0
Twój koszyk

Privacy Policy

Your use of the blog and website www.mavaloom.com and the online store at www.mavaloom.com indicates your acceptance of the terms of the Privacy Policy and Cookies Policy below.

As a User, please familiarise yourself with its provisions. The table of contents below will help you to do so. In it, I inform you how I take care of Users' data, how I process them, to whom I entrust them and many other important issues relating to personal data.

TABLE OF CONTENTS

TABLE OF CONTENTS
§1 GENERAL REGULATIONS
§2 DEFINITIONS
§3 PERSONAL DATA AND RULES FOR PROCESSING
WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?
IS THE PROVISION OF DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING THE DATA?
FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS THE PERSONAL DATA YOU PROVIDE IN CONNECTION WITH YOUR USE OF THE WEBSITE?
HOW IS THE DATA COLLECTED?
WHAT ARE THE USER RIGHTS?
CAN A USER WITHDRAW THEIR CONSENT?
DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES?
HOW LONG DO WE KEEP USER DATA?
LINKS TO OTHER SITES
SOCIAL MEDIA ACTIVITY - FACEBOOK/INSTAGRAM
DATA SECURITY
WHO MAY BE THE RECIPIENTS OF PERSONAL DATA?
HAVE WE APPOINTED A DATA PROTECTION INSPECTOR?
DO WE PROFILE USER DATA?
§4 FORMS
§10 EXCLUSION OF LIABILITY AND COPYRIGHTS
§6 TECHNOLOGIES
§7 COOKIE POLICY
§8 CONSENT TO COOKIES
§9 SERVER LOGS

§1 GENERAL REGULATIONS

This Privacy Policy and Cookie Policy defines the rules for the processing and protection of personal data provided by Users and Cookies, as well as other technologies appearing on the website and online store www.mavaloom.com.

The administrator of the website and personal data provided as part of it is Magdalena Walaszek, running a business under the name MAVA Loom Magdalena Walaszek, at ul. Marchołta 51/34, 31-416 Kraków, NIP: 9452258109 in accordance with the document generated from the Central Registration and Information on Economic Activity system.

I care about the security of personal data and the privacy of the Website User. I am glad that you visited my website.

In case of any doubts regarding the provisions of this Privacy Policy and Cookies Policy, please contact the Administrator via the e-mail address: hello@mavaloom.com.

The Administrator reserves the right to make changes to the privacy policy, and each User of the website is obliged to know the current privacy policy. The reason for the changes may be the development of Internet technology, changes in generally applicable law or the development of the Website through, for example, the use of new tools by the Administrator. At the bottom of the page is the date of publication of the current Privacy Policy. 

§2 DEFINITIONS

Administrator – Magdalena Walaszek, running a business under the name MAVA Loom Magdalena Walaszek, at ul. Marchołta 51/34, 31-416 Kraków, NIP: 9452258109 in accordance with the document generated from the Central Registration and Information on Economic Activity system.

User – each entity staying on the website and using it.

Website and/or Online Store – website and online store located at www.mavaloom.com.

Newsletter – means a free service provided electronically by the Administrator to the User by sending e-mails through which the Administrator informs about events, services, products and other elements important from the Administrator's point of view and / or in order to achieve the Administrator's legitimate goal, which is marketing direct. Detailed information on sending the Newsletter can be found in the further part of this privacy policy.

User Account or Account – User's account set up on the online platform of the Online Store, enabling access to purchased training and products in accordance with the Store's Regulations, which the User is obliged to accept when registering the Account.

Form or Forms – places on the Website that allow the User to enter personal data for the purposes indicated therein, e.g. to place an order, to contact the User.

GDPR – means Regulation of the European Parliament and of the Council EU 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) .

Personally Identifiable Information Protection Act – the Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000, as amended).

Act on the provision of electronic services – Act of 18 July 2002 on the provision of electronic services (Journal of Laws No. 144, item 1204, as amended).

§3 PERSONAL DATA AND RULES FOR PROCESSING

WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?

