Privacy Policy

Respecting your privacy and out of concern for your sense of security, we present the Privacy Policy of the www.kepi.pl online store.

   The information in the Privacy Policy has been developed in accordance with the guidelines of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as "RODO").

 Who is the Administrator of your personal data?

The administrator of the personal data is KEPi P.P.H.U. Jakub Kępski ul. Strzeszyńska 33, 60 - 479 Poznań, NIP:, REGON: 010904739, e-mail kepi@kepi.pl (hereinafter "Administrator" or "KEPi").

Contact information for the Data Protection Officer of the KEPi Online Store:

  • by email: kepi@kepi.pl
CHAPTER 1 PERSONAL DATA

For what purpose and on what basis will we process your personal data?

  1. Depending on the User's choices, data may be processed for the following purposes:
  • Provision of services available on the KEPi Online Store (e.g., creation of an account),
  • sale
  • execution of Orders
  • settlements and claims
  • handling requests and complaints
  • direct marketing - presenting KEPi's offerings
  • for analytical and statistical purposes
  1. Basis of data processing:
  • User's consent expressed in the Online Store (Article 6(1)(a) RODO)
  • Conclusion and execution of the Sales Agreement (art. 6.1.b RODO)
  • Conclusion and execution of a contract for the provision of Electronic Services (Article 6(1)(b) RODO)
  • Fulfillment of a legal obligation incumbent on the ADO (Article 6(1)(c) of the DPA)
  • The legitimate interest of the Administrator - direct marketing consisting of directing to the User advertising tailored to the User's preferences (Article 6(1)(f) RODO)
  • The Administrator's legitimate interest in processing data for analytical and statistical purposes, i.e. to improve the structure and content of the Online Store (Article 6(1)(f) RODO);
  • the Administrator's legitimate interest in establishing, asserting or defending claims (Article 6(1)(f) of the RODO)

§2
What categories of personal data do we process?

  1. Depending on the relationship you have with KEPi, KEPi may process the following categories of personal data, in particular:
  • personal data (name and surname, address of residence)
  • contact information (phone number, mailing address, e-mail address)
  • identification data (NIP)
  • transaction data (details of payments made to and from the account)
  • contractual data (details of concluded contracts)
  • behavioral data (e.g., data on products or services owned and how they are used)
  • communication data (data of communication conducted with you)

§3
Is it mandatory to provide personal information?

  1. Providing data in the Online Store is voluntary, although in some cases it may be necessary, for example, in order for KEPi to execute the Sales Agreement.
  2. Depending on the relationship you have with KEPi, the Administrator may process the following categories of personal data, in particular:
  • registration and use of customer account
  • making purchases from the KEPi online store
  • view order processing status and purchase history
  • receive notifications about news, promotions and discounts
  • use of the services available in the online store
  1. Where processing is based on the User's consent, it is possible to revoke it at any time.

§4
For how long do we process your personal data?

  1. The period for processing personal data depends on the purpose of processing and is:
  • in connection with the performance of a contract (e.g. a Sales Agreement) - for the duration of the contract, and after its termination until the statute of limitations for claims related to it by either party;
  • in connection with the implementation of legal obligations - until the expiration of the obligation (e.g., concerning the period of storage of accounting documents);
  • in connection with the legitimate interest of the Administrator - until the relevant consent is withdrawn or the User raises an effective objection to data processing.

§5
To whom may personal data be shared?

  1. Users' personal data may be (to the narrowest, required extent) transferred to the following entities, whose services are used by the Administrator in connection with the operation of the KEPi Internet Store.
  • entities conducting postal or courier activities, for the purpose of delivering correspondence and processing orders
  • entities conducting payment activities (banks, payment institutions) - to ensure the operation of the payment and reimbursement service
  • accounting firm
  • hosting providers
  • suppliers of IT systems with which the Administrator cooperates in order to maintain the continuity and correct operation of the systems and store
  • to suppliers of software necessary to run the Online Store
  • to entities providing marketing services
  • Providers of online tools used for marketing or analytical purposes, in particular Google*
  • social networks*
  • persons cooperating with the Administrator on the basis of civil law contracts in connection with its current activities

* Accordingly, your personal data may also be processed by entities outside the European Union. The appropriate level of protection of such data, including through the use of appropriate safeguards, is ensured by the application of standard data protection clauses adopted by the European Commission, as referred to in Article 46(2)(c) of the RODO.

