Privacy policy

Privacy Policy

Access Data and Hosting
Data Collection and Processing for the Purpose of Contract Performance and Contact Purposes

2.1 Data Processing for Contract Performance

2.2 Customer Account

2.3 Data Processing for Contact Purposes
Data Processing for the Purpose of Delivery Performance
Data Processing for the Purpose of Payment Performance, Installment Purchase
Marketing Activity Channels: E-mail

5.1 Sending the Newsletter

5.2 Sending Invitations to Submit a Purchase Review
Cookies and Similar Technologies

General Information

Cookiebot – User Consent Management Platform
Use of Cookies and Similar Technological Tools

7.1 Use of Google Services

7.2 Use of Meta Services
Integration with the Trusted Shops Trustbadge and Other Widgets

8.1 Data Processing within the Integration of the Trustbadge and Other Widgets

8.2 Data Processing after Order Placement
Social Media

9.1 Social Media Plugins: Facebook (by Meta), Instagram (by Meta), Pinterest

9.2 Our Activity on Social Networking Sites: Instagram (by Meta), Pinterest, LinkedIn
Our Contact Information and Your Rights

10.1 Your Rights

10.2 Contacting Us

The Data Controller responsible for processing personal data is:

Grow Idea Group Szymon Serej

ul. Pod Lasem 78

44-210 Rybnik

Poland

kontakt@bujnie.pl

Thank you for your interest in our online store. The protection of your privacy is of utmost importance to us. Below you will find detailed information regarding the handling of your data.

1. Access Data and Hosting

You may visit our websites without disclosing any personal data. With each access to the website, the web server automatically saves only a so-called server log file, which contains, e.g., the name of the requested file, your IP address, the date and time of the request, the volume of data transferred, and the requesting internet service provider (so-called access logs), thereby documenting the request. This data is analyzed exclusively for the purpose of ensuring the proper functioning of our website and improving our offer. Pursuant to Art. 6 sec. 1 lit. f of the GDPR, this serves to secure our legitimate interest, consisting in the optimal and correct presentation of our websites and offers.

Hosting

All access data shall be deleted no later than within seven days following the end of your visit to our website.

Services relating to hosting and website display are partially provided on our behalf by our service providers under a data processing agreement. Unless otherwise specified in this privacy policy, all access data and data collected in the forms provided for this purpose on our website shall be processed on their servers. Should you have any questions regarding our service providers and the basis of our cooperation with them, please contact us. Our contact information can be found in the section "Our Contact Information and Your Rights".

Our service providers have their headquarters and/or use servers in countries for which the European Commission has issued decisions recognizing an adequate level of data protection. The headquarters of our service providers are located in: the USA.

The decision recognizing an adequate level of data protection for the USA applies as a legal basis for the transfer of data to third countries, provided that the given service provider has been certified. The certification has been obtained.

2. Data Collection and Processing for the Purpose of Contract Performance and Contact Purposes

2.1 Data Processing for Contract Performance

We collect personal data voluntarily provided by you during the order placement process for the purpose of contract execution and the handling of your inquiries (including inquiries regarding claims arising from the non-conformity of goods with the contract, improper performance of obligations, the right to withdraw from the contract, or any statutory update obligations). The legal basis in this respect is Art. 6 sec. 1 lit. b of the GDPR. Mandatory fields are marked as such because they concern data that is necessary for the execution of the contract and without which we are unable to fulfill the order. The specific data collected results directly from the forms into which the data is entered.

Further information regarding the processing of your data, in particular concerning the transfer of data to our service providers for the purpose of order fulfillment, payment, and shipping, can be found in the subsequent sections of this privacy policy. Upon completion of the contract, the processing of your data shall be restricted, and upon the expiry of the retention periods required under tax provisions and the Accounting Act, this data shall be deleted (Art. 6 sec. 1 lit. c of the GDPR), unless you grant explicit consent (Art. 6 sec. 1 lit. a of the GDPR) to the further use of this data for other purposes, or we reserve the right to further use it in legally permitted cases, of which we inform you in such an event within this privacy policy.

