Administrator: Sandra & Co sp. z o.o. with its registered office in Suchy Las, 25 Szkółkarska Street, entered in the register of entrepreneurs under the number KRS: 0000930920 share capital: 5000 PLN, having tax identification number NIP 972-132-18-97; REGON 520384802
Personal Data: all information about an identified or identifiable natural person through one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person, including device IP number, location data, internet identifier and information collected through cookies and other similar technology.
DPA: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
Service: the website published by the Administrator to which this Policy applies i.e. www.sandras.fit, managed by the Administrator.
User: any natural person visiting the Website or using the services or functionalities made available in the Website.
DATA PROCESSING IN CONNECTION WITH USE OF THE SERVICE
In connection with the use of the Website by the User, the Administrator collects data to the extent necessary to provide individual services offered through the Website, as well as information on the User’s activity in the Website. Below are described the detailed principles and purposes of the processing of personal data collected in connection with the use of the Website by the User.
PURPOSES AND LEGAL BASIS OF DATA PROCESSING ON THE WEBSITE
Using the Website
Personal data of all persons using the Service (including IP address or other identifiers and information gathered through cookies or other similar technologies) are processed by the Administrator:
User activity on the Website, including his/her personal data, are recorded in system logs. The information collected in the logs is processed primarily for purposes related to the provision of services. The Administrator also processes these data for technical and administrative purposes, to ensure the security of the IT system and its management, as well as for analytical and statistical purposes – in this regard the legal basis for processing is the Administrator’s legitimate interest (Article 6(1)(f) RODO).
The administrator provides the possibility to contact him using an email or a contact form. Provision of basic data (name, surname, email address) is required in order to receive and handle the inquiry, and failure to do so will result in the inability to handle it. Provision of other data is voluntary.
Personal data is processed:
The Administrator provides a newsletter service to persons who have provided their e-mail address for this purpose. Provision of data is required in order to provide the newsletter service, and their failure to provide results in the impossibility of its dispatch.
Personal data is processed:
Collection, acquisition, scope and purpose of collection of personal data
COOKIES AND SIMILAR TECHNOLOGY
Cookies are computer data, in particular text files, installed on the device of a User browsing the Website. Cookies usually contain the domain name of the website from which they originate, the time of storage on the terminal equipment and a unique number.
Cookies are used in order to:
In many cases, software used to browse the Internet (web browser) by default allows you to store cookies on User’s end device. Users of the Website may at any time change their settings concerning cookies. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of your web browser or inform on their timely placement in the device of the User of the Website. Detailed information on the possibility and methods of using cookies is available in the settings of your web browser software. Failure to change the settings for cookies means that they will be placed on the user’s terminal equipment and thus the Administrator will store information on the user’s terminal equipment and gain access to this information.
PERIOD OF PERSONAL DATA PROCESSING
The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, the data are processed for the duration of the service or the fulfillment of the order, until the withdrawal of the expressed consent or until an effective objection to the data processing in cases where the legal basis of the data processing is the legitimate interest of the Administrator. The data processing period may be extended, in particular in the following circumstances:
After the expiration of the processing period, the data are irreversibly deleted or anonymized.
The user is entitled to:
In connection with the provision of services, personal data will be disclosed to external entities, including in particular providers responsible for the operation of IT systems used to provide services, entities such as banks and payment operators, research companies, entities providing accounting and legal services, marketing agencies (within the scope of marketing services) and entities related to the Administrator.
If the User gives his/her consent, his/her data may also be made available to other entities for their own purposes, including marketing purposes.
The Administrator reserves the right to disclose the information concerning the User to the proper authorities or to third parties who make a request for such information on the basis of an appropriate legal basis and in accordance with the provisions of the law in force.
TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
The level of protection of personal data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Controller transfers personal data outside the EEA only when necessary, and with an adequate level of protection, primarily by:
The controller shall always inform about the intention to transfer personal data outside the EEA at the stage of its collection.
SECURITY OF PERSONAL DATA
The Administrator conducts a risk analysis on a regular basis in order to ensure that personal data is processed by him in a secure manner, ensuring above all that only authorized persons have access to the data and only to the extent necessary for the performance of their tasks. The controller shall ensure that all operations on personal data are recorded and performed only by authorized employees and associates.
Contact with the Administrator is possible through the e-mail address [email protected] or in writing to the address: Sandra & Co sp. z o.o., ul.Szkółkarska 25, Suchy Las 62-002
The Policy is reviewed on an ongoing basis and updated as necessary. The current version of the Policy has been adopted and is effective as of 20.11.2021.
Śniadanie to najważniejszy posiłek dnia, dlatego zacznij go od przygotowania jednej z naszej nowości: owsianki z dodatkiem kakao lub matchy. Do końca tygodnia przy zamówieniu za min. 200 zł otrzymasz ją za 1 zł! Dostawa na terenie Polski jest bezpłatna.