  1. The transfer of data to the entities listed in paragraph 1 is carried out only to the extent necessary for the performance of the service in question.

§6
How do we protect your personal information?

  1. The administrator ensures the confidentiality and security of the personal data provided to him:
  • collects personal data with due diligence and protects it from unauthorized access;
  • implements appropriate technical and organizational measures to ensure adequate protection of personal data, including using an encrypted connection with an SSL certificate.
  1. The Administrator shall take all necessary measures to ensure that also the entities cooperating with it, listed in § 4 (1), provide a guarantee of the application of appropriate security measures in the course of data processing on behalf of the Administrator.

§7
Users' rights related to the processing of personal data.

  1. Right of access to personal data: You have the right to request access to your personal data processed by the Administrator. The rules for exercising the right of access are contained in Article 15 of the RODO.
  2. Right to rectify data: You have the right to request from the Administrator to promptly rectify, complete or update the personal data concerning you. The rules for exercising the right to rectification are contained in Article 16 of the RODO.
  3. Right to erasure of data ("right to be forgotten"): You have the right, provided there are circumstances provided by law, to request the Administrator to delete personal data concerning you. Depending on the situation: The Administrator shall carry out the deletion without delay or refuse to do so if there are legal grounds for further processing of the User's data and they override the User's interests. The rules for exercising the right to erasure are contained in Article 17 of the RODO.
  4. Right to restrict processing: You have the right to restrict the processing of your data. Processing may be restricted to fulfill only specific purposes. The rules for exercising the right to limit processing are contained in Article 18 of the RODO.
  5. Right to data portability: You have the right to receive your personal data in a commonly used machine-readable format and have the right to send this data to another entity. The rules for exercising the right to data portability are contained in Article 20 of the RODO.
  6. Right to object: The User has the right to object to the processing of his/her personal data based on the Administrator's legitimate interests (Article 6.1.f RODO). In such a case, the Administrator must stop processing the User's personal data, unless the Administrator demonstrates the existence of valid, legitimate grounds for the processing, overriding the User's interests, rights and freedoms, or grounds for establishing, asserting or defending claims. The rules for exercising the right to object are contained in Article 21 of the RODO.
  7. Right to withdraw consent: A user whose data is processed by the Administrator on the basis of an expressed consent (Article 6(1)(a) RODO) has the right to revoke it at any time, without affecting the legality of the processing carried out on the basis of the consent before its revocation.
  8. The right to lodge a complaint with the supervisory authority: A user whose data is processed by the Administrator has the right to lodge a complaint with a supervisory authority. In Poland, under the RODO, the supervisory authority is the President of the Office for Personal Data Protection.

§8
Profiling.

  1. The Administrator within the online store may automatically tailor certain content to the User's needs, i.e. perform profiling. However, before carrying out profiling on the basis of which decisions will be made that produce legal consequences for the User or affect the User in a similarly significant manner, the Administrator will ask the User for appropriate consent.
  2. The consent referred to in paragraph 1. may be revoked by the User at any time.
CHAPTER 2 COOKIES

§9
What are cookies?

  1. Cookies (so-called "cookies") are small text files installed on the final device (e.g. computer, tablet, smartphone) of a User visiting the Online Store.
  2. Cookies collect information that:
  • facilitate the use of the Internet Store (e.g. by remembering the User's visit to the Internet Store and the actions performed by him/her)
  • do not cause changes in the settings of the User's device
  1. Cookies can be read by the Administrator's online store (own cookies) or third-party websites.
  2. Some cookies used by the online store are deleted after the end of the browser session, i.e. when the browser is closed (session cookies), other cookies are retained on the user's terminal device and allow the recognition of the user's browser the next time the user accesses the pages of the online store (persistent cookies).

§10
For what purposes do we access the information in cookies?