2.2 Customer Account

If, pursuant to Art. 6 sec. 1 lit. a of the GDPR, you grant your consent to the creation of a customer account – we shall process your personal data necessary for this purpose. It will also be utilized for future orders on our website. Your customer account may be deleted at any time. For this purpose, a message should be sent to our contact address indicated in the section "Our Contact Information and Your Rights" or the corresponding function in the customer account settings should be utilized. Following the deletion of your customer account, the processing of your data shall be restricted, and upon the expiry of the retention periods specified in the tax provisions and the Accounting Act, this data shall be deleted (Art. 6 sec. 1 lit. c of the GDPR), unless you grant explicit consent (Art. 6 sec. 1 lit. a of the GDPR) to the further use of this data, or in accordance with applicable legal provisions we reserve the right to further use the data for other purposes, of which we inform you in such an event within this privacy policy.

2.3 Data Processing for Contact Purposes

Within the framework of customer communication, we process personal data for the purpose of processing your inquiries (Art. 6 sec. 1 lit. b of the GDPR). This data is provided to us voluntarily by you when contacting us (e.g., via a contact form or e-mail). Mandatory fields are marked as such because they concern data that is necessary to process the inquiry. The specific data collected results directly from the forms into which the data is entered. Upon the full processing of your inquiry, your data shall be deleted, unless you grant explicit consent (Art. 6 sec. 1 lit. a of the GDPR) to the further use of this data for other purposes, or we reserve the right to further use it in legally permitted cases, of which we inform you in such an event within this privacy policy.

3. Data Processing for the Purpose of Delivery Performance

For the purpose of performing the contract (Art. 6 sec. 1 lit. b of the GDPR), we transfer your data to the shipping company selected by you during the order placement process, which has been commissioned to deliver the ordered products. Should you have any questions regarding our service providers and the basis of our cooperation with them, please contact us. Our contact information can be found in the section "Our Contact Information and Your Rights".

4. Data Processing for the Purpose of Payment Performance

In order to process payments in our online store, we cooperate with external service providers handling electronic online payments and transfer your data to the payment handling company selected by you during the order placement process. The aforementioned serves the performance of the contract (Art. 6 sec. 1 lit. b of the GDPR).

Data processing for the purpose of preventing abuse and optimizing payments.

In certain situations, we may transfer additional information to the aforementioned service providers, which may be utilized by them together with the information necessary to execute the payment in order to prevent fraud and optimize our payment processes (e.g., invoicing, analysis of rejected payments, accounting support). Pursuant to Art. 6 sec. 1 lit. f of the GDPR, this serves to realize our legitimate interests regarding protection against abuse and fraud, as well as the effective management of payments.

Installment Purchase

In the event of selecting the "installment purchase" payment method and granting appropriate consent (Art. 6 sec. 1 lit. a of the GDPR), your personal data (first name, last name, address, e-mail, telephone number, date of birth, IP address, gender) together with the data necessary to execute the transaction (article, invoice amount, due date, total amount, invoice number, taxes, currency, date and time of the order) shall be transferred for the purpose of payment execution to our partner Przelewy24, ul. Pastelowa 8, 60-198 Poznań, Poland. In order to verify the creditworthiness of the customer making an installment purchase, our partner checks and collects information from publicly accessible databases as well as from economic information bureaus and agencies. A list of service providers from whom information is obtained, including information on the customer's creditworthiness determined on the basis of mathematical and statistical models, as well as information on the processing of data following its transfer to our partner Przelewy24, can be found in its privacy policy at: https://www.przelewy24.pl/politykaprywatnosci.

The obtained information regarding the statistical probability of a payment default will be utilized by our partner Przelewy24 to make a decision concerning the establishment, execution, or termination of the contractual relationship. You may present your point of view and object to a given decision by contacting our partner Przelewy24 for this purpose. The consent granted during the order placement process for the transfer of data may be revoked by you without providing a reason at any time with effect for the future.

5. Marketing Activity Channels: E-mail

If you subscribe to our newsletter, we shall, on the basis of the consent granted by you (Art. 6 sec. 1 lit. a of the GDPR), utilize the data provided to us by you for the purpose of regularly sending our newsletter via electronic means.

