LIFETEC.DESIGN

Privacy Policy

§ 1 General terms and regulations

  1. The administrator of personal data collected via the lifetec.design online store (hereinafter referred to as the “Store”) is LIFE-TEC Maciej Dębowski, registered in Warsaw (01-494) at ul. Mieczysława Wolfkego 1/7., NIP 5222808797 (hereinafter referred to as the “Administrator”). For all matters related to the processing of personal data, you can contact us at: biuro@life-tec.pl or send correspondence by post to the Administrator's registered office address.
  2. This privacy policy (hereinafter referred to as the “Policy”) is for informational purposes and sets out the rules for the processing and protection of personal data provided by Users in connection with their use of the Store's services.
  3. The User's personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”.

§ 2 Purposes, legal basis, and scope of data processing

The Administrator processes Users' personal data for the following purposes, based on the indicated legal grounds and within a specified scope:

Purpose of processingLegal basis (GDPR)Scope of data processed
Order fulfillment and performance of the sales contractArticle 6(1)(b) (necessary for the performance of a contract)First and last name, delivery address, email address, phone number, tax identification number (for invoices), order number.
Customer contact (e.g., responses to inquiries)Article 6(1)(f) (legitimate interest of the Administrator)First and last name, email address, phone number, content of the inquiry.
Maintaining a User account in the StoreArticle 6(1)(b) (necessary for the performance of a contract)First and last name, email address, password, order history.
Analytical and statistical purposesArticle 6(1)(f) (legitimate interest of the Administrator)IP address, location data, device data, website behavior data (details in § 3).
Compliance with legal obligations (e.g., tax, accounting)Article 6(1)(c) (legal obligation incumbent on the Administrator)Data from invoices and other accounting documents.

§ 3 Cookies and analytical data

  1. The store uses cookies, which are small text files stored on the User's end device (e.g., computer, tablet, smartphone).
  2. The store uses the following types of cookies:
  • Essential cookies: These are necessary for the proper functioning of the Store, enabling, among other things, the maintenance of the User's session and the operation of the shopping cart. Their use does not require the User's consent.
  • Analytical cookies: They are used to collect information about how Users use the Store in order to optimize its operation. The Store uses a tool for this purpose. Google Analytics.
  • Functional: Functional cookies help perform certain functions, such as sharing website content on social media platforms, collecting feedback, and other third-party functions.
  1. The use of analytical cookies is possible on the basis of the User's consent, expressed through the appropriate settings in the cookie banner displayed on the first visit to the Store.
  2. Google Analytics collects anonymized information, such as the number of users visiting the website, the sources of their visits, and the pages they viewed. This data helps the Administrator understand how to improve the Store. Users' IP addresses are generally anonymized.

§ 4 Transfer of data outside the European Economic Area (EEA)

  1. As a rule, personal data will not be transferred outside the EEA. However, given that our subcontractors provide services in support of ICT services and IT infrastructure, we may outsource certain activities or tasks to reputable subcontractors operating outside the EEA, which may result in your data being transferred outside the EEA.
  2. In accordance with the European Commission's decision, recipient countries outside the EEA ensure an adequate level of protection of personal data in line with EEA standards. The Commission's decision regarding the US covers companies participating in the Data Privacy Framework program. With this in mind, we only work with companies participating in this program. More information: https://www.dataprivacyframework.gov/s/
  3. The method used by the administrator to secure your data complies with the rules set out in Chapter V of the GDPR. You can request further information about the security measures used in this regard, obtain a copy of these security measures, and find out where they are made available.

§ 5 Rights of data subjects

In connection with the processing of personal data, the User has the following rights:

  1. Right of access to data  – the right to obtain confirmation from the Administrator as to whether their personal data is being processed, and to obtain access to that data.
  2. Prawo do sprostowania danych – prawo do żądania niezwłocznego sprostowania dotyczących go danych osobowych, które są nieprawidłowe.
  3. Right to erasure (“right to be forgotten”) – the right to request the deletion of data if it is no longer necessary for the purposes for which it was collected.
  4. Right to restrict processing  – prawo do żądania ograniczenia przetwarzania w określonych przypadkach.
  5. Prawo do przenoszenia danych – the right to receive, in a structured, commonly used, machine-readable format, personal data concerning him or her that he or she has provided to the Controller.
  6. Right to object– the right to object to the processing of personal data based on the legitimate interest of the Controller.
  7. Right to lodge a complaint with a supervisory authority – The user has the right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stanisława Moniuszki 1A, 00-014 Warsaw.

§ 6 Data retention period

Personal data processed for the purpose of performing a sales contract will be stored for the period necessary to perform the contract, and after that time for the period required by law (e.g., for tax and accounting purposes).

Data processed on the basis of the Administrator's legitimate interest will be stored until an effective objection is lodged.

Data processed on the basis of consent (e.g., analytical data) will be stored until such consent is withdrawn.

§ 7 Recipients of data

  1. Users' personal data may be transferred to entities processing data on behalf of the Administrator, including IT service providers, courier companies, payment operators, and accounting offices.
  2. State authorities or other entities authorized under the law.
  3. In the case of job applicants – online recruitment portals.

§ 8 Automated data processing

Personal data will not be used for automated decision-making (including profiling) in such a way that, as a result of such automated processing, any decisions could be made that would have legal effects.

§ 9 Final regulations

  1. The administrator shall implement technical and organizational measures to ensure the protection of personal data being processed, appropriate to the risks and categories of data covered by the protection.
  2. In matters not covered by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply.
  3. The Administrator reserves the right to make changes to the Privacy Policy. Users will be informed of any changes on the Store's website.