2. The owner of the MODONE Internet Wholesaler and the Personal Data Administrator is ESPIR S.C. with registered headquarters in Białystok at Szosa Ełcka 13, 15-690 Białystok, where it is an economic activity carried out in the form of a civil law partnership, and whose shareholders are Michał Gromotowicz (TIN 9661877756, Białystok, Szosa Ełcka 13) and Łukasz Gromotowicz (TIN 9661737216, Białystok, ul. Szosa Ełcka 13), TIN 5751836440, National Business Registry Number 240826493.
3. Personal data collected by ESPIR S.C. through the E-wholesale are processed in accordance with the Regulation of the European Parliament and the Council (EU) 2016/679 from 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repeal of Directive 95 / 46 / EC (general regulation on data protection), also known as the GDPR.
4. ESPIR S.C. makes special care to respect the privacy of customers visiting the E-wholesale store.
§1 Type of processed data, the objectives and legal basis
1. Modone.com collects information on natural persons making legal act not directly related to their business activities, natural persons running their own business or professional activity and natural persons representing legal persons or organizational units that are not legal entities, where the law recognizes the legal capacity, acting on its own behalf, an economic or professional activity, hereinafter referred to as customers.
2. Customers' personal data is collected in the case of:
a) registration of an account in the E-wholesale store, in order to create an individual account and manage this account. Legal basis: the necessity for the implementation of the agreement for the provision of the Account service (Article 6 paragraph 1 letter b of the GDPR);
b) placing an order in the E-wholesale store to perform the sales contract. Legal basis: the necessity to perform the sale contract (Article 6 paragraph 1 letter b of the GDPR);
c) newsletter subscription (Newsletter), in order to perform the contract, the subject of which is the service provided electronically. Legal basis - consent of the person that data are relating to perform the contract for the provision of the Newsletter service (Article 6 paragraph 1 letter a);
d) using the contact form service to perform the contract provided electronically. Legal basis: the necessity to perform the contract for the provision of the contact form service (Article 6 paragraph 1 letter b of the GDPR).
3. In the case of registration of an account in the E-wholesale store, the Customer provides:
a) e-mail adress;
b) contact details:
c) postal code and city ,
d) street with the house / flat number
e) name and surname;
f) telephone number.
4. When registering an account in the E-wholesale store, the Customer sets up an individual password to access his account. The customer can change the password later, on the terms described in §5
5. In the case of placing an order in the E-wholesale store, the Customer provides the following data:
a) e-mail adress;
b) contact details:
c) postal code and city ,
d) street with the house / flat number
e) name and surname;
f) telephone number.
6. In the case of Entrepreneurs, the above data are additionally expanded by:
a) Entrepreneurs company;
b) TIN number.
7. In the case of the contact form service, the customer provides the following data:
a) e-mail adress;
b) name and surname.
8. When using the E-wholesale Store Website, additional information may be downloaded, in particular: the IP address assigned to the Client's computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
9. Customers navigation data may also be collected, including information about links they decide to click or other activities undertaken in our E-wholesale store. Legal basis - a legitimate interest (Article 6 paragraph 1 letter f of the GDPR), to facilitate the use of electronic services and to improve the functionality of the services.
10. In order to determine, investigate and enforce claims, some personal data provided by the Customer may be processed as part of using the functionality of the E-wholesale store, such as: name, surname, data concerning usage of services, if claims result from the manner in which the customer uses services, other data necessary to prove the existence of the claim, including the extent of the damage suffered. Legal basis - a legitimate interest (Article 6 paragraph 1 letter f of the GDPR), to determine, investigate and enforce claims and to defend against a claim in proceedings before courts and other state authorities.
11. The transfer of personal data to Modone.com is voluntary, in connection with concluded sales contracts or providing services via the E-wholesale store Website, with the reservation that failure to provide certain data specified in data forms in the Registration process prevents registration and establishment of the Customer Account, and in the case of placing an order without registering a Customer Account, it will prevent the submission and implementation of the Customer's order.
