Privacy policy
PRIVACY POLICY
EUROELECTRONICS.EU
§ 1 GENERAL INFORMATION
This Privacy Policy of the Online Store www.euroelectronics.eu is not a source of obligations for the Visitor (including a Guest) or the Customer of the Online Store. It is for information purposes only; it is not a contract and it does not constitute terms and conditions.
All expressions and words written with an initial capital letter (e.g. Online Store, Customer, etc.) shall be understood in accordance with the Terms and Conditions of the Online Store.
In the event of any discrepancies between this Privacy Policy and the consents to the processing of personal data granted by a natural person, the legal basis for determining the scope of the Controller’s activities shall be the freely given consent or the applicable provisions of law in the relevant factual circumstances.
§ 2 PERSONAL DATA CONTROLLER
The controller of your personal data is Euroelectronics.eu Sp. z o.o. Sp. k., with its registered office in Tarnowskie Góry (42-600), ul. Korfantego 7, Poland, registered in the Polish National Court Register (KRS) under number 0000717942, Polish tax identification number (NIP) 6452554585, and Polish business identification number (REGON) 369459764 (hereinafter: the “Controller”).
The Controller has appointed a Data Protection Officer (DPO). For all matters related to personal data protection, please contact us at the address indicated above or by e-mail at: iodo@centrumelektroniki.pl. You may also contact us by telephone on +48 32 797 93 69 (available: 8:00–16:00).
Requests for information as to what personal data we hold about you and for what purposes we process it may also be sent to the above address.
The Controller informs that correspondence is retained for statistical purposes and for improving the GDPR support system, as well as for complaint-handling and any decisions regarding administrative interventions taken on the basis of notifications within the relevant Customer Account. The addresses and data collected in this manner will not be used for communication for purposes other than handling the request; in particular, they will not be used for marketing purposes nor disclosed to third parties.
Where you contact the Controller in order to carry out specific actions (e.g. to submit a complaint, to make a return), the Controller may ask you again to provide data, including personal data, e.g. your first name, surname, residential address and e-mail address, in order to confirm your identity, enable follow-up contact in the relevant matter and perform the requested action. Providing such data is not mandatory; however, it may be necessary to carry out the action or obtain the information you request.
If you have given additional consent for us to use cookies, the controllers of data obtained on the basis of your online activity may also include our trusted partners.
§ 3 COLLECTION OF DATA AND PURPOSES OF PROCESSING
We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”), and other applicable personal data protection laws in force at the time of processing of the relevant data.
Under the above legal acts, personal data means information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name and surname, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We ensure that the data obtained from you are confidential, secure and processed only where necessary. We process data lawfully, fairly and in a transparent manner. We process only such data and only to the extent necessary in view of a legally justified purpose, i.e. the reason for processing. Personal data are collected with due care and adequately protected against unauthorised access. We apply appropriate and adequate security measures and the current state of technical knowledge to protect personal data against accidental loss and unauthorised access, use, alteration or disclosure. We retain personal data in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed.
The Controller collects information (including personal data) in the following ways:
- by placing an order and making a purchase in the Online Store;
- by registering a Customer Account;
- by logging in or registering via external authentication services;
- by voluntarily subscribing to the newsletter;
- through information provided in an e-mail message or a form;
- by submitting a complaint/claim or an enquiry;
- through information contained in a message regarding cooperation;
- through a telephone call;
- through a call-back function;
- by posting a review/opinion;
- through cookies and similar technologies.
We inform you that the purpose and scope of data processed by the Controller follow from the Visitor’s or Customer’s consent or from provisions of law and, in selected cases, are further specified as a result of actions undertaken by such persons in the Online Store or via other communication channels.
Providing personal data by a Visitor or a Customer is voluntary; however, it is necessary to use certain functionalities of the Online Store (e.g. placing and settling an order, registering a Customer Account, subscribing to the newsletter or using contact forms).
The scope of data required to conclude the relevant agreement is indicated in advance in the Online Store (we mark data which are required to conclude a contract/use a given functionality), through other communication channels with the Visitor or Customer, or in the Terms and Conditions. Failure to provide personal data may result in the inability to effectively use the functionalities of the Website, e.g. the inability to place an order.