  1. The administrator uses cookies for the following purposes:
  • Providing features of the online store (e.g., the ability to personalize the interface)
  • remembering the contents of the shopping cart
  • marketing, i.e. to display tailored materials to the User on advertising networks, in particular the Google network
  • for analytical and statistical purposes, i.e. to create statistics showing how Users use the web store's pages, which in turn allows the Administrator to improve the structure and content of the web store

§11
Cookie Management.

  1. Web browsers usually allow cookies to be stored on the user's terminal device by default.
  2. If the User does not disable the use of cookies in the browser settings, it means that he/she agrees to their use.
  3. The user can independently and at any time change the settings of cookies to determine the rules for storing and accessing them on the device he uses. The user of the online store can change the settings of the browser - for example, block the automatic handling of cookies or receive information about each time they are placed on the device.
  4. You can use the help tab of the browser you are using to learn how to manage cookies.
  5. Cookies are used by advertising networks (in particular the Google network) to display advertisements tailored to the User's use of the Online Store. For this purpose, they may retain information about the User's navigation path or the time they stay on a given page. The User can view and edit information about his preferences, resulting from cookies and collected by the Google advertising network, using a tool on the website: https://www.google.com/ads/preferences/.
  6. The Administrator also uses cookies through the use of Google Analytics analytical and statistical tools. These services help the Administrator analyze traffic on the Online Store. As a result, it receives information about visits to the Online Store, such as, but not limited to: sub-pages viewed, time spent on the Online Store, type of devices and browsers from which Users visit the site, IP address, domain name, and geographic and demographic data (age, gender, interests). This data is aggregate and anonymous, i.e. it does not contain identifying characteristics of visitors to the Online Store website. Blocking Google Analytics tools by the User is possible by installing a browser add-on provided by Google on the site: https://tools.google.com/dlpage/gaoptout?hl=p. A detailed explanation of Google Analytics data processing is available at: https://support.google.com/analytics?source=404#topic=3544906
  7. The administrator informs that limiting or disabling the use of cookies may affect some of the functions available in the online store, and in extreme cases may prevent the use of the online store.
CHAPTER 3. SERVER LOGS

§12
What are server logs?

  1. Regardless of cookies, the online store automatically saves on its server information, transmitted by web browsers, with each visit of the User.
  2. The information referred to in paragraph 1 is recorded in the form of server logs containing:
  • User's IP address
  • information about the Internet browser and operating system used by the User
  • URL address of a website previously visited by the User - in case when the Internet Shop was accessed via a link
  • transmitted amount of data
  • date and time of access
  1. Information in the server logs:
  • are aggregate and anonymous, i.e. they are not associated with specific persons browsing the resources of the Internet Shop and are not used to identify Users.
  • are saved and stored on the server
  • are used only for the purpose of server management, i.e. diagnosing possible problems related to server operation and generating statistics useful for effective administration of the Online Store
CHAPTER 4. OTHER TECHNOLOGIES AND WEB LINKS

§13
Social networking tools.

  1. The Administrator may use social network plug-ins to communicate with Users and popularize the offer of the Online Store. The plug-ins are available in the tab of a given Product. Thanks to this integration, social network operators can receive a message about the display of the Online Store's page, even if the User does not have an account on a given service or is not currently logged into the account. On the other hand, if logged in, the operator will be able to assign a visit to the Online Store to the User's account on a particular social network. In addition, if a specific plug-in is used - for example, "Like" from Facebook - the corresponding information will also be sent to the Facebook server. Detailed information on data collection and processing, as well as Users' rights, is contained in the privacy policies of individual operators (e.g. Facebook -. https://www.facebook.com/legal/FB_Work_Privacy, Google - https://policies.google.com/privacy?hl=pl)

§14
Links to other websites.

  1. The online store contains links to other websites.
  2. The Administrator informs that he cannot be held responsible for the privacy policies of these websites and recommends that when you go to other websites, you should read their privacy policies.
CHAPTER 5 FINAL PROVISIONS 

§15
Other content.

  1. The Administrator reserves the right to make changes to this Privacy Policy. Updates may be justified, for example, by the development of the functionality of the Online Store, technological progress or changes in applicable laws.
Shopping Cart