§ 2 Who are the data shared or entrusted to and for how long are they stored?
1. The client's personal data are transmitted to service providers used by Espir S.C. while running E-wholesale store. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, are subject to Espir S.C. with respect to the purposes and methods of data processing (processing entities) or independently define the purposes and methods of their processing (administrators).
a) Processing entities. Modone.com uses suppliers who process personal data only at the request of Modone.com. These include hosting services providers, accounting services, marketing systems providers, systems for analyzing traffic in the Online Store, systems for analyzing the effectiveness of marketing campaigns;
b) Administrators. Modone.com uses suppliers who do not act solely on the instructions and set on their own the purposes and methods of using personal data of clients. They provide electronic and bank payment services.
2.Location. Service providers headquarters are mainly in Poland and other countries of the European Economic Area (EEA).
3. Customers' personal data are stored:
a) If the basis for the processing of personal data is consent, then the client's personal data are processed by Modone.com until the consent is canceled, and after the consent is revoked for a period corresponding to the period of limitation of claims that Modone.com can and can be raised towards him. Unless a special rule provides otherwise, the period of limitation is six years, and for claims for periodic services and claims related to running a business - three years.
b) If the basis for data processing is performance of the contract, then the personal data of the customer are processed by Modone.com as long as it is necessary to perform the contract, and after that time for a period corresponding to the period of limitation of claims. Unless a special rule provides otherwise, the period of limitation is six years, and for claims for periodic services and claims related to running a business - three years.
4. In the event of purchase at the E-wholesale store, personal data may be transferred, depending on the choice of the Customer, to the following entities to deliver the ordered goods:
a) a courier company;
b) trucking company.
5. In the event that the Customer chooses to pay via PayPal, his personal data is transferred to the extent necessary for the payment to PayPal (Europe) S.a.r.l. et Cie, S.C.A. with headquarters at L-1150 in Luxembourg, has a valid license as a Luxembourg credit institution within the meaning of Article 2 of the Financial Sector Act of 5 April 1993 as amended and subject to strict supervision by the Luxembourg supervisory authority, Commission de Surveillance du Secteur Financier (Financial Sector Commission). Due to the fact that the service is limited to financial operations in electronic form, which in the spirit of the Act are not considered as deposits or investment services, PayPal customers are not protected by deposit guarantee schemes in Luxembourg run by the Association pour la Garantie des Dépôts Luxembourg (AGDL).
PayPal Inc. is the parent company of PayPal (Europe) S.à.l. & Cie, S.C.A. Its headquarters are in the United States, California.
6. The navigation data can be used to provide customers better service, statistical data analysis and adaptation of E-wholesale store to customers preferences, as well as administration of E-wholesale store.
7. If the Customer subscribes to the newsletter (Newsletter), Modone.com will send electronic messages at his e-mail address containing commercial information about promotions and new products available in the E-wholesale store.
8. In the case of a request, Modone.com provides personal data to authorized state bodies, in particular to the organizational units of the Prosecutor's Office, the Police, the President of the Office for Personal Data Protection, the President of the Office of Competition and Consumer Protection, or the President of the Office of Electronic Communications.
§ 3 The cookies mechanism, IP address
1. E-wholesale store uses small files, called cookies. They are saved by Modone.com on the final device of the E-wholesale store visitor, if the web browser allows it. A cookie file usually contains the name of the domain it comes from, its "expiration time" and an individual, randomly selected number identifying this file. Information collected using this type of files help to adapt products offered by Modone.com to individual preferences and real needs of E-wholesale store visitors. They also give the opportunity to develop general statistics of visits to the presented products in the Online Store.
2. Modone.com uses two types of cookie files:
a) Session cookies: after completing a session of a given browser or turning off the computer, stored information is removed from the device's memory. The mechanism of session cookies does not allow to collect any personal data or any confidential information from the Clients' computers.
b) Permanent cookies: they are stored in the memory of the Customer's device and remain there until they are deleted or expired. The mechanism of permanent cookies does not allow to collect any personal data or any confidential information from the Client's computer.