Unsubscribing from the newsletter is possible at any time. For this purpose, a message should be sent to our contact address indicated in the section "Our Contact Information and Your Rights" or the unsubscribe link provided in the newsletter should be utilized. Following unsubscription from the list of recipients, we shall delete your e-mail address, unless you grant unequivocal consent (Art. 6 sec. 1 lit. a of the GDPR) to the further use of this data for other purposes, or in accordance with applicable legal provisions we reserve the right to further use the data, of which we inform you in such an event within this privacy policy.

5.1 Sending the Newsletter

The newsletter is sent as part of a data processing agreement on our behalf by an external service provider. Should you have any questions regarding our service providers and the basis of our cooperation with them, please contact us. Contact information can be found in the section "Our Contact Information and Your Rights".

5.2 Sending Invitations to Submit a Purchase Review

If you have granted consent to this effect during or after placing an order (Art. 6 sec. 1 lit. a of the GDPR), we shall use your e-mail address to send you an electronic invitation to review the purchase made in our store. The submission of an opinion/review takes place via the review system utilized by us. The consent granted may be withdrawn by you at any time by sending a message informing of the withdrawal of consent to our contact address indicated in the section "Our Contact Information and Your Rights". Alternatively, you may also use the unsubscribe link provided in the message containing the invitation to submit a review. Once you withdraw your consent, we shall remove your e-mail address from the list of newsletter recipients. Your e-mail address shall be deleted from our systems, unless you have granted unequivocal consent (Art. 6 sec. 1 lit. a of the GDPR) to its further use for other purposes, or in accordance with applicable legal provisions we have reserved the right to its further use for other purposes (e.g., for contract execution purposes), of which we inform you in such an event within this privacy policy.

Invitations to submit reviews are sent by our service provider Trusted Shops SE Subbelrather Str. 15C, 50823 Cologne, Germany ("Trusted Shops"). Within the framework of sending invitations, we receive information from Trusted Shops regarding the status (e.g., whether a given invitation to submit a review has been sent and whether it has reached the addressee). This occurs pursuant to Art. 6 sec. 1 lit. f of the GDPR in order to realize our legitimate interest, which is to receive information concerning invitations to submit reviews so as to be able to optimize on this basis if necessary, as well as to realize the legitimate interest of Trusted Shops, which is the ability to offer this service.

We are jointly responsible with Trusted Shops for sending invitations to submit reviews and for collecting and displaying information concerning opinions and ratings or status.

Within the framework of this joint controllership existing between us and Trusted Shops, should you have any questions concerning the protection of your data or wish to assert your rights, please contact Trusted Shops. Contact information is available on this website. You will also find further information regarding data protection at Trusted Shops there. Irrespective of the foregoing, you may also always contact us directly. If necessary, your inquiry shall be forwarded to Trusted Shops, which is jointly responsible for data processing.

6. Cookies and Similar Technologies

General Information

To make a visit to our website attractive and to enable you to utilize its key functions, we utilize technological tools for this purpose, including so-called cookies. Cookies are small text files that are automatically saved on your terminal device. Some of the cookies we use are deleted at the end of the browser session, i.e., after closing it (so-called session cookies). Other cookies remain on your terminal device and enable us to recognize your browser on your next visit to the site (so-called persistent cookies). The storage time can be checked in the web browser within the cookie settings.

Privacy Protection of Terminal Devices

While using our online offer, we utilize technologies that are absolutely necessary to ensure the proper and optimal use of the essential functions of our website. In this respect, the storage of information on the user's terminal device or access to information that is already stored on their terminal device does not require the user's consent.

For functions that are not absolutely necessary, the storage of information on the user's terminal device or access to information already stored on their terminal device requires the user's consent. It should be noted that in the absence of consent, some functions or elements of the website may not be available in full scope. Any consent granted by the user remains valid until the consent is withdrawn, settings are configured, or the relevant settings on the terminal device are reset.

Other Cases of Data Processing via Cookies and Other Technologies.

We utilize technologies that are absolutely necessary to ensure the proper and optimal use of the essential functions of our website (e.g., the shopping cart function). These technologies process data such as, e.g., your IP address, the time of the site visit, device and browser information, as well as information regarding the use of our website (e.g., concerning the contents of the shopping cart). Pursuant to Art. 6 sec. 1 lit. f of the GDPR, this serves the realization of our legitimate interest consisting in the optimal presentation of our offer.

