Regulations and privacy policy
Regulations Privacy Policy - rikkinail.com Online Store of June 10, 2023
Privacy policy for rikkinail.com
We want you to feel safe when using our website, so we care very much about your privacy and the protection of your personal data. Therefore, please read the following summary carefully, which explains how we operate on our website. You can be sure that we will process your data transparently and fairly and will take all precautions and responsibilities to protect it appropriately.
Our intention is to provide you with information regarding how we use your personal data. We want you to know that we meet all the requirements of the Polish Data Protection Act and the General Data Protection Regulation (GDPR). The following Privacy Policy has been created to provide you with this information.
Information about the person responsible for data management and the personal data protection officer.
The controller for the purposes of the GDPR, other legal acts in force in EU Member States and other provisions relating to data protection is:
Taras Tokaryk Rikki nail shop company
street Rymarska 45/11, 53-206,
Poland Warsaw
The data protection officer in the controller's company is available at: [email protected]
The scope to which we process personal data.
We collect and process your personal data only as necessary to ensure the operation of our website, content and services. For example, when you register on our website, log in to an existing customer account or place an order for products. We process your personal data only after obtaining your consent. However, there are exceptional situations where prior consent cannot be obtained due to circumstances and data processing is permitted by law.
It is important to us that the security of your personal data is a high priority. We therefore take appropriate technical and organizational measures to protect the data we store against loss or unauthorized access by third parties. Our employees who process personal data are obliged to maintain confidentiality and comply with applicable regulations. To protect your personal information, we use encryption technology, such as the Secure Sockets Layer (SSL) protocol, when communicating with your web browser. You may notice a padlock symbol in your browser, which means the connection is secured by SSL. We regularly review and update our technical security measures to adapt to new technology standards and ensure the continued protection of your data. If we outsource the processing of personal data to other companies, we require them to follow the same data protection principles and instructions.
The processing of your personal data is carried out in accordance with specific purposes and legal principles
We collect, process and use your personal data for the following purposes:
Conclusion and performance of contracts
Providing information bulletins
Marketing activities such as prize sweepstakes
Customer service and customer assistance
Providing broadcast media services, e.g. to process orders for goods and services we offer online
Your personal data may be processed based on the following legal principles:
Art. 6, par. 1 letter and GDPR is the legal basis for processing activities for which we obtain your consent for a given processing purpose.
Art. 6, par. 1 letter b GDPR states that personal data may be processed for the purpose of performing a contract, e.g. when purchasing a product. The same applies to all processing activities necessary to carry out pre-contractual activities, such as handling inquiries regarding products or services.
Art. 6, par. 1 letter c GDPR applies in cases where we have a legal obligation requiring the processing of personal data, for example to fulfill tax obligations.
Art. 6, par. 1 letter d GDPR states that personal data may be processed in order to protect the vital interests of you or another natural person.
Art. 6, par. 1 letter f GDPR applies in relation to our legitimate interests, for example when employing service providers to fulfill orders (e.g. delivery services), when completing surveys for statistical purposes and conducting statistical analyses, when attempting to log in or ensure security on the website. Our interest is in providing a user-friendly, attractive and secure website and in optimizing it to meet both our business goals and your expectations.
We store your personal data for a specified period of time in accordance with our data retention policy.
We process and store your personal data only for the period necessary to achieve the purpose of storing the data or in accordance with applicable legal provisions and regulations. When the purpose of processing no longer applies or is no longer achieved, we delete your personal data or limit their processing. In the event of restriction of data processing, the data is deleted when the retention periods specified in legal provisions, the company's articles of association/statutes or contract provisions no longer prevent such deletion. However, if there is a legitimate interest or special circumstances that make deletion of the data would jeopardize those interests, and if deletion would require a disproportionate effort due to the particular nature of the storage, the data may remain stored.