The administrator of the User's personal data is Magdalena Walaszek, running a business under the name MAVA Loom Magdalena Walaszek, at ul. Marchołta 51/34, 31-416 Kraków, NIP: 9452258109 in accordance with the document generated from the Central Registration and Information on Economic Activity system.

IS THE PROVISION OF DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING THE DATA?

Providing data is voluntary, however, failure to provide certain information, as a rule marked on the Administrator's websites as mandatory, will result in the inability to perform a given service and achieve a specific goal or take certain actions.

Providing by the User data that is not mandatory or excess data that the Administrator does not need to process takes place on the basis of the User's own decision and then the processing takes place on the basis of the premise contained in art. 6 sec. 1 lit. a GDPR (consent). The User consents to the processing of such data and to the anonymization of data that the Administrator does not require and does not want to process, and yet the User has provided them to the Administrator.

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS THE PERSONAL DATA YOU PROVIDE IN CONNECTION WITH YOUR USE OF THE WEBSITE?

The User's personal data on the Administrator's Website may be processed for the following purposes and on the following legal grounds:

  1. performance of the service or performance of the concluded contract, sending an offer (e.g. advertising) at the User's request - based on Article. 6 sec. 1 lit. b GDPR (necessity to conclude and/or perform a contract or to take action on request);
  2. issuing an invoice, bill and meeting other obligations arising from the provisions of the tax law in the case of placing orders in the Online Store or other products and services - based on Article. 6 sec. 1 lit. c GDPR (obligation resulting from legal provisions);
  3. granting a discount or informing about promotions and interesting offers of the Administrator or entities recommended by him - based on Article. 6 sec. 1 lit. a GDPR (consent);
  4. storing unpaid orders - based on Article. 6 sec. 1 lit. f) GDPR (legitimate interest of the administrator);
  5. consideration of complaints or claims related to the contract - based on Article. 6 sec. 1 lit. b GDPR (necessity to conclude and/or perform the contract) and pursuant to art. 6 sec. 1 lit. c GDPR (obligation resulting from legal provisions);
  6. determination, investigation or defense against claims - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator);
  7. creating registers related to the GDPR and other regulations - based on Article. 6 sec. 1 lit. c GDPR (obligation resulting from legal provisions) and art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator);
  8. archival and evidentiary, for the purpose of securing information that can be used to prove facts - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator);
  9. analytical, consisting, among others, in the analysis of data collected automatically when using the website, including cookies, e.g. Google Analytics cookies, Facebook Pixel - pursuant to art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator);
  10. the use of cookies on the Website and its subpages - based on Article. 6 sec. 1 lit. a GDPR (consent);
  11. managing the Website and the Administrator's websites on other platforms - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator);
  12. posting opinions about services by the User provided by the Administrator- based on Article. 6 sec. 1 lit. a GDPR (consent),
  13. for the Administrator's internal administrative purposes related to managing contact with the Userwhich is the legitimate interest of the Data Administrator pursuant to art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator),
  14. in order to send the newsletter - based on Article. 6 sec. 1 lit. f of the GDPR (legitimate interest of the administrator consisting in the processing of data for direct marketing purposes) and on the basis of the Act on the provision of electronic services (consent),
  15. for the purpose of direct marketing to the User of own products or services or recommended products of third parties - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator),
  16. in order to create our own databases of Users - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator),
  17. in order to operate the fanpage under the name MAVA Loom and the group under the name MAVA Loom - chatter on Facebook and interact with users - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator).
  18. in order to operate the fanpage under the name mava.loom on Instagram and interact with users - based on Article. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator).
  19. in order to target advertising in social media and on websites, such as Facebook Leads Ads or Facebook Custom Audience, You Tube and direct remarketing - based on Article. 6 sec. 1 lit. a GDPR (consent) and pursuant to Art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator) consisting in the promotion and advertising of the Administrator's services through remarketing directed to people subscribed to the mailing or visiting a given website),
  20. to store comments on the Website - based on Article. 6 sec. 1 lit. a GDPR (consent).