Your personal data are collected and processed by the Controller for the following purposes:
| Purpose of processing | Legal basis | Legitimate interest (if applicable) |
|---|---|---|
| Keeping statistics. | Article 6(1)(f) GDPR | Having information about the statistics of our activities, allowing us to improve our business operations. |
| Marketing of our own products and services without using electronic means of communication. | Article 6(1)(f) GDPR | Carrying out marketing activities promoting our business. |
| Marketing of our own products and services using electronic means of communication, including profiling. | Article 6(1)(f) GDPR, provided that, due to other applicable provisions of law (in particular telecommunications law and laws on the provision of electronic services), such activities are carried out only on the basis of the relevant consents (Article 6(1)(a) GDPR). | Conducting marketing activities using e-mail addresses. Displaying advertisements, tailoring discounts and promotions. |
| Handling requests submitted via the contact form, messenger, e-mail, complaints/claims and other applications. | Article 6(1)(a) GDPR; Article 6(1)(c) GDPR | Responding to requests and enquiries, retaining key applications and responses for accountability purposes. Handling consumer complaints. Pursuing claims (including against third parties) and defending against claims. |
| Managing the Customer Account. | Article 6(1)(a) GDPR | Conclusion and performance of the service agreement (Account) or taking steps at the request of a prospective Customer prior to its conclusion. |
| Conclusion and performance of the Sale Agreement. | Article 6(1)(b) GDPR | Conclusion and performance of the Sale Agreement or taking steps at the request of a prospective Customer prior to its conclusion. |
| Archiving sales documents. | Article 6(1)(c) GDPR | Fulfilling legal obligations under tax and accounting laws, in particular in the case of paid contracts. |
For an adult Customer or an adult Visitor to the Website, subject to additional consent, Personal Data may also be processed for the purpose of presenting, creating, granting and fulfilling dedicated advertisements, offers or promotions (discounts) concerning the products or services of the Controller and its partners, as far as possible tailored to the Customer’s preferences (profiling), as a result of automated decision-making that may produce legal effects concerning the person or similarly significantly affect them (e.g. a short-term discount offered exclusively to that person for a specific product recently viewed in our Online Store). This option is not available to persons who are not adults or to adults who have not consented to such processing.
Newsletter
If you wish to subscribe to our newsletter, you must provide your e-mail address via the newsletter subscription form. Providing data is voluntary, but necessary in order to use the newsletter service.
The data provided when subscribing to the newsletter are used to send you the newsletter, in which we inform you about the company’s activities, current range, promotions and discounts, and indirectly to identify the Customer. The legal basis for processing is your voluntary consent expressed when subscribing to the newsletter (Article 6(1)(a) GDPR). Data will be processed for as long as the newsletter operates unless you unsubscribe earlier, which will result in permanent deletion of your data from the database. You may at any time rectify your data stored in the newsletter database and also request erasure by unsubscribing. You also have the right to data portability pursuant to Article 20 GDPR.
E-mail contact
By contacting us by e-mail, including by sending an enquiry via the contact form, you provide us with your e-mail address as the sender’s address. In addition, you may include other personal data in the content of your message. Providing data is voluntary, but necessary to contact us.
In this case, your data are processed for the purpose of communicating with you, and the legal basis is Article 6(1)(a) GDPR, i.e. your consent resulting from your wish to contact us. The legal basis for processing after the contact has ended is a justified purpose in the form of archiving correspondence for internal needs (Article 6(1)(c) GDPR). The content of correspondence may be archived and we are not able to determine unequivocally when it will be deleted. You have the right to request the history of correspondence you have conducted with us (where it has been archived), and to request its deletion, unless such archiving is justified by our overriding interests.
Customer Account
When you create a Customer Account on our Website you provide us with your e-mail address, first name and surname. This is voluntary, but necessary to register the Customer Account effectively.
The Customer Account may also be created by logging in via Google or Facebook services. In such case, we receive the identification data provided by the provider of those services, such as first name, surname and e-mail address, in accordance with the privacy rules of those services.
In this case, your data are processed for the purpose of operating the Customer Account, and the legal basis is Article 6(1)(a) GDPR, i.e. your consent given in connection with creating the account. Data will be processed for the period you hold the Customer Account, unless you request its deletion earlier, which will result in deletion of your data from the database. You may at any time rectify your account data and request erasure. You also have the right to data portability pursuant to Article 20 GDPR. When creating the Customer Account you may, but are not obliged to, consent to the newsletter service.
Reviews
If you wish to add a review of a product or our post, you must complete the form and provide your name and e-mail address. If you add a review under our articles, you also provide us with your e-mail address, which is not displayed to other users.
In this case, your data are processed for the purpose of enabling the posting of a review or comment, and the legal basis is Article 6(1)(a) GDPR, i.e. your consent resulting from your wish to post content on our Website. Data will be processed for as long as the review remains published on the Website, unless you request its removal earlier, which will result in deletion of your review-related data from the database. You may at any time rectify your data in the review and request erasure. You also have the right to data portability pursuant to Article 20 GDPR.
