PRIVACY AND COOKIES POLICY 

ANNGRYART

https://anngrycourses.thinkific.com

https://anngryart.com 

   

  1. General     information


  1. This     document specifies the privacy principles applicable in the Online     Shop      https://anngryart.com     and Online Learning Platform https://anngrycourses.thinkific.com     .

        

  2. For     the purposes of data protection legislation, we are the data     controller of your personal data –anngryart     Anna Grabska, ul. Jasnogórska 3/68, 44-100 Gliwice (Poland), Vat     number: PL6312551233, REGON: 528688795, e-mail: [email protected].     Personal     information collected by the data Controller shall be processed in     accordance with the provisions of the Regulation of the European     Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the     protection of individuals with regard to the processing of personal     data and on the free movement of such data and repealing Directive     95/46 / EC (GDPR).

        

  3.      The     data controller collects information provided voluntarily by the     Customers. However, the provision of marked personal data is a     condition for placing an order, while the consequence of not     ordering will be the inability to order products in the store.     Using     the online shop requires the processing of the customer's personal     data in the scope of first     name, last name, phone number and email address,     address     of residence.

        

  4. Moreover,     the data controller may record the information about connection     parameters, like IP addresses, for technical purposes, for server     administration and for collection of general, statistical     demographic information (e.g. about the region from which the     connection comes), and for security purposes.

        

  5. The     data Controller shall make an extra effort in order to protect     privacy and information about the Online Shop Customers provided to     him. The Controller shall exercise due diligence when selecting and     applying appropriate technical measures, including those of     programming and organizational nature, in order to protect the     processed data, and in particular he shall protect the data from     unauthorized access, disclosure, loss and destruction, unauthorized     modification, and also from their processing with the breach of the     applicable provisions of law.

        

  6. Personal     data will be processed in accordance with the principles of art. 5     GDPR.

Personal data will be:

  1. processed     lawfully, fairly and in a transparent manner in relation to the data     subject (‘lawfulness, fairness and transparency’).

        

  2. collected     for specified, explicit and legitimate purposes and not further     processed in a manner that is incompatible with those purposes;     (‘purpose limitation’).

        

  3. adequate,     relevant and limited to what is necessary in relation to the     purposes for which they are processed (‘data minimization’).

        

  4. accurate     and, where necessary, kept up to date (‘accuracy’).

        

  5. kept     in a form which permits identification of data subjects for no     longer than is necessary for the purposes for which the personal     data are processed; (‘storage limitation’).

        

  6. processed     in a manner that ensures appropriate security of the personal data,     including protection against unauthorized or unlawful processing and     against accidental loss, destruction or damage, using appropriate     technical or organizational measures (‘integrity and     confidentiality’).   

  1. Your     personal data is primarily processed within the European Economic     Area (hereinafter referred to as the "EEA"). In connection     with the operation of the Online Shop, your personal data may also     be transferred to countries outside the EEA, where the entity     cooperating with the Controller administers the personal data     processing tools in accordance with the Controller's specifications.     Such a transfer of personal data will always take place only to the     extent necessary.

        

  2. In     the case of transferring personal data to entities based outside the     EEA, the Controller ensures that the requirements set out in Chapter     5 of the GDPR are applied, including the application of appropriate     transfer safeguards in the form of standard contractual clauses     adopted based on a decision of the European Commission.

        

  3. We     wish to inform you that we do not perform automated decision making,     also based on profiling.

        

  4. The     Controller will always post information about changes to the Privacy     Policy in the Online Shop. With each change, a new version of the     Policy will appear with a new date.


  1. Purpose     for Processing


  1. The     basis for the processing of the Customer's Personal Data is     primarily the necessity to perform the contract to which he is a     party or the need to take action at his request prior to its     conclusion (Article     6 par 1 (b) of GDPR).

        

  2. After     expressing separate consent, data may also be processed for the     purpose of sending commercial information by electronic means for     marketing purposes or newsletter (Article 6 par. 1 (a) GDPR).

        

  3. In     other purposes, the Customer's Personal Data may be processed based     on:

  1. applicable     law when processing is necessary to fulfill the legal obligation of     the Controller e.g. when based on tax regulations or accounting one,     The Controller settles concluded sales contracts (Article 6 (1) (c)     GDPR).

        

  2. indispensable     for purposes other than those mentioned above resulting from     legitimate interests pursued by the Controller or by a third party,     in particular to determine, assert or defend claims, market and     statistical analyses Article 6 (1) (f) GDPR).

