Privacy policy

I. Introductory remarks

  1. This Privacy Policy is effective from May 25, 2018 and constitutes an Annex to the Regulations of the Website (hereinafter referred to as the “Regulations”).
  2. This Privacy Policy is an integral part of the Regulations. By accepting the Regulations, you accept the Privacy Policy.
  3. By using the SingleOrigin.eu website, including using without logging in, you accept the terms of the Regulations, including the acceptance of the Privacy Policy.
  4. For the interpretation of the concepts used in the Privacy Policy, the terms of the Regulations are used or as described in the Privacy Policy (if it results directly from the description).
  5. For the purposes of the availability of content and better reception of the Privacy Policy, the term “Service Recipient” has been replaced with the terms “You”, “Service Provider” – “We”. The term “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC.

II. What is the Privacy Policy?

  1. We respect everyone’s right to Privacy and we care about the security of your data. Maintaining the confidentiality of data is extremely important to us and we want everyone who uses the SingleOrigin.eu website to know how we process it. That is why we have prepared this new Privacy Policy, which describes how to protect and process personal data.
  2. When using our Services, i.e. using the SingleOrigin.eu Website, regardless of whether you are registered on the Website, make a purchase or not, you provide us with your personal data. As part of accessing the content of the SingleOrigin.eu Website or individual Services, it happens that you entrust us with your information identifying you – personal data, and we also entrust our Trusted Partners, i.e. our regular suppliers, service providers who help us provide Services to you or parties. third parties with whom we cooperate directly or indirectly, primarily in order to provide you with the highest level of Services (hereinafter: “Trusted Partners”). This Privacy Policy should help you understand what data we collect from you and for what purpose, and what we use it for. This information is important, therefore we ask you to read this document carefully.

III. What information about you (personal data) do we process?

  1. We process data that you provide or leave us as part of using the SingleOrigin.eu Website. These will primarily be data necessary to complete orders for products and services available on the website, including data necessary to create an account, receive the Newsletter, receive answers to a given question in contact forms, i.e. data that you provide to us as part of the forms and windows available in our Services, e.g. e-mail, as well as data that you leave when navigating our Services, i.e. those that you leave in the so-called cookies (cookie files), e.g. your IP address, information on how many times you entered the Website and when, what content provided by the Website you have read (e.g. product description, list of products). They are not used in any way to determine your personal preferences, but after aggregation (combined with the data of other Customers), they are used to recognize the interest of collective groups of Users (Customers).
  2. The information contained in the access logs may contain various data, e.g. always the IP address. We only use this data for technical and statistical purposes.
  3. Remember that you can always ask us what your personal data we process.

 

IV. Who is the administrator of your data?

The administrator of your data is the Operator of the SingleOrigin.eu website (Service Provider), the company Kawowe Cuda Sp. z o.o., 89B Nadarzynska street, 05-825 Grodzisk Mazowiecki, Poland, entered into the National Court Register kept by the District Court for the Capital City of Warsaw under the number 0000644361, with the TAX ID PL5291813519, REGON registry number 365458443.

We use trusted suppliers for professional processing, protection and efficiency of the SingleOrigin.eu Website. All your data is secured and stored on the servers of our Trusted Partner, which is the company OVH Sp. z o.o.

V. What are the purposes and legal grounds for processing your personal data and how long will it be processed?

Purposes and legal grounds for the processing of personal data

The processing of personal data always requires an express legal basis. The GDPR provides for several types of such legal grounds for data processing, and in the case of using the SingleOrigin.eu Website, including our Services, there will be, as a rule, three of them:

First of all, we process your personal data in order to perform contracts concluded with you, in particular to fulfill orders placed by you. The legal basis for such processing of personal data is Art. 6 sec. 1 lit. b) GDPR, according to which processing is necessary for the performance of a contract to which the Service User, i.e. you, is a party.

Secondly, we process your personal data in order to collect and process aggregated data for statistical purposes, to improve the quality and content of our Services (including analyzing and profiling data of user groups for research and marketing purposes). The legal basis for such processing of personal data is Art. 6 sec. 1 lit. f) GDPR, i.e. the necessity of processing for purposes resulting from the legitimate interest pursued by the Administrator (Service Provider), i.e. by us.