Providing by the User data that is not mandatory or excess data that the Administrator does not need to process takes place on the basis of the User's own decision and then the processing takes place on the basis of the premise contained in art. 6 sec. 1 lit. a GDPR (consent). The User consents to the processing of such data and to the anonymization of data that the Administrator does not require and does not want to process, and yet the User has provided them to the Administrator.

HOW IS THE DATA COLLECTED?

Only the data that the user provides is collected and processed (except - in certain situations - data collected automatically using cookies and login data, as mentioned below).

During a visit to the website, data regarding the visit itself is automatically collected, e.g. the user's IP address, domain name, browser type, operating system type, etc. (login data). The data collected automatically can be used to analyze user behavior on the website, collect demographic data about users or to personalize the content of the website in order to improve it. However, these data are processed only for the purpose of administering the website, ensuring efficient hosting service or directing marketing content and are not associated with the data of individual users. You can read more about cookies later in this policy.

Data may also be collected for the purpose of filling in the forms on the Website, as described in the further part of the privacy policy.

WHAT ARE THE USER RIGHTS?

The user is entitled at any time to the rights contained in art. 15 - 21 of the GDPR, i.e.:

  • the right to access the content of his data,
  • the right to transfer data,
  • the right to correct data, 
  • the right to rectify data,
  • the right to delete data if there are no grounds for their processing,
  • the right to limit processing, if it occurred incorrectly or without legal basis,
  • the right to object to data processing based on the legitimate interest of the administrator,
  • the right to lodge a complaint with the supervisory body - the President of the Office for Personal Data Protection (on the terms set out in the Personal Data Protection Act), if he/she decides that the processing of his/her data is inconsistent with the currently applicable data protection laws.
  • the right to be forgotten, if further processing is not provided for by the currently applicable law.

The Administrator points out that these rights are not absolute and do not apply to all activities of processing the User's personal data. This applies, for example, to the right to obtain a copy of the data. This right may not adversely affect the rights and freedoms of other persons, such as copyrights, professional secrecy. In order to learn about the restrictions on the User's rights, I refer to the content of the GDPR. 

However, the user always has the right to lodge a complaint with the supervisory authority.

In order to exercise their rights, the User may contact the Administrator via the e-mail address: hello@mavaloom.com or by post to the address of the Administrator's place of business, if it has been provided in this privacy policy, indicating the scope of your requests. The response will be provided no later than 30 days from the date of receipt of the request and its justification, unless it is justified to extend this period in accordance with the GDPR.

CAN A USER WITHDRAW THEIR CONSENT?

If the User has consented to a specific action, such consent may be withdrawn at any time, which will result in the removal of the e-mail address from the Administrator's mailing list and the cessation of the indicated actions (in the case of recording based on consent). Withdrawal of consent does not affect the processing of data which was made on the basis of consent before its withdrawal.

In some cases, the data may not be completely deleted and will be retained in order to defend against any claims for a period in accordance with the provisions of the Civil Code or, for example, in order to fulfill legal obligations imposed on the Administrator.

Each time, the Administrator will refer to the User's request, duly justifying further actions resulting from legal obligations.

DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES?

The User's data may be transferred outside the European Union - to third countries. 

Due to the fact that the Administrator uses external providers of various services, e.g. Facebook and its subsidiaries, Google, Microsoft, etc., the User's data may be transferred to the United States of America (USA) in connection with their storage on American servers (in whole or in part ). Google and Facebook use GDPR compliance mechanisms (e.g. certificates) or standard contractual clauses for their services. They will be transferred only to recipients who guarantee the highest data protection and security, including by:

  1. cooperation with entities processing personal data in countries for which a relevant decision of the European Commission has been issued,
  2. the use of standard contractual clauses issued by the European Commission (as is the case, for example, with Google), 
  3. application of binding corporate rules approved by the competent supervisory authority, 

or those for which the User has consented to the transfer of personal data.

Detailed information is available in the content of the privacy policy of each of the providers of these services, available on their websites. For example:

Google LLC: https://policies.google.com/privacy?hl=pl

Facebook Ireland Ltd.: https://www.facebook.com/privacy/explanation

UAB MailerLite: https://www.mailerlite.com/legal/privacy-policy

Currently, the services offered by Google and Facebook are provided mainly by entities located in the European Union. However, you should always read the privacy policy of these providers in order to receive up-to-date information on the protection of personal data. MailerLite may store some data in the United States or use service providers from this country, however, data is mainly processed in the European Union.

