privacy policy

PRIVACY POLICY DOCUMENT





  • 1 General provisions

  1. This document constitutes an annex to the Regulations. By using our services, you entrust us with your information. This Privacy Policy is intended only to help you understand what information and data is collected and for what purposes and what we use it for. This data is very important to us, so please read this document carefully as it sets out the principles and methods of processing and protecting personal data. This document also defines the rules for using cookies.
  2. We hereby declare that we comply with the principles of personal data protection and all legal regulations provided for by the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing personal data and on the free movement of such data and repealing Directive 95/46/EC.
  3. The person whose personal data is processed has the right to contact us to obtain comprehensive information on how we use his or her personal data. We always try to provide clear information about the data we collect, how we use it, what purposes it is to be served and to whom we transfer it, what protection we provide to this data when transferring it to other entities, and we provide information about institutions to contact in case of doubts. .

  • 2 Privacy Policy

  1. We take privacy seriously. We are characterized by respect for privacy and the fullest possible and guaranteed convenience of using our services.
  2. We value the trust that Users have in us by entrusting us with their personal data in order to complete the order. We always use personal data honestly and so as not to disappoint this trust, only to the extent necessary to complete the order, including its processing.
  3. You have the right to obtain clear and complete information about how we use your personal data and for what purposes it is needed. We always provide clear information about the data we collect, how and to whom we transfer it, and provide information about entities to contact in case of doubts, questions or comments.
  4. If there are any doubts regarding our use of the User's personal data, we will immediately take action to clarify and dispel such doubts, and we will fully and comprehensively answer all related questions.
  5. We will take all reasonable steps to protect Users' data against improper and uncontrolled use and secure it in a comprehensive manner.
  6. We will comply with all applicable data protection laws and regulations and will cooperate with data protection authorities and authorized law enforcement authorities. In the absence of data protection regulations, we will act in accordance with generally accepted data protection principles, principles of social coexistence and established customs.
  7. The administrator of your personal data is Jolanta Wrona Galeria Biżuterii Ora, NIP: 9451159670, REGON: 357163040, Address: ul. Saint Anny 3/1 31-008 Kraków, Poland, tel. +48 781 661 212, email: kontakt@galeria-ora.com
  8. The legal basis for the processing of your personal data is Art. 6 section 1 letter b) GDPR. Providing data is not obligatory, but necessary to take appropriate actions preceding the conclusion of the contract and its implementation. We will transfer your personal data to other recipients entrusted with the processing of personal data on our behalf and for our benefit. Your data will be transferred pursuant to Art. 6 section 1 letter f) GDPR, where the legitimate interest is the proper performance of contracts/orders. In addition, we will share your personal data with other business partners. We store the collected personal data within the European Economic Area ("EEA"), but they may also be transferred to a country outside this area and processed there. Each operation of transferring personal data is performed in accordance with applicable law. Where data is transferred outside the EEA, we use standard contractual clauses and the Privacy Shield as safeguards for countries where the European Commission has not determined an adequate level of data protection.
  9. Your personal data related to the conclusion and implementation of the contract for the implementation of contracts will be processed for the period of their implementation, and for a period no longer than provided for by law, including the provisions of the Civil Code and the Accounting Act, i.e. no longer than 10 years, counting from the end of the calendar year in which the last contract was performed.
  10. Your personal data processed for the purpose of concluding and performing future contracts will be processed until you raise an objection.
  11. You have the right to: access your personal data and receive a copy of the personal data being processed, rectify your incorrect data; request deletion of data (right to be forgotten) in the event of the circumstances provided for in Art. 17 GDPR; request restriction of data processing in the cases indicated in Art. 18 GDPR, to object to data processing in the cases indicated in Art. 21 GDPR, transfer of the provided data processed in an automated manner.
  12. If you believe that your personal data is being processed unlawfully, you may lodge a complaint with the supervisory authority (Office for Personal Data Protection, ul. Stawki 2, Warsaw). If you need additional information related to the protection of personal data or want to exercise your rights, please contact us by mail to the correspondence address.
  13. The exact method of personal data protection is included in the personal data protection policy ( ODO: security policy, personal data protection regulations, IT system management instructions ). For security reasons, due to the procedures described therein, it is available only to state control authorities.
  14. If you have any questions about how we handle personal data, please contact us via the website from which you were redirected to this Privacy Policy. The contact request will be immediately forwarded to the appropriate person.
  15. To make it easier for us to respond or respond to the information provided, please provide your name and surname and further details.


  • 3 Scope and purpose of collecting personal data

  1. We process the necessary personal data in order to provide services and for accounting purposes only:
  1. to place an order,
  2. in order to conclude a contract, make a complaint and withdraw from the contract,
  3. issuing a VAT invoice or other receipt.

  1. We collect, process and store the following user data:
  1. first name and last name,
  2. address,
  3. delivery address (if different from the residential address),
  4. tax identification number (NIP),
  5. e-mail address (e-mail),
  6. telephone number (mobile, landline),
  7. information about the web browser used,
  8. designs, patterns and graphics of original jewelry sent by the client,
  9. other personal data voluntarily provided to us.

  1. Providing the above data is completely voluntary, but also necessary for the full provision of services.
  2. We may transfer personal data to servers located outside the user's country of residence or to related entities, third parties based in other countries, including countries from the EEA (European Economic Area, EEA - free trade area and Common Market). , covering the countries of the European Union and the European Free Trade Association EFTA) in order to process personal data by such entities on our behalf in accordance with the provisions of this Privacy Policy and applicable laws, customs and regulations regarding data protection.
  3. Bearing in mind that many countries to which this personal data is transferred do not have the same level of legal protection for personal data as in your country. Your personal data stored in another country may be accessed in accordance with the laws applicable there, for example: courts, law enforcement and national security authorities, in accordance with the laws applicable in that country. Subject to lawful requests for disclosure, we undertake to require entities processing personal data outside your country to take measures to protect your data in a manner adequate to the provisions of their domestic law.


