The Customer’s personal data shall be processed according to the safety rules, required by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR)
MB Distribution S.A.
ul. Polska 22/5
00-703 Warsaw, Poland
e-mail: customercare@magdabutrym.com
entered into the Register of Entrepreneurs kept by Regional Court in Warsaw, XII Department of the National Court under the number KRS: 0000834250
NIP (Taxpayer ID number): 5252770912
The Service Provider is the data controller within the meaning of GDPR).
For any inquiries about the Privacy Policy or the processing of the Customer’s data, please contact customercare@magdabutrym.com.
The Controller processes the Customer’s personal data:
The Controller will only retain the Customer’s information for as long as is necessary for the purposes described in this Privacy Policy, but not longer than 6 years. However, the Service Provider may continue to store and process the Customer’s personal data in order to comply with various finance and tax-related legal obligations and/or for business development purposes.
The Controller collects, stores, and processes the following categories of data:
The Service Provider may on occasion process data collected directly from the Customer with data accessible from publicly available sources (e.g. social media platforms and third-party websites) for purposes characterized as the legitimate interest of the Service Provider.
The Controller does not disclose the Customer’s personal data, except:
The personal data that the Controller collected from the Customer is stored within the European Union (EU) but may also, whenever necessary, be transferred to and processed in a country outside of the EU by third parties, such as Payments System Operators, order fulfillment services, shipping service - for example, if you order goods with delivery to an address outside the EU. Also we may share data with entities from our group which are operating outside the EU if the Customer is also based outside the EU to improve the Customers experience when using our services in the future, e.g. by informing about our activities or services in your country/region.
Any such transfer of Customer’s personal data will be carried out in compliance with applicable laws and without undermining Customer’s statutory rights. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, or with whom we have put in place appropriate measures to ensure that data is adequately protected. These measures will usually include use of approved standard contractual clauses.
The Controller does not use profiling or automated decision-making.
As a data subject, the Customer has the right to request information on the processing of the personal data held by the Controller. To access this information, please contact customercare@magdabutrym.com.
As a data subject, the Customer can have their personal data rectified if the Controller is processing the personal data that is no longer accurate.
As a data subject, the Customer can have their personal data erased, which is no longer necessary for the The Controller. The request can be declined for legal/security reasons, if the the Controller is obligated by law to keep data or e.g. Customer’s order has not yet been delivered, or if the Customer has an ongoing matter with the customer service.
As a data subject, the Customer has the right to restrict the processing of their personal data. The Service Provider will not continue to process the personal data unless it can demonstrate a legitimate reason for data processing that overrides the interest and rights of the Customer.
If the Customer is of the opinion that the Controller is processing inaccurate personal data about the Customer, the Customer has the right to have the processing restricted until it can be determined whether or not the personal data in question are accurate or not.
The Customer has the right to have the processing of their personal data restricted if the Controller is processing the personal data illegally, due to the fact, that the personal data is no longer necessary for the task, where the personal data is used, however, the personal data is necessary to the Customer for later determining, defending or making a legal claim.
The right to data portability implies that the Customer can request transfer of their personal data to another controller if they have provided the personal data to the Controller.
As a data subject, the Customer has the right to object to the processing of their personal data for direct marketing.
If the Customer has consented to the Controller processing of personal data, the Customer can at any time withdraw their consent. Withdrawing the consent will however not affect the legality of the processing, which has already taken place.
As a data subject, if the Customer is of the opinion that the Controller does not comply with its obligations under the General Data Protection Regulation, the Customer has the right, at any time, to lodge a complaint with the Office of the President for Personal Data Protection (Urząd Ochrony Danych Osobowych).
Office of the President for Personal Data Protection
Urząd Ochrony Danych Osobowych
Stawki 2
00-193 Warsaw
Poland
Tel. +48 22 531 03 00
Fax +48 22 531 03 01
E-mail: kancelaria@uodo.gov.pl