Privacy Policy

Privacy Policy of Iluma Store
www.iluma.pl
(„Store”)

Dear User!

We care about your privacy and want you to feel comfortable while using our services. Therefore, below we present you with the most important information about the rules of processing your personal data and cookies used by our Store. This information has been prepared in accordance with the GDPR, i.e., the General Data Protection Regulation.

PERSONAL DATA CONTROLLER

ILUMA CRYSTAL HERITAGE LIMITED LIABILITY COMPANY with its registered office at Rynek Wieluński 25, 42-202 Częstochowa, registered in the National Court Register - the entrepreneurs' register by the DISTRICT COURT IN CZĘSTOCHOWA, XVII ECONOMIC DEPARTMENT OF THE NATIONAL COURT REGISTER, under KRS number 0001022323, NIP 5732941992, REGON number 52458430800000.

If you wish to contact us regarding the processing of your personal data, please write to us at the email address: krysztaly@iluma.pl.

YOUR RIGHTS

You have the right to request:

  • daccess to your personal data, including obtaining a copy of your data (Article 15 GDPR or - if applicable - Article 13(1)(f) GDPR),
  • correction of your data (Article 16 GDPR),
  • deletion of your data (Article 17 GDPR),
  • restriction of processing (Article 18 GDPR),
  • data portability to another controller (Article 20 GDPR).

And also the right:

  • to object at any time to the processing of your data:
    • for reasons related to your particular situation – to the processing of your personal data, based on Article 6(1)(f) GDPR (i.e., on our legitimate interests), including profiling (Article 21(1) GDPR);
    • jif personal data are processed for direct marketing purposes, including profiling, to the extent that the processing is related to such direct marketing (Article 21(2) GDPR).

Contact us if you want to exercise your rights. You can express your objection to the use of cookies by us (which you will read about below) especially through appropriate browser settings.

If you believe that your data is being processed unlawfully, you can lodge a complaint with the President of the Personal Data Protection Office.

PERSONAL DATA AND PRIVACY

Below you will find detailed information about the processing of your data depending on the actions you take.

1. PLACING AN ORDER IN THE STORE

For what purpose?
the fulfillment of your order
On what basis?
sales contract (Article 6(1)(b) of the GDPR) legal obligation related to accounting, obliging us to process your personal data (Article 6(1)(c) of the GDPR)
How long?
for the duration of the above-mentioned contract until the expiration of our legal obligation related to accounting
additionally, your data will be processed until the expiration of the period during which claims may be pursued – by you or by us
(more information on this subject can be found in the last table of this section)
What happens if you do not provide data?
you will not be able to place an order

2. Creating an account in the Store

For what purpose?
To fulfill the contract for the provision of account management services in the Store
On what basis?
Service provision agreement (Article 6(1)(b) of the GDPR.
How long?
For the duration of the above-mentioned contract
Additionally, your data will be processed until the expiration of the period during which claims may be pursued – by you or by us
(more information on this subject can be found in the last table of this section)
What happens if you do not provide data?
You will not be able to create an account and use its features, such as browsing order history or checking order status

3. Getting in touch with us (e.g. to ask a question)

For what purpose?
Handling your inquiries or reports
On what basis?
Contract or actions taken at your request, aimed at its conclusion (Article 6(1)(b) of the GDPR) – if your inquiry or report concerns a contract of which we are or may be a party Our legitimate interest, consisting of processing your data for communication with you (Article 6(1)(f) of the GDPR) – if your inquiry or report is not related to a contract
How long?
For the duration of the binding contract between us or – if the contract is not concluded - until the expiration of the period for asserting claims – see the last table of this section* Until the expiration of the period for asserting claims – see the last table of this section - or until we consider your objection to processing*
Additionally, your data will be processed until the expiration of the period during which claims may be pursued – by you or by us
(more information on this subject can be found in the last table of this section)
What happens if you do not provide data?
We will not be able to respond to your inquiry or report

*depending on which is applicable in a given case

4. Browser settings or similar actions allowing for marketing activities

For what purpose?
Direct marketing, consisting of displaying personalized ads
(more on this subject can be found in the "Profiling" and "Cookies" sections of the Privacy Policy)
On what basis?
Our legitimate interest, consisting of processing data for the purpose stated above (Article 6(1)(f) of the GDPR)
How long?
Until the expiration of the validity or deletion by you of cookies used for marketing purposes*
What happens if you do not provide data?
You will not receive suggestions for products or services you may be interested in

* *depending on which is applicable in a given case

5. Browser settings or similar actions allowing for conducting analytical activities

For what purpose?
Analysis of how you use and navigate the Store's website, in order to improve its functionality (more on this subject can be found in the "Analytical Activities" and "Cookies" sections of the Privacy Policy)
On what basis?
Our legitimate interest, consisting of processing data for the purpose stated above (Article 6(1)(f) of the GDPR)
How long?
Until the expiration of the validity or deletion by you of cookies used for analytical purposes*
What happens if you do not provide data?
We will not take into account how you use and navigate the Store's website in our development efforts

*depending on which is applicable in a given case

6.Your consent to receiving marketing content from us (e.g., information about special offers)