HOW LONG DO WE KEEP USER DATA?

The User's data will be stored by the Administrator for the duration of the implementation of individual services / achievement of goals and:

  1. for the period of service and cooperation, as well as for the period of limitation of claims in accordance with the law - in relation to data provided by contractors and customers or Users,
  2. for the period of talks and negotiations preceding the conclusion of the contract or performance of the service - in relation to the data provided in the inquiry,
  3. for the period required by law, including tax law - in relation to personal data related to the fulfillment of obligations arising from applicable regulations,
  4. until an effective objection is filed pursuant to Art. 21 of the GDPR - in relation to personal data processed on the basis of the legitimate interest of the administrator, including for direct marketing purposes,
  5. until the consent is withdrawn or the purpose of processing, business purpose is achieved - in relation to personal data processed on the basis of consent. After withdrawing the consent, the data may still be processed in order to defend against any claims in accordance with the limitation period for these claims or the period (shorter) indicated to the User,
  6. until it becomes outdated or loses its usefulness - in relation to personal data processed mainly for analytical and statistical purposes, the use of cookies and the administration of the Administrator's Websites,
  7. for a maximum period of 3 years in the case of persons who have unsubscribed from the newsletter in order to defend against possible claims (e.g. information about the date of subscription and the date of unsubscribing from the newsletter, the number of newsletters received, actions taken and activity related to the received messages), or after a period of 1 year of inactivity by a given subscriber, e.g. not opening any message from the Administrator.

Data storage periods indicated in years are counted at the end of each year in which the data processing began. This is to improve the data processing and management process.

Detailed periods of personal data processing regarding individual processing activities can be found in the register of the Administrator's processing activities.

LINKS TO OTHER SITES

The Website may contain links to other websites. They will open in a new browser window or in the same window. The administrator is not responsible for the content provided by these websites. The user is obliged to read the privacy policy or regulations of these websites.

SOCIAL MEDIA ACTIVITY - FACEBOOK/INSTAGRAM

The administrator of the User's personal data on the fanpage under the name MAVA Loom and the group under the name MAVA Loom - chatter on Facebook (hereinafter referred to as the Fanpage) is the Administrator. 

The User's personal data provided on the Fanpage will be processed in order to administer and manage the Fanpage, communicate with the User, interact, direct marketing content to the User and create the Fanpage community.

The basis for their processing is the User's consent and the legitimate interest of the administrator consisting in interacting with Users and Fanpage Followers. The User voluntarily decides to like/follow the Fanpage.

The rules governing the Fanpage are set by the Administrator, however, the rules of staying on the Facebook social network result from the Facebook regulations. 

At any time, the User may unfollow the Fanpage. However, the Administrator will then not display to the User any content from the Administrator and related to the Fanpage. 

The Administrator sees the User's personal data, such as e.g. name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by the Facebook social network and under the conditions contained in its regulations. 

The User's personal data will be processed for the period of running/existence of the Fanpage on the basis of consent expressed by liking/clicking "Follow" the Fanpage or interacting, e.g. or defense against claims. 

The User's personal data may be made available to other data recipients, such as Facebook, cooperating advertising agencies or other subcontractors servicing the Administrator's Fanpage, IT service, virtual assistant, if there is contact outside Facebook. 

Other User rights are described in this privacy policy.

User data may be transferred to third countries in accordance with Facebook's regulations.

These data may also be profiled, which helps in better personalizing the advertising offer addressed to the User. However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

The above principles related to Facebook data also apply to Instagram.

DATA SECURITY

The User's personal data is stored and protected with due diligence, in accordance with the implemented internal procedures of the Administrator. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular the provisions on the protection of personal data. These measures are primarily intended to protect Users' personal data against access by unauthorized persons.

