This document governs the privacy and "cookie" policy of the bomm.pl online store maintained via online website provided at the URL: www.bomm.pl, hereinafter referred to as the "Store". The Store is managed by
BOMM Sp. z o.o. Sp. k. with its registered office in Lubiczów (05-082) at ul. Warszawska 77 entered into the Register of Entrepreneurs of the National Court Register under KRS No.: 0000600819, NIP (Tax Identification Number): 1182118988 and REGON (National Business Register Number): 363690816, hereinafter referred to as the "Seller". The Seller may be contacted by phone: +48 (22) 722-01-55 or by e-mail: info@bomm.pl.
In the section describing the privacy policy, we inform about the conditions of collecting, processing, using and protecting personal data of the Store's Customers, hereinafter referred to as "Customers". Personal data mean any information related to an identified or identifiable natural person. An identifiable person means an individual who can be directly or indirectly identified, particularly by reference to an identification number or to one or more factors specific to their identity. The data are not regarded as allowing the identification of a person if they require unreasonable costs, time or effort. Personal data do not include the data of entrepreneurs processed only in the Central Register and Information on Economic Activity maintained by the Minister of Development.
In this document, we also list technologies used in the processing of personal data. They include, for example: browser memory support, geolocation and pixel tags.
With regard to the cookies policy, we inform about conditions of storing information or accessing information already stored in the telecommunications end user's device. An end-user is considered to be a natural person or an entity using a publicly available telecommunications service or requesting the provision of such a service to meet its own needs.
In the pursuit of the main aim of respecting the privacy of our Customers, we endeavour to exercise all due diligence. In order to meet this assumption, we implement standards and rules resulting from universally binding legal provisions. These include in particular: the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended), the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended) and the Telecommunications Act of 16 July 2004 (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1489, as amended). More particularly, we make reasonable efforts to ensure that personal data of our Customers is:
Data processed by the Seller are stored on external, safe and professional servers based on contracts concluded by the Seller. These contracts take into account the appropriate level of data security
The controller of personal data processed by the Store is the Seller.
In the first place, we may process the personal data of Customers using electronic services via Store if it is:
We do not process these personal data after the Customer has finished using the electronic service, subject to the possibility of further use of data that are:
We process data obtained in this manner according to Article 18 points 1, 2, 5 and Article 19 points 1 and 2 of the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended).The aforementioned data scopes are not binding for determining the scope of data processed by the Seller. The scope of data processed by the Seller has been published in point 5 of the Privacy and Cookie Policy.
Secondly, we may process personal data that is necessary for the performance of a contract, to which the data subject is one of the parties, or if this is necessary to take steps before the conclusion of a contract at the request of the data subject. We process data obtained in this manner on the basis of Article 23 point 1, sub-point 3 of the Act of 19 August 1997 on the Protection of Personal Data (Dz. U. / Journal of Laws/ of 2016, No. 0, item 922, as amended).
Irrespective of the above, we may also process personal data if it is necessary for the fulfilment of legitimate purposes pursued by our company or by the data recipients, and the processing does not violate the rights and freedom of the data subject. Legitimate purposes are in particular considered to include direct marketing of our products or services, as well as the assertion of claims in connection with our business activities. We process data obtained in this manner on the basis of Article 23 point 1 sub-point 5 and Article 23 point 1 sub-point 4 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended).
In other cases, we ask for voluntary consent to the processing of your personal data. This consent is given in particular by checking the box ("checkbox") located next to the declaration of consent for the processing of personal data. We process data obtained in this manner on the basis of Article 23 point 1 sub-point 1 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended) or Article 18 point 4 of the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended).
We process personal data of our Customers in structured sets, which we define by the purpose of their processing. Such data are processed to the extent that is necessary to fulfil the set's purpose. The following list includes sets, scopes and purposes of data processing.
Name of the set | Scope of processed data | Purpose of processing |
---|---|---|
The set of personal data of Store's Customers who have created a customer account |
| Enabling the possibility of using functions of the Store's customer account. |
The set of personal data of the customers who have concluded a sales contract via Store. |
| Conclusion and execution of the sales contract with the Customers. |
Set of personal data of Store's Customers who have filed a complaint or issued a declaration of withdrawal from the contract |
| Execution of proceedings relating to complaints or withdrawals from the contracts. |
The set of data of persons who have subscribed to the Newsletter |
| Sending Newsletter. |
Customers' personal data sets are subject to registration with the Inspector General for the Protection of Personal Data. Exclusions, if any, applicable in this respect result especially from Article 43 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. / Journal of Laws/ of 2016, No. 0, item 922, as amended).
