General information

The administrator of personal data is Goldpoint Dorota Kasprzak – Sabik, ul. Marokańska 1S, 03-977 Warsaw, NIP: 5221364370, phone +48 502 236 069, e-mail: [email protected]

Data Collection Policy

When browsing the website pages, statistical data on visits are collected, e.g. search engine data and queries that directed the user to the website, information about the time spent on the website, the number of pages viewed, time spent on individual pages. This is information that allows us to adapt the website to the needs of users and display the desired content.

This is information that allows us to adapt the website to the needs of users and display the desired content.

Data Usage Policy

The data collected automatically are used for statistical purposes and to adjust the content to the preferences of users, but also to support their purchases in the online store.

Information on data processing in accordance with Article 13 of the GDPR

Data Administrator

Goldpoint Dorota Kasprzak – Sabik, ul. Marokańska 1S, 03-977 Warsaw, NIP: 5221364370 phone: +48 502 236 069, e-mail: [email protected]

Rights of the data subject

In connection with the processing of personal data, each natural person has the right to request: access to personal data, rectification, deletion, limitation of personal data processing, transfer, objection to the processing of personal data on the terms set out in Articles 15-22 of the GDPR.

Each person has the right to lodge a complaint to the President of the Office for Personal Data Protection regarding the method of data processing by the Administrator.

Purposes and basis of data processing

– Users of the dorotagoldpoint.com website: The basis for the processing of personal data of users is consent, expressed respectively by conscious action, which is contact with the Administrator or by means of software settings installed in the device used by the User or configuration of the service itself (Article 6(1) point a of the GDPR), as well as the legitimate interest of the administrator, which is conducting business contacts (Article 6(1)(f) of the GDPR). The processing takes place in order to make contact, including presenting an offer for services, at the user’s request.

· Customers and contractors: processing is necessary in order to perform the contract or to take action at the customer’s request before concluding the contract, as well as in order to fulfill the legal obligation incumbent on the Administrator, in particular in connection with the provisions of the law on income tax and tax on goods and services Some data may also be processed on the basis of voluntary consent, e.g. to enable faster contact If it is necessary to pursue claims, including debt collection, the basis for processing is the legally justified interest of the Administrator (Article 6(1)(a), b, c, f of the GDPR).

· Job candidates – data will be processed for purposes related to recruitment, based on the provisions of the Labor Code, as well as on the basis of voluntarily expressed consent to the extent exceeding the provisions required, which the candidate will voluntarily provide along with the submitted application (Article 6(1)(a) a, c GDPR).

· Fanpage users (https://www.facebook.com/DGofficials/) – data will be processed for the purpose of contact, answering questions, submitting an offer based on voluntarily expressed consent, which is conscious action in the form of sending a message, as well as legally justified the Administrator’s interest related to ensuring the continuity of business activities (which is a premise for legalizing the processing under Article 6(1)(a)(f) of the GDPR).

· Users of the online store – data will be processed on the basis of the contract concluded with the Administrator for the provision of electronic services in connection with the creation of an account on the Website (Article 6(1)(b) of the GDPR).

Right to withdraw consent

Each person whose data is processed by the Administrator has the right to withdraw consent at any time without affecting the processing that took place until the consent was withdrawn.

Withdrawal of consent to the use of cookies and similar technologies will mean disabling the recommendation system, remembering the basket, etc.

Obligation or voluntary provision of data and the consequences of not providing data

Providing data by:

· User of the website is voluntary Failure to provide data or providing incomplete data may make it difficult or impossible to contact and answer questions.

· The customer/contractor in the scope of data necessary to conclude the contract is a requirement of the provisions of the Civil Code, failure to provide them will result in the inability to effectively conclude the contract, data necessary to issue an invoice is an obligation resulting from the provisions of the tax law, failure to provide them will result in the inability to settle; providing contact details is voluntary, and failure to provide them may hinder or slow down mutual business relations.

· The candidate for a job is an obligation resulting from the provisions of labor law to the extent that it is necessary to perform work in a given position, failure to provide data will prevent participation in the recruitment process; in the scope of additional data provided on the basis of the consent given, providing them is not necessary, and failure to provide them will not affect the course of the recruitment process.

· Fanpage user (https://www.facebook.com/DGofficials/) providing contact details is voluntary, and failure to provide them will result in limiting correspondence within Facebook.

· User of the online store – failure to provide the data necessary to set up an account will prevent the use of the service.

Information about the entities to whom the data may be disclosed

The administrator may share data:

· Users – entities ensuring proper service of the website, including ensuring the security of the transmitted data. The data will also be made available to entities providing cookies and similar technologies installed on the Website (detailed sharing rules are described in the further part of the policy).

· Customers and contractors – banks, insurance companies, service subcontractors, postal and courier operators, payment operators.

· Fanpage users – Facebook and its partners on the terms set out below.

· Users of the online store – entities ensuring proper operation of the store, including ensuring the security of the transmitted data. The data will also be made available to entities providing cookies and similar technologies installed on the Website (detailed sharing rules are described in the further part of the policy)

Information on data transfer to third countries

Facebook

In connection with the use of Facebook, user data will be transferred outside the EU. Facebook Inc. has joined the EU-US Privacy Shield Agreement and the Swiss-US Privacy Shield Agreement (collectively, the “Privacy Shield Agreement”) with the US Department of Commerce regarding the collection and processing of personal data from advertisers, customers or business partners in EU, and in the event that the Swiss data controller uses Facebook to process data, also in Switzerland, (hereinafter “Partners”) in connection with Facebook products and services in separate regulations. More information about the Privacy Shield program can be found at www.privacyshield.gov.

