It is of paramount importance for us to ensure safety of the personal information of all users our website – www.artisanstrudel.pl . For this reason, we do everything possible to make sure you are safe when visiting the website.
The Proprietor – Agata Świgoń, the self-employed owner of Nadziany Strudel Agata Świgoń registered in Wielopole 14/ LU7, Krakow 31-072, Lesser Poland, legally registered in Poland in Centralny Rejestr Ewidencji i Informacji o Dzialalnosci Gospodarczej, NIP:67510033196, REGON:383583080;
The Website – https://www.artisanstrudel.pl/;
The User – physical person acting in her own name on behalf of another person or other legal entity using the Website, or who sends her personal information via The Booking Form available on the website in order to book a table and in order to gain additional information regarding the services offered by the Proprietor;
The Booking Form – the form enabling contacting the Proprietor in order to book a table online. It is available by clicking the “Book a table” button on the Website, through which The User can provide the following information: name, surname, email address and the telephone number, time and date for booking and the number of persons in the booking;
Functionality to send information electronically – functionality Enabling The Proprietor to send via email a follow-up message containing detailed information with regards to the booking and/or additional information regarding the services offered by the Proprietor in response to submitting the Booking Form;
Services – any services offered by the Proprietor, in particular with relation to preparing and selling food products;
User’s Equipment – the equipment used the User to communicate such as smartphones, mobile phones, personal computers, tablets or any other mobile devices capable of accessing the Internet.
§ 1. Main Points (§ 1. Postanowienia wstępne)
- The Website is run by the Proprietor.
- The website may contain external links (hyperlinks) to other websites, plugins or applications belonging to other entities. Clicking on such links or granting permission to connect to them might result in your personal data being gathered or shared. We do not have any control over external websites and we accept no responsibility for their privacy policies. Having left our website, we strongly encourage you to read any relevant privacy policies of any websites you visit.
§ 2. Hardware requirements and risks
- In order for the User to be able to use the Website, it is necessary for him to possess Equipment installed with the following browsers; Google Chrome, Mozilla Firefox, Safari, Internet Explorer, Opera.
- The Proprietor supplies the User with services via the Internet. Despite taking all necessary precautions by the Proprietor, this might cause viruses to transmitted to the User’s Equipment or the User receiving unsolicited marketing materials (spam). Moreover, using the Website necessitates the User to use date transmission services supplied by third parties, for which the User needs to cover all costs.
§ 3. „Cookies” files
- The Website uses “cookies files”. After the User enters the Website, a message informing of the Website using cookies files will appear. The message is visible to the User until she accepts the message on using the cookies files by the Website. This is done by the User pressing the field saying: “Accept”.
- Detailed information regarding cookies files, stipulating what these files are and how they are used by the Website is available by pressing by the User the field saying: “Cookies Files Policy”, which appears simultaneously with the message informing of using the cookies files by the Website, and in the “Cookies Files Policy” tab on the Website.
§ 4. Personal data
- Personal data is information on an identified person or information allowing her identification. This excludes any anonymised data in such a way that makes it impossible to identify any persons to whom the data relates.
- The administrator of the personal data gathered from the Users is the Proprietor.
- Any personal data is processed respecting the law and the principles of transparency, applicability and adequacy.
- The Website does not gather any personal data in order to transmit or sell such data to outside entities for marketing purposes. The Proprietor also does not send any messages on behalf of third parties.
- We can gather, process, store and transmit a variety of your personal data which we have grouped into the following categories:
ID data, including name and surname
Contact data, including name, surname, address, email address, telephone number
Technical data, including IP address, logging data, type and build of web browser, time zone and date settings, builds and types of plugins, operating software and any other technologies used by you to access the Website.
- Data is used in order to allow the User to use the Website. Technical data from system logs is gathered in accordance with general rules for the Internet connections for technical purposes relating to administrating the server, on which the Website is hosted.
- Personal Data gathered through the Booking Form may be used by the Proprietor to electronically send to the User information on Services supplied by the Proprietor.
- The User may use the Functionality to send information electronically, having provided the following information via the Booking Form: name and surname, email address and telephone number.
- When you use our Website, your personal data on Equipment or actions or patterns of behaviour on the Web can be gathered automatically. We gather this personal data through cookies files in accordance to the Cookies Files Policy available on our Website.
§ 5. Aim and grounds for processing your personal data
- In case of the User transmitting personal data, this will be used respecting the reason for which it has been transmitted. Supplying personal data mentioned in §4 is necessary to supply Services electronically.
- Below we stipulate aims/processes for gathering your personal data in accordance with its type with reference to the legal grounds for gathering personal data.
|aims/process||Type of data||Ground for processing|
|Facility to transmit information electronically||ID data, contact data||To take action prior to entering into a contract and fulfilling the contract umowy|
|To manage and ensure safety to the Proprietor and her Website ( diagnostics, system maintenance, data analytics, testing, reporting and hosting)||ID data, contact data , technical data||Administrator’s reasonable interest (conducting business, managing IT processes, ensuring Web safety, preventing fraud) Legal requirement|
One of the ways of processing personal data is so called profiling. We can use your ID data, contact data, technical data in order compile profiles of preferences of our Users and use them to adjust out Services and marketing materials they receive from us. By doing this, we can ascertain which of our services are appropriate to you.