Furthermore, we also use technological tools to fulfill the legal obligations to which we are subject (e.g., to prove receipt of consent to process your personal data), as well as for web analytics and online marketing purposes. Further information on this subject, including the corresponding legal bases for data processing, is provided in the subsequent sections of this privacy policy.

Cookie Settings

In the help menu of your web browser, you will find explanations regarding the modification of cookie settings. They are available under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™. When we have been granted your consent to utilize specific technological tools (Art. 6 sec. 1 lit. a of the GDPR), it may be withdrawn by you at any time. In order to withdraw consent, please contact us via the contact address indicated in the section "Our Contact Information and Your Rights". Alternatively, you may click on the privacy settings button. In the event of rejecting the use of cookies, the functionality of our website may be restricted.

Cookiebot – User Consent Management Platform

Our website uses the Cookiebot tool in order to present you with information about the technologies operating on the basis of cookies utilized on our website and to obtain, manage, and document your consent to the processing of your personal data by these technologies. Pursuant to Art. 6 sec. 1 lit. c of the GDPR, this is necessary to fulfill the legal obligation resting upon us under Art. 7 sec. 1 of the GDPR, which stipulates that in the event of data processing based on consent, the controller must be able to demonstrate that the data subject has consented to the processing thereof. The Cookiebot consent management tool is a service of Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, which processes your data on our behalf and by our order. Once you have expressed your decision on our website regarding the use of cookies by particular technologies, the Cookiebot server saves your anonymous IP address, the date and time of your decision, information about your browser and the URL from which the decision was sent, as well as your anonymous identification key. Furthermore, a cookie (so-called CookieConsent) is saved on your terminal device, which remembers information regarding your decisions concerning the use of individual cookies and your anonymous identification key. Your data shall be deleted after twelve months, unless, pursuant to Art. 6 sec. 1 lit. a, you grant unequivocal consent to the further use of this data or, in accordance with applicable provisions, we reserve the right to further use the data for other purposes which are legally permitted and of which we inform you within this privacy policy.

7. Use of Cookies and Similar Technological Tools

On our website, we utilize the cookies and other similar tools/technologies of external service providers indicated below. Unless otherwise indicated in the description of individual technologies, their use takes place on the basis of your consent within the meaning of Art. 6 sec. 1 lit. a of the GDPR. Upon the realization of the purpose of processing and the conclusion of the use of a given tool/technology, the data collected within the framework of utilizing these tools/technologies shall be deleted. The consent granted may be withdrawn by you at any time. Detailed information regarding the possibility of revoking consent and your right to object can be found in the section "Cookies and Similar Technologies". Further information can be found on the websites of the individual service providers. Should you have any questions regarding our service providers and the basis of our cooperation with them, please contact us. Contact information can be found in the section "Our Contact Information and Your Rights".

7.1 Use of Google Services

We utilize the technological tools of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") indicated below. Information collected automatically by Google's technologies regarding the use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. Unless otherwise specified for the individual Google technologies described in this privacy policy, data processing takes place on the basis of an agreement on joint controllership of personal data concluded with Google pursuant to Art. 26 of the GDPR. Further information regarding the processing of data by Google can be found in the privacy policy on Google's website.

Our service providers are headquartered and/or utilize servers located in countries outside the EU and the EEA. With respect to these countries, the European Commission has not issued decisions confirming an adequate level of data protection. Our cooperation is based on standard data protection clauses adopted by the European Commission.

Google Analytics

For the purposes of analyzing the use of our website, we utilize Google Analytics – a web analytics tool by Google, which automatically processes your data for this purpose (IP address, time of website visit, device and browser information, as well as information concerning the use of our website) and creates pseudonymized user profiles on this basis. Cookies may be utilized for this purpose. When a user visits our website from the territory of the EU, their IP address is saved on a server located in the EU to obtain location data, and then immediately deleted even before the traffic is routed to further Google servers. Data processing within the Google Analytics service takes place on the basis of a data processing agreement concluded with Google.

Google Fonts

In order to ensure the consistent presentation of content on our websites, the "Google Fonts" script is integrated with our website, which processes your data (IP address, time of website visit, device and browser information, as well as information concerning the use of our website). We have no influence on the aforementioned data processing by Google.