We collect general data and information, including log records
Pursuant to Art. 6, par. 1, letter f GDPR, our website collects various data and general information after each visit, which are temporarily stored in server logs. Log records are created automatically as a result of the logging process of the processing computer system. They include the following data:
Date, time and frequency of access to the website.
The source of the page hit (e.g. referring site, hyperlink).
The size of the transferred data.
The browser you are using and its version.
Your operating system.
The Internet service provider you use.
The IP address assigned to your computer by your Internet Service Provider when you connect to the Internet.
The collection and storage of this data is necessary to ensure the functionality and correct display of the content of our website. This data is also used to optimize the website and ensure the security of our IT systems. Therefore, for technical reasons, these data are stored carefully for a period of seven days.
Additionally, we use this data for marketing purposes, market research and to adapt our services to meet demand. We do this by creating and analyzing pseudonymous user profiles. However, such actions are only taken if you have not exercised your right to object or withdraw your consent to the use of your data in this way (details regarding your rights can be found in the "Your rights" section).
We ensure that all these activities are consistent with applicable legal regulations and our Privacy Policy.
Cookies, analytical services (web analysis) and social media
Our goal is to provide you with the best possible experience when using our website. Therefore, we use cookies, web analysis services and social media plug-ins in accordance with the provisions of Art. 6 pairs 1 letter f GDPR.
To achieve this goal, we use various cookies and services that ensure the full functionality of our website. We want it to be rich in content and as user-friendly as possible for users, including you. It's important to us that you can surf our site without any problems and that's why we're constantly making improvements. These actions include saving your settings and filling out forms so you don't have to re-enter the same data. We also want you to only see content that interests you and to make your interaction with our website as easy as possible.
At the same time, we take care to use your personal data carefully. You have the option to deactivate all cookies and services at your discretion. You can do this by blocking or deleting cookies using the web browser you are using. It is also possible to deactivate it separately by installing an "opt-out" cookie. You can also perform these steps using the hyperlinks or link provided for this purpose. If you delete all cookies from your browser, this will also affect the opt-out cookie.
Functional cookies
Cookies are small files that websites place on your computer when you visit them. Their purpose is to remember your settings and changes so that they can be recreated during subsequent visits to this website.
Functional cookies play an important role in the proper functioning of our website. They are stored for a maximum of two years, after which they are automatically deleted. By using functional cookies, we can use the following functions:
Saving products that you have added to your electronic cart or wish list.
Remembering data entered during the electronic checkout process or placing an order to avoid having to enter it again.
Save settings such as language, location, number of search results, etc.
Saving your preferences for viewing our website on your device, such as your preferred buffer size and screen resolution information.
Saving your browser settings to ensure optimal display of our website.
Recording misuse of our website and services, for example recording multiple failed registration attempts.
Load your website faster to make it accessible without delays.
Remembering your login details so you don't have to enter them every time.
You can prevent the storage of these cookies or delete already stored ones. You can find detailed information about this in your web browser's documentation or in its help section. However, please note that some features of our website may be unavailable or limited if you do not allow the use of functional cookies.
Cookies, analytical services (web analysis) and social media
We only transfer to the following third parties:
Meta LLC - For more information on terms of use and data protection, please visit the following website: https://www.facebook.com/privacy/policies/cookies/?entry_point=cookie_policy_redirect&entry=0
Mega LLC - For more information on terms of use and data protection, please visit the following website:
Alphabet Inc - For more information on terms of use and data protection, please visit the following website: https://www.alphabet.com/pl-pl/cookies
Providing you with information about our products and services, special offers and other news such as newsletters
We use your data to send information regarding our products, services and other special offers to the e-mail address you provided. Such communication will only take place with your prior consent or if permitted by law. Consent to such transmission is regulated pursuant to Art. 6 section 1 letter a and art. 7 of the General Data Protection Regulation (GDPR).
Registration on our website to receive newsletters: On our website you can sign up for a free newsletter. When registering to receive the newsletter, you provide us with the data from the form, including at least your e-mail address.