In particular, only authorized persons who are obliged to keep this data secret or entities entrusted with the processing of personal data on the basis of a separate data entrustment agreement have access to Users' personal data.

At the same time, the User should exercise due diligence in securing their personal data transmitted over the Internet, in particular not to disclose their login details to third parties, use anti-virus protection and update the software.

WHO MAY BE THE RECIPIENTS OF PERSONAL DATA?

The administrator informs that he uses the services of external entities. The entities entrusted with the processing of personal data (such as e.g. courier companies, intermediaries in electronic payments, companies offering accounting services, companies enabling the sending of newsletters) guarantee the use of appropriate measures for the protection and security of personal data required by law, in particular by the GDPR.

The Administrator informs the User that he entrusts the processing of personal data to i.a. the following entities:

  1. MailerLite Limited, an Irish registered company at Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland - for sending the newsletter and using the mailing system,
  2. Furgonetka sp. z o. o. sp. k., al. Ksią Józefa Poniatowskiego 1, 03-901 Warsaw, KRS: 0000694708, NIP: 1132567365, REGON: 140220084 - in order to carry out shipments,
  3. Invoice Sp. z o. o., ul. Juliana Smulikowskiego 6/8, 00-389 Warsaw, KRS: 0000572426, NIP: PL5213704420 - in order to issue accounting documents,
  4. mBank S.A., ul. Senatorska 18, 00-950 Warsaw, KRS: 0000025237, NIP: 5260215088, REGON: 001254524 - to operate the payment system and electronic transactions,
  5. PayPal (Europe) S.à rl & Cie, SCA with its registered office at L-1150 in Luxembourg - for the purpose of operating the payment system and electronic transactions,
  6. OVH Sp. z o. o., ul. Swobodna 1, 50-088 Wrocław, KRS: 0000220286, REGON: 933029040, NIP: 899-25-20-556 - for the purpose of servicing the domain and mail server,
  7. HubSpot Ireland Ltd with its registered office at 1 Sir John Rogerson's Quay Dublin Docklands, D02 CR67, Ireland - to operate the chat tool and CRM.
  8. other contractors or subcontractors involved in technical and administrative support, or to provide legal assistance to the Administrator and its clients, e.g. accounting, IT, graphic, copywriting assistance, debt collection companies, lawyers, etc.
  9. offices, e.g. the tax office - in order to fulfill legal and tax obligations related to settlements and accounting.

HAVE WE APPOINTED A DATA PROTECTION INSPECTOR?

The Personal Data Administrator hereby informs that it has not appointed the Personal Data Protection Inspector (IODO) and performs the duties related to the processing of personal data independently.

The User acknowledges that his personal data may be transferred to authorized state authorities in connection with their proceedings, at their request and after meeting the conditions confirming the necessity to obtain such data from the Administrator.

DO WE PROFILE USER DATA?

The User's personal data will not be used for automated decision-making affecting the rights and obligations or freedoms of the User within the meaning of the GDPR.

As part of the website and tracking technologies, the User's data can be profiled, which helps in better personalizing the company's offer, which the Administrator directs to the User (mainly through the so-called behavioral advertising). However, this should not have any effect on the legal situation of the User, in particular on the terms of the contracts concluded by him or the contracts he intends to conclude. It can only help to better match the content and targeted ads to the User's interests. The information used is anonymous and is not associated with personal data provided by the User, e.g. in the purchase process. They result from statistical data, e.g. gender, age, interests, approximate location, behavior on the Website.

Each User has the right to object to profiling if it would have a negative impact on the User's rights and obligations.