7.2 Use of Meta Services

Meta Pixel

We utilize the Meta Pixel tool provided by Meta Platforms Ireland Ltd, Block J, Serpentine Avenue, Dublin 4, Ireland ("Facebook (by Meta)" or "Meta Platforms Ireland"). The scope of functionalities utilized by us has been indicated below. The Meta Pixel automatically collects and stores data (your IP address, time of website visit, device and browser information, as well as information concerning the use of our website, e.g., a website visit or newsletter registration). Based on this data, pseudonymized user profiles are subsequently created. For this purpose, during a visit to our website, the Meta Pixel saves a cookie on your device, which, via a pseudonymized Cookie-ID, enables the automatic recognition of your browser when visiting other websites. Meta Platforms Ireland will link this information with other data originating from your Facebook account and utilize it to compile reports on website activity and to provide other services related to your use of websites, in particular for ad personalization purposes. Information collected automatically by Meta Platforms Ireland technologies concerning the manner in which our website is used is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information regarding the processing of data by Meta Platforms Ireland can be found in the privacy policy of Meta Platforms Ireland. Our service providers have their headquarters and/or use servers in countries for which the European Commission has issued decisions recognizing an adequate level of data protection. The headquarters of our service providers are located in: Brazil, USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina. The decision recognizing an adequate level of data protection for the USA applies as a legal basis for the transfer of data to third countries, provided that the given service provider has been certified. The certification has been obtained. Our service providers have their headquarters and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Mexico. With respect to these countries, the European Commission has not issued decisions confirming an adequate level of data protection. The transfer of data within the framework of our cooperation with service providers from these countries is based on the following safeguards: standard data protection clauses of the European Commission.

Meta Ads Manager

The Meta Ads Manager enables us to advertise our website on Facebook and other platforms. We determine the parameters of a given advertising campaign. Meta Platforms Ireland is responsible for the exact execution, and in particular for the decision to display a given advertisement to individual users. Unless otherwise specified for individual functions and tools, data processing takes place on the basis of a joint controllership agreement concerning personal data pursuant to Art. 26 of the GDPR. Joint controllership is limited to the collection of data and its transfer to Meta Platforms Ireland. This does not encompass the subsequent processing of data by Meta Platforms Ireland. On the basis of statistics concerning the activity of users visiting our websites, created using the Meta Pixel tool, we conduct ad emissions to the relevant audience group via the Custom Audiences function, thereby defining the profile/characteristics of a given target group. Based on the pseudonymized Cookie-ID saved by the Meta Pixel and the collected information regarding user activity on our website, we create personalized advertising via the Custom Audiences function.

8. Integration with the Trusted Shops Trustbadge and Other Widgets

For the purpose of displaying Trusted Shops services (e.g., quality seal, collected reviews) and offering Trusted Shops products to buyers following order placement, Trusted Shops widgets are integrated with our website.

Pursuant to Art. 6 sec. 1 lit. f of the GDPR, the aforementioned serves the realization of our legitimate interest consisting in the optimal marketing of our offer by enabling safe online purchases. The Trustbadge and the services advertised by means thereof constitute an offer of Trusted Shops SE, Subbelrather Str. 15c, 50823 Cologne, Germany (hereinafter "Trusted Shops"), with whom, pursuant to the provisions of Art. 26 of the GDPR, we bear joint responsibility for the protection of jointly controlled data. We hereby inform you of the essential content of the joint arrangements of the joint controllers (Art. 26 sec. 2 of the GDPR).

Within the framework of the joint controllership existing between us and Trusted Shops SE, should you have any questions concerning data protection and wish to assert your rights, please contact Trusted Shops using the contact information indicated in the Trusted Shops privacy policy. Irrespective of the foregoing, however, you may always refer to the joint controller of your choice. Your inquiry or request shall then be forwarded to the other joint controller, if necessary, for the purpose of processing/providing an answer.

8.1 Data Processing within the Integration of the Trustbadge and Other Widgets

The Trustbadge is provided by an American CDN (Content-Delivery-Network) content provider. An adequate level of data protection is ensured on the basis of a European Commission decision (so-called adequacy decision), which is available here for the USA. US service providers are generally certified under the framework of the agreement concluded between the USA and the EU ("Data Privacy Framework", abbreviated "DPF"). Further information in this regard can be found here. In the case of service providers who are not certified in accordance with the premises of the "DPF", the arrangement of the applicability of standard contractual clauses has been adopted as an adequate guarantee for data protection.

