Change Store:
Qethereal® App is here
QUALITY & ETHEREAL
COFFEE
0 0.00

Privacy Policy

I. General information

This Privacy Policy has been issued by COLUMBUS POLSKA SA with its seat at ul. Konesera Square 5 /F0.01, 03-736 Warsaw, KRS number: 0000902840 / NIP: 1133034659 / REGON: 389132800 and is addressed to all users (hereinafter: ” Users “) of our website (hereinafter: ” Website “). The definitions used in this Privacy Policy are explained in section XIII below.

The Data Administrator is COLUMBUS POLSKA SA with its seat in Warsaw. The Administrator’s contact details are provided in Section XII below.

This Privacy Policy may be changed and updated to take into account changes in the practices related to the Processing of Personal Data by the Administrator or changes to generally applicable law. We encourage you to read this Privacy Policy carefully and check this page regularly to verify any changes that the Administrator may introduce in accordance with the provisions of this Privacy Policy.

II. Processing of Users’ Personal Data

Obtaining Personal Data: The Administrator may obtain Users’ Personal Data, such as: name, surname, address and contact details, including e-mail address, telephone number, as well as position and company data. The Administrator may obtain Users’ Personal Data, in particular, in the following cases:

  • providing Personal Data by Users (e.g. contact by e-mail, telephone, via a form or in any other way).
  • obtaining Users’ Personal Data as a result of conducting business relations / concluding or performing a contract (e.g. the User’s purchase of a service or product of the Administrator).
  • obtaining Users ‘Personal Data published on social media (e.g. obtaining information from the Users’ profile on social media, to the extent that this information is visible as public).
  •  obtaining Personal Data from third parties (e.g. from contractors, financial intermediaries, law enforcement entities, including public administration bodies or courts, etc.).
  • obtaining or asking Users to provide Users ‘Personal Data during Users’ visits to the Administrator’s websites or using any functions or resources available on or through the Website. When Users visit the Website, Users’ devices and browsers may automatically provide certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to the Website and other technical information regarding communication), some of them may constitute Personal Data. During the visit to the Website, no Users’ Personal Data will be stored by the Administrator without the prior express consent of the Users. However, the temporary storage of log files and cookies facilitates the use of our Website. For this reason, Users are asked to give their consent on our Website. Granting the above-mentioned consent is optional and does not affect the ability to use the Website. In some cases, without such consent, the use of our Website may be limited to some extent.

Processed Personal Data: The categories of Users’ Personal Data Processed by the Administrator may, in particular, include:

  • Personal data: name (s), surname (s), first name (s) used, gender, date of birth / age, nationality, photo.
  • Contact details: delivery address, company (employer) address, telephone number, fax number, e-mail address, social media profile details.
  • Payment data: billing address, bank account number, name and surname of the bank account holder, account security data.
  • Content of communications: all communications, inquiries, statements, views and opinions about us, submitted by Users or published on social media or through the Website.

Legal grounds for Personal Data Processing: When Processing Users’ Personal Data for the purposes indicated in this Privacy Policy, the Administrator may rely on one or more of the following legal bases, depending on the circumstances:

  • Processing takes place on the basis of the User’s prior voluntary, specific, informed and unambiguous consent to the Processing;
  • Processing is necessary to perform the contract that the User has concluded or intends to conclude with the Administrator;
  • Processing is necessary to fulfill the legal obligation incumbent on the Administrator;
  • Processing is necessary to protect the vital interests of any natural person;
  • Processing is necessary to manage, conduct and promote the Administrator’s activities and does not prejudice the interests or fundamental rights and freedoms of the User.

Purposes of Personal Data Processing: The purposes for which the Administrator may process Users’ Personal Data are as follows:

  • Administrator’s website: running and managing our website, presenting its content; publication of advertisements and other promotional and marketing information; communication and contacts with customers and suppliers, as well as potential employees or associates, through our Site.
  • Offering Users the Administrator’s products and services: presenting our Website and other services; providing promotional materials at the request of Users; communication related to the Administrator’s services.
  • Marketing communication: presenting in any way (including e-mail, telephone, text message, social media, post and personal contact) messages and other information that may be of interest to Users, including distribution of the newsletter and other commercial information, after obtaining the consent of the Users to send information in an appropriate manner, on the basis of generally applicable laws.
  • Communication and IT operations: management of communication systems, operation for IT security purposes and IT security audits.
  • Finance management: sales, finance, audit and sales management.
  • Research: engaging Users in order to obtain information on Users’ opinions about the Administrator’s products and services;
  • Improving our products and services: identifying problems with existing products and services; planning improvements to existing products and services; and creating new products and services.