If you want to learn more about behavioral advertising, click here: https://www.youronlinechoices.com/pl/o-reklamie-behawioralnej

§4 FORMS

The Administrator uses the following types of forms within the Website:

  1. Newsletter subscription form – requires entering your name and e-mail address in the appropriate place. These fields are mandatory. Then, in order to add his e-mail address to the Administrator's subscriber database, the User must confirm the willingness to subscribe. The data obtained in this way is added to the mailing list in order to send the newsletter.
    Subscription/subscription means that the User agrees with this Privacy Policy and agrees to be sent marketing and commercial information via electronic means of communication, e.g. e-mail, within the meaning of the Act of 18 July 2002 on the provision of electronic services (Journal U. No. 144, item 1204 as amended).
    By subscribing to the newsletter, the User also consents to the Administrator's use of the User's telecommunications terminal equipment (e.g. telephone, tablet, computer) for the purpose of direct marketing of the Administrator's products and services and to present commercial information to the User in accordance with art. 172 section 1 of the Telecommunications Law (Journal of Laws of 2014, item 243, as amended).
    The above consents are voluntary, however, necessary to send the newsletter, including e.g. to inform about services, new blog entries, products, promotions and discounts offered by the Administrator or third party products recommended by him. Consents may be withdrawn at any time, which will stop sending the newsletter in accordance with the rules contained in this privacy policy.
    The newsletter is sent for an indefinite period, from the moment of activation until the consent is withdrawn. After withdrawing the consent, the User's data may be stored in the newsletter database for up to 2 years, in order to prove the fact that the User has given consent to communicate via the newsletter, the User's actions (emails openness) and the time of its withdrawal, as well as any related to including claims, which is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).
    The sending of the newsletter may be discontinued if the User has not been active for at least 1 year from the start of the newsletter service or reading the last e-mail (sent newsletter). In this case, the Administrator will remove the User's data from the system for sending the newsletter (supplier). The User will not be entitled to receive any message from the Administrator, unless he decides to subscribe again in the Newsletter subscription form or contacts the Administrator in another way selected for this purpose.
    The mailing system used to send the newsletter records all activity and actions taken by the User related to the e-mails sent to him (date and time of opening the message, clicking on links, the moment of unsubscribing, etc.).
  2. Contact form – allows you to send a message to the Administrator and contact him electronically. Personal data in the form of name, surname, e-mail address and data provided in the content of the message are processed by the Administrator in accordance with this Privacy Policy in order to contact the User.
    After the end of contact with you, the data may be archived, which is the legitimate interest of the Administrator. The administrator is not able to determine the exact period of archiving and thus deletion of messages. However, the maximum period will not be longer than the limitation periods for claims under the law.
  3. Order form in the Store – When placing an order in the Administrator's online store, you must provide specific data in accordance with the rules contained in the sales regulations in order to complete the order, fulfill legal obligations imposed on the Administrator, settlements, consider claims, for statistical and archival purposes, as well as for direct marketing in relation to customers, which is the legitimate interest of the Administrator.
    These are mainly: name, surname, company name, tax identification number, address of residence or registered office, possibly delivery address, e-mail address. If you already have a user account in the store, then it is enough to enter your login (or e-mail address) and password and log in to your account, and then take further steps related to the order.
    The administrator stores data for the duration of the order or service, and after its performance for the period necessary to protect against claims. In addition, for the time indicated by law, e.g. tax law (including the period of storing invoices).
  4. Complaint and withdrawal form in the online store www.mavaloom.com – If you use the Administrator's services or products, you can submit a complaint or withdraw from the concluded contract. For this purpose, the Administrator enables you to fill in the complaint form and the contract withdrawal form attached to the sales regulations. You can also do these activities without filling out the form, however, providing the necessary data.
    The data required in this case are: name, surname or possibly username, address of residence or address of the company's registered office (if the order was made on behalf of the company), e-mail address, telephone number (if applicable), bank account number (if a refund is required). ).
    Providing data is voluntary, but necessary to consider the complaint in accordance with the law and the sales regulations. The data will be stored for the purpose of the complaint procedure / withdrawal from the contract and for archival purposes and defense against claims.
  5. Registration form for setting up a User account in the online store – The user has the option of setting up an account in the online store and for this purpose, he should register appropriately and provide the following data: name, surname, e-mail address, address of residence, company address, tax identification number, and then password.
    Setting up an account takes place on the terms set out in the sales regulations and is a service provided electronically. The rules for maintaining an account and its possible deletion are included in the regulations.
    Data marked as such is mandatory and without it it will not be possible to set up a user account. Providing other data is voluntary.