   

  1. Social     media: We have profiles in social media (Facebook [Meta], Instagram     [Meta]. YouTube (Google). Personal data is or may be processed in     order to carry out the process of maintaining profiles on these     websites, including fan pages, in accordance with the regulations in     force on these websites and on the terms and conditions specified by     the administrators of these websites, i.e.: a) for the purpose of     conducting marketing and analytical activities – Article 6(1)(f)     of the GDPR; b) for statistical and advertising purposes carried out     through tools provided by the applications of individual social     networking sites. The legal basis for the processing of personal     data for these purposes is the necessity for the purposes resulting     from the legitimate interest of the Controller consisting in     carrying out its own marketing and taking care of its image –     Article 6(1)(f) of the GDPR.

Co-administration of personal data within social networking sites:

The Controller, as the owner of the fanpage, is the co-administrator of personal data in relation to personal data collected for statistical or advertising purposes in the case of:

- Facebook, Instagram:  

together with Meta Platforms Ireland Limited in Ireland, Serpentine Avenue, Block J, Dublin 4, Ireland (Meta).

The principles of personal data processing on Facebook by Meta are available at https://www.facebook.com/privacy/explanation


The principles of personal data processing on Instagram by Meta are available at https://www.facebook.com/privacy/explanation ://help.instagram.com/

Information regarding mutual arrangements between administrators is available at https://www.facebook.com/legal/terms/page_controller_addendum .


YouTube:

together with Google Ireland Limited - for users of Google services in the European Economic Area and Switzerland - with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (Google)

together with Google LLC - for users of Google services in Great Britain - based at 1600 Amphitheater Parkway, Mountain View, California 94043, USA (Google)

The principles of personal data processing on YouTube by Google are available at https://www.youtube.com/howyoutubeworks/user-settings/privacy.



  1. The     personal data we collect and use


  1. We     ensure that the collection and use of your personal data is lawful.     Therefore, for the purposes listed below, we only use your personal     data if one of the following conditions apply: 

  1. You     have given us your consent.

        

  2. We     need your personal data for the performance of a contract you enter     into with us, such as when you purchase a product through the     website.

        

  3. We     need to comply with legal obligations.

        

  4. We     need to protect your vital interests.

        

  5. Your     data is necessary for the public interest, or

        

  6. We     have a legitimate interest in processing the personal data.

   

  1. Category     of Personal Data:

   

  1.      Name and contact     details (such as first name, last name, company name,     country/region, street address, phone number and email address.)

        

  2. Purchase     information/history.

        

  3. Device     information: information about your computer, phone or other device     you use to view the website such as device type, operating system,     hardware version, browser type, unique device identifier, IP address     and advertising ID. Log information.

        

  4. Payment     information (we don’t store this information).


   

  1. Term     of Personal Data Processing

  

  1. In     compliance with the applicable legal provisions, we process your     personal data for a term of time that is necessary to meet the     designated purpose. After such term, the personal data of Customers     will be irrevocably deleted or destroyed.

        

  2. Personal     data processed covered by the consent statement will be processed     until the consent is revoked.     

        

  3. We     process personal data during the term of the agreement, as well as     during a period of expiry of claims resulting from the provisions of     the Polish Civil Code.     


    

  1. Recipients     of personal data

   

  1. Recipients     of the Customer's personal data may by entities performing the order     at the Seller's request and handling it, such as: shipment     companies, accounting companies, suppliers of the goods, assembly     services, providers of IT solutions, payment processing companies,     banks, companies providing marketing services, telecommunication     providers, law offices, authorized state authorities.

        

  2. Online     payments are processed by Stripe/PayPal.

        

  3. Transaction     data, including personal data, may be transferred to Stripe/PayPal     to the extent necessary to handle payment for the order. The     Customer has the right to access their data and correct it. The     provision of data is voluntary and at the same time necessary for     the use of the website.


   

  1. Your     rights on personal data concerning you

   

  1. Due     to the voluntary nature of providing your personal data, you have     the right to     

    

  1. access     to your personal data (Art. 15 GDPR).

        

  2. rectify     your personal data (Art. 16 GDPR).

        

  3. delete     your personal data ("the right to be forgotten" – Art.17     GDPR).

        

  4. restrict     the processing of your personal data (Art. 18 GDPR).

        

  5. transfer     your personal data (Art. 20 GDPR).