3. Modone.com uses its own cookies to:
a) authenticate the Customer in the E-wholesale store and ensure Customer's session in the E-wholesale store (after logging in), so that the customer does not have to re-enter the login and password on every sub-page of the E-wholesale store;
b) do analysis and research and traffic audit, and in particular to create anonymous statistics that help understand how customers use the E-Wholesale Website, which allows improving its structure and content.
4. Modone.com uses external cookies to:
a) collect general and anonymous static data via analytical tools of Google Analytics (external cookie administrator: Google Inc. with its headquarters in the USA);
b) present ads tailored to the Customer's preferences using the Google AdSense online advertising tool (external cookie administrator: Google Inc. with its headquarters in the USA);
5. The mechanism of cookies is safe for computers of E-wholesale store customers. In particular, this way it is not possible to get viruses or other unwanted software or malicious software onto your computers. However, in their browsers, Customers have the option of limiting or disabling access of cookies to the computers. If the event of using this option, the use of E-wholesale store will be possible, in addition to functions that, by their nature, require cookies.
6. Modone.com may collect customer IP addresses. An IP address is a number assigned to the computer of E-wholesale store visitor by the Internet service provider. The IP number allows access to the Internet. In most cases, it is assigned dynamically to the computer, i.e. it changes every time you connect to the Internet and is therefore commonly regarded as non-person identifying information. The IP address is used by Modone.com when diagnosing technical problems with the server, creating statistical analyses (e.g., determining in which regions we note the most visits), as information useful in administering and improving E-wholesale store, as well as for security purposes and possible server-loading identification, unwanted automated programs to browse E-wholesale store content.
§ 4 Rights of data subjects
1.The right to withdraw consent - legal basis: art. 7 par. 3 GDPR.
a) The customer has the right to withdraw any consent given to the Modone.com.
b) Withdrawal of consent has effect since the withdrawal of consent.
c) Withdrawal of consent does not affect the processing carried out by Modone.com in accordance with the law prior to its withdrawal.
d) Withdrawal of consent does not entail any negative consequences for the customer, but it may prevent further use of services or functionality which, according to Modone.com law, may be provided only with consent.
2. The right to object to data processing - legal basis: art. 21 GDPR.
a) The customer has the right to object at any time - for reasons related to his specific situation - to the processing of his personal data, including profiling, if Modone.com processes his data under legitimate interest, e.g. marketing products and services of Modone.com ., making statistics on the use of particular functionalities of E-wholesale store and facilitating the use of an online wholesale, as well as satisfaction survey.
b) Resignation in the form of an e-mail from the receipt of marketing messages concerning products or services will mean the Customer's objection to the processing of his personal data, including profiling for these purposes.
c) If the customer's objection is found reasonable and Modone.com will not have another legal basis for the processing of personal data, the customer's personal data will be deleted, to the processing of which, he has lodged an objection.
3. The right to delete data ("the right to be forgotten") - legal basis: art. 17 GDPR.
a) The customer has the right to request the removal of all or some personal data.
b) The customer has the right to request the deletion of personal data if:
a. personal data are no longer necessary for the purposes for which they were collected or processed;
b. he withdrew a specific consent to the extent to which personal data were processed under his consent;
c. he objected to the use of his data for marketing purposes;
d. personal data are processed unlawfully;
e. personal data must be deleted in order to comply with a legal obligation under European Union law or the law of a Member State to whom Modone.com is subject;
f. personal data were collected in connection with the offering of information society services.
c) Despite the request to delete personal data, in connection with objection or withdrawal of consent, Modone.com may keep certain personal data to the extent that processing is necessary to determine or defend claims, as well as to fulfill a legal obligation requiring processing under the law of the European Union or the law of a Member State to which Espir SC is subject. This applies in particular to personal data including: name, surname, e-mail address, which data is kept for the purpose of handling complaints and claims related to the use of Modone.com services, or additionally the address of residence / mailing address, order number, which data is kept for the purpose of handling complaints and claims related to concluded sales contracts or providing services.