  • 4 Cookie Policy

  1. We automatically collect information contained in cookies in order to collect User data. A cookie is a small piece of text that is sent to the User's browser and which the browser sends back the next time the website is visited. They are mainly used to maintain the session, e.g. by generating and sending a temporary identifier after logging in. We use "session" cookies stored on the User's end device until logging out, turning off the website or turning off the web browser, and "persistent" cookies stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.
  2. Cookies adapt and optimize the website and its offer for the needs of Users through activities such as creating statistics of views and ensuring security. Cookies are also necessary to maintain the session after leaving the website.
  3. The Administrator processes the data contained in Cookies every time the website is visited by visitors for the following purposes:
  1. optimizing the use of the website;
  2. identification of Service Users as currently logged in;
  3. adaptation, graphics, selection options and any other content of the website to the individual preferences of the Service User;
  4. remembering automatically and manually completed data from Order Forms or login details provided by the visitor;
  5. collecting and analyzing anonymous statistics showing how the website is used in the administration panel and Google Analytics
  6. creating remarketing lists based on information about preferences, behavior, how to use the Website, interests and collecting demographic data, and then sharing these lists in AdWords and Facebook Ads.
  7. creating data segments based on demographic information, interests, preferences in the selection of viewed products/services.
  8. using demographic and interest data in Analytics reports.

  1. The user can completely block and delete the collection of cookies at any time using his web browser.
  2. Blocking the ability to collect Cookies on your device by the User may make it difficult or impossible to use some functionalities of the website, to which the User is fully entitled, but in such a situation he must be aware of the functional limitations.
  3. A user who does not want cookies to be used for the purpose described above can delete them manually at any time. To read detailed instructions, please visit the website of the manufacturer of the web browser currently used by the User.

  • 5 Rights and obligations

  1. We have the right, and in cases specified by law, also a statutory obligation, to provide selected or all information regarding personal data to public authorities or third parties who submit such a request for information under applicable Polish law.
  2. The User has the right to access the content of his/her personal data that he/she provides, the User may correct and supplement this data at any time, and also has the right to request that it be deleted from his/her databases or that its processing be discontinued, without giving any reason. In order to exercise their rights, the User may at any time send an appropriate message to the e-mail address or in another way that will deliver/forward such a request.
  3. We undertake to act in accordance with applicable laws and principles of social coexistence.
  4. Information on out-of-court settlement of consumer disputes. The authorized entity within the meaning of the Act on out-of-court settlement of consumer disputes is the Financial Ombudsman, whose website address is: www.rf.gov.pl.


  • 6 Basic safety rules

  1. Access data to services offered on the Internet - e.g. logins, passwords, PIN, electronic certificates, etc. - should be secured in a place inaccessible to others and impossible to hack from the Internet level. They should not be disclosed or stored on the device in a form that allows unauthorized access and reading by unauthorized persons.

  1. Be careful when opening strange attachments or clicking links in e-mails that you did not expect, e.g. from unknown senders or from the spam folder.
  2. It is recommended to run anti-phishing filters in the web browser, i.e. tools that check whether the displayed website is authentic and does not serve to phish information, e.g. by impersonating a person or institution.
  3. Files should be downloaded only from trusted places, services and websites. We do not recommend installing software from unverified sources, especially from unknown publishers with unverified reviews. This also applies to portable devices, e.g. smartphones, tablets.
  4. When using a home Wi-Fi wireless network, you should set a password that is safe and difficult to crack; it should not be any pattern or sequence of characters that is easy to guess (e.g. street name, host's name, date of birth, etc.). It is also recommended to use the highest possible encryption standards for Wi-Fi wireless networks that can be run on your equipment, e.g. WPA2.


  • 7 Using Social Media Plugins

  1. Plugins from the social networking sites facebook.com and Twitter and others may be located on our websites. The related services are provided by Facebook Inc. respectively. and Twitter Inc.
  2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To view Facebook plugins go to: https://developers.facebook.com/docs/plugins
  3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To view Twitter plugins go to: https://dev.twitter.com/web/tweet-button
  4. The plug-in only tells its provider which of our websites you have accessed and at what time. If, while viewing or staying on our website, the user is logged in to his or her account, e.g. on Facebook or Twitter, the provider is able to combine your interests, information preferences, and other data obtained, e.g. by clicking the Like button or leaving comment, or enter the profile name in the search. This information will also be transmitted by the browser directly to the provider.
  5. More detailed information on the collection and use of data by Facebook or Twitter and on privacy protection can be found on the following pages:
  1. Data protection/privacy advisory issued by Facebook: http://www.facebook.com/policy.php
  2. Data protection/privacy advice issued by Twitter: https://twitter.com/privacy
  1. To avoid your selected user account being recorded via Facebook or Twitter on our website, you must log out of your account before browsing our websites.


Copyright notice to the Regulations


The owner of all material copyrights to the template of this policy is the LEGATO Law Firm, which has granted a non-exclusive and non-transferable right to use this document for purposes related to its own commercial activities on the Internet and extends legal protection to the above-mentioned document for the duration of the contract. Copying and distributing the template of this document without the consent of LEGATO Law Firm is prohibited and may be subject to both criminal and civil liability. Online sellers can learn more about the possibility of using the privacy and cookie policy template at http://www.kancelaria-legato.pl 



Timeless

Our products are timeless and unique.

Natural

The jewelry is made only from natural metals and precious stones.

Handmade

We make everything by hand in our intimate workshop.