1. This document specifies the privacy principles applicable in the Online Shop https://power-tailgate.com/ (hereinafter referred to as the “Online Shop”).
2. For the purposes of data protection legislation, we are the data controller of your personal data - DEFFNER Autotechnik, Stawy 5, 02-467 Warsaw/Poland, EU VAT number: PL9482206092, +48 513 634 874, Email: info@power-tailgate.com
3. Personal information collected by the data controller shall be processed in accordance with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (GDPR).
4. The data controller collects information provided voluntarily by the Online Shop Customers. However, the provision of marked personal data is a condition for placing an order, while the consequence of not ordering will be the inability to order products in the store.
5. Moreover, the data controller may record the information about connection parameters, like IP addresses, for technical purposes, for server administration and for collection of general, statistical demographic information (e.g. about the region from which the connection comes), and for security purposes.
6. The data Controller shall make an extra effort in order to protect privacy and information about the Online Shop Customers provided to him. The data Controller shall exercise due diligence when selecting and applying appropriate technical measures, including those of programming and organizational nature, in order to protect the processed data, and in particular he shall protect the data from unauthorized access, disclosure, loss and destruction, unauthorized modification, and also from their processing with the breach of the applicable provisions of law.
7. Personal data will be processed in accordance with the principles of art. 5 GDPR. Personal data will be:
- a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);
- c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- d) accurate and, where necessary, kept up to date (‘accuracy’);
- e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’);
- f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
8. In the case of transferring personal data to entities based outside the EEA, the Controller ensures that the requirements set out in Chapter 5 of the GDPR are applied, including the application of appropriate transfer safeguards in the form of standard contractual clauses adopted based on a decision of the European Commission.
9. The data controller will always post information about changes to the Privacy Policy in the Online Shop. With each change, a new version of the Policy will appear with a new date.
1. The basis for the processing of the Customer's Personal Data is primarily the necessity to perform the contract to which he is a party or the need to take action at his request prior to its conclusion (Article 6 par 1 (b) of GDPR).
2. After expressing separate consent, data may also be processed for the purpose of sending commercial information by electronic means for direct marketing purposes (Article 6 par. 1 (a) GDPR).
3. In other purposes, the Customer's Personal Data may be processed on the basis of:
- a) applicable law when processing is necessary to fulfill the legal obligation of the Controller e.g. when based on tax regulations or accounting one, The Controller settles concluded sales contracts (Article 6 (1) (c) GDPR).
- b) indispensable for purposes other than those mentioned above resulting from legitimate interests pursued by the Controller or by a third party, in particular to determine, assert or defend claims, market and statistical analyses Article 6 (1) (f) GDPR).
4. Social Media: If you visit our profiles on social media (Facebook -Meta], your personal data is or may be processed in order to carry out the process of maintaining profiles. on these websites, including fan pages, in accordance with the regulations applicable on these websites and under the conditions specified by the administrators of these websites.
Co-administration of personal data within social networking sites:
The Administrator, as the owner of the fanpage, is the co-administrator of personal data in relation to personal data collected for statistical or advertising purposes in the case of:
- Facebook,
together with Meta Platforms Ireland Limited in Ireland, Serpentine Avenue, Block J, Dublin 4, Ireland (Meta).
The principles of personal data processing on Facebook by Meta are available at https://www.facebook.com/privacy/explanation
1. We ensure that the collection and use of your personal data is lawful. Therefore, for the purposes listed below, we only use your personal data if one of the following conditions apply:
- a) You have given us your consent.
- b) We need your personal data for the performance of a contract you enter into with us, such as when you purchase a product through the website.
- c) We need to comply with legal obligations.
- d) We need to protect your vital interests.
- e) Your data is necessary for the public interest, or
- f) We have a legitimate interest in processing the personal data.
2. Category of Personal Data :
- a) Name and contact details (such as first name, last name, company name, country/region, street address, phone number and email address.)
- b) Purchase information/history.
- c) Device information: information about your computer, phone or other device you use to view the website such as device type, operating system, hardware version, browser type, unique device identifier, IP address and advertising ID. Log information.
- d) Payment information (we don’t store this information).
1. In compliance with the applicable legal provisions, we process your personal data for a term of time that is necessary to meet the designated purpose. After such term, the personal data of Customers will be irrevocably deleted or destroyed.
2. Personal data processed covered by the consent statement will be processed until the consent is revoked.
3. We process personal data during the term of the agreement, as well as during a period of expiry of claims resulting from the provisions of the Polish Civil Code.
1. Recipients of the Customer's personal data may by entities performing the order at the Seller's request and handling it, such as: shipment companies, accounting companies, suppliers of the goods, assembly services, providers of IT solutions, payment processing companies, banks, companies providing marketing services, telecommunication providers, law offices, authorized state authorities.
2. Online payments are processed by Tpay /PayPal/Klarna.
3. Transaction data, including personal data, may be transferred to Tpay /PayPal/Klarna to the extent necessary to handle payment for the order. The Customer has the right to access their data and correct it. The provision of data is voluntary and at the same time necessary for the use of the website.
1. Rights for the data subjects
- a) of access (Article 15 of the GDPR) - to obtain confirmation from the data controller, whether his or her personal data are being processed. If the data about a person is processed, he or she is entitled to access it and to obtain the following information: about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, about the period of data storage or about the criteria used to determine that period, about the right to request rectification, erasure or restriction of processing of personal data and to object to such processing;
- b) to obtain a copy of the data (Article 15 section 3 GDPR) - to obtain a copy of the data to be processed; the first copy being free of charge. For further copies the data controller may charge a reasonable fee based on administrative costs.
