Administrator of Bizneson Sp.z o.o.
Personal data is all data that our site receives about an individual. This
information is identified based on the equipment's IP address, geolocation
data, online identifier, as well as other data that was collected by the
collection of cookies and other similar methods.
or the General Data Protection Regulation is a piece of legislation passed by
the European Parliament and the Council on 04/27/2016. It regulates the
protection of individuals with regard to the analysis and processing of
personal data, as well as the free movement of such data. Repeals the previous
act - Directive 95/46 EC.
Website is an Internet page managed by the Administrator and located at
1.6. A user
is every person who visits the Site or uses at least one service that is
described in the Policy.
in connection with your visit to the website
data is collected by the administrator when the User uses the site. All data is
collected to the extent necessary to provide specific services offered by the
company, as well as to analyze the User's activity. All information about the
rules and purposes of such a collection is described in detail below.
data collection and analysis
IF THE USER
USES THE SITE
processing of all personal data of visitors to the Site who have not been
registered is carried out by the Administrator for the following purposes:
provision of electronic services, namely the familiarization of the user with
the content posted on the Site and the provision of contact forms (legal basis
- Article 6 (1) b GDPR);
processing of purchases made without registration (legal basis - Article 6(1)b
processing of incoming complaints (legal basis - Article 6(1)b GDPR);
collection of analytical data for statistical purposes (the legal basis is the
legitimate interests of the Administrator - Article 6(1) f GDPR), in this case,
the collected data is used to analyze the activity of the Users and the
preferences of each of them in order to improve the quality of the services
identification, determination and consideration of claims, as well as defense
against them (legal basis - Article 6 (1) f GDPR);
marketing goals (detailed information is in the MARKETING section).
of Users and collected personal data are stored in special system logs -
computer programs, analyzed and processed. Such information may be stored for a
limited time to ensure the security and proper functioning of the Site.
IF THE USER
REGISTERS ON THE SERVICE
case of registration on the site, the User enters personal data to create an
individual account. To improve the quality of service, the User may enter
additional personal data - this confirms consent to the processing of such
information. Additional personal data can be permanently deleted at any time at
the request of the User. A number of data during registration are marked as
mandatory. They are used to create and manage an account. If the User refuses
to enter this data, the account cannot be created.
3. 3. The processing
of personal data is necessary for:
maintenance of a personal account and its maintenance (legal basis - Article
6(1)b GDPR and Article 6 lit. 1 lit. a GDPR);
analysis and maintenance of statistics on the behavior of Users in order to
improve the quality of service (legal basis - Article 6 (1) f GDPR);
identify claims, their consideration, as well as to protect against them
(ground 6 (1) f GDPR);
marketing goals (detailed information is in the Marketing section).
user may place personal information of other persons on the site (for example,
to place an order for another person) only subject to compliance with
applicable law and while maintaining the personal rights of other persons.
IF THE USER
buying goods on https://bio-flame.eu/, the User's personal data is processed.
All data that is marked in the order form as mandatory is necessary for the
acceptance of the order and further customer service. If they are not provided,
the order will not be fulfilled. Data that is not marked as required can only
be entered if desired. If the user places an order, he automatically agrees
that his personal data will be made available to the sellers in order to
fulfill the sales contract.
3.6. The processing
of personal data is carried out for:
execution of a completed order (legal basis art. (art. 6(1)(b) GDPR);
fulfillment of the obligations assumed by the Administrator by law (including
accounting and tax reporting) (legal basis art. 6(1)(c) GDPR);
conducting sales analytics and collecting static data (legal basis - Article
6(1) f GDPR);
possibility of filing claims, examining them and defending against them (legal
basis - (Article 6 (1) f GDPR).
4.1. The processing
of the personal data of the user is used by the administrator for marketing
purposes, including for:
displaying content that is not adapted or adapted to his preferences;
sending emails with interesting (promotional) offers or other content that may
contain commercial information;
carrying out other activities that are related to the marketing of Bio-Flame
conduct marketing activities, the Administrator can use the profiling method.
To do this, information obtained as a result of automatic data processing can
be used to analyze user behavior and make predictions for further interaction.
processing of personal data may be used for marketing purposes to provide the
User with contextual advertising (legal basis is Art. 6(1)(f) GDPR).
processing of personal data is carried out using cookies, as well as other
similar technologies for marketing purposes. As a result, the user can receive
adaptive advertising - focused on his preferences. The use of personal data for
these purposes is possible only if there is a confirmed consent from the user
to the collection of cookies.
user can withdraw consent to the collection of cookies at any time.