Store Registration: If you register on a particular retail store's website to receive email information, we will store your email address so that we can provide you with information about our products.
Supplies related to the sale of products: If you purchase products on our website, we may send information about our own similar products to the email address you provide, even without your consent.
Postal items: We may also use your information to send you information about our products and special offers by regular post.
Our goal is for you to enjoy reading our emails, so we carefully select information that is of interest to you. For this purpose, we measure and store the frequency of your visits and clicks on your user profile, which is the legitimate interest of the data controller (Article 6(1)(f) of the GDPR). This data includes information about the opening of our e-mail messages, clicks on the content of these messages, the date and time of such actions, as well as information about the undeliverability of our messages. We also use this data for statistical purposes.
Of course, you have the option to unsubscribe from receiving such emails by withdrawing your consent for the future. Each e-mail and newsletter includes an unsubscribe link. After clicking this link, you will be asked to confirm your unsubscribe on our website. You can also contact us at any time:
- by e-mail: [email protected]
- by post: ul. Rymarska 45/11, 53-206,
Poland Warsaw
It is not possible to unsubscribe from receiving certain information messages that are necessary to perform contracts and ensure the proper functioning of our website. This also applies to service-related emails (e.g. registration confirmations, customer service information) and purchase-related messages (e.g. order confirmations, documents related to the contract and payment processing). Such notifications will continue to be sent according to the contact information you have provided.
When contacting, registering or placing orders without registration, we process personal data.
Making contact
Any information you provide to us when contacting us by phone, e-mail or via the contact form will be stored in accordance with the principles set out in the GDPR (General Data Protection Regulation). For this purpose, we use the legal basis resulting from Art. 6, par. 1, letter f GDPR. We store this information to respond to your questions or reports. In addition, the contact will be logged in our system to confirm that the communication took place in accordance with the requirements of applicable law.
Registration
On our website, we give you the opportunity to register by providing your personal data. This data is entered into a form, transmitted to us and stored by us. Registration is intended to enable the conclusion of a contract or the performance of activities aimed at concluding a contract, which is why we rely on the legal basis resulting from Art. 6, par. 1, letter b GDPR.
In order to conclude and execute contracts, we need certain contact details, which depend on the specific case. This may include information such as name and surname, delivery address, invoice address, e-mail address and selected payment method. We also use your data to maintain our customer database, where we only store the most important information. To prevent typographical errors (e.g. typos) and to ensure correct delivery of the ordered products, we check the completeness and correctness of the address you enter.
Orders placed without registration
You can place orders as a guest, without registration. If you choose this option, you will not need to create an account before placing your order. However, please note that you will need to re-enter your details for future orders.
In the case of orders without registration, we collect, process and use the data provided by you in order to perform the contract, in accordance with Art. 6, par. 1, letter b GDPR. We store this information for the duration of the processing and fulfillment of your order. After completing the order, your data will be deleted, unless you decide to activate your customer account within 14 days of placing the order. Data that we are required to keep in accordance with applicable law, contract between us or contractual requirements will be limited in its processing to prevent its use for other purposes, but will not be deleted.
Miscellaneous provisions
Pursuant to the provisions of Art. 6, par. 1, letter c and f GDPR, we use and store your personal data and, where necessary, technical information in order to prevent unauthorized use of data or other illegal activities on our website. This also applies to investigating such activities, for example to ensure data security in the event of attacks on our IT systems. Such actions may be taken on the basis of orders of public authorities or decisions of common courts, if required by applicable law. In addition, they serve to protect our rights and interests and enable us to defend ourselves in court.