When the Trustbadge is requested, the web server automatically saves a so-called log file (server logs), which also contains your IP address, the date and time of the request, the volume of data transferred, and the requesting operator (access data), and documents the request. The IP address is anonymized immediately upon retrieval so that the saved data cannot be assigned to a specific person. The anonymized data is utilized in particular for statistical and error analysis purposes.

8.2 Data Processing after Order Placement

If you have granted consent, the Trustbadge accesses, following order placement, order information stored on your terminal device (order total, order number, and if applicable – the purchased product) and your e-mail address used during the order placement process. The e-mail address is hashed using a one-way cryptographic function. The hash value is subsequently transmitted to Trusted Shops together with the order information pursuant to Art. 6 sec. 1 clause 1 lit. a of the GDPR.

This serves to verify whether you are already registered in the Trusted Shops SE system for the purpose of utilizing Trusted Shops services for buyers. In the event that you are already registered, further data processing takes place in accordance with the agreement concluded between you and Trusted Shops. If you are not registered or do not consent to the automatic recognition of registration via the Trustbadge, you will receive the opportunity to manually register in order to utilize the services, or alternatively to secure the purchase under an already existing user agreement.

For this purpose, after the placement of an order in the store, the Trustbadge accesses the following information saved on the terminal device utilized by you: order total, order number, and e-mail address. This is necessary in order for us to be able to offer you buyer protection. The aforementioned data is transmitted to Trusted Shops only if you actively decide to utilize buyer protection by clicking the appropriately designated button on the so-called Trustcard. If you decide to utilize these services, further data processing takes place on the basis of the agreement concluded with Trusted Shops (Art. 6 sec. 1 lit. b of the GDPR) in order to register buyer protection and secure your order, as well as to enable you to receive invitations via e-mail to submit a review of the purchase.

Trusted Shops utilizes services provided by service providers in the scope of hosting and log monitoring. The legal basis in this respect is Art. 6 sec. 1 lit. f of the GDPR, and the legitimate interest consists in the pursuit of ensuring the failure-free functioning of the offered products. The related data processing may also take place in third countries (USA, United Kingdom, and Israel).

An adequate level of data protection is ensured on the basis of a European Commission decision (so-called adequacy decision), which is available here for the USA, here for the United Kingdom, and here for Israel. US service providers are generally certified under the framework of the agreement concluded between the USA and the EU ("Data Privacy Framework", abbreviated "DPF"). Further information in this regard can be found here. In the case of service providers who are not certified in accordance with the premises of the "DPF", the arrangement of the applicability of standard contractual clauses has been adopted as an adequate guarantee for data protection.

9. Social Media

9.1 Social Media Plugins: Facebook (by Meta), Instagram (by Meta), Pinterest

Our website utilizes so-called social media network plugins (buttons). These plugins are accessible via an HTML link, which ensures that during visits to our website containing such plugins (buttons), a direct connection is not automatically established with the servers of the operator of the given social networking site. After clicking on one of the buttons (plugin), a new window of your browser will open displaying the page of the given social networking site, on which you may approve the use of the given button, e.g., "Like" or "Share".

9.2 Our Activity on Social Networking Sites: Instagram (by Meta), Pinterest, LinkedIn

If you have granted consent in this regard to the given social networking site (Art. 6 sec. 1 lit. a of the GDPR), during a visit to our account/profile on the aforementioned social networking sites, your data shall be automatically collected and stored for web analytics and marketing purposes. Pseudonymized user profiles are created on the basis of this data. They may be utilized, for example, to place within the social networking sites and outside of them so-called personalized advertisements, which likely correspond to your interests. Cookies are typically utilized for this purpose. Detailed information regarding the processing and utilization of your data by the respective social networking sites, as well as information concerning your rights and the possibilities of configuring privacy settings, along with contact data for the purpose of submitting an inquiry, are described in the privacy policies of the respective social networking sites linked below. Should you require assistance in this regard, you may also contact us.

