The Privacy Policy describes the principles of processing information about you, including personal data and cookies.

  1. General information

This policy applies to the website located at www.bjushop.com.

The operator and administrator of personal data is Marcin Bieńko, ul. Trzcinowa 27, 02-446 Warsaw. The contact email address of the operator is kontakt@bjushop.com.

The operator is the administrator of your personal data with regards to data voluntarily provided on the website.

The website uses personal data for the following purposes:

  • Managing the comments system

  • Conducting online chat conversations

  • Preparing, packaging, and shipping goods

  • Carrying out ordered services

  • The website obtains information about users and their behavior in the following

ways:

  • By voluntarily providing data in forms that are entered into the operator’s systems

  • By saving cookie files (so-called “cookies”) on end devices.

  1. Selected methods of data protection used by the Operator

The places of logging in and entering personal data are protected in the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.

  1. Hosting

The service is hosted (technically maintained) on the operator’s server: dhosting.

  1. Your rights and additional information on the use of data

In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill obligations incumbent on the Administrator. This applies to such groups of recipients as:

couriers

postal operators payment operators

online chat solution operators

Your personal data processed by the Administrator will not be stored longer than is necessary to perform activities related to them specified by separate provisions (e.g. accounting regulations). In relation to marketing data, the data will not be processed for longer than 3 years.

You have the right to demand from the Administrator:

access to your personal data, their correction,

deletion,

processing restriction, and data portability.

You have the right to object to the processing referred to in point 3.3 c) with regard to the processing of personal data for the purpose of pursuing the legitimate interests of the administrator, including profiling, provided that the right to object cannot be exercised if there are legitimate grounds for processing, overriding your interests, rights, and freedoms, in particular the establishment, exercise or defense of legal claims.

You have the right to lodge a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, about the actions of the Administrator.

Providing personal data is voluntary but necessary for the operation of the Service.

Actions may be taken against you involving automated decision making, including profiling, in order to provide services under the contract and to conduct direct marketing by the Administrator.

Personal data is not transferred to third countries within the meaning of the provisions on personal data protection. This means that we do not transfer them outside the European Union.

  1. Information in forms

The website collects information voluntarily provided by the user, including personal data, if provided. The website may also save information about connection parameters (such as time stamp and IP address). In some cases, the website may save information that facilitates linking data in the form with the user’s email address filling out the form. In such cases, the user’s email address appears inside the URL of the page containing the form. The data provided in the form is processed

for the specific purpose of the form, such as processing service requests or commercial contact, registering services, etc. The context and description of each form clearly inform the user of its purpose.

  1. Administrator logs

Information about user behavior on the website may be logged. This data is used for administering the website.

  1. Important marketing techniques

The operator uses statistical analysis of website traffic through Google Analytics (Google Inc. based in the USA). The operator does not provide any personal data to this service provider, only anonymous information. The service is based on the use of cookies on the user’s end device. As for the user’s preferences collected by the Google advertising network, the user can view and edit cookie-related information using the tool: https://www.google.com/ads/preferences/.

The operator uses remarketing techniques that allow matching advertising messages to the user’s behavior on the website. This may create an impression that the user’s personal data is being tracked, but in practice, no personal data is transferred from the operator to advertising operators. The technological condition for such actions is the enabled cookie support.

The operator also uses the Facebook pixel. This technology enables Facebook (Facebook Inc. based in the USA) to know that a registered user is using the website. In this case, the operator only uses data for which they are the administrator, and do not provide any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.

The operator uses an automation solution that affects the user’s experience on the website, for example, by sending an email to the user after visiting a specific subpage, provided that the user has agreed to receive commercial correspondence from the operator.

  1. Information about cookies

  1. The website uses cookies.

  2. Cookies (so-called “cookies”) are computer data, in particular text files, which are stored on the end device of the Service User and are intended to use the website pages of the Service. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number.

  3. The operator of the Service is the entity placing cookies on the end device of the Service User and having access to them.

  1. Cookies are used for the following purposes:

  2. maintaining the user session of the Service (after logging in), so that the user does not have to re-enter their login and password on each subpage of the Service;

  3. achieving the goals specified in the section “Important marketing techniques” above;

  1. Two basic types of cookies are used within the Service: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the Service User’s end device until logging out, leaving the website or turning off the software (web browser). “Persistent” cookies are stored on the Service User’s end device for the time specified in the cookie parameters or until they are deleted by the User.

