PRIVACY & COOKIES

PRIVACY

GENERAL PROVISIONS

1.1. This Privacy Policy sets out the principles of privacy protection (i.e. the rules for collection, use, processing and protection) of personal data of the users ("Users") of an online store available at the electronic address www.bedravintage.com (hereinafter referred to as the "Website") owned by the company IARTIGIANI LIMITED, with its registered office in DUBLIN.

1.2. The data controller of personal data of the Website users, within the meaning of art. 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - “GDPR”), is IARTIGIANI LIMITED, with its registered office in DUBLIN, address: 77 CAMDEN STREET LOWER, DUBLIN 2, D02XE80, e-mail address: contact@bedravintage.com, phone number: +48 503 338 952, the owner of the Website, hereinafter referred to as the “Data Controller”.

1.3. Website users are its clients, i.e. persons using the services provided by Data Controller via the Website, specified in the Regulations of the Store Bedra Vintage ("Regulations"). This Privacy Policy is an integral part of the Regulations.

SCOPE OF THE DATA COLLECTED

2.1. Data Controller collects Users' personal data to the extent required to perform orders made through the Website, register User in the Website or perform other services specified in the Regulations.

2.2. The scope of data collected includes: name and surname, e-mail address, telephone number, bank account number, delivery address including: street, postal code, city, country, as well as profile data from Facebook. The scope of data processed depends on the type of service chosen by the User.

PURPOSE OF DATA PROCESSING

3.1. Data Controller processes Users' personal data only for the purpose of:

3.1.1 allowing Users to use Website, which should be understood as the performance of the services provided in accordance with the Regulations, including in particular orders made in the online store owned by Data Controller, contact with the User, issuing invoices and handling complaints;

3.1.2 registration of an account in the online store owned by Data Controller, provision of servicing of this account and transactions made by Users, including the resolution of technical problems;

3.1.3 conducting direct marketing of services provided by Data Controller, including primarily the implementation of voluntary service of a free newsletter containing commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2017, item. 1219);

3.1.4 conducting competitions, loyalty programs or promotional campaigns organized by Data Controller;

3.1.5 ensuring the security of the electronic services provided by Data Controller, in particular enforcing compliance by the Users with the Regulations and preventing and countering fraud and abuse;

3.1.6 performance of obligations arising directly from applicable law;

3.1.7 statistical and archiving;

3.1.8 pursuing claims arising from the business activity conducted by Data Controller.

3.2. Data Controller processes Users' personal data only for the purposes indicated above.

3.3. Users' personal data will not be transferred to countries outside the European Economic Area (to countries other than European Union countries and Iceland, Norway and Liechtenstein).

3.4. Providing data is voluntary, but necessary in order for Data Controller to provide services via Website.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

4.1. Data Controller processes Users' personal on the basis of the following regulations:

4.1.1 article 6 paragraph 1 point a) GDPR – the data subject has given consent to the processing of their personal data for one or more specific purposes;

4.1.2 article 6 paragraph 1 point b) GDPR – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

4.1.3 article 6 paragraph 1 point f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by Data Controller.

USER’S RIGHTS

5.1. Users' personal data are collected at the Data Controller's office, i.e. at the address: DESIGNI, Kamila Rykowska, Twarda 18, 00-105 Warsaw.

5.2. The User has the right to:

5.2.1 access to his personal data stored by Data Controller;

5.2.2 obtain the rectification their personal data if the User suspects the personal data stored by Data Controller is out of date, incomplete or untrue;

5.2.3 obtain the restriction of processing their personal data

5.2.4 obtain the erasure of their personal data;

5.2.5 obtain a copy of their personal data;

5.2.6 object to processing their personal data in the cases specified in art. 21 GDPR;

5.2.7 obtain the transfer of their personal data to another data controller, if it is technically possible;

5.2.8 withdraw the consent at any time (without affecting the legality of the processing which was made on the basis of the consent before its withdrawal).

5.3. Execution of rights referred to in point 5.2. above may be made by the User by submitting to the Data Controller the appropriate statement of will:

5.3.1 in person at Data Controller 's registered office DESIGNI, Kamila Rykowska, Twarda 18, 00-105 Warsaw);

5.3.2 by post to the above-mentioned address of Data Controller’s registered office;

5.3.3 by e-mail to the following address: contact@bedravintage.com;

5.3.4 via the account panel on the Website.

5.4. User is also entitled to file a complaint to the supervisory body for personal data protection, i.e. the President of the Office for Personal Data Protection.

5.5. Data Controller reserves the right to refuse to delete the User's data, if preservation of this data is necessary for realization of claims or if it required by applicable law.

COOKIES MECHANISM

6.1. Website uses text files called Cookies.

6.2. Cookies are saved by the server on the User's computer.

6.3. In order to use the Website, it is necessary to allow cookies to be stored on the User's computer. Lack of authorization may mean that there is no possibility or difficulty in using the Website

6.4. Cookies are not used to collect User’s personal data.

6.5. Cookies do not change the User's computer configuration, they are not used to install or uninstall any computer program, they do not interfere with the integrity of the system or User's data.

