Cookies and GDPR
The Personal Data Administrator protects your personal data with special care. All data are provided by customers voluntarily and can be deleted at any time. By using the services of Lookreacya.com you can be sure of the security of your data.
I. DEFINITIONS
1. Personal Data Administrator – An entity that decides about the purposes and means of personal data processing. The Administrator of Personal Data is Lookrecya Dream Jewelry, registered at Sigynsgade 58, 4th, Copenhagen 2200, Denmark, VAT number DK40604375.
2. Personal data – all information about a natural person identified or identifiable by one or more specific factors determining the physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, data about location, online identifier, and information collected through cookies and other similar technology.
3. RODO – Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95 / 46 / EC.
4. Website – a website run by the Administrator at Lookrecyadreamjewelry.com.
5. User – any natural person visiting the Website or using one or more services or functionalities of the Website.
II. General provisions
1. Lookrecya Dream Jewelry, registered at Sigynsgade 58, 4th, Copenhagen 2200, Denmark, vat DK40604375 is the administrator of personal data within the meaning of the Regulation of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC, with regard to the personal data of Users who are natural persons.
2. In connection with the User’s use of the Website, the Administrator collects data to the extent necessary to provide individual services offered, as well as information about the User’s activity on the Website. The detailed rules and purposes of processing personal data collected while using the Website by the User are described below.
3. The administrator declares that he applies technical and organizational measures aimed at securing the entrusted personal data in accordance with the provisions referred to in art. 24 – 36 GDPR.
III. Processing of personal data.
1. The administrator collects the following personal data:
a) creating an account: name and surname, e-mail address, telephone number.
b) after creating an account – as part of the transaction: name and surname, e-mail address, address, telephone number, bank account number, computer IP address.
c) contact form: name and surname, e-mail address, telephone number, and possibly data that the contact person will voluntarily indicate in the form.
d) subscription to the Newsletter: name and e-mail address.
2. The User provides personal data voluntarily. The user should consider on his own the risk that may be associated with the provision of personal data, in particular providing the address or the exact location. Such risk may be, for example, the possibility of identifying the User by other persons, loss of some privacy, and in extreme cases even identity theft.
3.When it is necessary to provide the service to Users or it constitutes a legitimate interest of the administrator or third parties (which is, for example, ensuring the security of IT resources or the security of other Users), the administrator is entitled to automatically acquire and record data transferred to the server by web browsers Users’ devices. Such data includes: IP address, parameters of the software and hardware used by the User, pages viewed, identification number of the mobile device, and other data regarding devices and system use.
IV Cookies
The administrator may collect data as part of the website services via such technologies as cookies.
V. Purposes of personal data processing.
The administrator processes personal data for the purpose of:
a) take steps necessary to conclude a contract at the request of the data subject and perform the contract to which the data subject is a party,
b) fulfillment of legal obligations incumbent on the Administrator,
c) marketing of own products or services
– based on Article. 6 sec. 1 lit. b) and lit. c) GDPR
d) pursuing or securing claims,
e) confirmation of acceptance of the complaint and reply to it to the indicated e-mail address (e-mail),
– based on Article. 6 sec. 1 lit. f) GDPR
f) providing information on proposed changes to the store’s offer, including price list changes,
g) analyzes of customer preferences or interests, based on automated processing, by the Administrator, of data from devices used by the customer when using the services. On the basis of the created customer profile, the Administrator may adjust the services provided to the individual interests of the customer,
h) marketing of own products or services and of possible partners.
– Based on the consent granted, pursuant to Art. art. 6 sec. 1 lit. a) GDPR,
VI. The period for which personal data will be stored.
1. Personal data processed in order to conclude or perform the contract and fulfill the legal obligation of the Administrator will be kept for the duration of the contract,
and after its expiry for the period necessary to:
a) customer service (e.g. handling complaints),
b) securing or pursuing any claims due to the Administrator, until the claims are time-barred,
c) fulfillment of the Administrator’s legal obligation (e.g. resulting from tax or accounting regulations) until the expiry of the legal obligation incumbent on the Administrator,
2. Personal data processed for the purposes of marketing products or services on the basis of consent, will be processed until an objection is raised or the consent is withdrawn by the data subject;
3. Personal data processed on the basis of a separate consent will be kept until its revocation.
VII. Rights of the data subject.
The User has the right to:
1) access to the content of your personal data, i.e. the right to obtain confirmation whether the Administrator processes data and information regarding such processing,
2) rectify data, if the data processed by the Administrator is incorrect or incomplete,
3) requests from the Administrator to delete data,
4) requests from the Administrator to limit data processing,
5) to transfer data, i.e. the right to receive personal data provided to the Administrator and to send them to another administrator;
6) object to the processing of data on the basis of the Administrator’s legitimate interest or to processing for the purpose of direct marketing;
7) lodge a complaint with the Polish supervisory authority or the supervisory authority of another European Union Member State competent for the place of habitual residence or work of the data subject or the place of the alleged violation of the GDPR.
In the territory of the Republic of Poland, the supervisory body is the President of the Personal Data Protection Office.
8) withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal)
9) to obtain an intervention from the Administrator, to express his own position and to challenge a decision based on automated data processing.
VIII. Data recipients.
1. The recipients of personal data are: persons authorized by the Administrator to process personal data on the basis of a separate authorization, entities authorized to receive them under applicable law, including the competent judicial authorities. The administrator transfers the collected personal data to state administration authorities, law enforcement authorities and judicial authorities at their express request and only in the cases specified by law. In addition, telecommunications companies, banks, postal operators, carriers, companies printing correspondence or handling correspondence received from customers, business information offices, document archiving companies, companies dealing with customer opinion research, partners providing technical services (e.g. developing and maintaining IT systems and services internet) on the basis of concluded personal data processing agreements. At the request of the data subject, the Administrator will indicate entities to which personal data has been provided in connection with the performance of the contract.
2. If the User’s consent is obtained, his data may also be made available to other entities for their own purposes, including marketing purposes.
3. The Administrator reserves the right to disclose selected information about the User to the competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with applicable law.
IX. Data transfer to third countries.
1.The administrator transfers personal data outside the European Economic Area only when it is necessary and with an adequate level of protection, in particular through:
a) cooperation with entities processing personal data in countries for which a relevant decision of the European Commission has been issued;
b) use of standard contractual clauses issued by the European Commission;
c) application of binding corporate rules approved by the competent supervisory authority;
d) in the case of data transfer to the USA – cooperation with entities participating in the Privacy Shield program, approved by a decision of the European Commission.
2. The administrator always informs about the intention to transfer personal data outside the EEA.
X. Security of personal data protection.
1.The administrator conducts a risk analysis on an ongoing basis to ensure that personal data is processed by him in a safe manner – ensuring, above all, that only persons authorized directly by the administrator have access to the data and only
to the extent that it is necessary for the tasks they perform. The administrator makes sure that all operations on personal data are recorded and performed only by authorized employees and associates.
2.The Administrator shall take all necessary steps to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures in each case when they process personal data at the request of the Administrator, in particular by concluding entrustment agreements containing the obligation to apply security procedures at least on the same level as the administrator.
XI. Duration of the Privacy Policy.
The Privacy Policy is effective from the date of its adoption and will be updated, if necessary, until another document is adopted in its place.
XII. Contact details.
If you need to contact the administrator regarding the processed personal data, please contact us at the following e-mail address: lookrecya@lookrecya.com