Our legitimate interest is the need to adapt the content of the SingleOrigin.eu Website and our offer of products and services to the preferences of you and other users, as well as to optimize the use of the SingleOrigin.eu Website and the need to create statistics that constitute the basis for the analysis of how you and other Service Recipients use the SingleOrigin.eu Website and on this basis, inter alia, prepare such content and offers that are of the greatest interest or for which there is the greatest demand.

Thirdly, we process your personal data by aggregating it appropriately for the purpose of marketing our products and services (including analyzing and profiling given groups of users for marketing purposes, as well as for the purpose of sending information by means of electronic communication). The legal basis for such processing of personal data is Art. 6 sec. 1 letter a) of the GDPR, i.e. your voluntary, explicit consent to such processing.

The period for which the data will be processed

After you finish using our Services, we will not process your personal data, except for those data that are allowed to be processed on the basis of legal provisions in force in the European Union and the territory of the Republic of Poland. We will process the data processed due to our legitimate interest until you submit an effective objection.

However, the data processed by us on the basis of your consent will be processed only until you withdraw your consent.

Summary: purpose of processing – legal basis – processing period

In order to systematize the above-mentioned the purposes of processing your personal data, assigning a legal basis to a given purpose and determining the period for which we will process your data, we present below. information in tabular form.

Purpose of data processing Legal basis Processing period
Performance of contracts, including contracts for the provision of services and the delivery of products, which are concluded by using the SingleOrigin.eu Website at least to a limited extent, as soon as you use the content posted on the SingleOrigin.eu Website without registering or placing orders or for using the Services Of the SingleOrigin.eu website to the full extent, i.e. when you place an order as a registered or unregistered Customer, you receive the Newsletter, including adjusting services to the needs of Customers, analyzing and improving the Services and ensuring the security of the Services

 

art. 6 sec. 1 lit. b) GDPR, according to which processing is necessary for the performance of a contract to which the Service User, i.e. you, is a party. Until the performance or expiry of a given contract between you and the Service Provider, with the proviso that sometimes these data may also be processed after the expiry of this contract, but only if it is allowed or required under applicable law, e.g. processing for statistical purposes, accountants or during the complaint examination period or for the purpose of pursuing claims.
statistical measurements, for the marketing of our Services (including to analyze and aggregate data for research and marketing purposes), satisfaction surveys and promotional forms art. 6 sec. 1 lit. f) GDPR,

i.e. the necessity of processing for purposes resulting from the legitimate interest pursued by the Administrator (Service Provider), i.e. by us.

Until you submit an effective objection.
marketing regarding our products and services (including analyzing and profiling data of user groups for marketing purposes, as well as sending the Newsletter to people placing an order on the SingleOrigin.eu Website). art. 6 sec. 1 letter a) of the GDPR, i.e. your voluntary, explicit consent to such processing. Until you withdraw your consent.

 

VII. Who has access to your data? Information on data recipients.

We never transfer your data, sell it or exchange it for any marketing purposes with other entities. Your data may be transferred only to Trusted Partners, i.e. external companies acting on our behalf, including IT service providers or courier companies. Data provided to third parties (“Trusted Partners”) is used only to provide you with our Services or to perform contracts concluded with you (eg payment processing, delivery of ordered products, instant messaging and chats). The list of Trusted Partners is presented below. At the same time, such entities process data on the basis of a contract concluded with us and only in accordance with our instructions, our Privacy Policy and information security standards required by the GDPR.

In addition, your data may be transferred to entities authorized to obtain it on the basis of applicable law, offices and bodies authorized to process data on the basis of specific legal provisions, e.g. law enforcement authorities in the event of a request by the authority on an appropriate legal basis.

If you want to know more, please contact us.

