PRIVACY POLICY OF THE WEBSITE BRACO.PL
1. For the Owner of this website, safeguarding the personal data of Users is a matter of utmost importance. The Owner puts significant effort into ensuring that Users feel secure when entrusting their personal information while using the website.
2. A User is an individual, legal entity, or organizational unit without legal personality, granted legal capacity by law, utilizing electronic services available within the website.
3. This privacy policy explains the principles and scope of processing the User’s personal data, their rights, as well as the responsibilities of the data administrator, and also provides information about the use of cookies.
4. The administrator employs state-of-the-art technical measures and organizational solutions to ensure a high level of protection for processed personal data and to secure against unauthorized access.
I. PERSONAL DATA ADMINISTRATOR
The personal data administrator is PACK GROUP Dawid Stana, located in the Śląskie voivodeship, cieszyński county, Brenna municipality, Brenna location, Leśnica street, No. 144, 43-438, with the registration number NIP: 5482547000, REGON: 362242228 (hereinafter referred to as the „Owner”).
II. PURPOSE OF PROCESSING PERSONAL DATA
1. Administrator processes the user’s personal data for the following purposes:
For example, the administrator processes personal data to ensure the proper execution of sales agreements concluded within the online store via the braco.pl website. This includes activities such as user registration on the website, contract formation, settlements, delivery of ordered goods or provision of services, and user exercise of consumer rights (e.g., withdrawal from the contract, warranty).
This means that this data is necessary, in particular, for:
1. Entering into an agreement,
2. Settling transactions,
3. Delivering the ordered goods or providing services,
4. Allowing the user to exercise consumer rights (e.g., withdrawal from the contract, warranty).
Users can also give consent to receive information about news and promotions. In this case, the administrator will process personal data to send commercial information regarding new products, services, promotions, or sales. Personal data is also processed to fulfill legal obligations, carry out tasks in the public interest (related to security, defense, or tax documentation), direct marketing of products, securing and pursuing claims, or protecting against claims from the user or third parties.
III. TYPES OF DATA
1. The administrator processes the following personal data, the provision of which is necessary for: a. registering on the website: – first and last name; – email address; b. making purchases through the website: – first and last name; – gender; – delivery address; – phone number; – email address; c. Optional data provided by the User: – date of birth; – PESEL number (in case of requesting an invoice); – NIP number (in case of requesting an invoice for a business entity).
2. In the case of withdrawal from the contract or recognition of a complaint, when the refund is made directly to the User’s bank account, we also process information related to the bank account number to process the refund.
IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA
1. Personal data is processed in accordance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1–88, hereinafter referred to as the „GDPR”.
2. The administrator processes personal data only after obtaining the prior consent of the User, expressed at the time of registration on the website or when confirming a transaction made on the website.
3. Giving consent to the processing of personal data is entirely voluntary; however, failure to provide it prevents registration on the website and making purchases through the website.
V. USER RIGHTS
1. User can at any time request from the administrator information about the scope of personal data processing.
2. User can at any time request correction or rectification of their personal data. The user can also do this independently by logging into their account.
3. User can withdraw their consent to the processing of their personal data at any time, without stating a reason. The request not to process data may concern a specific purpose indicated by the user, such as withdrawing consent to receive commercial information, or it may concern all purposes of data processing. Withdrawing consent for all purposes of processing will result in the user’s account being deleted from the website, along with all personal data processed by the administrator up to that point. Withdrawal of consent will not affect actions already taken.
4. User can at any time request, without stating a reason, that the administrator delete their data. The request for data deletion will not affect actions already taken. Data deletion means simultaneous deletion of the user’s account, along with all data processed by the administrator up to that point.
5. User can at any time object to the processing of personal data, both in the scope of all personal data processed by the administrator and only to a limited extent, for example, regarding processing data for a specific purpose. The objection will not affect actions already taken. Lodging an objection will result in the deletion of the user’s account, along with all data processed by the administrator up to that point.
6. User can request restriction of the processing of personal data, either for a specified period or without a time limit but in a specified scope, which the administrator must comply with. This request will not affect actions already taken.
