Privacy policy
1. Pursuant to Article 13(1) and (2) of the General Data Protection Regulation of 27 April 2016 (hereinafter referred to as the GDPR), we hereby inform that the controller of your personal data processed on the sportofino.com website is SAT sp. z o.o. with its registered seat in Poznań (60-277) at ul. Grochowska 27.
2. In case of any questions regarding the processing of your personal data, please contact our Data Protection Officer, Mr Jakub Wietrzyński, at [email protected].
3. The Store processes the personal data of:
1) Users,
2) S'Club Participants,
3) Persons contacting the Store via online form or Messenger,
4) Hotline callers.
4. User data are processed:
1) for the purposes of performing the concluded sales contracts, the operational execution of orders, the dispatch or delivery of the ordered goods, the handling of returns and complaints, and the fulfilment of the obligations arising from the granted commercial and statutory warranties,
• on the basis of Article 6(1)(b) of the GDPR, where the processing is necessary for the performance of the sales contract,
• and on the basis of Article 6(1)(c) of the GDPR, where the processing is necessary to fulfill a legal obligation incumbent on the controller, in connection with the wording of the Accounting Act of 29 September 1994 and other accounting and tax regulations,
2) based on the controller's legitimate interest (Article 6(1)(f) of the GDPR), to conduct research and analysis in order to improve the performance of available services, including the Store evaluation.
5. User data are processed for the period necessary for the performance of the sales contract, extended by the warranty period and the statute of limitations for possible claims, or, if so required by law, for the period provided for by applicable laws or until an objection is raised. Provision of the data is mandatory, it is a condition for the conclusion and performance of the sales contract, and failure to provide them will prevent the purchase.
6. S'Club Participant data are processed for the following purposes:
1) registering the Participant's Account and ensuring the operation of the Participant's profile, including the ability to issue, redeem and deliver gift cards and discount coupons, handling promotional activities and contests, communicating on technical security issues, based on the accepted Regulations of the S'portofino loyalty program "S'portofino Club" (Article 6(1)(b) of the GDPR),
2) receiving personalised commercial offers and commercial information about the products and services offered by SAT sp. z o.o., based on the consent given during account registration (Article 6(1)(a) of the GDPR).
7. S'Club Participant data are processed for the duration of the account, and after its deletion until the statute of limitations for possible claims. Data processed based on consent will be processed until the consent is withdrawn. Provision of the data is voluntary, but necessary for account registration.
8. In addition, User and S'Club Participant data are processed:
1) to create personalised content and advertisements, to offer social features and to analyse site traffic, based on the consent given during cookies configuration (Article 6(1)(a) of the GDPR), for a period consistent with the cookie settings: until the settings are changed or the cookie expires,
2) based on the legitimate interest of the controller (Article 6(1)(f) of the GDPR), for the purposes of reminding Users and S'Club Participants about their abandoned carts and unfinished purchases, until they object to the processing.
9. The data of Persons contacting the Store via online form or Messenger are processed based on the legitimate interest of the controller (Article 6(1)(f) of the GDPR), in order to answer the questions and ensure efficient communication. The data are stored for 6 years from the moment of their acquisition. Provision of the data is voluntary, but necessary to receive a response.
10. The data of Hotline callers are processed in order to provide quality customer service and to answer the questions asked through the hotline. Data are processed based on consent to record the call, expressed by continuing the call (Article 6(1)(a) of the GDPR). The data are stored for 6 years from the moment of their acquisition. Provision of the data is voluntary; if the data subject does not consent to the recording of the call with the controller, the controller can be contacted through another communication channels.
11. The data of all the above-mentioned data subjects are also processed to secure possible claims, until expiry of the statute of limitations provided for by the law.
12. Personal data may be transferred to entities with which the controller cooperates, participating in the performance of the sales contract, for the purposes of the proper performance of the same, such as the Polish Post, carriers, logistics companies, companies handling payment transactions, providers of IT systems and services, entities providing marketing services, law firms, as well as authorised entities upon documented request.
13. Within the scope of the GDPR and with the limitations indicated therein, data subjects have the right to request from the controller access to the content of their data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object to processing, and the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
14. They also have the right to file a complaint with the President of the Personal Data Protection Office (www.uodo.gov.pl).
15. Your personal data will not be used in automated decision-making processes, including profiling, and they will not be transferred outside the European Economic Area (EEA).
COOKIES
1. Cookies are small text files that a website saved on a user's computer or mobile device when the user browses the website. Cookies usually contain the name of the website they originate from, the time they are stored on the end device, and a unique number.
2. The website sportofino.com uses the types of cookies specified below:
• Essential – Essential cookies contribute to the usability of the website by enabling basic functions such as site navigation and access to secure areas of the website. The website cannot function properly without these cookies.
• Preference – Preference cookies allow the site to remember information that changes the look or function of the site, such as the user’s preferred language or the region where the user is located.
• Statistical – Statistical cookies help website owners understand how different users behave on the website by collecting and reporting anonymous information.
• Marketing – Marketing cookies are used to track users on websites. The goal is to display ads that are relevant and interesting to individual users and thus more valuable to third-party publishers and advertisers.
• Unclassified cookies, i.e. cookies pending classification, along with the providers of respective cookies.
3. The website sportofino.com uses Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to allow the site to analyse how users use the site. Each time a user visits a website, the tracking code collects anonymous information about their interaction with the site. The tracking code may collect browser information, such as language setting, browser type (e.g. Chrome or Safari), and the used device and operating system. The code can collect data on the “source of visits,” that is, show from where users have been redirected to the website. The source of visits can be a search engine, a clicked ad or an e-mail marketing campaign. Once the data are collected, the tracking code merges them and sends them to Google Analytics to be processed into reports.
4. Google LLC implements the transfer outside the EEA using, in accordance with Article 45 of the GDPR, a transfer mechanism based on a decision finding an adequate level of protection for entities listed in the EU-US Data Privacy Framework list, which is the data protection framework between the European Union and the United States, implemented by Commission Decision of 10 July 2023 and issued by the US Department of Commerce (EU-U.S. DPF).
5. It is possible to block the sharing of site activity information with Google Analytics. To do this, one should install a browser add-on that blocks Google Analytics. It prevents Google Analytics' JavaScript (gtag.js or analytics.js), which runs on sites, from sharing visit activity information with Google Analytics. Using a browser add-on that blocks Google Analytics does not hinder site owners from using other tools to measure site statistics. This add-on does not prevent data from being sent to the site itself or to web analytics services.
6. SAT sp. z o.o. informs that restrictions on the use of cookies may affect some of the functionalities available on the website.