Messenger (Live Chat)
By contacting us via the chat available in the bottom right corner of our Website, you may provide your personal data in the chat window.
In this case, your data are processed for the purpose of contacting you, and the legal basis is Article 6(1)(a) GDPR, i.e. your consent resulting from your wish to contact us.
§ 4 CATEGORIES OF PERSONAL DATA
The Controller may process the following categories of personal data:
- personal data provided in the form when registering a Customer Account and placing Orders in the Online Store, in particular: e-mail address and other data collected during the use of the Online Store or the Customer Account;
- personal data supplemented by the user while using the Customer Account, in particular: first name and surname; e-mail address; contact telephone number; residential address [street, building number, unit number, postcode, city, country]; bank account number; and, in the case of Customers who are not consumers, additionally company name and tax identification number;
- personal data provided to use the newsletter, provided when using the contact form, sent by e-mail, or provided when filing complaints, claims or applications, in particular: first name and surname; e-mail address; contact telephone number; address [street, building number, unit number, postcode, city, country]; bank account number;
- personal data provided to participate in competitions: first name and surname; e-mail address; contact telephone number; residential address [street, building number, unit number, postcode, city, country];
- other data obtained in particular based on the Customer’s online activity, including via the Online Store or other communication channels with the Customer, using cookies and similar technologies.
§ 5 RECIPIENTS OF PERSONAL DATA
Your personal data may be processed by our partners and subcontractors, i.e. entities whose services we use when processing data and providing services to you. To the best of our knowledge, all entities to whom we entrust the processing of personal data guarantee the application of appropriate protective and security measures required by law.
Your personal data may be disclosed by the Controller to:
- public authorities or other entities authorised under applicable law;
- the Controller’s partners who may participate in the processing of personal data to a limited extent, in particular those providing technical support for the efficient operation of the Online Store;
- entities with whom we cooperate, in the form of fully anonymised data (i.e. data which cannot identify you).
As part of marketing (advertising) activities, the Controller uses third-party services which use cookies, pixels or cookie-like marketing functions on the Website. The catalogue of such entities is specified in detail in § 8 of this Privacy Policy.
Our suppliers are mainly based in Poland or in other countries of the European Economic Area (EEA) and, for example in the case of Google Analytics, outside the EEA. In connection with the CJEU Schrems II judgment (C‑311/18), we have enabled IP anonymisation — we do not transfer your IP address to the USA. The other data transmitted to Google do not have the characteristics of personal data, i.e. it is not possible to identify a specific natural person on their basis.
§ 6 RETENTION OF PERSONAL DATA
The Controller will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy and/or to comply with legal and regulatory requirements. After that period, the Controller will securely delete your personal data.
We retain data for the periods indicated below:
| Data category / purpose | Retention period |
|---|---|
| Data related to the sales procedure | 8 years |
| Data for marketing purposes | Where processed on the basis of consent – until the consent is withdrawn. Where processed on the basis of legitimate interest – until an objection is raised. |
| Data provided via the contact form / e-mail | 3 years (for accountability purposes) |
| Personal data related to cookies and similar functions | Until such files are deleted via the website/browser/device settings (note: deleting cookies is not always the same as deleting personal data obtained via such files — in such case, the data will be deleted upon objection). |
| Data provided during complaint/claim proceedings and other procedures related to Customer claims | 8 years |
| Other categories of data (excluding cookie-related data – see our Cookie Policy) | 5 years |
In each case, personal data will also be retained where provisions of law (e.g. accounting or tax regulations) oblige the Controller to process them. We may also retain personal data for longer in the event that the Customer may have any claims against the Controller, for the purpose of pursuing claims by the Controller or for the purpose of pursuing or defending against claims of third parties, for the period of limitation prescribed by law, in particular under the Civil Code.
Depending on the scope of personal data and the purposes for which they are processed, they may be retained for different periods. In each case, the longer retention period shall apply.
§ 7 YOUR RIGHTS, ACCESS AND UPDATING PERSONAL DATA, COMPLAINTS
In accordance with Article 15 GDPR, you have the right to obtain from the Controller confirmation as to whether or not personal data concerning you are being processed.