7. User can request the administrator to transfer their processed personal data to another entity. To do this, the user should write a request to the administrator, indicating the entity’s name and address to which the user’s personal data should be transferred, as well as specifying the exact data the user wishes the administrator to transfer. After confirming the user’s request, the administrator will electronically transfer the user’s personal data to the specified entity. Confirmation of the user’s request is necessary for the security of the user’s personal data and to ensure that the request comes from an authorized person.
8. The administrator informs the user about the actions taken, before the end of the month from receiving one of the requests mentioned in the previous points.
VI. PERIOD OF PERSONAL DATA STORAGE
1. Generally, personal data is stored only for the time necessary to fulfill contractual or legal obligations for which it was collected. This data will be deleted immediately when its storage is no longer necessary for evidentiary purposes, in accordance with civil law or due to a statutory obligation to retain data.
2. Information related to a contract is kept for evidentiary purposes for a period of three years, starting from the end of the year in which the commercial relationship with the user was terminated. Deletion of data will occur after the statutory limitation period for contractual claims has expired.
3. Additionally, the administrator may retain archival information regarding concluded transactions, as their storage is associated with user entitlements, such as warranty claims.
4. If no agreement is concluded between the user and the owner, the user’s personal data is stored until the user’s account is deleted on the website. Account deletion can occur upon the user’s request, withdrawal of consent for personal data processing, or objection to the processing of such data.
VII. DELEGATION OF DATA PROCESSING TO OTHER ENTITIES
1. The administrator may delegate the processing of personal data to entities cooperating with the administrator, to the extent necessary for transaction fulfillment, such as preparing ordered goods, delivering shipments, or providing commercial information from the administrator (the latter applies to users who have consented to receiving commercial information).
2. Except for the purposes stated in this Privacy Policy, users’ personal data will not be shared with third parties or transferred to other entities for the purpose of sending marketing materials from these third parties.
3. The personal data of website users are not transferred outside the European Union.
4. This Privacy Policy complies with the provisions of Article 13(1) and (2) of the GDPR.
VIII. COOKIES
1. The website uses cookies or similar technologies (collectively referred to as „cookies”) to collect information about the User’s access to the website (e.g., via a computer or smartphone) and their preferences. They are used, among other things, for advertising and statistical purposes, as well as to tailor the website to the individual needs of the User.
2. Cookies are pieces of information containing a unique reference code that the website sends to the User’s device for storage and sometimes tracking of information related to the used device. Typically, they do not allow the identification of the User. Their main purpose is to better adapt the website to the User.
3. Some of the cookies on the website are only available for the duration of a specific internet session and expire when the browser is closed. Other cookies are used to remember the User, who is recognized when returning to the website. They are then stored for a longer period.
4. The cookies used on this website include:
Cookie Domain Description Duration Type
| Cookie | Domain | Description | Duration | Type |
| ga* | .braco.pl | Google Analytics sets this cookie to store and count page views. | 1 year 1 month 4 days | Analytics |
| _ga | .braco.pl | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. | 1 year 1 month 4 days | Analytics |
| _gid | .braco.pl | Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website’s performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously. | 1 day | Analytics |
| gat_gtag_UA* | .braco.pl | Google Analytics sets this cookie to store a unique user ID. | 1 minute | Analytics |
| ga* | .braco.pl | Google Analytics sets this cookie to store and count page views. | 1 year 1 month 4 days | Analytics |
5. All cookies on the website are set by the administrator.
6. All cookies used by this website comply with the applicable laws of the European Union.
7. Most Users and some mobile browsers automatically accept cookies. If the User does not change the settings, cookies will be stored on the device’s memory.
8. The User can change preferences regarding cookie acceptance or switch browsers to receive a notification each time the cookie function is set. To change cookie acceptance settings, adjust the settings in the browser.
9. It’s important to note that blocking or deleting cookies may prevent full use of the website.
10. Cookies will be used for essential session management, including:
11. Creating a special login session for the User of the website, allowing the site to remember that the User is logged in, and their requests are delivered effectively, securely, and consistently;
12. Recognizing Users who have previously visited the website, identifying the number of unique users who have used the service, and ensuring sufficient capacity for new users;
13. Identifying whether a person visiting the website is registered on the site;
14. Recording information from the User’s device, including cookies, IP address, and browser information, for diagnosing problems, administering, and tracking the use of the website;
15. Customizing the layout or content of the website;
16. Collecting statistical information about how the User uses the site to improve the website and determine which areas of the website are most popular for Users.