Trusted Partners:

  • OVH Sp.  z o.o. – datacenter (server room) from which we lease servers for our store and IT systems
  • Grodziskie Centrum Przedsiębiorcy Damian Syska – our accounting office
  • Paypal – online payment operator of our Store
  • DPD Polska Sp. z o.o. – logistic operator
  • Smartsupp.com, s.r.o. – operator of an online chat service
  • GetResponse Sp. z o.o. – newsletters service provider

 

VIII. What are your rights?

  1. The right to access data
    At any time, you have the right to request information from us as to whether and which of your personal data we store, including obtaining a copy of the data. To do so, please contact us – you will receive this information by e-mail.
  2. The right to rectify data
    You have the right to request the rectification (correction) of your personal data if it is incorrect, as well as to complete incomplete data.
  3. The right to delete data (the right to be forgotten)
    You have the right to request the deletion of any data processed by us in the event that we process it without a legal basis. If you request the deletion of data, it will result in the termination of the Agreement, and we will no longer be able to provide you with Services. You will not be able to exercise the right to delete if the data processing will be regulated by law, e.g. obligations under the Accounting Act, claims, complaints.
  4. The right to limit data processing
    You have the right to request the restriction of the processing of your personal data under the following conditions:

    1. if you do not agree to the processing of data on the basis of the legitimate interest of the Service Provider, then we will limit any processing of such data after verifying whether there is such a legitimate interest.
    2. if you report that your personal data is incorrect, then we must limit any data processing until we have verified its correctness.
    3. if the data processing is unlawful, then you can object to the deletion of your personal data and request the restriction of the use of your personal data instead.
    4. if we no longer need your personal data, but they are required to submit or dismiss a claim.
  5. Right to portability
    In the case of automated processing of your personal data, on the basis of your consent or a concluded contract, you have the right to receive a copy of your data in a structured, commonly used and readable format. This copy may be sent to you or to another entity. This only applies to personal data that has been provided to us.
  6. Right to object
    You have the right to object to the processing of your data on the basis of the legitimate interest of the Service Provider. In such a situation, we will stop processing your personal data processed on the basis of a legitimate interest, unless we are able to find a lawful justification for this process that will override your interest or right; or because of legal claims.
  7. The right to withdraw consent
    You have the right to withdraw your consent to the processing of your personal data, in relation to personal data, the processing of which is based on your consent. Withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal.
  8. Right to lodge a complaint
    If you believe that we are processing your personal data inappropriately, you can contact us. You have the right to lodge a complaint with a supervisory authority (the President of the Personal Data Protection Office).
  9. Is there a requirement to provide data?
    Providing data is voluntary, but necessary to achieve the objectives of the Agreement. Failure to provide data marked as necessary to provide Services to you will prevent their provision. The data is provided automatically to a minimum extent (e.g. IP address).
  1. Information on cookies (“cookies”) and operating data
    We use “cookies”, i.e. small text files sent to your computer, which contain information necessary for the proper functioning of the SingleOrigin.eu Website, in particular the authorization process of logging in to the account of keeping the state of your shopping cart. “Cookies” are not used to identify the Service Recipient and on their basis the identity of the Service Recipient is not determined. Cookies are used to simplify or cancel a given operation, including, inter alia, to remember the data necessary to log in the Service Recipient, to better match the SingleOrigin.eu Website to the needs of Recipients, creating viewing statistics. The condition for the operation of “cookies” is their acceptance by the browser and not deleting them. Details on the use of cookies and methods of managing cookies are regulated in a separate document available at: https://singleorigin.eu/cookies-policy. We also process anonymised operational data related to the use of the SingleOrigin.eu Website (so-called logs – IP address, domain) to generate statistics helpful in administering the SingleOrigin.eu Website. These data are aggregate and anonymous, i.e. they do not contain features that identify visitors to the Online Store website. Logs are not disclosed to third parties. If you do not want to receive cookies, you can change your browser settings. The Administrator reserves that disabling cookies necessary for Authentication, Security, maintaining User Preferences may make it difficult to use the SingleOrigin.eu website and in extreme cases may prevent the use of websites. The cookie management instruction is available at https://singleorigin.eu/cookies-policy.

 

IX. Google Analytics

We use Google Analytics services provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). These services help us analyze the use of the SingleOrigin.eu Website.