The Administrator may entrust the processing of personal data to third parties without the User's separate consent (based on the entrustment agreement). Data obtained from the forms may not be transferred to third parties.

If the User uses the services of external providers, such as Google or Facebook, he should read their privacy policy, available from the providers of these services, on their websites.

§10 EXCLUSION OF LIABILITY AND COPYRIGHTS

  1. The content presented on the Website does not constitute specialist (e.g. educational) advice or guidance and does not refer to a specific factual situation. If the User wants to get help in a specific matter, he should contact the person authorized to provide such advice or the Administrator using the contact details provided. The Administrator is not responsible for the use of the content contained on the Website or actions or omissions taken on their basis.
  2. All content posted on the Website is subject to the copyright of certain persons and/or the Administrator (e.g. photos, texts, other materials, etc.). The Administrator does not agree to copying this content in whole or in part without his express prior consent.
  3. The Administrator hereby informs the User that any dissemination of content made available by the Administrator constitutes a violation of the law and may give rise to civil or criminal liability. The Administrator may also demand appropriate compensation for material or intangible losses in accordance with applicable regulations.
  4. The administrator is not responsible for the use of materials available on the website in a way that is unlawful.
  5. The content posted on the Website is valid as of the date of its posting, unless otherwise indicated. 

§6 TECHNOLOGIES

In order to use the Administrator's website, it is necessary to have:

  1. Devices with Internet access
  2. An active e-mail box that receives e-mails
  3. A web browser that allows you to view www pages
  4. Software that allows you to read content in the presented formats, e.g. pdf, video, mp3, mp4.

§7 COOKIE POLICY

  1. Like most websites, the Administrator's Website uses the so-called cookies. tracking technologies, i.e. cookies ("cookies"), which allows improving the website in terms of the needs of users visiting it.
  2. The website does not automatically collect any information, except for information contained in cookie files.
  3. Cookie files (so-called "cookies") are IT data, small text files that are stored on the end device, e.g. computer, tablet, smartphone, when you use my Website.
  4. These may be own cookies (coming directly from my website) and third party cookies (coming from websites other than my website).
  5. Cookies allow the content of my website to be adapted to the individual needs of the User and the needs of other users visiting it. They also enable the creation of statistics that show how website users use it and how they navigate around it. This allows me to improve my website, its content, structure and appearance.
  6. The Administrator uses the following third-party cookies as part of the Website:
  • Facebook conversion pixel and ads created via Facebook Facebook Ads (Facebook Custom Audiences) – in order to manage Facebook ads and conduct remarketing activities, which is the legitimate interest of the Administrator. The Administrator may also direct advertising content to the User via Facebook as part of contact advertising.

    The Facebook Pixel is provided by Facebook Inc. and its related companies. This is an analytical tool that helps measure the effectiveness of advertisements, shows what actions are taken by Website Users and helps to reach a specific group of people (Facebook Ads, Facebook Insights). The Administrator may also direct advertising content to the User via Facebook as part of contact advertising.

    The administrator may also conduct remarketing pursuant to art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services addressed to people who have consented to the sending of offers (or people similar to them or to users who liked the Fanpage) in such a way that the provided e-mail addresses are uploaded to the marketing tool offered by Facebook Inc., the so-called ad manager, and then an advertisement created by the Administrator or authorized persons is directed to them through the Administrator's advertising account, provided that these persons are also users of the Facebook platform (they have an account there). Each time, these data are deleted after the end of the advertising campaign. In the case of the implementation of another advertising campaign, an updated contact database is uploaded to the tool). Accurate information about the groups of non-standard recipients, the principles of data hashing and processing of this data can be found in the privacy policy of Facebook at this link https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessingand the Administrator recommends that each User read these rules.

    The information collected as part of the use of the Facebook Pixel is anonymous and does not allow for identification of the User. They show general data about users: location, age, gender, interests. The Facebook provider may combine this information with the information that the User provides to him as part of his Facebook account, and then use it in accordance with his own assumptions and purposes.

