Regulations regarding the purchases made in the online store www.timelesschristmastrees.com

General provisions 

1. The following document states the privacy policy rules for the online store ( from now as “online store”). 

2. The owner of the online store and administrator of personal data is Adal sp. z o.o. located in Koziegłówki, ul Lipowa 72. 

3. Personal data gathered by the administrator of the online store are processed in accordance to the regulation of the European Parliament and Council (EU) 2016/679 from 27.04.2016 regarding the protection of physical personas in reference to the processing of personal data and in the case of smooth transfer of data the repealing the directive 95/46/WE (general regulation for data protection) (dz. Urz. UE L 119, s. 1), from now called: RODO.

4. Children under the age of 16 are not the addressees of the goods and services provided by this website. Personal data administrator does not predict the active gathering of personal data for children under the age of 16. 

Personal data 

Administrator of personal data

In the case of personal data you can contact its administrator by the following means:

- E-mail – shop@timelesschristmastrees.com

- Post  - ul. Lipowa 72, Kozieglowki, 42-350 Kozieglowy, Poland

- Phone – +48 698 873 749, +48 34 314 10 23  

The customer provides his personal data of free will and is a requirement for the provision of servicers by the personal data administrator via the online store. 

Purposes and legal grounds for the processing of personal data

Administrator gathers information regarding the clients of the online store being physical personas:

1/ In the case of placing an order in the online store, in order to create a contract of sale. Legal grounds: necessity for the contract of sale (art. 6 ust. 1 lit. b RODO). 

In this instance the personal data provided by the customer during the purchase of gods that gets processed are as follows: name and surname, email, address, payment details, any passwords used via the client account, phone number, company or NIP number. 

2/ In the case of creating a Customer Account in the online store, to create an individual account and manage said account. Legal grounds: necessity for the contract of sale (art. 6 ust. 1 lit. b RODO). 

In this instance the personal data that gets processed is as follows: email, password and gender. 

3/ in the case of subscribing to the newsletter, to create a contract, the subject of which is the service provided online. When a customer subscribes to the newsletter, the seller will electronic messages to his/hers email or text messages to his/hers cell phone, containing information about promotions and new products being available in the online store. Legal grounds: agreement of the person, which data is being processed in order to provide the service of the Newsletter (art. 6 ust. 1 lit. a RODO). Data processed are as follows: email and phone number. 

4/ in order to provide services which do not require an account or the purchase of goods. These services are as follows : browsing the online store, searching for goods and looking up statistics and using particular functions of the online store. Data which is processed in this instance mostly concerns the activity of clients on the online store, such as browsing data, device session data, operating system, browser, localization and the IP address. Legal grounds: Legally justified interests (art. 6 ust. 1 lit. f RODO), based on facilitating the use of services and improvement of functionality of said services. 

5/ in order to establish, investigate and enforce claims and defend against claims in proceedings before courts and other state authorities, the personal data which may be processed are as follows: name, surname, usage data, if the claims come from the way the client has been using services, as well as other necessary data to validate claims, and the extend of damages. Legal grounds: Legally justified interests (art. 6 ust. 1 lit. f RODO), based on establishing, investigating and enforcing claims and defending against claims in proceedings before courts and other state authorities. In this instance the personal data which may be processed are as follows 

6/ In order to validate claims, complaints, form and questions asked by the client, we process data submitted in the contact application, reclamation form, or in order to answer questions or queries as well as data used in the process of creating customer accounts, this also includes an other data used during the process of ordering goods and other services provided by the selling party which were the basis for complaints, claims and reclamations. Legal grounds: Legally justified interests (art. 6 ust. 1 lit. f RODO). 

7/ In order to perform market research and gain customer and partner reviews such as: order details, clients personal data provided in the client account or during an order, email address. Data gathered during the market and review research are not used for marketing purposes. Precise guide lines are supplied in the information section of each form or in places, where the client is required to provide personal data. 

8/ Personal data regarding the preferences, behaviours and selection of marketing contents can be used as a basis for automated decisions aimed to determine the sales possibilities of the online store. 

Duration of data processing 

1. In case, if the processing of personal data has been allowed by the client, data will be processed by the seller for as long as the permission given by the client remains in effect. Once the permission has been revoked for a period of time corresponding to the period of claim limitations that may be raised by the seller and which may be raised against him. 

2. In case, when the basis for data processing is the creation of a contract, data will be processed by the seller for a as long as it is required to complete the contract, and after for the duration of time corresponding to the claims limitation period. If the concrete regulation does not state otherwise, the limitation period is six years, and for periodic benefits and claims related to running a business are three years. 

Recipients of personal data 

Clients personal data is transferred to:

1/ state authorities, e.g. the prosecutor’s office or the police, if they ask for it

2/ service providers, that the seller uses for running the online store 

Providers are:

- Entities subject to the sellers instructions for the purposes and methods of processing said data, e.g. website hosting , accounting or marketing analysis services.

- Entities setting the purposes and methods for using the clients persona data themselves. These would be banking and online payment services. 

Rights of the person, to which the data belongs 

In accordance with RODO the client is entitled to:

- Request access to his personal data

- Request to change his personal data 

- Demand the deletion his personal data

- Demand the processing of his personal data be limited

- Object to he processing of his personal data

- Demand the relocation of his personal data 

The administrator of the personal data has to, without delay – or at least within a month from receiving the request – provide information about the course of action taken in connection with the submitted request. If required the one month period can be extended by an additional two months’ time if the character or the amount of demands is abnormal. In any case the administrator will inform interested parties of any changes within a month from accepting the request. 