Transferring data to suppliers of goods cooperating with us, in accordance with Art. 6, par. 1, letter b GDPR
In the context of the services and products offered on our website, we cooperate with various contractor companies that are responsible for specific product groups. If you decide to order products of these contractors, we will provide them with the data you provided during registration and additional personal data contained in the "My Account" section if you have made previous purchases. This information will be necessary to conclude and perform the contract, in particular your e-mail address, delivery address and invoice address. The relevant contractor will be indicated on the relevant product pages and in the Legal Notice. It is important that you note that each contractor is responsible for its own data protection arrangements and product pages may have additional or different privacy policies.
Transfer of data to service partners in accordance with Art. 6, par. 1, letters b and f of the GDPR
In order to operate and optimize our website and perform contracts, we cooperate with various companies that provide services on our behalf. These include central IT service providers, our website hosts, payment and product delivery service providers, equipment installers and newsletter providers. As part of our cooperation, we provide these service partners with the necessary information (such as name and address) to perform specific tasks.
Some of these companies act on our behalf in the context of order processing and fulfillment. They are only authorized to use the data provided in accordance with our instructions. In such cases, we are responsible for ensuring appropriate data security measures. Together, we establish specific data security measures and regularly monitor their effectiveness.
If the ordered goods are large and heavy, shipment is made via suppliers such as DTS Transport Sp. z o. o., transport company Rohlig Suus Logistics S.A. or the courier company DPD Polska Sp. z o. o. We share information such as the email address you provided with your order with these suppliers to enable them to establish a specific delivery date.
If personal data is transferred to third parties for the performance of a contract, these third parties are responsible for the use of this data. Examples of such situations include the transfer of data to logistics companies or postal services for the purpose of delivering goods, and the transfer of data to payment processing companies or banks providing financing. When paying by credit card, in order to prevent fraud, a security check is carried out by a payment processor such as eCard S.A. or Paypal Polska Sp. z o. o.
Regarding payments, we do not collect or store payment information such as credit card numbers or account details. This information is transferred directly to the appropriate payment processors. However, there is a unique solution for paying by credit card, namely the "pseudo-card number". For your convenience, a pseudo-card number is stored in your customer account, which allows you to make purchases only on our website from your customer account. The pseudo-card number is not identical to your credit card number and you do not have to enter it every time you make a payment.
The transfer of data to our cooperating goods suppliers takes place in accordance with Art. 6, par. 1, letter b GDPR. In the context of our services and products offered on the website, we cooperate with various contractor companies that are responsible for certain product groups. If you order products from these contractors, we will provide them with the data you provided during registration and additional personal data related to your account, such as e-mail address, delivery address and invoice address. The selection of the appropriate contractor will be specified on the relevant product pages and in the Legal Notice. Please note that the contractor is responsible for ensuring data security and that additional or different privacy policies may apply on product pages.
In the context of transferring data to service partners, in accordance with Art. 6, par. 1, letters b and f of the GDPR, we operate by delegating various service companies to act on our behalf in order to operate and optimize our website, as well as to perform contracts. As part of these activities, we cooperate with companies that provide services such as central IT services, website hosting, payment processing, product shipping, equipment installation and delivery of information bulletins. We provide our service partners with the necessary information (e.g. name, address) so that they can carry out their tasks.
Some of these companies act on our behalf to process and fulfill orders, which means that they are only allowed to use the data provided in accordance with our instructions. For these activities, we are legally responsible for ensuring appropriate data security measures. Therefore, we jointly establish specific data security measures with these entities and regularly monitor their effectiveness.
If the ordered products are large and heavy, we ship them via an appropriate service provider, transport company or courier company. Such a service provider receives information from us, such as the e-mail address provided by you when placing an order, in order to determine the details of the delivery time.
Contrary to the requirements for the processing of external data, in the event of the performance of a contract, we transfer data to third parties who are themselves responsible for the use of this data. There are two cases in which such a transfer of data takes place:
In the case of forwarding goods, we transfer data to specific logistics companies or entities providing postal services, in accordance with the information provided in the order.
In relation to payment for goods ordered, data is transferred to the specific payment processor or financing bank in accordance with the information provided in the order. If payment is made by credit card, in order to prevent credit card fraud, transaction security checks are performed by the payment processor.