  2. Web browsing software (web browser) usually allows cookies to be stored on the Service User’s end device by default. Service Users can change these settings. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided in the help or documentation of the web browser.

  3. Limitations on the use of cookies may affect some of the functionalities available on the website pages of the Service.

  4. Cookies placed on the end device of the Service User may also be used by entities cooperating with the operator of the Service, in particular, these are companies: Google (Google Inc.

based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

  1. Managing cookies – how to give and withdraw consent in practice?

  2. If a user does not want to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, maintaining user preferences may make it difficult, and in extreme cases, may prevent the use of websites.

To manage cookie settings, select the internet browser you are using from the list below and follow the instructions:

Edge

Internet Explorer Chrome

Safari Firefox Opera

Mobile devices:

Android Safari (iOS)

Windows Phone

Rodo

According to Article 13 of the GDPR, we inform you that:

  1. The controller of your personal data is BJU Marcin Bieńko, with its registered office in Warsaw, ul. Trzcinowa 27, 02-446 Warsaw, NIP: 5262850096, who can be contacted at kontakt@bjushop.com, hereinafter referred to as the “store”.

  2. Your personal data may be processed for the following purposes:

    • concluding and performing a contract between you and the controller, based on Article 6(1)(b) of the GDPR;

    • issuing sales documents and fulfilling other obligations arising from tax law, based on Article 6(1)(c) of the GDPR (necessity to fulfill a legal obligation by the controller);

    • fulfilling the store’s obligations regarding personal data protection, e.g. creating records and registers, based on Article 6(1)(f) of the GDPR (legitimate interest of the data controller); the legitimate interest of the company, for example, is to have confirmation of compliance with this information obligation towards you;

    • communication between you and the controller, as well as persons involved in the performance of the contract, based on Article 6(1)(f) of the GDPR (legitimate interest of the data controller); the legitimate interest of the controller is to exchange information regarding the conclusion or performance of the contract;

    • fulfilling the store’s obligations arising from tax and social security law, based on Article 6(1)(c) of the GDPR (necessity to perform obligations arising from the law);

    • establishing, pursuing, or defending against claims, based on Article 6(1)(f) of the GDPR (legitimate interest of the data controller); the legitimate interest of the company is to protect its financial interests;

    • archival and evidentiary purposes, for the purpose of securing information that may serve to establish facts, based on Article 6(1)(f) of the GDPR (legitimate interest of the data controller); the legitimate interest of the controller is to have information necessary, for example, for state authorities.

  1. Obligation or voluntary provision of your personal data:

    • Providing data such as name and surname, address, company name, contact details, and in the case of individuals who do not conduct business activities, PESEL number is necessary to sign the agreement;

    • Providing personal data processed to fulfill our legal obligation is your obligation;

    • Providing data such as bank account number, appropriate tax office is necessary to fulfill the Company’s legal obligations related to the concluded agreement, tax law, social insurance law);

    • Providing other data is a condition for the store to fulfill its legitimate interest.

  1. Your personal data may be disclosed to our recipients such as entities from the capital group, a company providing hosting services, Microsoft software provider, customers, contractors, lawyers, insurers, banks, cloud solution providers, service companies, audit companies, courier companies, and we may be obliged, on the basis of applicable laws, to disclose your data to other entities.

  2. Your personal data will not be used for automated decision making, including profiling.

  3. Your personal data will be stored:

    • for the duration of the agreement – in the case of personal data processed for the purpose of concluding the agreement;

    • until the expiration of the limitation periods – in relation to personal data processed to establish, assert and defend claims;

    • until effective objection or achieving the purpose of processing – in relation to personal data processed on the basis of the Administrator’s legitimate interest.

    • for a period of 5 years from the end of the tax year in which the deadline for paying tax or contributions for the previous year has expired – in relation to personal data processed to fulfill tax and insurance obligations;

  1. We kindly inform you that we will not transfer your data outside the European Economic Area or international organization.

  2. You have the right to lodge a complaint with the President of the Office for Personal Data Protection if you believe that your personal data is being processed unlawfully.

  3. You have the right to access your personal data, correct it, delete or limit processing, object to processing, and the right to data portability.