    The Administrator recommends that you familiarize yourself with the details related to the use of the Facebook Pixel tool and possibly ask questions to the supplier of this tool, as well as manage your privacy settings on Facebook. More information can be found at the link: https://www.facebook.com/privacy/explanation. At any time, you can opt out of cookies responsible for displaying remarketing ads, e.g. on https://www.facebook.com/help/1075880512458213/.

    By using the website, the user agrees to the installation of the indicated cookie on his end device. 
  • Built-in Google Analytics code – in order to analyze the statistics of the Website. Google Analytics uses its own cookies to analyze the actions and behavior of Website Users. These files are used to store information, e.g. from which page the User came to the current website. Help to improve the Website.

    This tool is provided by Google LLC. Actions taken as part of the use of the Google Analytics code are based on the Administrator's legitimate interest in creating and using statistics, which then allows improving the Administrator's services and optimizing the Website.

    As part of using the Google Analytics tool, the Administrator does not process any User's data enabling his identification.

    The administrator recommends that you familiarize yourself with the details related to the use of the Google Analytics tool, the possibility of disabling the tracking code, and possibly asking questions to the provider of this tool under the link: https://support.google.com/analytics#topic=3544906.
  • Plugins directing to social media e.g. Facebook, Instagram, Pinterest.

    After clicking on the icon of a given plugin, the user is sent to the website of an external provider, in this case the owner of a given social networking site, e.g. Facebook. Then he has the option of clicking "Like" or "Share" and liking the Administrator's fanpage on Facebook or directly sharing its content (post, article, video, etc.).

    The administrator recommends that you read the Facebook privacy policy before creating an account on this portal. The administrator has no influence on the data processed by Facebook. From the moment the User clicks on the plug-in button referring to social media, personal data is processed by the social network, e.g. Facebook, which becomes their administrator and decides on the purposes and scope of their processing. Cookies left by the Facebook plugin (or other third parties) may also be applied to the User's device after entering the Website and then associated with data collected on the Facebook portal. By using the Website, the User accepts this fact. The administrator has no influence on the processing of data by third parties in this way.

    The above guidelines should also apply to the operation of:

    Facebook - fanpage located at the URL: www.facebook.com/mava.loom/,

    Profile on the Instagram social network, located at the following URL: www.instagram.com/mava.loom/,
  1. The Administrator again recommends that you read the privacy policy of each of the providers of the above services in order to learn about the possibilities of making changes and settings that ensure the protection of User's rights.
  2. The website uses two types of cookies: session cookies, which are deleted after closing the browser, logging out or leaving the website, and permanent cookies, which are stored in the user's end device, which allows the browser to be recognized the next time the website is accessed, for the time specified in parameters of cookies or until they are deleted by the User.
  3. In many cases, the software used for browsing websites (web browser) allows cookies to be stored on the User's end device by default. Website users may change their cookie settings at any time. These settings can be changed, in particular, in such a way as to block the automatic handling of cookies in the web browser settings or inform about each time they are placed on the Website User's device. Detailed information on the possibilities and ways of handling cookies are available in the software (web browser) settings.
  4. The administrator informs that restrictions on the use of cookies (disabling them, limiting them) may affect some of the functionalities available on the websites of the Website and hinder its functioning.
  5. More information on cookies is available at http://wszystkoociasteczkach.pl/ or in the "Help" section of the web browser menu.

§8 CONSENT TO COOKIES

When you first enter the Website, you must agree to cookies or take other possible actions indicated in the message to be able to continue using the content of the Website. By using the Site, you consent. If you do not want to express such consent - leave the Website. You can always change your browser settings, disable or delete cookies. The "help" tab in the User's browser contains the necessary information.

§9 SERVER LOGS

  1. Using the Website involves sending queries to the server where the Website is stored.
  2. Each query addressed to the server is saved in the server logs. Logs include e.g. User's IP address, server date and time, information about the web browser and operating system used by the User.
  3. Logs are saved and stored on the server.
  4. Server logs are used to administer the Website, and their content is not disclosed to anyone except persons and entities authorized to administer the server.
  5. The Administrator does not use server logs to identify the User in any way.

Date of publication of the Privacy Policy: 15/03/2023.

Date of last update: 06/16/2023