        

  6. to     object (Art. 21 GDPR).

   

  1. If     it is found that the processing of personal data violates the     provisions of the GDPR, the data subject has the right to lodge a     complaint with the President of the Office for Personal Data     Protection.

        

  2. Withdrawal     of consent to the processing of data does not affect the lawfulness     of data processing made by the Controller based on consent before     its withdrawal.

        

  3. Requests     for the processing of personal data can be submitted by e-mail:     [email protected].     




COOKIES

  

  1. We     use cookies on our website.     

        

  2. When     viewing the Online Shop websites “cookie” files are used, which     are small text files recorded in the Customer’s target device in     connection with using the Online Service. They are used to improve     the experience with the Online Service websites.

        

  3. The     cookie files used by the Controller are safe for the Customer’s     devices. It is not possible for viruses or other unwanted or     malicious software to enter the Customer’s devices in that way.     Those files allow to identify the software used by the Customer and     to adjust the Online Shop to each Customer individually. Cookie     files sometimes contain information about the domain name of their     origin, how long they are kept in the device and the ascribed value.

        

  4. There     are two main types of cookies used in the Online Shop:

a) temporary (session cookies) – these are temporary files that are stored on your end device until you leave the website or turn off the software (web browser); and

b) persistent cookies – which are stored on your end device for the period specified in the detailed information about cookies in our cookie bar or until they are deleted.    

  1. Due     to the purpose of collecting cookies, we distinguish the following     Cookies:

   

  1. necessary     Cookies: necessary for the proper functioning of the service - files     processed based on the legitimate interest of the controller     (Article 6(1)(f) of the GDPR).

        

  2. statistics     Cookies: they allow us to study website traffic, learn about our     users' preferences, analyze their behavior on the site and enable     interactions with external networks and platforms - files processed     based on the user's voluntary consent (Article 6(1)(a) of the GDPR).

        

  3. marketing     Cookies: they allow us to tailor the advertising and content     displayed to our users' preferences and to conduct personalized     marketing campaigns - files processed based on the user's voluntary     consent (Article 6(1)(a) of the GDPR).

   

  1. Cookie     files may be used by advertisement networks, by the Google network,     in order to display advertisements adjusted to the way the Customer     uses the Online Service. To that end, the information may be     retained about the Customer’s navigation path, or the time spent     on the given website.

        

  2. As     regards the information about the Customer’s preferences collected     by the advertising network Google, the Customer may view and edit     the information related to cookie files by means of the following     tool: https://www.google.com/ads/preferences/.

        

  3. The     Customer may, by himself and at any time, change the “cookie”     files settings, specifying the conditions of their storing and of     their access to the Customer’s device. The settings referred to in     the previous sentence may be changed by the Customer through the web     browser settings or through configuration of the service. Those     settings may be changed in particular so as to block automatic     support for cookie files in the web browser settings or to inform     each time they are introduced to the Customer’s device. Detailed     information about the possibilities and ways of supporting cookie     files is available in the software (web browser) settings.

        

  4. To     learn how to manage cookies, including how to disable them in your     browser, you can use the help section of your browser. You can learn     more about this by pressing the F1 key while in your browser. In     addition, you will find appropriate tips on the following pages,     depending on the browser you are using:

Firefox

Chrome

Safari

Internet Explorer / Microsoft Edge

    

  1. The     Customer may remove “cookie” files at any time, using the     functions available in the web browser he uses.

        

  2. Limitation     of the cookie files application may affect some functionalities     available on the Online Service website.

        

  3. Due     to the fact that the Controller cooperates with other entities     within the Online Store, the browser also stores cookies for the     purposes of this cooperation, which come from entities with which     the controller cooperates. In this way, information about the     Products viewed is collected, m.in. Cookies sent by these entities     are primarily intended to ensure the proper functioning of the     Online Store and to improve the effectiveness of displaying     advertisements that correspond to your activity on the web. In     particular, the Controller uses the services of the following     entities that use cookies in the Online Store.

        

  4.     We use the     following services:

    

  1. Google     Analytics 4, provided by Google Inc. (1600 Amphitheatre Parkway,     Mountain View, CA 94043, USA) for the purpose of traffic analytics     on the Website.     

        

  2. Google     Ads provided by Google Ireland Ltd. | Gordon House, Barrow Street,     Dublin 4, Ireland to optimize the display of advertisements,     remarketing and popularization of the Website.