4. The right to limit data processing - legal basis: art. 18 GDPR.
a) The customer has the right to request the limitation of the processing of his personal data. Submission of a request, pending its consideration, prevents the use of certain functionalities or services, the use of which will involve the processing of data covered by the request. Modone.com will also not send any messages, including marketing.
b) The customer has the right to request a limitation of the use of personal data in the following cases:
a. when he questions the accuracy of his personal data - then Modone.com limits their use for the time required to verify the accuracy of data, but no longer than for 7 days;
b. if the data processing is unlawful, and instead of deleting data, the Customer will demand limitation of their use;
c. when personal data are no longer necessary for the purposes for which they were collected or used, but Customer needs them to determine or defend claims;
d. when he objected to the use of his data - then the limitation takes place for the time needed to consider whether - due to the special situation - protection of the Customer's interests, rights and freedoms outweighs the interests that the Administrator performs while processing Customer's personal data.
5. Right of access to data - legal basis: art. 15 GDPR.
a) The Customer has the right to obtain from the Administrator confirmation whether he processes personal data, and if this is the case, the Customer has the right to:
a. get access to his personal data;
b. obtain information on the purposes of processing, categories of personal data being processed, the recipients or categories of recipients of this data, the planned period of customer data retention or criteria for determining this period (when it is not possible to determine the planned data processing period), on the rights of the customer under the GDPR and on the right to lodge a complaint with the supervisory body, on the source of such data, on automated decision-making, including profiling and on safeguards applied in connection with the transfer of these data outside the European Union;
c. obtain a copy of his personal data.
6. The right to rectify data - legal basis: art. 16 GDPR.
7. The right to data transfer - legal basis: art. 20 GDPR.
a) The customer has the right to receive his personal data, which he provided to the Administrator, and then
send them to another, selected by him, personal data administrator. The Customer also has the right to demand personal data being sent by the Administrator directly to such an administrator, if it is technically possible. In this case, the Administrator will send the Customer's personal data in the form of a file in csv format, which is a widely used, machine-readable format that allows sending the received data to another personal data administrator.
8. In the event of a Client implementing the rights resulting from the above rights, Modone.com fulfills the request or refuses to meet it immediately, but not later than within one month after receiving it. However, if - due to the complexity of the request or the number of requests - Modone.com will not be able to meet the request within a month, it will meet them within the next two months by informing the Customer within one month of receiving the request - about the intended extension and its reasons.
9. The Customer may submit complaints to the Administrator, inquiries and requests regarding the processing of his personal data and the implementation of his rights.
11. The Customer has the right to lodge a complaint to the President of the Office for Personal Data Protection in the scope of violation of his rights to the protection of personal data or other rights granted under the GDPR.
§ 5 Security management - password
1. Modone.com provides its clients a secure and encrypted connection when transferring personal data and when logging in to the Customer Account on the Website. Modone.com uses an SSL certificate issued by one of the world's leading companies in the field of security and encryption of data transmitted via the Internet.
2. If the customer who has an account in the E-wholesale store has lost password in any way, the E-wholesale store allows him to generate a new password. Modone.com does not send a password reminder. The password is stored in an encrypted form in a way that prevents its reading. To generate a new password, the Customer has to enter his e-mail address in the form available under the link "Forgot your password", given at the login form to the account in the E-wholesale store. The customer to the e-mail address provided during registration or saved in the last change of the account profile will receive an e-mail containing a redirection to a dedicated form provided on the E-wholesale store Website, where the customer will be able to set a new password.
3. Modone.com never sends any correspondence, including electronic correspondence, with a request to provide login details, in particular an access password to the Customer's account.
3. Date of last modification: 05.11.2018.