PRIVACY POLICY
WEBSITE PINEAPPLETHERAPY.EU

(1) For the Owner of this website, the protection of Users’ personal data is of utmost importance. It makes great efforts to ensure that Users feel safe entrusting their personal information when using the website.

(2) A user is a natural person, a legal person or an organizational unit without legal personality, which is granted legal capacity by law, using electronic services available on the website.

(3) This privacy policy explains the principles and scope of processing of the User’s personal data, his/her rights, as well as the obligations of the administrator of such data, and also informs about the use of cookies.

(4) The Administrator shall use state-of-the-art technical measures and organizational solutions to ensure a high level of protection of the processed personal data and safeguards against unauthorized access.

I. PERSONAL DATA CONTROLLER

The administrator of the personal data is the Entrepreneur Mr. Krystian Brągiel and Ms. Justyna Dudzińska-Bazyluk, conducting business under the name: Pineapple Therapy Justyna Dudzińska-Bazyluk and Krystian Brągiel civil partnership, based at: Herbu Janina 11b/23, 02-972 Warsaw, NIP: 9512573100 (hereinafter: “Owner“).

II. PURPOSE OF PERSONAL DATA PROCESSING

(1) The Administrator processes the User’s personal data in order to:

Realization of services purchased through the site.
Respond to submitted inquiries via contact forms.

2 This means that the data is needed in particular for

a. registering on the website;

b. conclusion of the agreement;

c. making settlements;

d. delivery of goods ordered by the User or performance of services;

(3) The User may also agree to receive information on news and promotions, which will also cause the administrator to process personal data, in order to send the User commercial information regarding, among other things. new products or services, promotions or sales.

(4) Personal data shall also be processed in fulfillment of legal obligations incumbent on the data controller and the performance of tasks, in the public interest, among others. to perform tasks, related to security and defense or storage of tax records.

(5) Personal data may also be processed for the purposes of direct marketing of products, securing and asserting claims or protecting against claims by the User or a third party, as well as marketing of services and products of third parties or marketing of our own, which is not direct marketing.

III. DATA TYPE

(1) The administrator processes the following personal data, the provision of which is necessary to:

a. registering on the website:

– name;
– email address;

b. making purchases through the website:

– name;
– phone number;
– email address;

c. Data provided by the User optionally:

– date of birth;
– PESEL number (if an invoice is requested);
– TIN number (in case of requesting an invoice for an entrepreneur).

IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA

1 Personal data shall be processed in accordance with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1-88, hereinafter referred to as the “RODO Regulation.”

(2) The Administrator shall process personal data only after obtaining the User’s prior consent, expressed at the time of registration on the website or at the time of confirming a transaction made on the website.

(3) Consent to the processing of personal data is completely voluntary, however, failure to provide it prevents registration on the website and making purchases, through the website.

V. USER’S RIGHTS

(1) The user may at any time request information from the controller about the scope of processing of personal data.

(2) You may at any time request the correction or rectification of your personal data. Users can also do this on their own, after logging into their account.

(3) The user may withdraw his consent to the processing of his personal data at any time, without giving any reason. The request not to process data may concern a specific purpose of processing indicated by the User, e.g. withdrawal of consent to receive commercial information, or concern all purposes of data processing. Withdrawal of consent as to all processing purposes will result in the removal of the User’s account from the website, along with all of the User’s personal data previously processed by the administrator. Withdrawal of consent will not affect the activities already performed.

(4) The user may at any time request, without giving any reason, that the administrator delete his data. The request for deletion of data will not affect the activities performed so far. Deletion of data means simultaneous deletion of the User’s account, along with all personal data stored and processed by the administrator to date.

(5) The User may at any time object to the processing of personal data, both with respect to all of the User’s personal data processed by the controller, as well as only to a limited extent, e.g. as to the processing of data for a specifically indicated purpose. The objection will not affect the activities carried out so far. Filing an objection will result in the deletion of the User’s account, along with all personal data stored and processed to date, by the administrator.

(6) You may request a restriction of the processing of your personal data, whether for a certain period of time or without a time limitation, but within a certain scope, which the controller will be obliged to comply with. This request will not affect the activities carried out so far.

(7) The user may request that the controller transfer to another entity, the processed personal data of the user. For this purpose, he should write a request to the administrator, indicating to which entity (name, address) the User’s personal data should be transferred and what specific data the User wishes the administrator to transfer. After the User confirms his/her request, the administrator will provide, in electronic form, to the designated entity, the User’s personal data. Confirmation of the request by the user is necessary for the security of the user’s personal data and to be sure that the request comes from an authorized person.

(8) The Administrator shall inform the User of the action taken, before the expiration of one month after receiving one of the requests listed in the preceding paragraphs.

VI. RETENTION PERIOD OF PERSONAL DATA

(1) As a general rule, personal data shall be retained only as long as necessary to fulfill the contractual or statutory obligations for which it was collected. The data will be deleted immediately when storage is no longer necessary, for evidentiary purposes, in accordance with civil law, or in connection with a statutory obligation to store data.

(2) Information, relating to the contract, shall be kept for evidence purposes, for a period of three years, starting from the end of the year in which the business relationship with the User was terminated. Deletion of data will take place after the expiration of the statutory limitation period for the assertion of contractual claims.

(3) In addition, the administrator may retain archival information relating to concluded transactions, as their storage is related to the User’s claims, e.g. under warranty.

(4) If no contract has been concluded, between the User and the Owner, the User’s personal data is stored until the User’s account on the website is deleted. Deletion of the account may occur as a result of a request by the User, withdrawal of consent to the processing of personal data, or objection to the processing of such data.

VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES

(1) The administrator may entrust the processing of personal data to entities cooperating with the administrator to the extent necessary for the implementation of the transaction, e.g. for the preparation of the ordered goods and delivery of shipments or transmission of commercial information, originating from the administrator (the latter applies to Users who have agreed to receive commercial information).

(2) Other than for the purposes indicated in this Privacy Policy, personal data of Users, will not be shared in any way with third parties, or transferred to other entities, for the purpose of sending marketing materials of these third parties.

(3) Personal data of website users are not transferred outside the European Union.

(4) This Privacy Policy shall comply with the provisions arising from Art. 13 para. 1 and paragraph. 2 of the RODO regulation.