We have the right to entrust your personal data to other entities. They may include, for example, a web host, accounting or legal service provider, payment operator, or other entity with whom we work to properly provide services. Personal data is always entrusted based on a written data entrustment agreement. An up-to-date list of entities to which we entrust data processing is constantly available to all Customers. To access it, simply request it with us. This can be done, for example, by sending an email. The legal basis for entrusting personal data is Art. 31 of the Polish act of 29th August 1997, on personal data protection (Dz. U. of 2016, No. 0, pos. 922 as amended).
We may transfer processed data outside the European Economic Area. The personal data processing laws that apply in those countries may provide less protection than the laws in effect in the Republic of Poland. Therefore, if we transmit such data, we take special care to comply with the conditions for processing laid down in this document. One form of manifesting this care is the use of standard contractual clauses approved by the European Commission, including those compliant with the EU-US Privacy Shield.
We do not share collected data with third parties, except as required by generally applicable law, i.e. on the basis of a request of a body or court authorised to do so.
The data collected in system logs is used by us indefinitely, solely for the purpose of administering the Store. They are not transferred to third parties, except in the circumstances described herein.
In connection with the using the Store by Customers, we may automatically collect and record in server logs technical details of how the services are used, requests sent by the Customer related to the provision of electronic services, IP address and technical data about the operation of the Store related to the actions performed by the Customer. This includes, in particular, information about the starting, ending and the scope of each instance of the use of the electronically supplied services. We may also collect information to store it locally on your device using a browser memory mechanism.
We, or third parties through cookies they administer, may use pixel tag functionality. These are elements published in digital content and make it possible to record information, for example, about Customer activity on the website.
Consent to the processing of cookies is granted, in particular, with the use of the button containing a statement of consent to the processing of cookies or confirmation of reading its terms and conditions. This consent may be withdrawn at any time, free of charge and as described in the section on cookie management.
We process cookies on the basis of Art. 173 of the Act of 16 July 2004, Telecommunications Law (Dz. U. of 2016, No. 0, pos. 1489, as amended).
In terms of the purposes of using cookies, we distinguish their three categories:
When it comes to their expiration date, there two categories of cookies:
The Seller may use cookies used by Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, the United States. These cookies may be used to link the user account in the external Facebook social media service with the Store account if the Seller enables this functionality. These cookies may also be used to process Customer's actions on Facebook, performed via the "Share" or "Like" buttons. The processing of these activities may be of a public nature.
The use of third-party cookies is subject to the privacy and cookie policies of those entities. For current third-party policies in this regard, please click here: https://www.e-regulaminy.pl/biuletyn/polityki-prywatnosci-i-plikow-cookies/.
Typiclly browser settings allow cookies and other information to be placed on your end device by default. If the Customer does not agree to the storage of cookies, it is necessary to change the settings of the Internet browser accordingly. It is possible to disable their saving for all connections from a given browser or for a particular website and to delete them. The way in which cookies are managed depends on the software. Current rules for managing cookies can be found in the settings of the browser used, as well as here: https://www.e-regulaminy.pl/biuletyn/polityka-cookies-obsluga/.
Consent for the processing of cookies is voluntary. However, please note that restrictions on the use of cookies may make it difficult or impossible to use some of the Store's functions.
The Store's website may contain links to other websites or software. We are not responsible for the privacy and cookie processing policies of such websites or software. We recommend reviewing the privacy and cookie policies of the linked websites or software after accessing or before installing them.
We reserve the right to change this Privacy and Cookies Policy. In such a case, we will publish an updated version of the Policy on the website.
We constantly do our best to process your personal data and cookies while maintaining the highest standards. Therefore, we have set up a system that responds immediately to situations in which these standards may be compromised. In the event of identification of a threat or breach thereof, please contact us immediately using details provided below:
We would be happy to hear your feedback. Therefore, if you have any questions, requests or concerns regarding personal data processing or cookies, please feel free to contact us.