If the Controller processes your personal data, you have the right to:
- access your personal data;
- obtain information about the purposes of processing, the categories of personal data concerned, the recipients or categories of recipients, the planned period for which the data will be stored (or the criteria used to determine that period), the rights available to you under the GDPR, the right to lodge a complaint with a supervisory authority, the source of the data, the existence of automated decision-making (including profiling), and the safeguards applied in connection with the transfer of data outside the European Union;
- receive a copy of your personal data.
In addition, you may request rectification of personal data (Article 16 GDPR), erasure (Article 17 GDPR), object to processing (Article 21 GDPR) and, where technically feasible, request that the personal data you have provided be transmitted to another organisation (Article 20 GDPR). In certain cases, you have the right to request restriction of processing (Article 18 GDPR).
In connection with the right to be forgotten, the Controller will update or delete your data unless it has a legal obligation to retain them for the purpose of conducting business operations or ensuring legal compliance. You may also contact the Controller if you have concerns about the manner in which personal data are collected, stored or used.
The Controller endeavours to deal with requests regarding the above operations without undue delay, and in any event no later than within 30 days of receipt of the request. Due to the complex nature of a request, the Controller may process the request within a period exceeding 30 days, of which the user will be informed in advance.
The Controller aims to resolve complaints definitively; however, if you remain dissatisfied with the response, you may lodge a complaint with the supervisory authority responsible for personal data protection. In Poland, the supervisory authority within the meaning of the GDPR is the President of the Personal Data Protection Office.
§ 8 AUTOMATED PROCESSING OF PERSONAL DATA, COOKIE POLICY
Our Website, like almost all other websites, uses cookies. The cookie policy applies both to Customers of the Online Store and to Visitors of the Online Store, i.e. users who browse the Store’s content but do not make purchases.
The Cookie Policy forms an integral part of this Privacy Policy. The content of the Cookie Policy is available here.
The Website also uses functions similar to cookies. Therefore, the provisions of the Cookie Policy should be applied accordingly to these technologies as well.
Selected cookies process your personal data. The processing of personal data originating from cookies or similar technologies on our Website is carried out to ensure the functioning of the Website, tailor the Website to the preferences of Visitors and Customers, and for analytical purposes. Processing is based on our legitimate interests. The legal basis for processing personal data for advertising purposes and linking with social media will be your additional consent expressed by selecting the relevant option and ticking the checkbox during the cookie consent process.
When a Visitor uses the Online Store, cookies are used that enable identification of the browser or device — cookies collect various types of information which, as a rule, do not constitute personal data. Some information, depending on its content and the manner in which it is used, may nevertheless be linked to a specific person (e.g. by linking certain behaviours to data provided when registering a Customer Account or to a specific e-mail address) and thus may be considered personal data.
With respect to information collected by cookies that may be linked to a specific person, the provisions of this Privacy Policy relating to personal data apply, in particular the rights of the data subject.
The Website uses profiling. Thanks to cookies used in the Online Store, the Controller may become acquainted with the preferences of the Visitor — e.g. by analysing how often the Visitor visits the Online Store and whether and what products they buy. Analysis of online behaviour helps us better understand the habits and expectations of Customers and Visitors and adapt to their needs and interests. This technology enables the presentation of advertisements tailored to Visitors’ needs and interests (for example, an advert resulting from browsing only lamps in the “red” category within the last period) and, for adult Visitors who have consented, allows us to prepare better promotions and surprises.
§ 9 CHANGES TO THIS PRIVACY POLICY
These Privacy Policy rules (version 2.0) are effective as of 3 January 2023.
The Controller declares that it has the right to make changes to this document for important reasons, including:
- changes in applicable laws, in particular in the scope of the GDPR, telecommunications law, laws on the provision of electronic services and consumer protection laws, which affect the Controller’s rights and obligations or the rights and obligations of data subjects;
- development of functionalities or electronic services as a result of technological progress, including the implementation of new IT, technological or technical solutions on the Website, affecting the scope of this Privacy Policy.
The Controller undertakes to inform Users of any changes in advance, allowing sufficient time to familiarise themselves with the content of the amended document, e.g. by publishing the consolidated text of the Privacy Policy on the main page of the Website.
For users who use the newsletter, if the Controller makes material changes to this Privacy Policy, the Controller will inform users by e-mail. If a user has any objections to the change, the user has the right to stop using the newsletter by sending a request to unsubscribe and a request for erasure of their personal data.
Note on Polish registration identifiers:
- KRS – entry number in the Polish National Court Register (Krajowy Rejestr Sądowy).
- NIP – Polish tax identification number (Numer Identyfikacji Podatkowej).
- REGON – Polish statistical business identification number (Rejestr Gospodarki Narodowej).