Google Analytics uses cookies to analyze how you use the SingleOrigin.eu website. Cookies are small text information in the form of text files, sent by the server and saved on the side of the person using the SingleOrigin.eu Website (e.g. on the hard drive of a computer, laptop or on a smartphone’s memory card – depending on which device you use. from the SingleOrigin.eu website.

Information obtained using cookies is saved on servers used by Google Inc., including the territory of the United States. In the case of activating the IP anonymization while using the SingleOrigin.eu Website. the IP address will be shortened in the Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to the United States and shortened there.

On our behalf, Google Inc. will use this information to evaluate the use of groups of Users (Recipients) of the SingleOrigin.eu Website, create reports on website traffic, statistics and provide other services related to the use of the SingleOrigin.eu Website.

The collected data is processed as part of the above services in an anonymised manner (these are the so-called operational data that make it impossible to identify a person). These data are aggregate and anonymous, i.e. they do not contain features that identify persons using the SingleOrigin.eu website.

By default, most web browsers and devices available on the market accept cookies by default. Everyone has the option to define the terms of using cookies using the settings of their own web browser or their own device. This means that you can, for example, partially limit (e.g. temporarily) or completely disable the option of saving cookies – in the latter case, however, it may affect some of the functionalities of the SingleOrigin.eu Website.

The settings of the web browser or device in the field of cookies are important from the point of view of consent to the use of cookies by the SingleOrigin.eu website – in accordance with the law, such consent may also be expressed through the settings of the web browser or device. In the absence of such consent, the settings of the web browser or device in the field of cookies should be changed accordingly.

It is also possible to generally prevent the transfer of data from your device to Google Analytics, with the use of cookies (including the transfer of the IP address) by downloading the browser plug-in provided by Google Inc available at the following address and installing it: https://tools.google.com/dlpage/gaoptout?hl=en

Detailed information on the principles on which the above services operate, including the principles of data collection and processing, are available here: www.google.com/intl/pl/policies/privacy/partners/

X. Use of Data

As part of the SingleOrigin.eu website, there may be buttons, tools or content pointing to third-party services, including: social network plugins (Facebook). Using these applications may result in sending information about users to the above-mentioned. external entities.

XI. Security of personal data processing

Oświadczamy, że Administrator, tj. Kawowe Cuda Sp. z o.o. opracował i wdrożył politykę bezpieczeństwa oraz instrukcję zarządzania systemem informatycznym służącym do bezpiecznego przetwarzania danych osobowych, w tym odpowiednie programy szyfrujące.

XII. Updating the Privacy Policy

In the future, it may be necessary to update the Privacy Policy. Its latest version will always be available on our website. We will inform you of any changes to the content of the Privacy Policy, for example, changes to the purpose for which we use your personal data or your rights.

 

Additional information clauses regarding the processing of personal data (documents are in polish language):

  • Rekrutacja (klauzula informacyjna dla kandydatów ubiegających się o zatrudnienie w Kawowe Cuda Sp. z o.o.)
  • Stosunek pracy (klauzula informacyjna dla pracowników Kawowe Cuda Sp. z o.o.)
  • Umowy cywilno – prawne (klauzula informacyjna dla osób zawierających umowy o dzieło i/lub umowy zlecenia z Kawowe Cuda Sp. z o.o.)
  • Dostawcy (klauzula informacyjna dla podmiotów świadczących nam usługi lub dostarczających towary do Kawowe Cuda Sp. z o.o.)
  • Pracownicy kontrahentów (klauzula informacyjna dla pracowników podmiotów, które zawarły umowy współpracy z Kawowe Cuda Sp. z o.o.)
  • Zapytania / email (klauzula dla osób zadających nam pytania środkami komunikacji elektronicznej)
  • Monitoring (klauzula informacyjna w zakresie prowadzenia monitoringu wizyjnego na obszarze naszej firmy)
  • Osoby trzecie – odbiorcy przesyłek (klauzula informacyjna dla osób, które nie składały osobiście zamówienia w naszym sklepie, ale ich dane zostały podane do dostawy zamówienia)