§ 1. General provisions
§ 2. Definitions
The terms used herein shall have the following meanings:
- Controller – Veello s.c. M. Bauman, K. Kuźmiński, Ł. Mańka, ul. Załęska 22D/3, 35-322 Rzeszów, Poland, VAT ID PL5170429549;
- Service – the on-line (Internet) store available via the Website;
- Website – the website available at https://veello.com and all its subpages;
- Parties – the Controller & the User;
- User – a person that uses the Website and has provided their personal data thereon.
§ 3. Protection of personal data
- The Controller is a controller of personal data within the meaning of the General Data Processing Regulation of 27 April 2016 (GDPR).
- The Controller processes data to such an extent, for such a time and towards such purposes as indicated from time to time in the User data collection forms.
- Personal data shall be provided only to trusted subcontractors of the Controller, i.e. IT service providers, the accounting company, the administration, payment agents.
- Personal data of newsletter subscribers may be shared with the business partners of the Controller for the purpose of providing the newsletter mailing service.
§4. User’s Rights
- If a User’s personal data changes, the User should update it by sending a message to the Controller.
- The User shall have the right of access to, rectification, and erasure of their personal data, and of restriction of the processing thereof. The User shall also have the right to withdraw consent at any time without affecting the lawfulness of the processing, the right to data portability, and the right to object to the processing of personal data.
- The User shall have the right to file a complaint with the President of the Polish Personal Data Protection Office.
- Personal data is provided on a voluntary basis, but the website cannot be used without a statement of consent to data processing.
- The Controller may refuse to delete a User’s personal data if the data is required to be retained under applicable law.
§5. Data encryption
- The Controller undertakes to encrypt the transmitted data to secure the User data stored in the system.
- Each connection between the User and the Website is encrypted and confidential.
§6. Technical data protection measures
- The Controller shall use any and all technical and organisational measures to keep personal data secure and protect it from accidental or malicious damage, accidental loss, modification, and unauthorized disclosure or access. Such information shall be stored and processed on high-security servers with appropriate security measures, as required by Polish law.
- The Controller shall keep backups of User personal data.
- The data are stored on top-class equipment and servers in properly secured information storage centres, accessible by authorized persons only.
- The Controller shall conduct any and all personal data processing activities in accordance with all legal and technical requirements imposed on it by personal data protection regulations.
§7. Cookies Policy
- The Website uses two variants of Cookies: session and persistent Cookies. Session Cookies are temporary files that are stored on the User’s terminal data equipment until the User logs off, leaves the website or closes the software (the browser). Persistent Cookies are stored on the User’s terminal data equipment for a fixed period of time, as given in the parameters of the cookies themselves or until deleted by the User.
- The Website uses the following types of Cookies:
- "essential" – Cookies which enable the use of the services available within the Website, e.g. authentication cookies;
- "performance" – Cookies that store information on how the Website is used;
- "functionality" – Cookies used for storing the User’s selected settings and personalizing the User interface, e.g. the User’s language and/or region, font size, Website appearance etc.
- "advertising" – cookies that enable the delivery of advertising content to Users that is better tailored to their interests.
- "integration" – cookies related to the third-party services used on the Website, such as Google Analytics.
- You can change the cookie settings in your web browser. By not changing these settings you accept the cookies used here.
- As per practice of most online services, we store the HTTP requests made to our server (server logs). As such, we store:
- the IP addresses of the users viewing the information on our website;
- time of query,
- time of response,
- name of the client’s station – the identification is carried out by the HTTP protocol,
- information about HTTP transaction errors,
- URL address of the previously visited page (referrer link);
- User’s browser information.
- The data are stored in log files and used strictly and exclusively for the purposes of administering the Website.
- The collected logs are stored for an indefinite period of time to support Website administration. The information contained therein is not disclosed to any persons other than those authorised to administer the Website. The log files may be used to generate statistics for administration purposes. Such aggregate analyses (statistics) shall not contain any identifying characteristics of persons visiting the Website.
- The User may, at any time, contact the Controller in order to obtain information on whether and how the Controller uses their personal data.
- The User may also request that the Controller delete the User’s personal data in whole or in part.
- The Controller can be contacted via e-mail at: firstname.lastname@example.org