§ 6. Sharing your personal data and international transfers
Udostępnianie Państwa danych osobowych oraz transfery międzynarodowe
- For reasons stipulated in the preceding paragraph, we can share your personal data with external entities such as marketing companies, accountants, IT companies, proving services such as hosting, cloud computing, and also with the Tax Office and other government authorities of the Republic of Poland.
- We demand of all third parties they appropriately protect your personal data and process it in accordance with law. We do not allow third parties to use the personal data of our users for their own purposes. We only also this data to be used by them for specific purposes and in accordance with our instructions.
- Due to our using external suppliers e.g. for technical support, your personal data can be transmitted outside the EU. In such cases, we provide similar level of personal data protection through fulfilling at least one of the below protection measures:
- Transmitting personal data to countries deemed by the European Commission as providing sufficient levels of personal data protection
- Applying data protection clauses accepted by the European Commission guaranteeing at same levels of protection as in the EU
- When we use providers based in the United States, we can share with them data under Privacy Shield, which necessitates them to use similar data protection as in the European Union.
§ 7. Security of data
- Processing personal data of Users by the Proprietor is carries out in accordance with all rules on safe processing of personal data and fulfilling legal requirements. We have introduced necessary security measures with the aim of protecting your personal data from accidental loss, unauthorised access or use, adjustment or disclosure. We limit access to your data to our staff, agents, contractors and other third parties for whom such access is necessary for the purposes of conducting of our business. They will be processing your personal data only in accordance with our instructions, they are also bound to maintain privacy.
- We have adapted appropriate procedures to implement when we have suspicion of any breach. We will notify you and other appropriate regulatory body about breach when we are legally required to do so.
§ 8. Time limit for data processing
1. Your personal data will be stored only until it is necessary to fulfil the propose it was gathered for, unless a longer period is necessitated to fulfil our legal obligations, for accounting or reporting purposes, and for any period necessary to adjudicate claims.
2. In certain circumstances, you can demand your personal data be removed in accordance with § 9.
3. In certain circumstances, we can anonymise your personal data (ensuring it can never be reversed) for research and statistical purposes. In such cases, we can store such data for indefinite period of time, without any need to notify you.
§ 9. Regulation on amending personal data. Complaints do regulatory bodies.
- In certain circumstances, the User is legally entitled to view, correct, amend, limit, rectify or to remove her personal data administered by the Proprietor. In order to do so, please send an email to firstname.lastname@example.org.
- We inform you that we might not always be able to fulfil your demand to remove your personal data i.e. due to legal reasons. In such cases, we will communicate it to you following your submitting your demand. If you wish to gain more information on specific presented in this paragraph, please contact us using the contact details on the Website.
- The User is legally entitled to submit to the Proprietor a demand to share her personal data administered by the Proprietor with another administrator of personal data, provided it can be completed fulfilling technical or organisational requirements.
- The Proprietor will comply without unnecessary delay – and no longer than within a month since receiving a demand – with any demands by the User as referenced in this paragraph to provide information on what actions have been taken in relation to the demand, or if applicable, about the necessity to extend the reply period due to the nature of the demand or high volume of demands received, or inform about the reasons for not taking action and the possible right to file a complaint with appropriate regulatory body and seek legal protection in the court of law.
- Making use of the above rules of law is free-of-charge. However, the Proprietor can charge the User a reasonable fee in case of obviously baseless and incessant. In such cases, we can also refuse to comply with the demand.
- In order to enable compliance with specific demands, the Proprietor can demand specific information from the User in order to verify her identity and to enable making use of any legal protection available.
- The User who is subject to her personal data being administered by the Proprietor has legal right to file a complaint to a regulatory body, in particular in one of the countries specified below:
- where she resides
- where she works
- where the alleged contravention has occurred
If she thinks that processing of her personal data breaches RODO. The compliant can filed by post to the Head of The Data Protection Office (Urząd Ochrony Danych Osobowych), Stawiki 2, 00-193 Warszawa or via email to email@example.com.
§ 10. Proprietor’s responsibility and filing complaints
- The proprietor acts with all necessary care to protect the privacy of the Website, she does not however bear responsibility for technical limitations limiting access to the Website due to technical setup of the Users Equipment, and for any limitations to access due to technical malfunction affecting data transfer ( the Internet connection) the Users makes uses of.
- The Proprietor asks to all issues relating to operation of the Website be reporter via email to firstname.lastname@example.org.
- The Proprietor considers all complaints referred to in the previous paragraph within 7 days from the day such complaint was filed by informing the User about accepting or rejecting the complaint, each time providing the reasons for her decision.
The User is also entitled to seek redress for his complains outside of court. In case of disagreement involving a consumer, an appropriate avenue to hear the complaint might be through the website http://ec.europa.eu/consumers/odr/.
- Proprietor’s Contact information are available on the Website under the “Contact” tab.
- With all queries relating to processing personal data by the Proprietor, please contact us via email email@example.com or using the telephone number available on the Website.