- c) to rectification (Article 16 of the GDPR) - to request the rectification of inaccurate or to supplement incomplete data concerning him or her.
- d) to erase the data (Article 17 of the GDPR) - to request the erasure of his/her personal data if the data controller has not a legal basis for their processing or the data are not necessary for the purposes of processing anymore.
- e) to restriction of processing (Article 18 of the GDPR) - to request a restriction of processing of personal data when:
- - the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,
- - the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead,
- - the data controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims,
- - the data subject has objected to processing pursuant to Article 21 section 1 pending the verification whether the legitimate grounds of the controller override those of the data subject.
- f) to data portability (Article 20 GDPR) - to receive the personal data concerning him or her, which he or she has provided to a data controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the data controller to which the personal data have been provided, where data are processed on the basis of the data subject's consent or on a contract with him/her and where data are processed by automated means;
- g) to object (Article 21 of the GDPR) - to object to the processing of his/her personal data for the legitimate purposes of the controller, on grounds related to his/her specific situation, including profiling. In such case, the data controller shall assess the existence of important legitimate grounds for processing overriding the interests, rights and freedoms of data subjects or grounds for establishing, pursuing or defending claims. If according to the assessment the interests of the data subject will take precedence over the interests of the controller, the data controller shall be obliged to stop processing the data for these purposes.
- h) to withdraw consent at any time and without giving any reason, but the processing of personal data carried out before withdrawal of consent will still remain lawful. Withdrawal of consent shall result in the data controller ceasing to process personal data for the purpose for which the consent was given.
2. In order to exercise the aforementioned rights, the data subject should contact the data controller, using the contact details provided and inform the data controller, which right and to what extent he/she wants to exercise it.
3. The data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office, with its seat in Warsaw, ul. Stawki 2, which can be contacted as follows:
- - address for letters: ul. Stawki 2, 00-193 Warsaw.
- - via the electronic mailbox available on the website: https://www.uodo.gov.pl/pl/p/kontakt;
- - address for letters: helpline: 606-950-000.
1. We use cookies on our website.
2. When viewing the Online Service websites “cookie” files are used, which are small text files recorded in the Customer’s target device in connection with using the Online Service. They are used in order to improve the experience with the Online Service websites.
3. The “cookie” files used by the Controller are safe for the Customer’s devices. In particular, it is not possible for viruses or other unwanted or malicious software to enter the Customer’s devices in that way. Those files allow to identify the software used by the Customer and to adjust the Online Service to each Customer individually. “Cookie” files sometimes contain information about the domain name of their origin, how long they are kept in the device and the ascribed value.
4. There are two main types of cookies used in the Online Shop:
- a) temporary (session cookies) – these are temporary files that are stored on your end device until you leave the website or turn off the software (web browser); and
- b) persistent cookies – which are stored on your end device for the period specified in the detailed information about cookies in our cookie bar or until they are deleted.
5. Due to the purpose of collecting cookies, we distinguish the following Cookies:
- a) necessary Cookies: necessary for the proper functioning of the service - files processed on the basis of the legitimate interest of the controller (Article 6(1)(f) of the GDPR).
- b) statistics Cookies: they allow us to study website traffic, learn about our users' preferences, analyse their behaviour on the site and enable interactions with external networks and platforms - files processed based on the user's voluntary consent (Article 6(1)(a) of the GDPR).
- c) marketing Cookies: they allow us to tailor the advertising and content displayed to our users' preferences and to conduct personalized marketing campaigns - files processed based on the user's voluntary consent (Article 6(1)(a) of the GDPR).
6. “Cookie” files may be used by advertisement networks, in particular by the Google network, in order to display advertisements adjusted to the way the Customer uses the Online Service. To that end, the information may be retained about the Customer’s navigation path, or the time spent on the given website.
7. As regards the information about the Customer’s preferences collected by the advertising network Google, the Customer may view and edit the information related to cookie files by means of the following tool: https://www.google.com/ads/preferences/.
8. The Customer may, by himself and at any time, change the “cookie” files settings, specifying the conditions of their storing and of their access to the Customer’s device. The settings referred to in the previous sentence may be changed by the Customer through the web browser settings or through configuration of the service. Those settings may be changed in particular so as to block automatic support for “cookie” files in the web browser settings or to inform each time they are introduced to the Customer’s device. Detailed information about the possibilities and ways of supporting cookie files is available in the software (web browser) settings.
9. To learn how to manage cookies, including how to disable them in your browser, you can use the help section of your browser. You can learn more about this by pressing the F1 key while in your browser. In addition, you will find appropriate tips on the following pages, depending on the browser you are using:
- Firefox
- Chrome
- Safari
- Internet Explorer / Microsoft Edge
10. The Customer may remove “cookie” files at any time, using the functions available in the web browser he uses.
11. Limitation of the “cookie” files application may affect some functionalities available on the Online Service website.
12. Due to the fact that the Controller cooperates with other entities within the Online Store, the browser also stores cookies for the purposes of this cooperation, which come from entities with which the controller cooperates. In this way, information about the Products viewed is collected, m.in. Cookies sent by these entities are primarily intended to ensure the proper functioning of the Online Store and to improve the effectiveness of displaying advertisements that correspond to your activity on the web. In particular, the Controller uses the services of the following entities that use cookies in the Online Store: Google Analytics 4 (https://policies.google.com/privacy), Google Ads (https://policies.google.com/privacy).