Instagram (by Meta) is a social networking site offered by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). Information processed automatically concerning your activity and the manner of utilizing our fanpage account on Instagram is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA and saved there. Data processing within the framework of a visit to the fanpage account on Instagram (by Meta) takes place pursuant to Art. 26 of the GDPR on the basis of joint arrangements concluded by the joint controllers. Further information regarding the processing of your personal data within the framework of visiting a Facebook fanpage (information concerning page insights functions) is available here.

Our service providers have their headquarters and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Mexico.

With respect to these countries, the European Commission has not issued decisions confirming an adequate level of data protection. The transfer of data within the framework of our cooperation with service providers from these countries is based on the following safeguards: standard data protection clauses adopted by the European Commission.

Pinterest is a social networking site offered by Pinterest Europe Ltd., Waterloo Exchange, 3rd Floor, Waterloo Road, Dublin 4, Ireland ("Pinterest"). Information processed automatically concerning your activity and the manner of utilizing our profile on Pinterest is generally transmitted to a server of Pinterest, Inc., 505 Brannan St., San Francisco, CA 94107 in the USA and saved there.

Our service providers are headquartered and/or utilize servers located in countries outside the EU and the EEA, for which the European Commission has issued a so-called adequacy decision confirming an adequate level of data protection. Our service providers are headquartered and/or utilize servers located in countries outside the EU and the EEA. With respect to these countries, the European Commission has not issued decisions confirming an adequate level of data protection. Our cooperation is based on standard data protection clauses adopted by the European Commission.

LinkedIn is a social networking site offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). Information processed automatically concerning your activity and the manner of utilizing our profile on LinkedIn is generally transmitted to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 in the USA and saved there. Our service providers have their headquarters and/or use servers in countries for which the European Commission has issued decisions recognizing an adequate level of data protection. The headquarters of our service providers are located in: the USA.

10. Our Contact Information and Your Rights

10.1 Your Rights

Persons whose data is processed are entitled to the following rights:

pursuant to Art. 15 of the GDPR: the right to obtain information regarding data processing within the scope specified in this article;
pursuant to Art. 16 of the GDPR: the right to the rectification of your inaccurate or incomplete personal data;
pursuant to Art. 17 of the GDPR: the so-called "right to be forgotten", i.e., the right to the erasure of your personal data stored by us, provided that its further processing is not necessary:
- to exercise the right of freedom of expression and information;
- for compliance with a legal obligation;
- for reasons of public interest;
- for the establishment, exercise, or defense of legal claims;
pursuant to Art. 18 of the GDPR: the right to the restriction of processing of personal data, provided that:
- the accuracy of the personal data is contested by you;
- the processing is unlawful, and you oppose their erasure;
- we no longer need the personal data, but they are required by you for the establishment, exercise, or defense of legal claims;
- you have objected to processing pursuant to Art. 21;
pursuant to Art. 20 of the GDPR: the right to receive the data provided to us in a structured, commonly used and machine-readable format and the right to transmit those data to another controller;
pursuant to Art. 77 of the GDPR: the right to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office "UODO").

Right to Object

If we process personal data in the manner described in this privacy policy in order to safeguard our legitimate interests, you may then object to the processing of your data for this purpose with effect for the future. If the processing takes place for direct marketing purposes, you may exercise the right to object at any time. If the processing takes place for other purposes, you are entitled to the right to object only on grounds relating to your particular situation.

Following the exercise of your right to object, we shall not continue to process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests and rights, or if the processing of data is intended for the establishment, exercise, or defense of legal claims.

The preceding sentence does not apply when data processing is conducted for direct marketing purposes. In such an event, following your objection, we shall always cease further processing of your personal data.

10.2 Contacting Us

In the event of questions concerning the collection, processing, and use of your personal data, as well as in the event of requesting the provision of information, rectification, restriction of processing, or erasure of data, and for the purpose of revoking granted consents or expressing an objection to the use of specific data, please contact directly the data controller indicated at the beginning of this privacy policy.

Get in Touch

Expert Guidance & Direct Support | kontakt@bujnie.pl

Made in Poland

Local craftsmanship and premium quality from Silesia.

Secure Payments

Trusted Shops Guarantee. Full buyer protection.