Facebook adheres to the Privacy Shield Principles (set out in each of the agreements) in the following areas of operation (collectively, “Partner Services”):

· Workplace Premium for more effective collaboration and information sharing at work. Partners (employers or organizations – data controllers) may provide Facebook with the personal data of their members, whereby these data are first processed by Facebook Ireland, and secondly by Facebook Inc. While it is up to Partners and their members to decide what data to provide, this typically includes business contacts, customer and employee data, employee-generated materials and communications, and other data administered by the Partner. For more information, you may contact the Partner through whom you created your Workplace account and refer to Workplace’s Privacy Policy.

· Advertising options and measurement tools: Facebook offers advertising options and measurement tools and through such services may obtain personal data from Partners outside the network (data controllers), with these data being processed in the first place by Facebook Ireland, and secondly by Facebook Inc. This information includes items such as contact details and information about your experiences or interactions with Partners and their products, services and advertisements. For more information on Facebook’s advertising options and measurement tools, see the “About Facebook Ads” and “Data Policy” pages. Facebook uses personal data provided by Partners to provide Partner services in accordance with the regulations of a given service, and in the absence of such regulations, in accordance with the Partners’ guidelines Facebook works with Partners to provide users with the right choices in line with the Privacy Shield Principles.

Within its mandate and in accordance with its Privacy Shield commitments, Facebook will work with Partners to provide users with access to their own personal information that Facebook holds on behalf of its Partners Facebook will also take reasonable steps to allow individuals, either directly or in conjunction with Partners, to correct, amend, or delete personal information that is shown to be inaccurate.

Facebook may transfer data to entities within the Facebook group of companies and to third parties, including service providers and other partners. Under the Privacy Shield Principles, Facebook is liable for any processing of personal data by such third parties that is inconsistent with the Privacy Shield Principles, unless Facebook was not responsible for the event that led to the alleged damage.

Personal data provided to Facebook by Partners may be subject to disclosure pursuant to requests from legal authorities and as part of other judicial and administrative procedures, such as subpoenas, orders or orders For more information, see “How do we respond to subpoenas and court orders and prevent damage?”

The U.S. Federal Trade Commission has the authority to review and enforce Facebook’s compliance with the Privacy Shield Principles.

You have the option to resolve any certification-related disputes with Facebook through TRUSTe, a U.S.-based alternative dispute resolution company. TRUSTe can be contacted through its website. In certain cases, the Privacy Shield Agreement provides the right to invoke binding arbitration to resolve disputes that cannot be otherwise resolved, as described in Annex I to the Privacy Shield Principles in each of the Agreements. In addition, under the Privacy Shield Accords, the US Department of State’s Senior Coordinator acts as an Ombudsman to facilitate the handling of requests relating to access to data transferred from the EU and Switzerland (respectively) to the US on national security grounds.

Yandex Metrica

In connection with the use of the Website and the Website, the Administrator will share data of users of Yandex Oy Limited Company – Moreenikatu 6, 04600 Mantsala, Finland (“Yandex”) and its partners. The data may be made available outside the EEA, however, under the concluded agreement with the Administrator based on standard contractual clauses, Yandex guarantees the processing of data in accordance with the requirements of the provisions of the GDPR, including the exercise of the rights of data subjects.

The service is used to analyze the use of the website or mobile application by its users. For this purpose, Yandex will collect User Data on the technical characteristics and activities of website users or mobile application users based on page views or use of the mobile application. The data will be evaluated by processing software to create reports, including, but not limited to, information about time spent on the website or mobile application, approximate geographic origin, origin of user traffic, exit pages and usage history.

Data collected: Data collected from page views or mobile app usage regarding the technical characteristics and activities of website or mobile app users. This applies in particular to information about the time spent on the website or mobile application and interaction with the website or mobile application, as well as the IP address of website or mobile application users and information about cookies.

Yandex data processing policy: https://metrica.yandex.com/about/info/data-policy/

Data storage time

· Users: personal data of users who contact about the possibility of providing services until the end of contact and the expiry of any claims, but not longer than 3 years.

· Customers/contractors: until the end of the contract, and then for the period specified in applicable law in connection with the administrator’s obligations in the field of archiving documents and tax settlements.

· Fanpage users: until the consent is withdrawn or the Facebook account is deleted.

· Users of the online store – until the account is deleted or the contract for the provision of electronic services is terminated.

· The website user can opt-out to delete information saved by Yandex https://yandex.com/support/metrica/general/opt-out.html

Cookies

The user can disable cookies in the browser settings. They will not affect browsing the content available on the website.

The website uses the following cookies:

Session cookies: they are stored on the User’s Device and remain there until the end of the browser session. The stored information is then permanently deleted from memory

Devices The session cookie mechanism does not allow for downloading any personal data or any confidential information from the User’s Device.

Persistent cookies: they are stored on the User’s Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not delete them from the User’s Device. The mechanism of persistent cookies does not allow downloading any personal data or any confidential information from the User’s Device.

Links to other sites. The user can delete cookies in the browser settings, but also using the opt-out mechanism for Yandex cookies: https://yandex.com/support/metrica/general/opt-out.html

The Administrator is not responsible for the rules of operation and privacy policies of other websites to which the user can go via links available on the website.

Changes

In the event of a change in the applicable privacy policy, appropriate modifications to the above provision will be made.


Back to Top
Product has been added to your cart