For payments, we do not collect or store information such as credit card numbers or account details. They are sent directly to the appropriate payment processor. However, there is an exception for credit card payments, which is a "pseudo card number". So that you do not have to enter your credit card number every time you make a payment, a pseudo-card number is stored in your customer account. This pseudo-card number only allows you to purchase products and services on our website, ordered using your customer account, and is not identical to your credit card number.
Your rights
We would like to inform you that you have rights regarding the collection of your data, and we are now pleased to provide you with this information. If you wish to exercise any of these rights, you can do so at no charge by simply sending us a message. You can contact us using the contact details below, without incurring any additional costs other than those that may be charged by your telecommunications service provider for sending the message:
- by e-mail: [email protected]
- by post: ul. Rymarska 45/11, 53-206,
Poland Warsaw
For your safety, we reserve the right to request additional information to confirm your identity when responding to your existing inquiry. If identification proves impossible, we also reserve the right to refuse to respond to your inquiry.
The right to access data
You are entitled to request information from us regarding the personal data we store about you.
Right to rectification
You have the right to immediately correct and/or supplement the personal data stored about you.
The right to restrict processing
You have the right to request the restriction of the processing of your personal data if you question the accuracy of the data, if the processing is unlawful, if the data is no longer necessary, but you do not want it to be deleted, if it is necessary for reporting, execution or defend claims arising from legal provisions, or when you have expressed objection to their processing.
Right to erasure
You have the right to request the deletion of your personal data stored by us, unless it is necessary to retain this data in order to ensure freedom of speech, freedom of access to information, fulfillment of obligations arising from legal provisions, in connection with the public interest, in order to submit or defend against claims or in order to assert their rights under the regulations.
The right to information
If you have submitted a request to rectify, delete or limit the processing of your personal data, we will inform all recipients of this data about the rectification, deletion or limitation of processing, unless doing so is impossible or involves excessive effort.
The right to transfer data
You have the right to receive a copy of the data you have provided to us in a structured, commonly used, machine-readable format. This copy will be sent to you or, at your request, to another third party, if technically possible. If you want this data to be transferred to another data controller, we will try to do so, provided that it is technically possible.
Right to object
If we process your personal data on the basis of legitimate interest, in accordance with Art. 6 section 1 letter f GDPR, you have the right to object to such processing at any time, in accordance with Art. 21 GDPR.
The right to withdraw consent
You have the right to withdraw your consent to the collection of data at any time, with effect for the future. Withdrawal of consent will not affect the processing of previously collected data. However, please understand that for technical reasons, it may take some time to process your cancellation, which means you may still receive communications from us for a certain period.
The right not to be subject to a decision based on automated processing, including profiling
You have the right to avoid decisions made solely on the basis of automated processing of personal data, including profiling, if such decisions have significant legal effects for you or significantly concern you.
The right to lodge a complaint with a regulatory authority
If the processing of your personal data violates data protection regulations or if your data protection rights have been otherwise violated, you have the right to lodge a complaint with the appropriate supervisory authority.
It is worth noting that after deleting your data, you will no longer have access to services related to our products via our website. This may also include internet redownload services. We therefore recommend that you make a backup copy of your data before exercising your right to deletion. The processing of data that we are required to keep in accordance with legal, corporate or contractual requirements will be limited to prevent it from being used for other purposes, but it will not be deleted.
Links to third-party websites
Our website contains links to third-party websites. We are not responsible for the measures taken to ensure the security of your data on these sites. We encourage you to review the privacy policies of these third-party sites and obtain information directly from them regarding this matter.
Changes to the Privacy Policy
To ensure that our Privacy Policy always complies with applicable law, we reserve the right to make changes to it at any time. This also applies to situations where modifications to the Privacy Policy are necessary in connection with the introduction of new or changed products or services.
Version: June 10, 2023, Version 1.0