III. Providing Personal Data to third parties

The Administrator may share Users’ Personal Data:

  • Administrative or judicial bodies, at their request, in order to inform about actual or suspected violations of applicable law;
  • Persons carrying out audits, lawyers, PR agencies, taking into account the confidentiality obligations arising from the contract or incumbent on these entities by law;
  • Third parties processing the entrusted data on behalf of the Administrator, regardless of the place of their seat, in accordance with the requirements set out in this section III below;
  • Any entity competent for the purposes of preventing, investigating, detecting or prosecuting criminal acts or executing criminal measures, including securing and countering threats to public security;
  • To any acquiring entity, in the event of sale or transfer of any organized part of the Administrator’s enterprise or shares in the Administrator’s share capital (including in the event of reorganization, dissolution or liquidation).

Notwithstanding the foregoing, the Website may use plugins or content presented by third parties. If Users decide to use them, Users’ Personal Data may be shared with third parties or social media platforms. The administrator hereby recommends reading the privacy policy of a third party before using its plugins or content.

Currently, on our pages, we leave the option of redirecting to the following social networks: https://www.facebook.com, https://www.instagram.com, https://linkedin.com.

If we engage a third party to Process Users’ Personal Data, in accordance with the processing entrustment agreement concluded with such entity, the Processor will be obliged to: (i) Process only the Personal Data indicated in the Administrator’s prior written instructions; and (ii) apply all measures to protect the confidentiality and security of Personal Data and ensure compliance with all other requirements of generally applicable law.

The entity that processes the Personal Data of Users obtained through the Website is the company Woocommerce, which is the creator of this Website, as well as providing the Administrator with technical support services in connection with the use of the Website. This entity stores and processes Users’ Personal Data obtained during the use of the Website by Users. The processing entity ensures full security of Users’ Personal Data by applying appropriate and newest technical and organizational measures. The processing entity may not use the Users’ Personal Data provided to it for purposes other than the purposes for which they were entrusted to it by the Administrator. The Administrator has concluded an agreement with the Processor for entrusting the processing of personal data, on the basis of which this entity has been obliged to comply with the requirements for the protection of Users’ Personal Data.

IV. International transfer of Personal Data

At the moment, the Administrator does not transfer and does not intend to transfer any Users’ Personal Data to third countries that are not members of the European Union or to international organizations. If necessary, this Privacy Policy will be modified, and the transfer of Users’ Personal Data will only be possible on the basis of standard contractual provisions that the Administrator will implement before transferring such Personal Data. In this case, Users will be entitled to request a copy of the standard contractual provisions used by the Administrator, using the contact details indicated in point XII below.

V. Data Protection

The Administrator informs that he has implemented appropriate technical and organizational security measures to protect Personal Data, in particular including safeguards against accidental or unlawful destruction, loss, alteration, unauthorized publication, unauthorized access and other unlawful and unauthorized forms of Processing, in accordance with applicable law.

The Administrator is not responsible for the actions or omissions of Users. Users are responsible for ensuring that all Personal Data is sent to the Administrator in a secure manner.

VI. Accuracy of Data

The controller takes all appropriate measures to make sure that:

  • Users’ Personal Data processed by the Administrator are accurate and, if necessary, up-to-date; and
  • All Users’ Personal Data processed by the Administrator and which are incorrect (bearing in mind the purpose for which they are processed) will be deleted or corrected without undue delay.

The Administrator may at any time ask Users about the accuracy of the Processed Personal Data.

VII. Data minimization

The Administrator takes all adequate measures to make sure that the scope of Users’ Personal Data which he Processes is limited to the Personal Data adequately required for the purposes indicated in this Privacy Policy.

VIII. Data storage

The criteria determining the duration of the period in which the Administrator stores Users ‘Personal Data are as follows: The Administrator stores copies of Users’ Personal Data in an identifiable form only as long as it is necessary to achieve the goals set out in this Privacy Policy, unless generally applicable law require a longer period of storage of Personal Data. The Administrator may, in particular, store Users’ Personal Data for the entire period necessary to establish, exercise or defend claims.