For what purpose?
Sending marketing information, especially about special offers Analyzing the effectiveness of messages sent by us to determine general principles for effective message delivery in our operations
(more on this subject can be found in the "Analytical Activities" section of the Privacy Policy)
On what basis?
TYour consent to our marketing activities (Article 6(1)(a) of the GDPR) Our legitimate interest, consisting of processing data for the purpose stated above (Article 6(1)(f) of the GDPR)
How long?
Until you withdraw your consent – remember, you can withdraw your consent at any time. Processing data until you withdraw your consent remains lawful. Until we consider your objection to processing
Additionally, your data will be processed until the expiration of the period during which claims may be pursued – by you or by us
(more information on this subject can be found in the last table of this section)
What happens if you do not provide data?
You will not receive our marketing materials, including information about our special offers

7. Signing up for the newsletter

For what purpose?
Sending newsletters Analyzing the effectiveness of content sent by us to determine general principles for effective message delivery in our operations
(more on this subject can be found in the "Analytical Activities" section of the Privacy Policy)
on what basis?
Service provision agreement for newsletter delivery (Article 6(1)(b) of the GDPR) Our legitimate interest, consisting of processing data for the purpose stated above (Article 6(1)(f) of the GDPR)
How long?
Until you unsubscribe from our newsletter Until we consider your objection to processing
Additionally, your data will be processed until the expiration of the period during which claims may be pursued – by you or by us
(more information on this subject can be found in the last table of this section)
What happens if you do not provide data?
You will not be able to receive information about the Store and our services

8. Taking action or refraining from action that may result in claims related to the Store or our services

For what purpose?
Determining, asserting, or defending potential claims related to the concluded contract or provided services
What on basis?
Our legitimate interest, consisting of processing personal data for the purpose stated above (Article 6(1)(f) of the GDPR)
How long?
Until the expiration of the limitation period for claims or until we consider your objection to processing*
What happens if you do not provide data?
Lack of possibility to determine, assert, or defend claims

*depending on which is applicable in a given case

PROFILING

Within the Store, we conduct profiling – this will occur in relation to you if you allow such actions. Profiling involves the automatic assessment of which products or services you may be interested in, using information about the content you view. As a result, advertisements for products or services displayed within the internet services you use will be more tailored to you and your needs.

The profiling we conduct does not result in decisions having legal effects on you or similarly significantly affecting you.

ANALYTICAL ACTIVITIES

Within the website of the Store, we conduct analytical activities aimed at increasing its intuitiveness and accessibility – this will occur in relation to you if you allow such actions. As part of the analysis, we will consider how you navigate the Store – for example, how much time you spend on a particular subpage or which areas of the Store you click on. This will allow us to optimize its layout, appearance, and content placement to improve its functionality during the development of the Store.

Additionally, if you express a desire to receive marketing messages or newsletters from us, we may conduct an analysis of the effectiveness of the delivery conducted by us. For example, we may check whether and how it has affected activity in our Store. Such actions will help us establish general principles regarding the delivery of this type of messages in our operations - for example, optimal delivery hours or effective content formulation methods.

DATA SECURITY

When processing your personal data, we apply organizational and technical measures in accordance with applicable law, including encryption of the connection using SSL/TLS certificate

COOKIES

Our Store, like most websites, uses so-called cookies. These files:

  • are stored in the memory of your device (computer, phone, etc.);;
  • do not change the settings of your devicea.

In this Store, cookies are used for the following purposes:

  • statyistical
  • marketing

To learn how to manage cookies, including how to disable them in your browser, you can use the help file of your browser. You can find information on this by pressing the F1 key in the browser. Additionally, you will find appropriate instructions on the following subpages, depending on the browser you use:

Cookies will not be processed by us for longer than 31 days from your last visit to the Store.

By using the appropriate options of your browser, you can at any time:

  • delete cookies,
  • block the use of cookies in the future.

In such cases, we will no longer process them.

EXTERNAL SERVICES / DATA RECIPIENTS

We use services provided by external entities that support us in conducting our business. We entrust them with processing your data - these entities process data solely on our documented instructions.

Below you will find a list of recipients of your data:

ACTION DATA RECIPIENTS TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION
Every action related to the Store. Host provider N/A
Entity providing technical/IT support to us N/A
Individuals cooperating with us under civil law contracts, supporting our ongoing operations N/A
Software provider for sales management N/A
Staying on the Store's website with settings allowing for marketing activities. Entity providing marketing services N/A
Staying on the Store's website with settings allowing for analytical activities. Entity enabling analytical actions on the website N/A
Placing an order in the Store. Payment provider N/A
Entity delivering the product to you N/A
Supplier of business management software (e.g., accounting software) N/A
Provider of standard office software (including email) N/A
Wholesaler N/A
Accounting office N/A
Entity providing installment payment system N/A
Signing up for a newsletter or consenting to receive marketing messages Entity providing newsletter or marketing message delivery services N/A
Using the online chat available in the Store Provider delivering the online chat available in the Store N/A
Using services provided to us in connection with the Store by social media platforms Social media platform N/A
Contacting us (e.g., asking a question) Provider of standard office software (including email) N/A

And additionally:

appropriate public authorities to the extent that we are obligated to provide them with data.