assessment, the interests of the data owner are more important than the interests of the Controller, the Controller will be obliged to stop processing data for these purposes;
- 6.1.8 to withdraw consent at any time and without giving any reason, but the processing of personal data carried out prior to the withdrawal of consent will remain lawful. Withdrawal of consent will result in the Controller ceasing to process personal data for the purpose for which the consent was given.
- 6.2 In order to exercise the above-mentioned rights, the data owner should contact the Controller using the contact details provided and inform him which right and to what extent he wants to exercise it.
- 6.1 Each person whose data is collected has the right to:
7 President of the Personal Data Protection Office
7.1 The data owner has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office with its seat in Warsaw, ul. Stawki 2, who can be contacted as follows:
- 7.1.1 by letter: ul. Stawki 2, 00-193 Warsaw
- 7.1.2 via the electronic inbox available at: https://www.uodo.gov.pl/pl/p/kontakt;
- 7.1.3 Helpline: 606-950-000.
- 7.1 The data owner has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office with its seat in Warsaw, ul. Stawki 2, who can be contacted as follows:
8 Data Protection Officer
- 8.1 In any case, the data owner may also contact the Data Protection Officer of the Controller directly by e-mail or in writing to the Data Controller's address provided in point 2.
10.1 The online store performs the functions of obtaining information about customers, users and their behavior in the following way:
- 10.1.1 by voluntarily entering information in forms for purposes resulting from the function of a specific form;
- 10.1.2 by saving cookies in end devices;
- 10.1.3 by collecting web server logs by the hosting operator of the Online Store (necessary for the proper operation of the website).
- 10.2 Cookies are IT data, in particular text files, which are stored on the Customer's / User's end device and are intended for using the Online Store website. Cookies usually contain the name of the website they come from, the storage time on the end device and a unique number.
10.3 Cookies are used for the following purposes:
- 10.3.1 creating statistics that help to understand how the Customers / Users of the Online Store use websites, which allows improving their structure and content;
- 10.3.2 maintaining the Customer / User session (after logging in), thanks to which the Customer/ User does not have to re-enter the login and password on each subpage of the Online Store;
- 10.3.3 determining the Customer's profile in order to display product recommendations and matched materials in advertising networks, in particular the Google network.
- 10.4 Software for browsing websites (web browser) usually allows cookies to be stored on the end device of the Client / User by default. Clients / Users can change the settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies.
- 10.6 Cookies placed on the Client's / User's end device may also be used by advertisers and partners of the Online Store cooperating with the Online Store.
- 10.7 Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the manner in which the Customer uses the Online Store. For this purpose, they may keep information about the Customer's navigation path or the time spent on a given page.
- 10.8 The customer may not consent to the processing of cookies by not accepting the consent to their processing displayed on the website (this may cause incorrect operation of the Online Store website).
- 10.10 On the website of the Online Store there are plugins that can transfer data of Customers / Users to Controllers such as: .
- 10.11 In order to correctly implement the Distance Selling Agreement, the Controller may make the data of Customers / Users available to courier entities. The currently available delivery methods in the Online Store are available at https://www.glamfighters.com/eng-delivery.html.
- 10.12 In order to correctly implement the Distance Selling Agreement, the Controller may make the data of Customers / Users available to online payment systems. The currently available payment methods in the form of prepayments in the Online Store are available at https://www.glamfighters.com/eng-payments.html.
- 10.1 The online store performs the functions of obtaining information about customers, users and their behavior in the following way:
- 11.1 The customer may consent to receive commercial information by electronic means by selecting the appropriate option in the registration form or at a later date in the appropriate tab or using the form in a pop-up on the website. If such consent is given, the Customer / User will receive the information (Newsletter) of the Online Store, as well as other commercial information sent by the Seller to the e-mail address provided by him.
- 11.2 The Customer may at any time opt out of receiving the Newsletter by himself by checking the appropriate box on his Account page or by going to the form https://www.glamfighters.com/newsletter.php, clicking the appropriate link in the content of each Newsletter or through the Customer Service Office.
- 12.1 The Customer may not post in the Online Store or provide the Seller with any content, including opinions and other illegal data.
- 12.2 The Customer / User gains access to the Account after registration
- 12.3 As part of registration, the Customer / User provides the account type or gender, first name, last name, company name, tax identification number, data for issuing a sales document, shipping details, e-mail address and chooses a password. The Customer / User ensures that the data provided by him in the registration form is true. Registration requires reading the Regulations carefully and marking on the registration form that the Customer / User has read the Regulations and fully accepts all its provisions.
- 12.4 Upon granting the Customer access to the Account, an agreement for the provision of electronic services relating to the Account is concluded for an indefinite period between the Seller and the Customer. The consumer may withdraw from this contract on the terms set out in the Regulations.
- 12.5 Registering an Account on one of the pages of the Online Store means at the same time registration enabling access to other pages where the Online Store is available.
- 12.6 The Customer / User may terminate the contract for the provision of electronic services at any time with immediate effect, informing the Seller about it via e-mail or in writing to the address of the Data Controller provided in point 2.
- 12.7 The Seller has the right to terminate the contract for the provision of services relating to the Account in the event of cessation of the provision or transfer of the Online Store service to a third party, breach of the law or provisions of the Regulations by the Customer / User, and in the event of inactivity of the Customer / User for a period of 6 months. The contract is terminated with a seven-day notice period. The Seller may stipulate that re-registration of the Account will require the consent of the Seller.