The right to access personal data ( art. 15 RODO )

The client has every right to demand access to their personal data from the administrator. 

If the administrator is processing your data, the client has a right to:

- Access their personal data

- Receive information on the purposes, categories, recipients, planed storage times and criteria in which their personal data will be processed. He is also entitled to know about all rights the client is entitled to, as outlined in RODO, the right to raise complaints to the proper authorities, source of data, automated decisions made, profiling and security solutions used when transferring data beyond the borders of the European Union. 

- Gain copies of their personal data

In order to gain access to your personal data please file a request to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

The right to rectify personal data ( art. 16 RODO )

If the clients personal data is incorrect, the client has the right to demand from the administrator an immediate rectification of personal data, as well as make additions to their personal data.

Demands to rectify or make additions need to be sent to the following address ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

If the client registered in the online store, his personal data can be rectified or adjusted by logging in to the online store. 

The right to delete persona data, “the right to be forgotten” ( art. 17 RODO )

The client has a right to demand from the administrator that his personal data be deleted when:

- His personal data is no longer necessary for the purposes it has be gathered for

- He has withdrawn his original consent, to the extent that his personal data was processed based on his consent

- Personal data was not processed with accordance to the law

- The client has objected to the processing of personal data, directly for marketing needs, which includes profiling, to the extent that said data will be related directly to marketing

- The client has objected to the processing of personal data in connection with the processing necessary to perform any task, carried out in the public interest, or the legitimate interests pursued by the administrator of said personal data. 

Despite the motion for personal data to be deleted, the administrator can keep processing said data in order to validate, investigate or defend against any claims, about which the client will be informed. This primarily concerns data such as: name and surname, email address, information needed to validate any claims or demands associated with services provided by the Seller, address for correspondence, order number, information needed to consider any complaints or claims related to the concluded contracts of sale or services. 

Request for data deletion should be forwarded to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

The right to limit  the processing of personal data ( art. 18 RODO )

The client has the right to limit the processing of personal data when: 

- He/she questions the correctness of his personal data – The administrator limits the use of said personal data until any mistakes have been corrected

- When the data is not processed in accordance to the law, and instead of deleting, its uses are to be limited

- Clients personal data is no longer necessary for processing needs, but are required to validate and defend against any claims the client can make

- When the client objects to the processing of his personal data – until is it legally proven that the administrators interests concernic personal data overrule the objection raise by the client.

Requests for data limitation should be forwarded to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

The right to object to the processing of personal data ( art. 21 RODO )

The client has the right to object to the processing of theirs personal data at any given time, including profiling in conjunction with:

- Processing necessary to complete a task in public interest or any processing that may be required, and is justified by law, by the administrator and third parties;

- Processing required for direct marketing purposes 

Objections to the processing of personal data should be forwarded to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

The right to relocate personal data ( art. 20 RODO ) 

The client has the right to receive, from the administrator, their personal data in a structured, commonly used format, suitable for mechanical reading and to be sent to a different personal data administrator. 

Has the right to demand, that the personal data administrator send their data to another administrator ( as long as is technically possible ). 

Demands regarding this issue should be forwarded to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

The right to withdraw consent ( art. 7 ust. 3 RODO )

The client has the right to withdraw their consent to data processing, that he has granted the seller. 

The withdrawal of consent does not carry any negative consequances for the client, can however prevent the correct functionality of services, which the seller can only provide with the consent of the client as is the law. 

Demands to withdraw consent should be forwarded to the following address: ul. Lipowa, Kozieglowki, 42-350 Kozieglowy

Complaint to the supervising authorities 

Clients, that feel that their personal data is being processed in a way that violates RODO, they have every right to raise a complaint to the supervising authorities, particularly in a EU member country that he/she is staying in, their place of work or where the infringement took place.  

In Poland the supervising authority of RODO is the President of Personal Data Protection Office (PUODO). 

Cookies 

1. While browsing the pages of the online store files called “cookies”, from here on known as Cookies, meaning small text files, are saved on the providers end machine as a result of using said Online Store. Information gathered with the use of those files help personalised the offers visible to the clients personal preferences and realistic needs. They also allow for the creation of overall statistics for visited products on the Online Store. 

2. “cookie” files usually consist of the domain name, from which they came, time of storage and assigned value. 

3. The Seller uses the following types of cookies:

- Session cookies: once you have closed a given browser or turn off the PC, saved data are deleted from the memory of your machine. The session cookie mechanism does not allow for the download of any personal data or confidential information from the clients computer. 

- Permanent cookies: are stored on the end machine of the service provider and stay there until they expire or be deleted. The permanent cookie mechanism does not allow for the download of any personal data or confidential information from the clients computer. 

4. The Seller also uses the “cookie” files of external entities for the following purposes: 

- Statistic creation – these help to understand how the clients use the Online Store, which allows for the betterment of the provided services

- Determining the customers profile

- Clients activity analysis 

- Online Store popularity 

5. The cookies mechanism is safe to the clients computers, that use the Online Store. It is impossible for viruses and other malware to reach the computer of clients through the use of cookies. However clients have the option to limit the use of cookies, or turn them off entirely, within their browser. In this case the use of the Online Store is possible, besides the functions, that by their nature require the use of cookies. 

Download: Privacy Policy.pdf