IX. Users’ rights

In accordance with the provisions of the general data protection regulation, the Users have the following rights in relation to Users’ Personal Data processed by the Administrator:

  • the right to access personal data;
  • the right to rectify personal data;
  • the right to delete personal data;
  • the right to limit the processing of personal data;
  • the right to transfer personal data;
  • the right to object to the processing of personal data;
  • the right not to be subject to a decision consisting in automated processing.

If the Processing of Personal Data takes place on the basis of the consent expressed by the Users, the Users have the right to withdraw their consent at any time without affecting the lawfulness of the Processing which was carried out on the basis of consent before its withdrawal.

In the event of incorrect Processing of Personal Data, Users have the right to lodge a complaint with the state supervisory body for data protection, i.e. the President of the Office for Personal Data Protection.

The above does not affect the rights of Users resulting from acts or other generally applicable provisions of law.

To exercise one or more of these rights or to ask about these rights or any other provisions of this Privacy Policy or about the Processing of Users’ Personal Data, please contact us using the contact details provided in section XII below.

X. Cookie files (cookies)

A cookie is a small file placed on the User’s device when visiting a website (also on our Website). It records information about the device, browser, and in some cases, also about preferences and typical activities that Users perform when browsing the website . The Administrator may Process Users’ Personal Data through the Cookie technology, in accordance with the Administrator’s Cookies Policy.

XI. Newsletter

If Users give their voluntary, specific, informed and unambiguous consent to receive the Administrator’s newsletter, the Administrator may send Users an electronic newsletter with commercial information for promotional and informational purposes. Personal data provided to the Administrator in connection with subscribing to the newsletter will be used only for the purpose of sending the newsletter. Users may at any time unsubscribe from the newsletter by using the unsubscribe option contained in the newsletter, using the opt-out link in the footer of the e-mail or by contacting the Administrator in another way.

The Personal Data received from Users will be stored by the Administrator only for the above purpose and for the period during which the Users subscribe to the newsletter and until the Users withdraw their consent to subscribe to the newsletter.

The newsletter is distributed by The Rocket Science Group LLC d / b / a Mailchimp, this entity processes Users’ Personal Data on behalf of the Administrator. The processing entity also ensures full security of Users’ Personal Data by applying appropriate and newest technical and organizational measures. This entity stores and processes Users’ Personal Data obtained in the registration process, i.e. e-mail address and, if applicable, IP address and newsletter subscription data. The processor may not use the Users’ Personal Data provided to it for purposes other than the purposes for which it was received. The Administrator has concluded an agreement with the Processor for entrusting the processing of personal data, on the basis of which this entity has been obliged to comply with the requirements for the protection of Users’ Personal Data.

The provision of Users’ Personal Data related to receiving the newsletter is not required for legal or contractual reasons, nor is it required for the conclusion of any contract. Therefore, the provision of this data or consent to receive the newsletter is not obligatory for Users. The legal basis for receiving the newsletter is only the consent expressed by the Users (Article 6 (1) (a) of the General Data Protection Regulation). In the absence of such consent, the newsletter will not be sent.

XII. Contact details

If you have any questions, doubts or comments regarding the information contained in this Privacy Policy or other issues related to the Processing of Users’ Personal Data by the Administrator, including in order to exercise the rights referred to in point IX of this Privacy Policy, please contact:

COLUMBUS POLSKA SA, with its seat at: ul. Koneser Square 5 /F0.01, 03-736 Warsaw. Email address: [email protected]

XIII. Definitions

  1. Administrator means an entity that decides how and for what purposes Personal Data are processed. The controller is responsible for the compliance of the processing with applicable data protection law.
  2. Personal Data means any information relating to any identified natural or identifiable natural person. Examples of Personal Data that the Administrator may process are listed in point II above.
  3. Processing, Processing or Processing means any activity related to Personal Data, whether by automated means or not, such as: acquiring, recording, organizing, structuring, storing, adapting or changing, retrieving, consulting, using, sharing by transmission, disseminating or sharing in any other way, ordering or combining, limiting, deleting or destroying.
  4. Processor means any person or entity that Processes Personal Data on behalf of the Administrator (other than an employee of the Administrator).
    0
    Cart
    Your cart is empty
      Calculate Shipping
      Apply Coupon