4.6. In the
event that the User agrees to receive marketing information through various
means of electronic communication (for example, SMS messages, e-mail, etc.),
his personal data will be processed in order to send such data. In the event that
the User is not interested in receiving such information, he may refuse to
who visit the Administrator's profile on social networks (including Facebook or
Instagram) are also subject to the processing of personal data. (legal basis is
Art. 6(1)(f) GDPR).
Cookies are small files that appear on the User's device as a result of
browsing the Site. They store information about the actions of the User, which
is necessary to facilitate further use of the Site. For example, Cookies may
remember visits to the Site and the actions that Users usually perform.
part of the provision of services to the User, the Administrator collects
service cookies. They may be available to the Administrator, as well as other
entities that provide services for the collection of analytical and static
data. Service cookies include:
files that store data entered by the User during one visit to the Site;
authentication files that are necessary for the provision of the corresponding
services (requiring authentication);
persistent cookies that store information about user interface settings;
files that store information about the contents of the basket during the actual
stay of the User on the site;
files that allow you to monitor the user's movements while visiting the Site
(needed to create statistical reports on the operation of the Site).
Cookies are used by the administrator, among other things, to provide Users
with behavioral advertising. To do this, the Administrator keeps copies of
Cookies or gets limited access to data stored on the User's end device. At the
appropriate browser settings, and this consent can be revoked at any time. To
do this, the user needs to clear the cookie history on his device and disable
their collection in the settings of a particular browser.
the processing of personal data
duration of storage of personal data of Users depends on the services provided
to them and the purpose of the processing. Most often, the data is stored for
the entire period of order fulfillment until the withdrawal of consent or until
the User makes an objection after processing the data.
duration of the data processing period may be extended if it is necessary to
establish / present any claims or defend against them. After the processing
period ends, all data is deleted or made anonymous.
have the right:
receive information that personal data is being collected and processed;
receive a copy of personal data;
correct inconsistencies or errors in personal information;
request deletion of data;
restrict the processing of personal data - give permission only for partial
transmission - subject to the availability of appropriate technical
refuse to process data for marketing purposes without justification;
refuse to process data for analytics and statistics with the presentation of
withdraw consent to the processing of personal data;
file a complaint about the misuse of personal data (in case of violations of
the provisions of the GDPR).
user can apply for the exercise of their rights:
the legal address: Bizneson Sp.z o.o. ul. Rakowicka 10B, lok. 4 31-511 Krakow;
8.3. In the
application, the User must specify exactly what aspect his request concerns,
right the User wants to use, for example, the right to receive a copy of
personal data, the right to delete personal data, etc.;
stages of processing the application concerns, incl. activity on the Site,
receiving advertising mailings, etc.;
purposes of processing are affected by this application, incl. marketing,
statistical, analytical, etc.
8.4. If it
is impossible to determine the content of the request or identify the User, the
Administrator may request additional information from the sender of the
response to the request is sent within 1 month after receiving the request. If
the Administrator feels the need to extend this period, he informs the
applicant about this additionally, indicating the reason for the delay.
answer comes in the same way as the request was sent - to email or a regular
personal data may be transferred to external entities if this is required by
the performance of services. In particular, this information may become
available to banks, payment operators, entities that provide IT services,
legal, audit, transport, consulting and accounting services.
receipt of the informed creation of the User, his data may also become
available to others for marketing and other purposes.
Administrator may transfer information about the User to the competent
authorities in accordance with the current provisions of the law.
data outside the European Economic Area
Administrator may transfer user data outside the EEA only if necessary in
accordance with the law. Appropriate security measures approved by the European
Commission are used for transmission. The Administrator must inform users of
the intention to transfer personal data outside the EEA at the data collection
administrator systematically analyzes the risks in order to guarantee the
security of the processing of personal data to users. The administrator
guarantees that only authorized persons have access to the data, while access
is granted to them only to a limited extent - to the extent necessary.
administrator takes a set of measures to protect user data when using this data
by his subcontractors and other persons who receive access to personal data
contact the Administrator, you can use the email address or the address
https://bio-flame.eu/ collects cookies to store encrypted anonymous information
about users. Cookies are necessary to improve the quality of service and
increase the functionality of our online store. BioFlame never sells or shares
the collected data with third parties.