6.6. Data Controller reserves the right to use the services provided by the third parties in the field of developing statistics on the use of the Website. Data Controller hereby declares that in such a case, no data identifying Users will be made available to such entities.

6.7. Website uses three types of cookies: "session cookies”, “persistent cookies” and “analytical cookies". “Session cookies” are the temporary files that are stored on the User's device until they log out (leave the website). “Persistent cookies” are stored on the User's device for the time specified in the cookie file parameters or until they are deleted by the User. "Analytical cookies” allow a better understanding of how the User interacts with the content of the Website. They collect information on the use of the Website, the type of website from which the User was redirected, and the number of visits and the time of the User's visit to the Website. This information does not record the User's specific personal data, but it is used to develop statistics on the use of the Website.

6.8. In accordance with the applicable provisions of the Act of 16 July 2004 Telecommunications Law (Journal of Laws of 2017, item 1907), User has the right to decide on the access of cookies to their computer by selecting cookies in the window of their browser.

6.9. How to manage cookies - instructions from producers of web browsers:

Mozilla Firefox ( https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences )

Internet Explorer ( https://support.microsoft.com/pl-pl/hub/4338813/windows-help?os=windows-10 )

Google Chrome ( https://support.google.com/chrome/answer/95647?hl=en )

Safari ( https://support.apple.com/kb/PH5042?locale=pl_PL&viewlocale=en_US )

Opera ( https://help.opera.com/en/latest/web-preferences/ )

IP ADDRESS

7.1. Data Controller reserves the right to collect the IP addresses visiting the Website, which may be helpful in diagnosing technical problems with the server, creating statistical analyzes (e.g. determining from which regions the most visits are recorded). In addition, they can be useful when administering and improving the Website.

ACCESS TO THE DATABASE BY THIRD PARTIES

8.1. Users' personal data will not be made available by Data Controller to other entities or third parties, except when:

8.1.1 the User agrees;

8.1.2 it is necessary for the purpose of providing services by Data Controller via the Website, i.e. the Users' personal data may be made available to entities such as Poczta Polska S.A. with its registered office in Warsaw, courier companies (DHL, DPD, Let's Deliver, AlleKurier), payment operators (PayPal) etc. In such case, Data Controller makes available only such personal data that is necessary for the provision of the abovementioned services. More information on the way in which these entities use Users' personal data can be found in their privacy policies and cookies;

8.1.3 it is necessary to detect and prevent fraud, as well as to resolve other problems related to fraud, security and technical issues;

8.1.4 this is required by applicable law or legitimate demand of state institutions and judicial authorities.

8.2. In addition, Data Controller may make Users' personal data available to entities which were authorized or entrusted by Data Controller with processing of personal data, i.e .:

8.2.1 legal and advisory services providers in the event of pursuing claims arising from the business activity conducted by Data Controller;

8.2.2 technical and organizational service providers enabling Data Controller to perform services via the Website;

8.2.3 its employees and associates.

PERIOD OF STORING PERSONAL DATA

9.1. Users' personal data will be stored no longer than it will be necessary for the proper performance of the services on the Website, as well as for the limitation period of civil claims of Data Controller towards the User.

SECURITY AND PROTECTION OF PERSONAL DATA

10.1. Data Controller declares that he processes Users' personal data in accordance with the requirements of the GDPR and other applicable provisions on the protection of personal data that complement and or implement the GDPR, including primarily that Data Controller applies technical and organizational measures to ensure data protection appropriate to the threats and categories of data protected, in particular, protects Users' personal data against making them available to unauthorized persons, loss or damage.

DISCLAIMING LIABILITY

11.1. This Privacy Policy does not include any information on services or goods provided by entities other than Data Controller, which have been posted on the Website on a commercial or guest basis, on the basis of reciprocity or for non-commercial purposes.

CONTACT

12.1. Any additional questions related to the Privacy Policy should be sent to the address of the Data Controller's registered office (DESIGNI, Kamila Rykowska, Twarda 18, 00-105 Warsaw) or to the e-mail address: contact@bedravintage.com.

CHANGES IN THE PRIVACY POLICY

13.1. Data Controller reserves the right to make changes to the Privacy Policy, if it is required by the applicable laws or changes made on the Website. Data Controller will inform the User about the planned change and the date of its entry via the Website, the newsletter service, and in relation to the registered Users, the information will be placed also via the Account

13.2. The User who uses the Website is subject to the current Privacy Policy.

13.3. The date specified below is the date of application of the Privacy Policy in its latest version. Date: 16/07/201

COOKIES

1.1. Website uses text files called Cookies.

1.2. Cookies are saved by the server on the User's computer.

1.3. In order to use the Website, it is necessary to allow cookies to be stored on the User's computer. Lack of authorization may mean that there is no possibility or difficulty in using the Website.